74 matches found
DEBIAN-CVE-2023-53231
In the Linux kernel, the following vulnerability has been resolved: erofs: Fix detection of atomic context Current check for atomic context is not sufficient as zerofsdecompressqueueendio can be called under rcu lock from blkmqflushpluglist. See the stacktrace 1 In such case we should hand off th...
CVE-2023-53210
In the Linux kernel, the following vulnerability has been resolved: md/raid5-cache: fix null-ptr-deref for r5lflushstripetoraid r5lflushstripetoraid will check if the list 'flushingios' is empty, and then submit 'flushbio', however, r5llogflushendio is clearing the list first and then clear the...
DEBIAN-CVE-2023-53210
In the Linux kernel, the following vulnerability has been resolved: md/raid5-cache: fix null-ptr-deref for r5lflushstripetoraid r5lflushstripetoraid will check if the list 'flushingios' is empty, and then submit 'flushbio', however, r5llogflushendio is clearing the list first and then clear the...
CVE-2023-53231 erofs: Fix detection of atomic context
In the Linux kernel, the following vulnerability has been resolved: erofs: Fix detection of atomic context Current check for atomic context is not sufficient as zerofsdecompressqueueendio can be called under rcu lock from blkmqflushpluglist. See the stacktrace 1 In such case we should hand off th...
CVE-2023-53231 erofs: Fix detection of atomic context
In the Linux kernel, the following vulnerability has been resolved: erofs: Fix detection of atomic context Current check for atomic context is not sufficient as zerofsdecompressqueueendio can be called under rcu lock from blkmqflushpluglist. See the stacktrace 1 In such case we should hand off th...
CVE-2023-53210 md/raid5-cache: fix null-ptr-deref for r5l_flush_stripe_to_raid()
In the Linux kernel, the following vulnerability has been resolved: md/raid5-cache: fix null-ptr-deref for r5lflushstripetoraid r5lflushstripetoraid will check if the list 'flushingios' is empty, and then submit 'flushbio', however, r5llogflushendio is clearing the list first and then clear the...
CVE-2023-53210 md/raid5-cache: fix null-ptr-deref for r5l_flush_stripe_to_raid()
In the Linux kernel, the following vulnerability has been resolved: md/raid5-cache: fix null-ptr-deref for r5lflushstripetoraid r5lflushstripetoraid will check if the list 'flushingios' is empty, and then submit 'flushbio', however, r5llogflushendio is clearing the list first and then clear the...
CVE-2023-53210
CVE-2023-53210 affects Linux kernel md/raid5-cache code: a null pointer dereference can occur in r5l_flush_stripe_to_raid() when io completion is processed after the log end clears the list. The root cause is r5l_log_flush_endio() clearing the list before handling bio cleanup, which can lead to a...
CVE-2023-53210 md/raid5-cache: fix null-ptr-deref for r5l_flush_stripe_to_raid()
In the Linux kernel, the following vulnerability has been resolved: md/raid5-cache: fix null-ptr-deref for r5lflushstripetoraid r5lflushstripetoraid will check if the list 'flushingios' is empty, and then submit 'flushbio', however, r5llogflushendio is clearing the list first and then clear the...
SUSE-SU-2025:20436-1 Security update for kernel-livepatch-MICRO-6-0_Update_2
This update for kernel-livepatch-MICRO-6-0Update2 fixes the following issues: - CVE-2024-56601: net: inet: do not leave a dangling sk pointer in inetcreate bsc1235231 - CVE-2024-50279: dm cache: fix out-of-bounds access to the dirty bitset when resizing bsc1233708 - CVE-2024-50301: security/keys:...
Security update for the Linux Kernel RT (Live Patch 1 for SLE 15 SP6)
This update for the Linux Kernel 6.4.0-150600105 fixes several issues. The following security issues were fixed: CVE-2024-56601: net: inet: do not leave a dangling sk pointer in inetcreate bsc1235231. CVE-2024-50279: dm cache: fix out-of-bounds access to the dirty bitset when resizing bsc1233708...
btrfs: fix use-after-free in btrfs_encoded_read_endio()
...
SUSE CVE-2022-49167
In the Linux kernel, the following vulnerability has been resolved: btrfs: do not double complete bio on errors during compressed reads I hit some weird panics while fixing up the error handling from btrfslookupbiosums. Turns out the compression path will complete the bio we use if we set up any ...
SUSE CVE-2022-49168
In the Linux kernel, the following vulnerability has been resolved: btrfs: do not clean up repair bio if submit fails The submit helper will always run bioendio on the bio if it fails to submit, so cleaning up the bio just leads to a variety of use-after-free and NULL pointer dereference bugs...
CVE-2022-49168
In the Linux kernel, the following vulnerability has been resolved: btrfs: do not clean up repair bio if submit fails The submit helper will always run bioendio on the bio if it fails to submit, so cleaning up the bio just leads to a variety of use-after-free and NULL pointer dereference bugs...
DEBIAN-CVE-2022-49168
In the Linux kernel, the following vulnerability has been resolved: btrfs: do not clean up repair bio if submit fails The submit helper will always run bioendio on the bio if it fails to submit, so cleaning up the bio just leads to a variety of use-after-free and NULL pointer dereference bugs...
UBUNTU-CVE-2022-49167
In the Linux kernel, the following vulnerability has been resolved: btrfs: do not double complete bio on errors during compressed reads I hit some weird panics while fixing up the error handling from btrfslookupbiosums. Turns out the compression path will complete the bio we use if we set up any ...
UBUNTU-CVE-2022-49168
In the Linux kernel, the following vulnerability has been resolved: btrfs: do not clean up repair bio if submit fails The submit helper will always run bioendio on the bio if it fails to submit, so cleaning up the bio just leads to a variety of use-after-free and NULL pointer dereference bugs...
Astra Linux – Vulnerability in Linux 6.1
In the Linux kernel, the following vulnerabilities have been resolved: btrfs: Fixed a use-after-free in btrfsencodedreadendio. Shinichiro reported the following use-after-free that sometimes occurs in our CI system when running fstests' btrfs/284 on a TCMU runner device: BUG: KASAN:...
SUSE CVE-2024-56582
In the Linux kernel, the following vulnerability has been resolved: btrfs: fix use-after-free in btrfsencodedreadendio Shinichiro reported the following use-after free that sometimes is happening in our CI system when running fstests' btrfs/284 on a TCMU runner device: BUG: KASAN:...