CVE-2025-39721 crypto: qat - flush misc workqueue during device shutdown

In the Linux kernel, the following vulnerability has been resolved: crypto: qat - flush misc workqueue during device shutdown Repeated loading and unloading of a device specific QAT driver, for example qat4xxx, in a tight loop can lead to a crash due to a use-after-free scenario. This occurs when...

Security update for the Linux Kernel

The SUSE Linux Enterprise 12 SP5 kernel was updated to receive various security bugfixes. The following security bugs were fixed: CVE-2021-46925: Fixed kernel panic caused by race of smcsock bsc1220466. CVE-2021-47645: media: staging: media: zoran: calculate the right buffer number for...

DEBIAN-CVE-2022-49059

In the Linux kernel, the following vulnerability has been resolved: nfc: nci: add flushworkqueue to prevent uaf Our detector found a concurrent use-after-free bug when detaching an NCI device. The main reason for this bug is the unexpected scheduling between the used delayed mechanism timer and...

CVE-2022-49059 nfc: nci: add flush_workqueue to prevent uaf

In the Linux kernel, the following vulnerability has been resolved: nfc: nci: add flushworkqueue to prevent uaf Our detector found a concurrent use-after-free bug when detaching an NCI device. The main reason for this bug is the unexpected scheduling between the used delayed mechanism timer and...

CVE-2024-56780

In the Linux kernel, the following vulnerability has been resolved: quota: flush quotareleasework upon quota writeback One of the paths quota writeback is called from is: freezesuper syncfilesystem ext4syncfs dquotwritebackdquots Since we currently don't always flush the quotareleasework queue in...

CVE-2024-56780 quota: flush quota_release_work upon quota writeback

In the Linux kernel, the following vulnerability has been resolved: quota: flush quotareleasework upon quota writeback One of the paths quota writeback is called from is: freezesuper syncfilesystem ext4syncfs dquotwritebackdquots Since we currently don't always flush the quotareleasework queue in...

AZL-50949 CVE-2024-47696 affecting package kernel for versions less than 6.6.56.1-5

In the Linux kernel, the following vulnerability has been resolved: RDMA/iwcm: Fix WARNING:atkernel/workqueue.c:checkflushdependency In the commit aee2424246f9 "RDMA/iwcm: Fix a use-after-free related to destroying CM IDs", the function flushworkqueue is invoked to flush the work queue iwcmwq. Bu...

Linux kernel 资源管理错误漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a dependency checking issue in the RDMA/iwcm component during a flushworkqueue call...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that stems from a deadlock issue in the flushworkqueuesystemlongwq call...

kernel: ACPI: EC: Fix oops when removing custom query handlers

A flaw was found in the Linux kernel's ACPI Embedded Controller EC subsystem. When removing custom query handlers, a kernel oops can occur if the handler is still being executed in the EC query workqueue while the module containing the callback function is being unloaded. The fix ensures the...

SUSE CVE-2022-48658

In the Linux kernel, the following vulnerability has been resolved: mm: slub: fix flushcpuslab/freeslab invocations in task context. Commit 5a836bf6b09f "mm: slub: move flushcpuslab invocations freeslab invocations out of IRQ context" moved all flushcpuslab invocations to the global workqueue to...

UBUNTU-CVE-2024-26846

In the Linux kernel, the following vulnerability has been resolved: nvme-fc: do not wait in vain when unloading module The module exit path has race between deleting all controllers and freeing 'left over IDs'. To prevent double free a synchronization between nvmedeletectrl and idadestroy has bee...

CVE-2024-26846 nvme-fc: do not wait in vain when unloading module

In the Linux kernel, the following vulnerability has been resolved: nvme-fc: do not wait in vain when unloading module The module exit path has race between deleting all controllers and freeing 'left over IDs'. To prevent double free a synchronization between nvmedeletectrl and idadestroy has bee...

SUSE CVE-2021-46981

In the Linux kernel, the following vulnerability has been resolved: nbd: Fix NULL pointer in flushworkqueue Open /dev/nbdX first, the configrefs will be 1 and the pointers in nbddevice are still null. Disconnect /dev/nbdX, then reference a null recvworkq. The protection by configrefs in...

DEBIAN-CVE-2021-46981

In the Linux kernel, the following vulnerability has been resolved: nbd: Fix NULL pointer in flushworkqueue Open /dev/nbdX first, the configrefs will be 1 and the pointers in nbddevice are still null. Disconnect /dev/nbdX, then reference a null recvworkq. The protection by configrefs in...

UBUNTU-CVE-2021-46981

In the Linux kernel, the following vulnerability has been resolved: nbd: Fix NULL pointer in flushworkqueue Open /dev/nbdX first, the configrefs will be 1 and the pointers in nbddevice are still null. Disconnect /dev/nbdX, then reference a null recvworkq. The protection by configrefs in...

Null pointer dereference

In the Linux kernel, the following vulnerability has been resolved: nbd: Fix NULL pointer in flushworkqueue Open /dev/nbdX first, the configrefs will be 1 and the pointers in nbddevice are still null. Disconnect /dev/nbdX, then reference a null recvworkq. The protection by configrefs in...

GSD-2022-1002465 nfc: nci: add flush_workqueue to prevent uaf

nfc: nci: add flushworkqueue to prevent uaf This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v4.9.311 by commit...