CVE-2024-46698 video/aperture: optionally match the device in sysfb_disable()

In the Linux kernel, the following vulnerability has been resolved: video/aperture: optionally match the device in sysfbdisable In apertureremoveconflictingpcidevices, we currently only call sysfbdisable on vga class devices. This leads to the following problem when the pimary device is not VGA...

SUSE CVE-2024-44989

In the Linux kernel, the following vulnerability has been resolved: bonding: fix xfrm realdev null pointer dereference We shouldn't set realdev to NULL because packets can be in transit and xfrm might call xdodevoffloadok in parallel. All callbacks assume realdev is set. Example trace: kernel: BU...

AZL-48765 CVE-2024-44989 affecting package kernel for versions less than 5.15.167.1-1

In the Linux kernel, the following vulnerability has been resolved: bonding: fix xfrm realdev null pointer dereference We shouldn't set realdev to NULL because packets can be in transit and xfrm might call xdodevoffloadok in parallel. All callbacks assume realdev is set. Example trace: kernel: BU...

UBUNTU-CVE-2024-44989

In the Linux kernel, the following vulnerability has been resolved: bonding: fix xfrm realdev null pointer dereference We shouldn't set realdev to NULL because packets can be in transit and xfrm might call xdodevoffloadok in parallel. All callbacks assume realdev is set. Example trace: kernel: BU...

UBUNTU-CVE-2024-42089

In the Linux kernel, the following vulnerability has been resolved: ASoC: fsl-asoc-card: set priv-pdev before using it priv-pdev pointer was set after being used in fslasoccardaudmuxinit. Move this assignment at the start of the probe function, so sub-functions can correctly use pdev through priv...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from the priv-pdev pointer being set after use in the fslasoccardaudmuxinit function...

kernel: nfsd: call op_release, even when op_func returns an error

In the Linux kernel, the following vulnerability has been resolved: nfsd: call oprelease, even when opfunc returns an error For ops with "trivial" replies, nfsd4encodeoperation will shortcut most of the encoding work and skip to just marshalling up the status. One of the things it skips is callin...

CVE-2019-14088

Possible use after free issue while CRM is accessing the link pointer from device private data due to lack of resource protection in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in APQ800...

Double free

NULL is assigned to local instance of audio device pointer after free instead of global static pointer and can lead to use after free issue in Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in APQ8009, APQ8053...