PT-2024-33776

Name of the Vulnerable Software and Affected Versions: Linux kernel version 6.10.0-rc2-lizhijian+ Description: A crash occurs during hot-remove of a memory device when a user is accessing the hugetlb, due to dump mapping accessing an invalid dentry.d name.name. The issue arises because dump mappi...

SUSE CVE-2024-47660

In the Linux kernel, the following vulnerability has been resolved: fsnotify: clear PARENTWATCHED flags lazily In some setups directories can have many usually negative dentries. Hence fsnotifyupdatechilddentryflags function can take a significant amount of time. Since the bulk of this function...

The vulnerability of the v9fs_dentry_release() function in the fs/9p/vfs_dentry.c file of the 9p file system of the Linux operating system allows a hacker to increase their privileges.

The vulnerability of the v9fsdentryrelease function in the fs/9p/vfsdentry.c file of the 9p file system in the Linux operating system is related to the use of memory after it is released. Exploiting this vulnerability can allow an attacker to increase their privileges...

DEBIAN-CVE-2024-47660

In the Linux kernel, the following vulnerability has been resolved: fsnotify: clear PARENTWATCHED flags lazily In some setups directories can have many usually negative dentries. Hence fsnotifyupdatechilddentryflags function can take a significant amount of time. Since the bulk of this function...

SUSE CVE-2024-46801

In the Linux kernel, the following vulnerability has been resolved: libfs: fix getstasheddentry getstasheddentry tries to optimistically retrieve a stashed dentry from a provided location. It needs to ensure to hold rcu lock before it dereference the stashed location to prevent UAF issues. Use...

DEBIAN-CVE-2024-46801

In the Linux kernel, the following vulnerability has been resolved: libfs: fix getstasheddentry getstasheddentry tries to optimistically retrieve a stashed dentry from a provided location. It needs to ensure to hold rcu lock before it dereference the stashed location to prevent UAF issues. Use...

UBUNTU-CVE-2024-46801

In the Linux kernel, the following vulnerability has been resolved: libfs: fix getstasheddentry getstasheddentry tries to optimistically retrieve a stashed dentry from a provided location. It needs to ensure to hold rcu lock before it dereference the stashed location to prevent UAF issues. Use...

ima: Fix use-after-free on a dentry's dname.name

...

exfat: fix potential deadlock on __exfat_get_dentry_set

...

PT-2024-32207 · Linux +1 · Linux Kernel +1

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: The issue is related to the get stashed dentry function in the Linux kernel, which tries to optimistically retrieve a stashed dentry from a provided location. To prevent Use-After-Free...

PT-2024-33715

Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 6.6.58 Description: A dentry leak may occur in the Linux kernel when a lookup cookie and a cull are concurrent. This happens because the reference count obtained by lookup one positive unlocked in cachefiles loo...

SUSE CVE-2024-42315

In the Linux kernel, the following vulnerability has been resolved: exfat: fix potential deadlock on exfatgetdentryset When accessing a file with more entries than ESMAXENTRYNUM, the bh-array is allocated in exfatgetentryset. The problem is that the bh-array is allocated with GFPKERNEL. It does n...

CVE-2024-42305 ext4: check dot and dotdot of dx_root before making dir indexed

In the Linux kernel, the following vulnerability has been resolved: ext4: check dot and dotdot of dxroot before making dir indexed Syzbot reports a issue as follows: ============================================ BUG: unable to handle page fault for address: ffffed11022e24fe PGD 23ffee067 P4D...

CVE-2024-42304 ext4: make sure the first directory block is not a hole

In the Linux kernel, the following vulnerability has been resolved: ext4: make sure the first directory block is not a hole The syzbot constructs a directory that has no dirblock but is non-inline, i.e. the first directory block is a hole. And no errors are reported when creating files in this...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that stems from a deadlock issue in exfatgetdentryset...

kernel: ovl: fix warning in ovl_create_real()

In the Linux kernel, the following vulnerability has been resolved: ovl: fix warning in ovlcreatereal Syzbot triggered the following warning in ovlworkdircreate - ovlcreatereal: if !err && WARNON!newdentry-dinode The reason is that the cgroup2 filesystem returns from mkdir without instantiating t...

CLSA-2024-1722535085 Fix of 18 CVEs

CVE-url: https://ubuntu.com/security/CVE-2024-25739 - ubi: Check for too small LEB size in VTBL code Bionic update: upstream stable patchset 2021-06-01 LP: 1930472 // CVE- url: https://ubuntu.com/security/CVE-2021-46960 - cifs: Return correct error code from smb2getenckey CVE-url:...

SUSE CVE-2024-39494

In the Linux kernel, the following vulnerability has been resolved: ima: Fix use-after-free on a dentry's dname.name -dname.name can change on rename and the earlier value can be freed; there are conditions sufficient to stabilize it -dlock on dentry, -dlock on its parent, -irwsem exclusive on th...

DEBIAN-CVE-2024-39494

In the Linux kernel, the following vulnerability has been resolved: ima: Fix use-after-free on a dentry's dname.name -dname.name can change on rename and the earlier value can be freed; there are conditions sufficient to stabilize it -dlock on dentry, -dlock on its parent, -irwsem exclusive on th...

AZL-46994 CVE-2024-39494 affecting package kernel for versions less than 5.15.176.3-1

In the Linux kernel, the following vulnerability has been resolved: ima: Fix use-after-free on a dentry's dname.name -dname.name can change on rename and the earlier value can be freed; there are conditions sufficient to stabilize it -dlock on dentry, -dlock on its parent, -irwsem exclusive on th...