21 matches found
Astra Linux - уязвимость в linux-5.10, linux
In the Linux kernel, the following vulnerabilities have been resolved: dm cache: Fixed UAF in destroy Dmcache also has the same UAF issue when dmresume and dmdestroy are executed concurrently. Therefore, the timer is cancelled again in destroy...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: iommufd: IOMMUFDDESTROY should not increment the refcount. syzkaller identified a race condition where IOMMUFDDESTROY increments the refcount: c obj = iommufdgetobjectucmd-ictx, cmd-id, IOMMUFDOBJANY; if ISERRobj return PTRERRobj...
PT-2025-54064
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A race condition exists in the PCI/DOE subsystem related to the destroy work on stack function. This issue occurs when destroy work on stack is called after signaling completion in the...
CVE-2023-53795
In the Linux kernel, the following vulnerability has been resolved: iommufd: IOMMUFDDESTROY should not increase the refcount syzkaller found a race where IOMMUFDDESTROY increments the refcount: obj = iommufdgetobjectucmd-ictx, cmd-id, IOMMUFDOBJANY; if ISERRobj return PTRERRobj;...
SUSE CVE-2025-39932
In the Linux kernel, the following vulnerability has been resolved: smb: client: let smbddestroy call disableworksync&info-postsendcreditswork In smbddestroy we may destroy the memory so we better wait until postsendcreditswork is no longer pending and will never be started again. I actually just...
CVE-2022-50496 dm cache: Fix UAF in destroy()
In the Linux kernel, the following vulnerability has been resolved: dm cache: Fix UAF in destroy Dmcache also has the same UAF problem when dmresume and dmdestroy are concurrent. Therefore, cancelling timer again in destroy...
CVE-2022-50496 dm cache: Fix UAF in destroy()
In the Linux kernel, the following vulnerability has been resolved: dm cache: Fix UAF in destroy Dmcache also has the same UAF problem when dmresume and dmdestroy are concurrent. Therefore, cancelling timer again in destroy...
AZL-75327 CVE-2025-39932 affecting package kernel 5.15.200.1-1
In the Linux kernel, the following vulnerability has been resolved: smb: client: let smbddestroy call disableworksync&info-postsendcreditswork In smbddestroy we may destroy the memory so we better wait until postsendcreditswork is no longer pending and will never be started again. I actually just...
kernel: drm/i915/vma: Fix UAF on destroy against retire race
A use-after-free flaw was found in drivers/gpu/drm/i915/i915vma.c in the Linux kernel that may lead to a crash...
DEBIAN-CVE-2023-53021
In the Linux kernel, the following vulnerability has been resolved: net/sched: schtaprio: fix possible use-after-free syzbot reported a nasty crash 1 in nettxaction which made little sense until we got a repro. This repro installs a taprio qdisc, but providing an invalid TCARATE attribute...
AZL-54642 CVE-2024-53100 affecting package kernel for versions less than 6.6.64.2-1
In the Linux kernel, the following vulnerability has been resolved: nvme: tcp: avoid race between queuelock lock and destroy Commit 76d54bf20cdc "nvme-tcp: don't access released socket during error recovery" added a mutexlock call for the queue-queuelock in nvmetcpgetaddress. However, the mutexlo...
DEBIAN-CVE-2024-53100
In the Linux kernel, the following vulnerability has been resolved: nvme: tcp: avoid race between queuelock lock and destroy Commit 76d54bf20cdc "nvme-tcp: don't access released socket during error recovery" added a mutexlock call for the queue-queuelock in nvmetcpgetaddress. However, the mutexlo...
CVE-2024-53100 nvme: tcp: avoid race between queue_lock lock and destroy
In the Linux kernel, the following vulnerability has been resolved: nvme: tcp: avoid race between queuelock lock and destroy Commit 76d54bf20cdc "nvme-tcp: don't access released socket during error recovery" added a mutexlock call for the queue-queuelock in nvmetcpgetaddress. However, the mutexlo...
kernel: drm/i915/vma: Fix UAF on destroy against retire race
A use-after-free flaw was found in drivers/gpu/drm/i915/i915vma.c in the Linux kernel that may lead to a crash...
DEBIAN-CVE-2024-49943
In the Linux kernel, the following vulnerability has been resolved: drm/xe/gucsubmit: add missing locking in wedgedfini Any non-wedged queue can have a zero refcount here and can be running concurrently with an async queue destroy, therefore dereferencing the queue ptr to check wedge status after...
kernel: drm/i915/vma: Fix UAF on destroy against retire race
A use-after-free flaw was found in drivers/gpu/drm/i915/i915vma.c in the Linux kernel that may lead to a crash...
kernel: drm/i915/vma: Fix UAF on destroy against retire race
A use-after-free flaw was found in drivers/gpu/drm/i915/i915vma.c in the Linux kernel that may lead to a crash...
DEBIAN-CVE-2024-42152
In the Linux kernel, the following vulnerability has been resolved: nvmet: fix a possible leak when destroy a ctrl during qp establishment In nvmetsqdestroy we capture sq-ctrl early and if it is non-NULL we know that a ctrl was allocated in the admin connect request handler and we need to release...
UBUNTU-CVE-2024-42152
In the Linux kernel, the following vulnerability has been resolved: nvmet: fix a possible leak when destroy a ctrl during qp establishment In nvmetsqdestroy we capture sq-ctrl early and if it is non-NULL we know that a ctrl was allocated in the admin connect request handler and we need to release...
Qualcomm Qualcomm Graphics Resource Management Error Vulnerability
Qualcomm Graphics is a Qualcomm graphics support firmware for use on processors. A resource management error vulnerability exists in Qualcomm Graphics, which arises from a contention between the command commit and destroy contexts that results in invalid contexts being added to the list, and...