OESA-2024-2294 kernel security update

The Linux Kernel, the operating system core itself. Security Fixes: In the Linux kernel, the following vulnerability has been resolved: ipv6: sr: fix invalid unregister error path The error path of seg6init is wrong in case CONFIGIPV6SEG6LWTUNNEL is not defined. In that case if seg6hmacinit fails...

SUSE CVE-2022-49002

In the Linux kernel, the following vulnerability has been resolved: iommu/vt-d: Fix PCI device refcount leak in dmardevscopeinit foreachpcidev is implemented by pcigetdevice. The comment of pcigetdevice says that it will increase the reference count for the returned pcidev and also decrease the...

CVE-2022-48981

In the Linux kernel, the following vulnerability has been resolved: drm/shmem-helper: Remove errant put in error path drmgemshmemmmap doesn't own this reference, resulting in the GEM object getting prematurely freed leading to a later use-after-free...

CVE-2022-49002

In the Linux kernel, the following vulnerability has been resolved: iommu/vt-d: Fix PCI device refcount leak in dmardevscopeinit foreachpcidev is implemented by pcigetdevice. The comment of pcigetdevice says that it will increase the reference count for the returned pcidev and also decrease the...

UBUNTU-CVE-2022-49020

In the Linux kernel, the following vulnerability has been resolved: net/9p: Fix a potential socket leak in p9socketopen Both p9fdcreatetcp and p9fdcreateunix will call p9socketopen. If the creation of p9transfd fails, p9fdcreatetcp and p9fdcreateunix will return an error directly instead of...

UBUNTU-CVE-2022-49002

In the Linux kernel, the following vulnerability has been resolved: iommu/vt-d: Fix PCI device refcount leak in dmardevscopeinit foreachpcidev is implemented by pcigetdevice. The comment of pcigetdevice says that it will increase the reference count for the returned pcidev and also decrease the...

UBUNTU-CVE-2022-48955

In the Linux kernel, the following vulnerability has been resolved: net: thunderbolt: fix memory leak in tbnetopen When tbringallocrx failed in tbnetopen, ida that allocated in tbxdomainallocouthopid is not released. Add tbxdomainreleaseouthopid to the error path to release ida...

CVE-2022-49002 iommu/vt-d: Fix PCI device refcount leak in dmar_dev_scope_init()

In the Linux kernel, the following vulnerability has been resolved: iommu/vt-d: Fix PCI device refcount leak in dmardevscopeinit foreachpcidev is implemented by pcigetdevice. The comment of pcigetdevice says that it will increase the reference count for the returned pcidev and also decrease the...

CVE-2022-48998 powerpc/bpf/32: Fix Oops on tail call tests

In the Linux kernel, the following vulnerability has been resolved: powerpc/bpf/32: Fix Oops on tail call tests testbpf tail call tests end up as: testbpf: 0 Tail call leaf jited:1 85 PASS testbpf: 1 Tail call 2 jited:1 111 PASS testbpf: 2 Tail call 3 jited:1 145 PASS testbpf: 3 Tail call 4 jited...

CVE-2022-48981 drm/shmem-helper: Remove errant put in error path

In the Linux kernel, the following vulnerability has been resolved: drm/shmem-helper: Remove errant put in error path drmgemshmemmmap doesn't own this reference, resulting in the GEM object getting prematurely freed leading to a later use-after-free...

CVE-2022-48981 drm/shmem-helper: Remove errant put in error path

In the Linux kernel, the following vulnerability has been resolved: drm/shmem-helper: Remove errant put in error path drmgemshmemmmap doesn't own this reference, resulting in the GEM object getting prematurely freed leading to a later use-after-free...

CVE-2022-48981

CVE-2022-48981 is a Linux kernel vulnerability related to DRM SHMEM: the error-path handling in drm/shmem-helper and the ownership of references in drm_gem_shmem_mmap() can cause a use-after-free of a GEM object. The root cause is that drm_gem_shmem_mmap() does not own a reference, potentially fr...

CVE-2024-50001 net/mlx5: Fix error path in multi-packet WQE transmit

In the Linux kernel, the following vulnerability has been resolved: net/mlx5: Fix error path in multi-packet WQE transmit Remove the erroneous unmap in case no DMA mapping was established The multi-packet WQE transmit code attempts to obtain a DMA mapping for the skb. This could fail, e.g. under...

SUSE CVE-2024-47693

In the Linux kernel, the following vulnerability has been resolved: IB/core: Fix ibcachesetupone error flow cleanup When ibcacheupdate return an error, we exit ibcachesetupone instantly with no proper cleanup, even though before this we had already successfully done gidtablesetupone, that results...

CVE-2024-47728

CVE-2024-47728 concerns the Linux kernel where a vulnerability in the BPF subsystem could leak memory due to ARG_PTR_TO_{LONG,INT} arguments on error paths. The resolved description indicates the fix zeros the former ARG_PTR_TO_{LONG,INT} inputs for non-tracing helpers when an error occurs, preve...

CVE-2024-47728 bpf: Zero former ARG_PTR_TO_{LONG,INT} args in case of error

In the Linux kernel, the following vulnerability has been resolved: bpf: Zero former ARGPTRTOLONG,INT args in case of error For all non-tracing helpers which formerly had ARGPTRTOLONG,INT as input arguments, zero the value for the case of an error as otherwise it could leak memory. For tracing, i...

Linux kernel 资源管理错误漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from an improper reference to vma in the hugetlb error path...

CVE-2024-46741

...

CVE-2024-46674

...

SUSE CVE-2024-47669

In the Linux kernel, the following vulnerability has been resolved: nilfs2: fix state management in error path of log writing function After commit a694291a6211 "nilfs2: separate wait function from nilfssegctorwrite" was applied, the log writing function nilfssegctordoconstruct was able to issue...