SUSE CVE-2024-40954

In the Linux kernel, the following vulnerability has been resolved: net: do not leave a dangling sk pointer, when socket creation fails It is possible to trigger a use-after-free by: attaching an fentry probe to sockrelease and the probe calling the bpfgetsocketcookie helper running traceroute -I...

SUSE CVE-2024-40989

In the Linux kernel, the following vulnerability has been resolved: KVM: arm64: Disassociate vcpus from redistributor region on teardown When tearing down a redistributor region, make sure we don't have any dangling pointer to that region stored in a vcpu...

DEBIAN-CVE-2024-40937

In the Linux kernel, the following vulnerability has been resolved: gve: Clear napi-skb before devkfreeskbany gverxfreeskb incorrectly leaves napi-skb referencing an skb after it is freed with devkfreeskbany. This can result in a subsequent call to napigetfrags returning a dangling pointer. Fix...

UBUNTU-CVE-2024-40937

In the Linux kernel, the following vulnerability has been resolved: gve: Clear napi-skb before devkfreeskbany gverxfreeskb incorrectly leaves napi-skb referencing an skb after it is freed with devkfreeskbany. This can result in a subsequent call to napigetfrags returning a dangling pointer. Fix...

CVE-2024-40954

In the Linux kernel, the following vulnerability has been resolved: net: do not leave a dangling sk pointer, when socket creation fails It is possible to trigger a use-after-free by: attaching an fentry probe to sockrelease and the probe calling the bpfgetsocketcookie helper running traceroute -I...

Linux kernel security vulnerabilities

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from notifierentry of the notifier not being reinitialized after unregistering the notifier, causing a dangling...

PT-2024-32725

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The issue arises in the scsi: pm80xx driver when a phy control response comes late. The pm8001 phy control function populates the enable completion pointer with a stack address, sends a...

PT-2024-29195

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The issue is related to the KVM Kernel-based Virtual Machine on arm64 architecture, where a dangling pointer to a redistributor region could be stored in a vcpu when tearing down the...

CVE-2021-47239

In the Linux kernel, the following vulnerability has been resolved: net: usb: fix possible use-after-free in smsc75xxbind The commit 46a8b29c6306 "net: usb: fix memory leak in smsc75xxbind" fails to clean up the work scheduled in smsc75xxreset- smsc75xxsetmulticast, which leads to use-after-free ...

DEBIAN-CVE-2021-47239

In the Linux kernel, the following vulnerability has been resolved: net: usb: fix possible use-after-free in smsc75xxbind The commit 46a8b29c6306 "net: usb: fix memory leak in smsc75xxbind" fails to clean up the work scheduled in smsc75xxreset- smsc75xxsetmulticast, which leads to use-after-free ...

UBUNTU-CVE-2021-47239

In the Linux kernel, the following vulnerability has been resolved: net: usb: fix possible use-after-free in smsc75xxbind The commit 46a8b29c6306 "net: usb: fix memory leak in smsc75xxbind" fails to clean up the work scheduled in smsc75xxreset- smsc75xxsetmulticast, which leads to use-after-free ...

CVE-2021-47239 net: usb: fix possible use-after-free in smsc75xx_bind

In the Linux kernel, the following vulnerability has been resolved: net: usb: fix possible use-after-free in smsc75xxbind The commit 46a8b29c6306 "net: usb: fix memory leak in smsc75xxbind" fails to clean up the work scheduled in smsc75xxreset- smsc75xxsetmulticast, which leads to use-after-free ...

CVE-2021-47239 net: usb: fix possible use-after-free in smsc75xx_bind

In the Linux kernel, the following vulnerability has been resolved: net: usb: fix possible use-after-free in smsc75xxbind The commit 46a8b29c6306 "net: usb: fix memory leak in smsc75xxbind" fails to clean up the work scheduled in smsc75xxreset- smsc75xxsetmulticast, which leads to use-after-free ...

SUSE CVE-2024-26923

In the Linux kernel, the following vulnerability has been resolved: afunix: Fix garbage collector racing against connect Garbage collector does not take into account the risk of embryo getting enqueued during the garbage collection. If such embryo has a peer that carries SCMRIGHTS, two consecutiv...

UBUNTU-CVE-2024-26923

In the Linux kernel, the following vulnerability has been resolved: afunix: Fix garbage collector racing against connect Garbage collector does not take into account the risk of embryo getting enqueued during the garbage collection. If such embryo has a peer that carries SCMRIGHTS, two consecutiv...

CVE-2024-26923

In the Linux kernel, the following vulnerability has been resolved: afunix: Fix garbage collector racing against connect Garbage collector does not take into account the risk of embryo getting enqueued during the garbage collection. If such embryo has a peer that carries SCMRIGHTS, two consecutiv...

kernel: net/sched: sch_hfsc UAF

A use-after-free flaw was found in the Linux kernel's net/sched: schhfsc HFSC qdisc traffic control component that can be exploited to achieve local privilege escalation. If a class with a link-sharing curve, for example, with the HFSCFSC flag set, has a parent without a link-sharing curve, then...

kernel: net/sched: sch_hfsc UAF

A use-after-free flaw was found in the Linux kernel's net/sched: schhfsc HFSC qdisc traffic control component that can be exploited to achieve local privilege escalation. If a class with a link-sharing curve, for example, with the HFSCFSC flag set, has a parent without a link-sharing curve, then...

kernel: net/sched: sch_hfsc UAF

A use-after-free flaw was found in the Linux kernel's net/sched: schhfsc HFSC qdisc traffic control component that can be exploited to achieve local privilege escalation. If a class with a link-sharing curve, for example, with the HFSCFSC flag set, has a parent without a link-sharing curve, then...

kernel: net/sched: sch_hfsc UAF

A use-after-free flaw was found in the Linux kernel's net/sched: schhfsc HFSC qdisc traffic control component that can be exploited to achieve local privilege escalation. If a class with a link-sharing curve, for example, with the HFSCFSC flag set, has a parent without a link-sharing curve, then...