CVE-2024-53096

CVE-2024-53096: Linux kernel patch resolves faulty mmap_region() error path. Key changes move core logic into __mmap_region(), perform upfront validations, and unwind writable/ seal checks earlier. Effects include preallocating iterator state before file-backed hooks, early handling of mapping_ma...

CVE-2024-35991

In the Linux kernel, the following vulnerability has been resolved: dmaengine: idxd: Convert spinlock to mutex to lock evl workqueue drainworkqueue cannot be called safely in a spinlocked context due to possible task rescheduling. In the multi-task scenario, calling queuework while drainworkqueue...

CVE-2024-35991

CVE-2024-35991: In the Linux kernel, idxd dmaengine code changed from a spinlock-protected event log workqueue to a mutex-protected approach to safely call drain_workqueue(). The root cause was calling drain_workqueue() while holding a spinlock, risking a Call Trace due to possible task reschedul...

Design/Logic Flaw

The Security Team noticed that the termination condition of the for loop in the readExternal method is a controllable variable, which, if tampered with, may lead to CPU exhaustion. As a fix, we added an upper bound and termination condition in the read and write logic. We classify it as a...