80 matches found
DEBIAN-CVE-2024-53184
In the Linux kernel, the following vulnerability has been resolved: um: ubd: Do not use drvdata in release The drvdata is not available in release. Let's just use containerof to get the ubd instance. Otherwise, removing a ubd device will result in a crash: RIP: 0033:blkmqfreetagset+0x1f/0xba RSP:...
DEBIAN-CVE-2024-53183
In the Linux kernel, the following vulnerability has been resolved: um: net: Do not use drvdata in release The drvdata is not available in release. Let's just use containerof to get the umlnet instance. Otherwise, removing a network device will result in a crash: RIP:...
UBUNTU-CVE-2024-53181
In the Linux kernel, the following vulnerability has been resolved: um: vector: Do not use drvdata in release The drvdata is not available in release. Let's just use containerof to get the vectordevice instance. Otherwise, removing a vector device will result in a crash: RIP:...
UBUNTU-CVE-2024-53184
In the Linux kernel, the following vulnerability has been resolved: um: ubd: Do not use drvdata in release The drvdata is not available in release. Let's just use containerof to get the ubd instance. Otherwise, removing a ubd device will result in a crash: RIP: 0033:blkmqfreetagset+0x1f/0xba RSP:...
UBUNTU-CVE-2024-53183
In the Linux kernel, the following vulnerability has been resolved: um: net: Do not use drvdata in release The drvdata is not available in release. Let's just use containerof to get the umlnet instance. Otherwise, removing a network device will result in a crash: RIP:...
CVE-2024-53184 um: ubd: Do not use drvdata in release
In the Linux kernel, the following vulnerability has been resolved: um: ubd: Do not use drvdata in release The drvdata is not available in release. Let's just use containerof to get the ubd instance. Otherwise, removing a ubd device will result in a crash: RIP: 0033:blkmqfreetagset+0x1f/0xba RSP:...
kernel: platform/x86: wmi: Fix opening of char device
In the Linux kernel, the following vulnerability has been resolved: platform/x86: wmi: Fix opening of char device Since commit fa1f68db6ca7 "drivers: misc: pass miscdevice pointer via file private data", the miscdevice stores a pointer to itself inside filp-privatedata, which means that privateda...
kernel: platform/x86: wmi: Fix opening of char device
In the Linux kernel, the following vulnerability has been resolved: platform/x86: wmi: Fix opening of char device Since commit fa1f68db6ca7 "drivers: misc: pass miscdevice pointer via file private data", the miscdevice stores a pointer to itself inside filp-privatedata, which means that privateda...
kernel: platform/x86: wmi: Fix opening of char device
In the Linux kernel, the following vulnerability has been resolved: platform/x86: wmi: Fix opening of char device Since commit fa1f68db6ca7 "drivers: misc: pass miscdevice pointer via file private data", the miscdevice stores a pointer to itself inside filp-privatedata, which means that privateda...
kernel: platform/x86: wmi: Fix opening of char device
In the Linux kernel, the following vulnerability has been resolved: platform/x86: wmi: Fix opening of char device Since commit fa1f68db6ca7 "drivers: misc: pass miscdevice pointer via file private data", the miscdevice stores a pointer to itself inside filp-privatedata, which means that privateda...
kernel: platform/x86: wmi: Fix opening of char device
In the Linux kernel, the following vulnerability has been resolved: platform/x86: wmi: Fix opening of char device Since commit fa1f68db6ca7 "drivers: misc: pass miscdevice pointer via file private data", the miscdevice stores a pointer to itself inside filp-privatedata, which means that privateda...
kernel: platform/x86: wmi: Fix opening of char device
In the Linux kernel, the following vulnerability has been resolved: platform/x86: wmi: Fix opening of char device Since commit fa1f68db6ca7 "drivers: misc: pass miscdevice pointer via file private data", the miscdevice stores a pointer to itself inside filp-privatedata, which means that privateda...
kernel: platform/x86: wmi: Fix opening of char device
In the Linux kernel, the following vulnerability has been resolved: platform/x86: wmi: Fix opening of char device Since commit fa1f68db6ca7 "drivers: misc: pass miscdevice pointer via file private data", the miscdevice stores a pointer to itself inside filp-privatedata, which means that privateda...
SUSE CVE-2023-52864
In the Linux kernel, the following vulnerability has been resolved: platform/x86: wmi: Fix opening of char device Since commit fa1f68db6ca7 "drivers: misc: pass miscdevice pointer via file private data", the miscdevice stores a pointer to itself inside filp-privatedata, which means that privateda...
kernel: s390/vfio-ap: fix memory leak in vfio_ap device driver
In the s390 VFIO-AP driver, memory allocated for the vfiomatrixdev structure is never released during device cleanup. The release callback incorrectly uses devgetdrvdata to locate the object, but since it was never stored there, the function returns NULL and kfree silently accepts it. The correct...
DEBIAN-CVE-2023-52864
In the Linux kernel, the following vulnerability has been resolved: platform/x86: wmi: Fix opening of char device Since commit fa1f68db6ca7 "drivers: misc: pass miscdevice pointer via file private data", the miscdevice stores a pointer to itself inside filp-privatedata, which means that privateda...
UBUNTU-CVE-2023-52864
In the Linux kernel, the following vulnerability has been resolved: platform/x86: wmi: Fix opening of char device Since commit fa1f68db6ca7 "drivers: misc: pass miscdevice pointer via file private data", the miscdevice stores a pointer to itself inside filp-privatedata, which means that privateda...
CVE-2023-52864
CVE-2023-52864 affects the Linux kernel (platform/x86) WMI implementation. The root cause is a memory corruption risk when wmi_char_open() runs if the associated driver is missing, due to the miscdevice pointer being stored in filp->private_data after the patch in drivers/misc: pass miscdevice...
kernel: s390/vfio-ap: fix memory leak in vfio_ap device driver
In the s390 VFIO-AP driver, memory allocated for the vfiomatrixdev structure is never released during device cleanup. The release callback incorrectly uses devgetdrvdata to locate the object, but since it was never stored there, the function returns NULL and kfree silently accepts it. The correct...
kernel: arm64: fix oops in concurrently setting insn_emulation sysctls
In the Linux kernel, the following vulnerability has been resolved: arm64: fix oops in concurrently setting insnemulation sysctls emulationprochandler changes table-data for procdointvecminmax and can generate the following Oops if called concurrently with itself: | Unable to handle kernel NULL...