1705 matches found
CVE-2024-42091 drm/xe: Check pat.ops before dumping PAT settings
In the Linux kernel, the following vulnerability has been resolved: drm/xe: Check pat.ops before dumping PAT settings We may leave pat.ops unset when running on brand new platform or when running as a VF. While the former is unlikely, the latter is valid future use case and will cause NPD when...
USN-6922-1 linux-nvidia-6.5 vulnerabilities
It was discovered that a race condition existed in the Bluetooth subsystem in the Linux kernel when modifying certain settings values through debugfs. A privileged local attacker could use this to cause a denial of service. CVE-2024-24857, CVE-2024-24858, CVE-2024-24859 Chenyuan Yang discovered...
USN-6918-1 linux-oracle vulnerabilities
It was discovered that a race condition existed in the Bluetooth subsystem in the Linux kernel when modifying certain settings values through debugfs. A privileged local attacker could use this to cause a denial of service. Several security issues were discovered in the Linux kernel. An attacker...
USN-6898-4 linux-aws-5.15 vulnerabilities
Ziming Zhang discovered that the DRM driver for VMware Virtual GPU did not properly handle certain error conditions, leading to a NULL pointer dereference. A local attacker could possibly trigger this vulnerability to cause a denial of service. CVE-2022-38096 Gui-Dong Han discovered that the...
USN-6896-4: Linux kernel vulnerabilities
It was discovered that the ATA over Ethernet AoE driver in the Linux kernel contained a race condition, leading to a use-after-free vulnerability. An attacker could use this to cause a denial of service or possibly execute arbitrary code. CVE-2023-6270 It was discovered that the Atheros 802.11ac...
SUSE CVE-2024-40978
In the Linux kernel, the following vulnerability has been resolved: scsi: qedi: Fix crash while reading debugfs attribute The qedidbgdonotrecovercmdread function invokes sprintf directly on a user pointer, which results into the crash. To fix this issue, use a small local stack buffer for sprintf...
CVE-2024-40978
In the Linux kernel, the following vulnerability has been resolved: scsi: qedi: Fix crash while reading debugfs attribute The qedidbgdonotrecovercmdread function invokes sprintf directly on a user pointer, which results into the crash. To fix this issue, use a small local stack buffer for sprintf...
USN-6896-2: Linux kernel vulnerabilities
It was discovered that the ATA over Ethernet AoE driver in the Linux kernel contained a race condition, leading to a use-after-free vulnerability. An attacker could use this to cause a denial of service or possibly execute arbitrary code. CVE-2023-6270 It was discovered that the Atheros 802.11ac...
USN-6896-2 linux-hwe-5.4, linux-oracle-5.4 vulnerabilities
It was discovered that the ATA over Ethernet AoE driver in the Linux kernel contained a race condition, leading to a use-after-free vulnerability. An attacker could use this to cause a denial of service or possibly execute arbitrary code. CVE-2023-6270 It was discovered that the Atheros 802.11ac...
USN-6896-1 linux, linux-azure, linux-azure-5.4, linux-bluefield, linux-gcp, linux-gcp-5.4, linux-gkeop, linux-ibm, linux-ibm-5.4, linux-kvm vulnerabilities
It was discovered that the ATA over Ethernet AoE driver in the Linux kernel contained a race condition, leading to a use-after-free vulnerability. An attacker could use this to cause a denial of service or possibly execute arbitrary code. CVE-2023-6270 It was discovered that the Atheros 802.11ac...
CVE-2024-40978
In the Linux kernel, the following vulnerability has been resolved: scsi: qedi: Fix crash while reading debugfs attribute The qedidbgdonotrecovercmdread function invokes sprintf directly on a user pointer, which results into the crash. To fix this issue, use a small local stack buffer for sprintf...
DEBIAN-CVE-2024-40978
In the Linux kernel, the following vulnerability has been resolved: scsi: qedi: Fix crash while reading debugfs attribute The qedidbgdonotrecovercmdread function invokes sprintf directly on a user pointer, which results into the crash. To fix this issue, use a small local stack buffer for sprintf...
UBUNTU-CVE-2024-40978
In the Linux kernel, the following vulnerability has been resolved: scsi: qedi: Fix crash while reading debugfs attribute The qedidbgdonotrecovercmdread function invokes sprintf directly on a user pointer, which results into the crash. To fix this issue, use a small local stack buffer for sprintf...
CVE-2024-40978 scsi: qedi: Fix crash while reading debugfs attribute
In the Linux kernel, the following vulnerability has been resolved: scsi: qedi: Fix crash while reading debugfs attribute The qedidbgdonotrecovercmdread function invokes sprintf directly on a user pointer, which results into the crash. To fix this issue, use a small local stack buffer for sprintf...
CVE-2024-40978 scsi: qedi: Fix crash while reading debugfs attribute
In the Linux kernel, the following vulnerability has been resolved: scsi: qedi: Fix crash while reading debugfs attribute The qedidbgdonotrecovercmdread function invokes sprintf directly on a user pointer, which results into the crash. To fix this issue, use a small local stack buffer for sprintf...
CVE-2024-40978 scsi: qedi: Fix crash while reading debugfs attribute
In the Linux kernel, the following vulnerability has been resolved: scsi: qedi: Fix crash while reading debugfs attribute The qedidbgdonotrecovercmdread function invokes sprintf directly on a user pointer, which results into the crash. To fix this issue, use a small local stack buffer for sprintf...
Linux kernel security vulnerabilities
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel, which stems from a crash that can be caused by the use of the sprintf function directly on a user-space pointer when the...
USN-6893-1 linux, linux-azure, linux-gcp, linux-ibm, linux-intel, linux-lowlatency, linux-oem-6.8, linux-raspi vulnerabilities
It was discovered that a race condition existed in the Bluetooth subsystem in the Linux kernel when modifying certain settings values through debugfs. A privileged local attacker could use this to cause a denial of service. CVE-2024-24857, CVE-2024-24858, CVE-2024-24859 Several security issues we...
kernel: scsi: lpfc: Prevent buffer overflow crashes in debugfs with malformed user input
In the Linux kernel, the following vulnerability has been resolved: scsi: lpfc: Prevent buffer overflow crashes in debugfs with malformed user input Malformed user input to debugfs results in buffer overflow crashes. Adapt input string lengths to fit within internal buffers, leaving space for NUL...
SUSE CVE-2024-39296
In the Linux kernel, the following vulnerability has been resolved: bonding: fix oops during rmmod "rmmod bonding" causes an oops ever since commit cc317ea3d927 "bonding: remove redundant NULL check in debugfs function". Here are the relevant functions being called: bondingexit bonddestroydebugfs...