70 matches found
CVE-2024-45027
The CVE-2024-45027 issue affects the Linux kernel XHCI driver: if xhci_mem_init() fails after max_interrupters is set but before interrupters are allocated, xhci_mem_cleanup() can unconditionally dereference xhci->interrupters. The documented fix gates the interrupt freeing loop with a NULL ch...
CVE-2024-43856
In the Linux kernel, the following vulnerability has been resolved: dma: fix call order in dmamfreecoherent dmamfreecoherent frees a DMA allocation, which makes the freed vaddr available for reuse, then calls devresdestroy to remove and free the data structure used to track the DMA allocation...
CVE-2024-43856
In the Linux kernel, the following vulnerability has been resolved: dma: fix call order in dmamfreecoherent dmamfreecoherent frees a DMA allocation, which makes the freed vaddr available for reuse, then calls devresdestroy to remove and free the data structure used to track the DMA allocation...
CVE-2024-43856
CVE-2024-43856 : Linux kernel vulnerability in dmam_free_coherent() where freeing a DMA allocation could race with concurrent allocations to the same vaddr, causing two devres entries to share the same vaddr and possibly free the wrong one. The fix is to destroy the devres entry before freeing th...
SUSE SLES15: kernel-azure / kernel-azure-devel / kernel-devel-azure / etc (SUSE-SU-2024:2896-1)
The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:2896-1 advisory. The SUSE Linux Enterprise 15 SP6 Azure kernel was updated to receive various security bugfixes. The following security bugs were...
UBUNTU-CVE-2024-40923
In the Linux kernel, the following vulnerability has been resolved: vmxnet3: disable rx data ring on dma allocation failure When vmxnet3rqcreate fails to allocate memory for rq-dataring.base, the subsequent call to vmxnet3rqdestroyallrxdataring does not reset rq-dataring.descsize for the data rin...
CVE-2024-40979 wifi: ath12k: fix kernel crash during resume
In the Linux kernel, the following vulnerability has been resolved: wifi: ath12k: fix kernel crash during resume Currently during resume, QMI target memory is not properly handled, resulting in kernel crash in case DMA remap is not supported: BUG: Bad page state in process kworker/u16:54 pfn:36e8...
CVE-2024-40979
CVE-2024-40979 describes a Linux kernel issue in the ath12k QMI memory handling during resume. When the module loads, firmware requests large memory segments; if DMA remap is not supported, initial allocations fail and a second attempt uses small segments that succeed. On resume, the driver again...
CVE-2024-40923 vmxnet3: disable rx data ring on dma allocation failure
In the Linux kernel, the following vulnerability has been resolved: vmxnet3: disable rx data ring on dma allocation failure When vmxnet3rqcreate fails to allocate memory for rq-dataring.base, the subsequent call to vmxnet3rqdestroyallrxdataring does not reset rq-dataring.descsize for the data rin...
CVE-2024-40923 vmxnet3: disable rx data ring on dma allocation failure
In the Linux kernel, the following vulnerability has been resolved: vmxnet3: disable rx data ring on dma allocation failure When vmxnet3rqcreate fails to allocate memory for rq-dataring.base, the subsequent call to vmxnet3rqdestroyallrxdataring does not reset rq-dataring.descsize for the data rin...
SUSE CVE-2024-35994
In the Linux kernel, the following vulnerability has been resolved: firmware: qcom: uefisecapp: Fix memory related IO errors and crashes It turns out that while the QSEECOM APPSEND command has specific fields for request and response buffers, uefisecapp expects them both to be in a single memory...
CVE-2024-35994
A vulnerability was found in the Qualcomm firmware driver qcomqseecomuefisecapp in the Linux kernel. It arises from incorrect memory allocation for request and response buffers in the QSEECOM APPSEND command. The driver expects both buffers to be in a single memory region, but they are allocated...
DEBIAN-CVE-2024-35994
In the Linux kernel, the following vulnerability has been resolved: firmware: qcom: uefisecapp: Fix memory related IO errors and crashes It turns out that while the QSEECOM APPSEND command has specific fields for request and response buffers, uefisecapp expects them both to be in a single memory...
CVE-2024-35994
In the Linux kernel, the following vulnerability has been resolved: firmware: qcom: uefisecapp: Fix memory related IO errors and crashes It turns out that while the QSEECOM APPSEND command has specific fields for request and response buffers, uefisecapp expects them both to be in a single memory...
CVE-2024-35994 firmware: qcom: uefisecapp: Fix memory related IO errors and crashes
In the Linux kernel, the following vulnerability has been resolved: firmware: qcom: uefisecapp: Fix memory related IO errors and crashes It turns out that while the QSEECOM APPSEND command has specific fields for request and response buffers, uefisecapp expects them both to be in a single memory...
CVE-2024-35994
CVE-2024-35994 (Linux kernel, qcom uefisecapp): The vulnerability stems from memory handling in QSEECOM app calls where APP_SEND buffers for request and response were treated as separate regions. The root cause was two consecutive kzalloc() allocations that could yield adjacent memory, causing un...
DEBIAN-CVE-2024-26839
In the Linux kernel, the following vulnerability has been resolved: IB/hfi1: Fix a memleak in initcreditreturn When dmaalloccoherent fails to allocate dd-crbasei.va, initcreditreturn should deallocate dd-crbase and dd-crbasei that allocated before. Or those resources would be never freed and a...
CVE-2024-26839 IB/hfi1: Fix a memleak in init_credit_return
In the Linux kernel, the following vulnerability has been resolved: IB/hfi1: Fix a memleak in initcreditreturn When dmaalloccoherent fails to allocate dd-crbasei.va, initcreditreturn should deallocate dd-crbase and dd-crbasei that allocated before. Or those resources would be never freed and a...
SUSE CVE-2017-9725
In all Qualcomm products with Android releases from CAF using the Linux kernel, during DMA allocation, due to wrong data type of size, allocation size gets truncated which makes allocation succeed when it should fail...
SUSE CVE-2018-5332
In the Linux kernel through 3.2, the rdsmessageallocsgs function does not validate a value that is used during DMA page allocation, leading to a heap-based out-of-bounds write related to the rdsrdmaextrasize function in net/rds/rdma.c...