48 matches found
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from the RDMA/hns module accessing an invalid dipctx pointer when destroying a QP. This could lead to a system...
kernel: KVM: Always flush async #PF workqueue when vCPU is being destroyed
In the Linux kernel, the following vulnerability has been resolved: KVM: Always flush async PF workqueue when vCPU is being destroyed Always flush the per-vCPU async PF workqueue when a vCPU is clearing its completion queue, e.g. when a VM and all its vCPUs is being destroyed. KVM must ensure tha...
RDMA/iwcm: Fix a use-after-free related to destroying CM IDs
...
SUSE-SU-2024:3027-1 Security update for the Linux Kernel (Live Patch 53 for SLE 12 SP5)
This update for the Linux Kernel 4.12.14-122194 fixes one issue. The following security issue was fixed: - CVE-2021-47378: Fixed use-after-free by destroying cm id before destroying qp bsc1225202...
SUSE-SU-2024:3023-1 Security update for the Linux Kernel (Live Patch 41 for SLE 15 SP2)
This update for the Linux Kernel 5.3.18-15020024166 fixes several issues. The following security issues were fixed: - CVE-2021-47402: Fixed use-after-free in flwalk bsc1225301 - CVE-2021-47378: Fixed use-after-free by destroying cm id before destroying qp bsc1225202...
CVE-2024-44932
In the Linux kernel, the following vulnerability has been resolved: idpf: fix UAFs when destroying the queues The second tagged commit started sometimes very rarely, but possible throwing WARNs from net/core/pagepool.c:pagepooldisabledirectrecycling. Turned out idpf frees interrupt vectors with...
CVE-2024-44932 idpf: fix UAFs when destroying the queues
In the Linux kernel, the following vulnerability has been resolved: idpf: fix UAFs when destroying the queues The second tagged commit started sometimes very rarely, but possible throwing WARNs from net/core/pagepool.c:pagepooldisabledirectrecycling. Turned out idpf frees interrupt vectors with...
CVE-2024-44932 idpf: fix UAFs when destroying the queues
In the Linux kernel, the following vulnerability has been resolved: idpf: fix UAFs when destroying the queues The second tagged commit started sometimes very rarely, but possible throwing WARNs from net/core/pagepool.c:pagepooldisabledirectrecycling. Turned out idpf frees interrupt vectors with...
CVE-2022-48914
In the Linux kernel, the following vulnerability has been resolved: xen/netfront: destroy queues before realnumtxqueues is zeroed xennetdestroyqueues relies on info-netdev-realnumtxqueues to delete queues. Since d7dac083414eb5bb99a6d2ed53dc2c1b405224e5 "net-sysfs: update the queue counts in the...
CVE-2024-42285
In the Linux kernel, the following vulnerability has been resolved: RDMA/iwcm: Fix a use-after-free related to destroying CM IDs iwconnreqhandler associates a new struct rdmaidprivate connid with an existing struct iwcmid cmid as follows: connid-cmid.iw = cmid; cmid-context = connid; cmid-cmhandl...
DEBIAN-CVE-2024-42285
In the Linux kernel, the following vulnerability has been resolved: RDMA/iwcm: Fix a use-after-free related to destroying CM IDs iwconnreqhandler associates a new struct rdmaidprivate connid with an existing struct iwcmid cmid as follows: connid-cmid.iw = cmid; cmid-context = connid; cmid-cmhandl...
AZL-47825 CVE-2024-42285 affecting package kernel for versions less than 6.6.47.1-1
In the Linux kernel, the following vulnerability has been resolved: RDMA/iwcm: Fix a use-after-free related to destroying CM IDs iwconnreqhandler associates a new struct rdmaidprivate connid with an existing struct iwcmid cmid as follows: connid-cmid.iw = cmid; cmid-context = connid; cmid-cmhandl...
UBUNTU-CVE-2024-42285
In the Linux kernel, the following vulnerability has been resolved: RDMA/iwcm: Fix a use-after-free related to destroying CM IDs iwconnreqhandler associates a new struct rdmaidprivate connid with an existing struct iwcmid cmid as follows: connid-cmid.iw = cmid; cmid-context = connid; cmid-cmhandl...
CVE-2024-42285 RDMA/iwcm: Fix a use-after-free related to destroying CM IDs
In the Linux kernel, the following vulnerability has been resolved: RDMA/iwcm: Fix a use-after-free related to destroying CM IDs iwconnreqhandler associates a new struct rdmaidprivate connid with an existing struct iwcmid cmid as follows: connid-cmid.iw = cmid; cmid-context = connid; cmid-cmhandl...
CVE-2024-42285
The CVE-2024-42285 entry affects the Linux kernel’s RDMA/iwcm code and describes a use-after-free when destroying CM IDs. The issue originates from how iw_conn_req_handler() associates a new rdma_id_private (conn_id) with an existing iw_cm_id (cm_id): conn_id->cm_id.iw = cm_id; cm_id->conte...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that originates in the nvmet module when destroying controllers, if during qp creation, there may be a small window that...
Linux kernel security vulnerabilities
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that stems from a contention condition issue with the netfilter:ipset component when destroying all sets...
DEBIAN-CVE-2021-47379
In the Linux kernel, the following vulnerability has been resolved: blk-cgroup: fix UAF by grabbing blkcg lock before destroying blkg pd KASAN reports a use-after-free report when doing fuzz test: 693354.104835 ================================================================== 693354.105094 BUG:...
CVE-2023-33876
A use-after-free vulnerability exists in the way Foxit Reader 12.1.2.15332 handles destroying annotations. Specially crafted Javascript code inside a malicious PDF document can trigger reuse of a previously freed object, which can lead to memory corruption and result in arbitrary code execution. ...
PT-2023-3891 · Foxit · Foxit Reader
Name of the Vulnerable Software and Affected Versions: Foxit Reader version 12.1.2.15332 Description: A use-after-free vulnerability exists in the way Foxit Reader handles destroying annotations. Specially crafted Javascript code inside a malicious PDF document can trigger reuse of a previously...