kernel: net/mlx5e: xsk: Fix crash on regular rq reactivation

In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: xsk: Fix crash on regular rq reactivation When the regular rq is reactivated after the XSK socket is closed it could be reading stale cqes which eventually corrupts the rq. This leads to no more traffic being received ...

kernel: RDMA/efa: Fix wrong resources deallocation order

In the Linux kernel, the following vulnerability has been resolved: RDMA/efa: Fix wrong resources deallocation order When trying to destroy QP or CQ, we first decrease the refcount and potentially free memory regions allocated for the object and then request the device to destroy the object. If t...

kernel: Linux kernel: Privilege escalation via out-of-bounds write in RDMA/siw

A flaw was identified in the Linux kernel RDMA siw implementation where an undefined opcode value could be used during immediate work request flushing while in an error state. The send queue element opcode was not correctly set, which could lead to an out-of-bounds access when mapping between the...

kernel: RDMA/irdma: Fix data race on CQP request done

A race condition was identified in the RDMA/irdma subsystem of the Linux kernel affecting how completion queue pair CQP requests are processed. The cqprequest-requestdone memory location is accessed without appropriate synchronization in the irdmahandlecqpop function while it is concurrently...

Linux kernel security vulnerabilities

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from mishandling of errors against TX CQE...

DEBIAN-CVE-2021-46983

In the Linux kernel, the following vulnerability has been resolved: nvmet-rdma: Fix NULL deref when SEND is completed with error When running some traffic and taking down the link on peer, a retry counter exceeded error is received. This leads to nvmetrdmaerrorcomp which tried accessing the...

UBUNTU-CVE-2021-46983

In the Linux kernel, the following vulnerability has been resolved: nvmet-rdma: Fix NULL deref when SEND is completed with error When running some traffic and taking down the link on peer, a retry counter exceeded error is received. This leads to nvmetrdmaerrorcomp which tried accessing the...

New PoolParty Process Injection Techniques Outsmart Top EDR Solutions

A new collection of eight process injection techniques, collectively dubbed PoolParty, could be exploited to achieve code execution in Windows systems while evading endpoint detection and response EDR systems. SafeBreach researcher Alon Leviev said the methods are "capable of working across all...

Linux kernel 缓冲区错误漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. Linux kernel suffers from a denial of service vulnerability that originates from an out-of-bounds memory access found in the iouring SQ/CQ function, which can be exploited by a...

GSD-2022-1004273 xsk: Fix generic transmit when completion queue reservation fails

xsk: Fix generic transmit when completion queue reservation fails This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.18.8 by commit...

kernel: IB/uverbs: Handle large number of entries in poll CQ

The ibuverbspollcq function in drivers/infiniband/core/uverbscmd.c in the Linux kernel before 2.6.37 does not initialize a certain response buffer, which allows local users to obtain potentially sensitive information from kernel memory via vectors that cause this buffer to be only partially fille...

kernel: IB/uverbs: Handle large number of entries in poll CQ

Integer overflow in the ibuverbspollcq function in drivers/infiniband/core/uverbscmd.c in the Linux kernel before 2.6.37 allows local users to cause a denial of service memory corruption or possibly have unspecified other impact via a large value of a certain structure member...