DEBIAN-CVE-2021-47336

In the Linux kernel, the following vulnerability has been resolved: smackfs: restrict bytes count in smksetcipso Oops, I failed to update subject line. From 07571157c91b98ce1a4aa70967531e64b78e8346 Mon Sep 17 00:00:00 2001 Date: Mon, 12 Apr 2021 22:25:06 +0900 Subject: PATCH smackfs: restrict byt...

CLSA-2024-1716272474 Fix CVE(s): CVE-2023-49288

SECURITY UPDATE: Denial of Service attack against HTTP header parsing - debian/patches/CVE-2023-49288.patch: fix unintentional freeing in TRACE request handler - CVE-2023-49288...

DEBIAN-CVE-2024-35947

In the Linux kernel, the following vulnerability has been resolved: dyndbg: fix old BUGON in control parser Fix a BUGON from 2009. Even if it looks "unreachable" I didn't really look, lets make sure by removing it, doing prerr and return -EINVAL instead...

DEBIAN-CVE-2024-35943

In the Linux kernel, the following vulnerability has been resolved: pmdomain: ti: Add a null pointer check to the omapprmdomaininit devmkasprintf returns a pointer to dynamically allocated memory which can be NULL upon failure. Ensure the allocation was successful by checking the pointer validity...

DEBIAN-CVE-2024-35837

In the Linux kernel, the following vulnerability has been resolved: net: mvpp2: clear BM pool before initialization Register value persist after booting the kernel using kexec which results in kernel panic. Thus clear the BM pool registers before initialisation to fix the issue...

DEBIAN-CVE-2023-52669

In the Linux kernel, the following vulnerability has been resolved: crypto: s390/aes - Fix buffer overread in CTR mode When processing the last block, the s390 ctr code will always read a whole block, even if there isn't a whole block of data left. Fix this by using the actual length left and cop...

DEBIAN-CVE-2024-27404

In the Linux kernel, the following vulnerability has been resolved: mptcp: fix data races on remoteid Similar to the previous patch, address the data race on remoteid, adding the suitable ONCE annotations...

CLSA-2024-1715673753 Fix CVE(s): CVE-2024-32487

SECURITY UPDATE: quoting is mishandled in filename.c. - debian/patches/CVE-2024-32487.patch: Fix bug when viewing a file whose name contains a newline. - CVE-2024-32487...

DEBIAN-CVE-2022-48695

In the Linux kernel, the following vulnerability has been resolved: scsi: mpt3sas: Fix use-after-free warning Fix the following use-after-free warning which is observed during controller reset: refcountt: underflow; use-after-free. WARNING: CPU: 23 PID: 5399 at lib/refcount.c:28...

DEBIAN-CVE-2024-27074

In the Linux kernel, the following vulnerability has been resolved: media: go7007: fix a memleak in go7007loadencoder In go7007loadencoder, bouncei.e. go-bootfw, is allocated without a deallocation thereafter. After the following call chain: saa7134go7007init |- go7007bootencoder |-...

DEBIAN-CVE-2024-27051

In the Linux kernel, the following vulnerability has been resolved: cpufreq: brcmstb-avs-cpufreq: add check for cpufreqcpuget's return value cpufreqcpuget may return NULL. To avoid NULL-dereference check it and return 0 in case of error. Found by Linux Verification Center linuxtesting.org with...

DEBIAN-CVE-2024-27037

In the Linux kernel, the following vulnerability has been resolved: clk: zynq: Prevent null pointer dereference caused by kmalloc failure The kmalloc in zynqclksetup will return null if the physical memory has run out. As a result, if we use snprintf to write data to the null address, the null...

DEBIAN-CVE-2024-26952

In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix potencial out-of-bounds when buffer offset is invalid I found potencial out-of-bounds when buffer offset fields of a few requests is invalid. This patch set the minimum value of buffer offset field to -Buffer offset to...

DEBIAN-CVE-2024-26843

In the Linux kernel, the following vulnerability has been resolved: efi: runtime: Fix potential overflow of soft-reserved region size mdsize will have been narrowed if we have = 4GB worth of pages in a soft-reserved region...

DEBIAN-CVE-2024-26840

In the Linux kernel, the following vulnerability has been resolved: cachefiles: fix memory leak in cachefilesaddcache The following memory leak was reported after unbinding /dev/cachefiles: ================================================================== unreferenced object 0xffff9b674176e3c0...

DEBIAN-CVE-2024-26838

In the Linux kernel, the following vulnerability has been resolved: RDMA/irdma: Fix KASAN issue with tasklet KASAN testing revealed the following issue assocated with freeing an IRQ. 50006.466686 Call Trace: 50006.466691 50006.489538 dumpstack+0x5c/0x80 50006.493475...

CLSA-2024-1713333661 Fix CVE(s): CVE-2024-2398

SECURITY UPDATE: - debian/patches/CVE-2024-2398.patch: http2: push headers better cleanup provide common cleanup method for push headers - CVE-2024-2398...

DEBIAN-CVE-2024-26809

In the Linux kernel, the following vulnerability has been resolved: netfilter: nftsetpipapo: release elements in clone only from destroy path Clone already always provides a current view of the lookup table, use it to destroy the set, otherwise it is possible to destroy elements twice. This fix...

DEBIAN-CVE-2023-52629

In the Linux kernel, the following vulnerability has been resolved: sh: push-switch: Reorder cleanup operations to avoid use-after-free bug The original code puts flushwork before timershutdownsync in switchdrvremove. Although we use flushwork to stop the worker, it could be rescheduled in...

DEBIAN-CVE-2021-47173

In the Linux kernel, the following vulnerability has been resolved: misc/uss720: fix memory leak in uss720probe uss720probe forgets to decrease the refcount of usbdev in uss720probe. Fix this by decreasing the refcount of usbdev by usbputdev. BUG: memory leak unreferenced object 0xffff88810111380...