26 matches found
CVE-2024-47731
CVE-2024-47731 affects the Linux kernel driver path: drivers/perf, specifically the ali_drw_pmu/ Alibaba uncore PMU handling. The vulnerability arises because the alibaba_uncore_pmu driver did not clear all interrupt statuses in its interrupt processing function, so after a PMU counter overflow a...
CVE-2024-47731 drivers/perf: Fix ali_drw_pmu driver interrupt status clearing
In the Linux kernel, the following vulnerability has been resolved: drivers/perf: Fix alidrwpmu driver interrupt status clearing The alibabauncorepmu driver forgot to clear all interrupt status in the interrupt processing function. After the PMU counter overflow interrupt occurred, an interrupt...
CVE-2024-47731 drivers/perf: Fix ali_drw_pmu driver interrupt status clearing
In the Linux kernel, the following vulnerability has been resolved: drivers/perf: Fix alidrwpmu driver interrupt status clearing The alibabauncorepmu driver forgot to clear all interrupt status in the interrupt processing function. After the PMU counter overflow interrupt occurred, an interrupt...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from the alidrwpmu driver in the drivers/perf module not clearing its state when handling interrupts, which could...
SUSE-SU-2024:2571-1 Security update for the Linux Kernel
The SUSE Linux Enterprise 15 SP6 kernel was updated to receive various security bugfixes. The following security bugs were fixed: - CVE-2024-39371: iouring: check for non-NULL file pointer in iofilecanpoll bsc1226990. - CVE-2023-52846: hsr: Prevent use after free in prpcreatetaggedframe bsc122509...
CVE-2024-38568
In the Linux kernel, the following vulnerability has been resolved: drivers/perf: hisi: hns3: Fix out-of-bound access when valid event group The perf tool allows users to create event groups through following cmd 1, but the driver does not check whether the array index is out of bounds when writi...
CVE-2024-38603
In the Linux kernel, the following vulnerability has been resolved: drivers/perf: hisi: hns3: Actually use devmaddactionorreset pciallocirqvectors allocates an irq vector. When devmaddaction fails, the irq vector is not freed, which leads to a memory leak. Replace the devmaddaction with...
CVE-2024-38603
In the Linux kernel, the following vulnerability has been resolved: drivers/perf: hisi: hns3: Actually use devmaddactionorreset pciallocirqvectors allocates an irq vector. When devmaddaction fails, the irq vector is not freed, which leads to a memory leak. Replace the devmaddaction with...
CVE-2024-38569
In the Linux kernel, the following vulnerability has been resolved: drivers/perf: hisipcie: Fix out-of-bound access when valid event group The perf tool allows users to create event groups through following cmd 1, but the driver does not check whether the array index is out of bounds when writing...
CVE-2024-38568
In the Linux kernel, the following vulnerability has been resolved: drivers/perf: hisi: hns3: Fix out-of-bound access when valid event group The perf tool allows users to create event groups through following cmd 1, but the driver does not check whether the array index is out of bounds when writi...
CVE-2024-38603 drivers/perf: hisi: hns3: Actually use devm_add_action_or_reset()
In the Linux kernel, the following vulnerability has been resolved: drivers/perf: hisi: hns3: Actually use devmaddactionorreset pciallocirqvectors allocates an irq vector. When devmaddaction fails, the irq vector is not freed, which leads to a memory leak. Replace the devmaddaction with...
CVE-2024-38603 drivers/perf: hisi: hns3: Actually use devm_add_action_or_reset()
In the Linux kernel, the following vulnerability has been resolved: drivers/perf: hisi: hns3: Actually use devmaddactionorreset pciallocirqvectors allocates an irq vector. When devmaddaction fails, the irq vector is not freed, which leads to a memory leak. Replace the devmaddaction with...
CVE-2024-38603
In the Linux kernel, the following vulnerability has been resolved: drivers/perf: hisi: hns3: Actually use devmaddactionorreset pciallocirqvectors allocates an irq vector. When devmaddaction fails, the irq vector is not freed, which leads to a memory leak. Replace the devmaddaction with...
CVE-2024-38603
Mode C CVE-2024-38603 (Linux kernel) affects drivers/perf: hisi: hns3. Root cause: pci_alloc_irq_vectors() allocates an irq vector; if devm_add_action() fails, the irq vector is not freed, causing a memory leak. Fix: replace devm_add_action() with devm_add_action_or_reset() so the irq vector can ...
CVE-2024-38569 drivers/perf: hisi_pcie: Fix out-of-bound access when valid event group
In the Linux kernel, the following vulnerability has been resolved: drivers/perf: hisipcie: Fix out-of-bound access when valid event group The perf tool allows users to create event groups through following cmd 1, but the driver does not check whether the array index is out of bounds when writing...
Linux kernel security vulnerabilities
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a memory leak in drivers/perf hisi hns3...
CVE-2023-52839
In the Linux kernel, the following vulnerability has been resolved: drivers: perf: Do not broadcast to other cpus when starting a counter This command: $ perf record -e cycles:k -e instructions:k -c 10000 -m 64M dd if=/dev/zero of=/dev/null count=1000 gives rise to this kernel warning: 444.364395...
CVE-2023-52797
In the Linux kernel, the following vulnerability has been resolved: drivers: perf: Check findfirstbit return value We must check the return value of findfirstbit before using the return value as an index array since it happens to overflow the array and then panic: 107.318430 Kernel BUG 1 107.3194...
CVE-2023-52860
In the Linux kernel, the following vulnerability has been resolved: drivers/perf: hisi: use cpuhpstateremoveinstancenocalls for hisihns3pmu uninit process When tearing down a 'hisihns3' PMU, we mistakenly run the CPU hotplug callbacks after the device has been unregistered, leading to fireworks...
CVE-2023-52797
In the Linux kernel, the following vulnerability has been resolved: drivers: perf: Check findfirstbit return value We must check the return value of findfirstbit before using the return value as an index array since it happens to overflow the array and then panic: 107.318430 Kernel BUG 1 107.3194...