CVE-2024-53064

In the Linux kernel, the following vulnerability has been resolved: idpf: fix idpfvccoreinit error path In an event where the platform running the device control plane is rebooted, reset is detected on the driver. It releases all the resources and waits for the reset to complete. Once the reset i...

DEBIAN-CVE-2024-53073

In the Linux kernel, the following vulnerability has been resolved: NFSD: Never decrement pendingasynccopies on error The error flow in nfsd4copy calls cleanupasynccopy, which already decrements nn-pendingasynccopies...

CVE-2024-53044

In the Linux kernel, the following vulnerability has been resolved: net/sched: schapi: fix xainsert error path in tcfblockgetext This command: $ tc qdisc replace dev eth0 ingressblock 1 egressblock 1 clsact Error: block dev insert failed: -EBUSY. fails because user space requests the same block...

CVE-2024-53076 iio: gts-helper: Fix memory leaks for the error path of iio_gts_build_avail_scale_table()

In the Linux kernel, the following vulnerability has been resolved: iio: gts-helper: Fix memory leaks for the error path of iiogtsbuildavailscaletable If pertimescalesi or pertimegainsi kcalloc fails in the for loop of iiogtsbuildavailscaletable, the errfreeout will fail to call kfree each time...

CVE-2024-53064

CVE-2024-53064 is a Linux kernel issue in the idpf/vc_core mailbox path. During a reboot-retry sequence, the mailbox workqueue may still run after resources are freed, leading to a NULL pointer dereference when the released control queue is accessed. The fix unrolls the workqueue cancellation and...

CVE-2024-53044 net/sched: sch_api: fix xa_insert() error path in tcf_block_get_ext()

In the Linux kernel, the following vulnerability has been resolved: net/sched: schapi: fix xainsert error path in tcfblockgetext This command: $ tc qdisc replace dev eth0 ingressblock 1 egressblock 1 clsact Error: block dev insert failed: -EBUSY. fails because user space requests the same block...

CVE-2024-50280

CVE-2024-50280 : In the Linux kernel, the dm cache feature was fixed to avoid warning in flush_work() when cache creation fails due to destroying an uninitialized delayed_work waker. Root cause: cancel_delayed_work_sync() remained in the error path of cache_create(), risking a WARN_ON in certain ...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from the idpfvccoreinit error path. No details of the vulnerability are provided at this time...

CLSA-2024-1731603213 Fix of 76 CVEs

CVE-url: https://ubuntu.com/security/CVE-2024-44946 - kcm: Serialise kcmsendmsg for the same socket. CVE-url: https://ubuntu.com/security/CVE-2024-42292 - kobjectuevent: Fix OOB access within zapmodaliasenv CVE-url: https://ubuntu.com/security/CVE-2024-41042 - netfilter: nftables: prefer...

CLSA-2024-1731602566 Fix of 76 CVEs

CVE-url: https://ubuntu.com/security/CVE-2024-44946 - kcm: Serialise kcmsendmsg for the same socket. CVE-url: https://ubuntu.com/security/CVE-2024-42292 - kobjectuevent: Fix OOB access within zapmodaliasenv CVE-url: https://ubuntu.com/security/CVE-2024-41042 - netfilter: nftables: prefer...

kernel: net/usb: kalmia: Don't pass act_len in usb_bulk_msg error path

In the Linux kernel, the following vulnerability has been resolved: net/usb: kalmia: Don't pass actlen in usbbulkmsg error path syzbot reported that actlen in kalmiasendinitpacket is uninitialized when passing it to the first usbbulkmsg error path. Jiri Pirko noted that it's pointless to pass it ...

CVE-2024-50001

...

SUSE CVE-2024-50215

In the Linux kernel, the following vulnerability has been resolved: nvmet-auth: assign dhkey to NULL after kfreesensitive ctrl-dhkey might be used across multiple calls to nvmetsetupdhgroup for the same controller. So it's better to nullify it after release on error path in order to avoid double...

CVE-2024-50197

In the Linux kernel, the following vulnerability has been resolved: pinctrl: intel: platform: fix error path in deviceforeachchildnode The deviceforeachchildnode loop requires calls to fwnodehandleput upon early returns to decrement the refcount of the child node and avoid leaking memory if that...

CVE-2024-50197

CVE-2024-50197 : In the Linux kernel, the pinctrl: intel: platform path fixes a memory leak in the device_for_each_child_node() error path. The bug occurred because there was an early return in intel_platform_pinctrl_prepare_community() where fwnode_handle_put() was not called to drop a reference...

CVE-2024-50197 pinctrl: intel: platform: fix error path in device_for_each_child_node()

In the Linux kernel, the following vulnerability has been resolved: pinctrl: intel: platform: fix error path in deviceforeachchildnode The deviceforeachchildnode loop requires calls to fwnodehandleput upon early returns to decrement the refcount of the child node and avoid leaking memory if that...

CVE-2024-50197

In the Linux kernel, the following vulnerability has been resolved: pinctrl: intel: platform: fix error path in deviceforeachchildnode The deviceforeachchildnode loop requires calls to fwnodehandleput upon early returns to decrement the refcount of the child node and avoid leaking memory if that...

DEBIAN-CVE-2024-50144

In the Linux kernel, the following vulnerability has been resolved: drm/xe: fix unbalanced rpm put with fencefini Currently we can call fencefini twice if something goes wrong when sending the GuC CT for the tlb request, since we signal the fence and return an error, leading to the caller also...

DEBIAN-CVE-2024-50088

In the Linux kernel, the following vulnerability has been resolved: btrfs: fix uninitialized pointer free in addinoderef The addinoderef function does not initialize the "name" struct when it is declared. If any of the following calls to "readoneinode returns NULL, dir = readoneinoderoot,...

UBUNTU-CVE-2024-50088

In the Linux kernel, the following vulnerability has been resolved: btrfs: fix uninitialized pointer free in addinoderef The addinoderef function does not initialize the "name" struct when it is declared. If any of the following calls to "readoneinode returns NULL, dir = readoneinoderoot,...