DEBIAN-CVE-2024-50028

In the Linux kernel, the following vulnerability has been resolved: thermal: core: Reference count the zone in thermalzonegetbyid There are places in the thermal netlink code where nothing prevents the thermal zone object from going away while being accessed after it has been returned by...

DEBIAN-CVE-2022-49000

In the Linux kernel, the following vulnerability has been resolved: iommu/vt-d: Fix PCI device refcount leak in hasexternalpci foreachpcidev is implemented by pcigetdevice. The comment of pcigetdevice says that it will increase the reference count for the returned pcidev and also decrease the...

CVE-2024-46674 usb: dwc3: st: fix probed platform device ref count on probe error path

In the Linux kernel, the following vulnerability has been resolved: usb: dwc3: st: fix probed platform device ref count on probe error path The probe function never performs any paltform device allocation, thus error path "undoplatformdevalloc" is entirely bogus. It drops the reference count from...

CVE-2024-46674 usb: dwc3: st: fix probed platform device ref count on probe error path

In the Linux kernel, the following vulnerability has been resolved: usb: dwc3: st: fix probed platform device ref count on probe error path The probe function never performs any paltform device allocation, thus error path "undoplatformdevalloc" is entirely bogus. It drops the reference count from...

SUSE CVE-2024-43913

In the Linux kernel, the following vulnerability has been resolved: nvme: apple: fix device reference counting Drivers must call nvmeuninitctrl after a successful nvmeinitctrl. Split the allocation side out to make the error handling boundary easier to navigate. The apple driver had been doing th...

CVE-2024-43913

In the Linux kernel, the following vulnerability has been resolved: nvme: apple: fix device reference counting Drivers must call nvmeuninitctrl after a successful nvmeinitctrl. Split the allocation side out to make the error handling boundary easier to navigate. The apple driver had been doing th...

CVE-2024-43913 nvme: apple: fix device reference counting

In the Linux kernel, the following vulnerability has been resolved: nvme: apple: fix device reference counting Drivers must call nvmeuninitctrl after a successful nvmeinitctrl. Split the allocation side out to make the error handling boundary easier to navigate. The apple driver had been doing th...

CVE-2024-43913

In the Linux kernel, the following vulnerability has been resolved: nvme: apple: fix device reference counting Drivers must call nvmeuninitctrl after a successful nvmeinitctrl. Split the allocation side out to make the error handling boundary easier to navigate. The apple driver had been doing th...

CVE-2024-43913 nvme: apple: fix device reference counting

In the Linux kernel, the following vulnerability has been resolved: nvme: apple: fix device reference counting Drivers must call nvmeuninitctrl after a successful nvmeinitctrl. Split the allocation side out to make the error handling boundary easier to navigate. The apple driver had been doing th...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a leak in the ixgbe driver when handling PCI device reference counts...

kernel: netfilter: nft_chain_filter: handle NETDEV_UNREGISTER for inet/ingress basechain

A vulnerability was found in the Linux kernel's netfilter subsystem, related to the nftchainfilter feature. This issue occurs when a NETDEVUNREGISTER event is reported, which can leave a stale reference to a network device in the ingress basechain. If this issue is not addressed, this stale...

kernel: netfilter: nft_chain_filter: handle NETDEV_UNREGISTER for inet/ingress basechain

A vulnerability was found in the Linux kernel's netfilter subsystem, related to the nftchainfilter feature. This issue occurs when a NETDEVUNREGISTER event is reported, which can leave a stale reference to a network device in the ingress basechain. If this issue is not addressed, this stale...

gitoxide 安全漏洞

gitoxide is a git implementation written in Rust by the individual developer Sebastian Thiel. A security vulnerability exists in gitoxide prior to version 0.36.0, which can be exploited to write arbitrary data to a device by obtaining a reference that conflicts with an old device name...

CVE-2023-52765

In the Linux kernel, the following vulnerability has been resolved: mfd: qcom-spmi-pmic: Fix revid implementation The Qualcomm SPMI PMIC revid implementation is broken in multiple ways. First, it assumes that just because the sibling base device has been registered that means that it is also boun...

UBUNTU-CVE-2024-26960

In the Linux kernel, the following vulnerability has been resolved: mm: swap: fix race between freeswapandcache and swapoff There was previously a theoretical window where swapoff could run and teardown a swapinfostruct while a call to freeswapandcache was running in another thread. This could...

UBUNTU-CVE-2024-26801

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: Avoid potential use-after-free in hcierrorreset While handling the HCIEVHARDWAREERROR event, if the underlying BT controller is not responding, the GPIO reset mechanism would free the hcidev and lead to a use-after-fre...

CVE-2023-52617 PCI: switchtec: Fix stdev_release() crash after surprise hot remove

In the Linux kernel, the following vulnerability has been resolved: PCI: switchtec: Fix stdevrelease crash after surprise hot remove A PCI device hot removal may occur while stdev-cdev is held open. The call to stdevrelease then happens during close or exit, at a point way past switchtecpciremove...

kernel: perf/x86/intel/uncore: Fix reference count leak in hswep_has_limit_sbox()

In the Linux kernel, the following vulnerability has been resolved: perf/x86/intel/uncore: Fix reference count leak in hswephaslimitsbox pcigetdevice will increase the reference count for the returned 'dev'. We need to call pcidevput to decrease the reference count. Since 'dev' is only used in...

kernel: drm/radeon: Fix PCI device refcount leak in radeon_atrm_get_bios()

A reference leak flaw was found in the Linux kernel's Radeon graphics driver in the BIOS retrieval logic. A local user on systems with AMD Radeon graphics hardware can trigger this issue when the driver searches for ACPI firmware tables and exits the search loop with an acquired PCI device...

kernel: perf/x86/intel/uncore: Fix reference count leak in snr_uncore_mmio_map()

In the Linux kernel, the following vulnerability has been resolved: perf/x86/intel/uncore: Fix reference count leak in snruncoremmiomap pcigetdevice will increase the reference count for the returned pcidev, so snruncoregetmcdev will return a pcidev with its reference count increased. We need to...