DEBIAN-CVE-2024-41096

In the Linux kernel, the following vulnerability has been resolved: PCI/MSI: Fix UAF in msicapabilityinit KFENCE reports the following UAF: BUG: KFENCE: use-after-free read in pcienablemsirange+0x2c0/0x488 Use-after-free read at 0x0000000024629571 in kfence-12: pcienablemsirange+0x2c0/0x488...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a callback function that releases madev when an auxiliary device addition fails and calls auxiliary device...

CVE-2024-31143

An optional feature of PCI MSI called "Multiple Message" allows a device to use multiple consecutive interrupt vectors. Unlike for MSI-X, the setting up of these consecutive vectors needs to happen all in one go. In this handling an error path could be taken in different situations, with or witho...

CVE-2024-31143

An optional feature of PCI MSI called "Multiple Message" allows a device to use multiple consecutive interrupt vectors. Unlike for MSI-X, the setting up of these consecutive vectors needs to happen all in one go. In this handling an error path could be taken in different situations, with or witho...

UBUNTU-CVE-2024-31143

An optional feature of PCI MSI called "Multiple Message" allows a device to use multiple consecutive interrupt vectors. Unlike for MSI-X, the setting up of these consecutive vectors needs to happen all in one go. In this handling an error path could be taken in different situations, with or witho...

CVE-2024-31143 double unlock in x86 guest IRQ handling

An optional feature of PCI MSI called "Multiple Message" allows a device to use multiple consecutive interrupt vectors. Unlike for MSI-X, the setting up of these consecutive vectors needs to happen all in one go. In this handling an error path could be taken in different situations, with or witho...

CVE-2024-31143

CVE-2024-31143 concerns the PCI MSI Multiple Message feature. In Xen’s handling of multiple consecutive interrupt vectors, an error path may release a lock even when it is not held, which is the root cause described in the initial document. The vulnerability affects environments using PCI MSI wit...

CVE-2024-31143 double unlock in x86 guest IRQ handling

An optional feature of PCI MSI called "Multiple Message" allows a device to use multiple consecutive interrupt vectors. Unlike for MSI-X, the setting up of these consecutive vectors needs to happen all in one go. In this handling an error path could be taken in different situations, with or witho...

Xen: double unlock in x86 guest IRQ handling (XSA-458)

An optional feature of PCI MSI called 'Multiple Message' allows a device to use multiple consecutive interrupt vectors. Unlike for MSI-X, the setting up of these consecutive vectors needs to happen all in one go. In this handling an error path could be taken in different situations, with or witho...

SUSE CVE-2022-48778

In the Linux kernel, the following vulnerability has been resolved: mtd: rawnand: gpmi: don't leak PM reference in error path If gpminfcapplytimings fails, the PM runtime usage counter must be dropped...

DEBIAN-CVE-2022-48778

In the Linux kernel, the following vulnerability has been resolved: mtd: rawnand: gpmi: don't leak PM reference in error path If gpminfcapplytimings fails, the PM runtime usage counter must be dropped...

CVE-2022-48778

In the Linux kernel, the following vulnerability has been resolved: mtd: rawnand: gpmi: don't leak PM reference in error path If gpminfcapplytimings fails, the PM runtime usage counter must be dropped...

UBUNTU-CVE-2022-48778

In the Linux kernel, the following vulnerability has been resolved: mtd: rawnand: gpmi: don't leak PM reference in error path If gpminfcapplytimings fails, the PM runtime usage counter must be dropped...

DEBIAN-CVE-2024-40985

In the Linux kernel, the following vulnerability has been resolved: net/tcpao: Don't leak aoinfo on error-path It seems I introduced it together with TCPAOCMDFAOREQUIRED, on version 5 1 of TCP-AO patches. Quite frustrative that having all these selftests that I've written, running kmemtest & kcov...

DEBIAN-CVE-2024-40903

In the Linux kernel, the following vulnerability has been resolved: usb: typec: tcpm: fix use-after-free case in tcpmregistersourcecaps There could be a potential use-after-free case in tcpmregistersourcecaps. This could happen when: new say invalid source caps are advertised the existing source...

UBUNTU-CVE-2024-40985

In the Linux kernel, the following vulnerability has been resolved: net/tcpao: Don't leak aoinfo on error-path It seems I introduced it together with TCPAOCMDFAOREQUIRED, on version 5 1 of TCP-AO patches. Quite frustrative that having all these selftests that I've written, running kmemtest & kcov...

PT-2024-29193 · Linux +2 · Linux Kernel +2

Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to the version that includes the fix for the issue introduced in version 5 of TCP-AO patches Description: The issue is related to a leak of ao info on the error path in the net/tcp ao component of the Linux kernel...

UBUNTU-CVE-2024-39491

In the Linux kernel, the following vulnerability has been resolved: ALSA: hda: cs35l56: Fix lifetime of csdsp instance The csdsp instance is initialized in the driver probe so it should be freed in the driver remove. Also fix a missing call to csdspremove in the error path of cs35l56hdacommonprob...

kernel: net/usb: kalmia: Don't pass act_len in usb_bulk_msg error path

In the Linux kernel, the following vulnerability has been resolved: net/usb: kalmia: Don't pass actlen in usbbulkmsg error path syzbot reported that actlen in kalmiasendinitpacket is uninitialized when passing it to the first usbbulkmsg error path. Jiri Pirko noted that it's pointless to pass it ...

kernel: net/usb: kalmia: Don't pass act_len in usb_bulk_msg error path

In the Linux kernel, the following vulnerability has been resolved: net/usb: kalmia: Don't pass actlen in usbbulkmsg error path syzbot reported that actlen in kalmiasendinitpacket is uninitialized when passing it to the first usbbulkmsg error path. Jiri Pirko noted that it's pointless to pass it ...