52 matches found
SUSE CVE-2024-42135
In the Linux kernel, the following vulnerability has been resolved: vhosttask: Handle SIGKILL by flushing work and exiting Instead of lingering until the device is closed, this has us handle SIGKILL by: 1. marking the worker as killed so we no longer try to use it with new virtqueues and new flus...
AZL-54098 CVE-2024-42135 affecting package kernel 5.15.200.1-1
In the Linux kernel, the following vulnerability has been resolved: vhosttask: Handle SIGKILL by flushing work and exiting Instead of lingering until the device is closed, this has us handle SIGKILL by: 1. marking the worker as killed so we no longer try to use it with new virtqueues and new flus...
DEBIAN-CVE-2024-42135
In the Linux kernel, the following vulnerability has been resolved: vhosttask: Handle SIGKILL by flushing work and exiting Instead of lingering until the device is closed, this has us handle SIGKILL by: 1. marking the worker as killed so we no longer try to use it with new virtqueues and new flus...
UBUNTU-CVE-2024-42135
In the Linux kernel, the following vulnerability has been resolved: vhosttask: Handle SIGKILL by flushing work and exiting Instead of lingering until the device is closed, this has us handle SIGKILL by: 1. marking the worker as killed so we no longer try to use it with new virtqueues and new flus...
CVE-2024-42135
CVE-2024-42135 concerns the Linux kernel vhost_task handling of SIGKILL. The connected sources confirm a concrete fix: when a SIGKILL is issued, the kernel now (1) marks the worker as killed to prevent new virtqueue usage and new flush operations, (2) fixes the virtqueue-to-worker mapping to stop...
kernel: md/raid5-cache: fix a deadlock in r5l_exit_log()
A deadlock vulnerability was found in the md RAID5 cache r5l subsystem in the Linux kernel. In r5lexitlog, flushwork is called while holding reconfigmutex, which waits for disablewritebackwork to complete. However, r5cdisablewritebackasync calls waitevent which requires conf-log to be NULL, but...
kernel: md/raid5-cache: fix a deadlock in r5l_exit_log()
A deadlock vulnerability was found in the md RAID5 cache r5l subsystem in the Linux kernel. In r5lexitlog, flushwork is called while holding reconfigmutex, which waits for disablewritebackwork to complete. However, r5cdisablewritebackasync calls waitevent which requires conf-log to be NULL, but...
DEBIAN-CVE-2023-52629
In the Linux kernel, the following vulnerability has been resolved: sh: push-switch: Reorder cleanup operations to avoid use-after-free bug The original code puts flushwork before timershutdownsync in switchdrvremove. Although we use flushwork to stop the worker, it could be rescheduled in...
PT-2023-9370 · Linux +4 · Linux Kernel +4
Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 6.5.3 Description: The issue is related to a use-after-free bug in the Linux kernel. This bug occurs because the original code puts flush work before timer shutdown sync in switch drv remove, allowing the worker...
PT-2024-11849 · Linux · Linux Kernel
Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 6.0.8-1-default Description: A crash in the slcan driver occurs due to a freed work crash. The LTP test pty03 causes this crash, resulting in a kernel NULL pointer dereference. The issue arises when the slcan's ...
GSD-2022-1002843 rcu-tasks: Fix race in schedule and flush work
rcu-tasks: Fix race in schedule and flush work This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.18.3 by commit...
PT-2021-8083 · Linux +4 · Linux Kernel +4
Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: The issue is related to the incorrect initialization of dev-work after calling input register device in the appletouch component of the Linux kernel. This may cause a warning in flush...