ROS-20260113-7377

A vulnerability in the flushwork function of the dm - cache component drivers/md/dm-cache-target.c of the Linux kernel is related to memory usage after it is freed. Exploitation of the vulnerability could allow an attacker to cause a denial of service...

CVE-2024-50280

CVE-2024-50280 : In the Linux kernel, the dm cache feature was fixed to avoid warning in flush_work() when cache creation fails due to destroying an uninitialized delayed_work waker. Root cause: cancel_delayed_work_sync() remained in the error path of cache_create(), risking a WARN_ON in certain ...

CVE-2024-50280 dm cache: fix flushing uninitialized delayed_work on cache_ctr error

In the Linux kernel, the following vulnerability has been resolved: dm cache: fix flushing uninitialized delayedwork on cachectr error An unexpected WARNON from flushwork may occur when cache creation fails, caused by destroying the uninitialized delayedwork waker in the error path of cachecreate...

CVE-2024-50025

In the Linux kernel, the following vulnerability has been resolved: scsi: fnic: Move flushwork initialization out of if block After commit 379a58caa199 "scsi: fnic: Move fnicfnicflushtx to a work queue", it can happen that a work item is sent to an uninitialized work queue. This may has the effec...

CVE-2024-50025 scsi: fnic: Move flush_work initialization out of if block

In the Linux kernel, the following vulnerability has been resolved: scsi: fnic: Move flushwork initialization out of if block After commit 379a58caa199 "scsi: fnic: Move fnicfnicflushtx to a work queue", it can happen that a work item is sent to an uninitialized work queue. This may has the effec...

CVE-2024-50025

CVE-2024-50025 affects the Linux kernel, specifically the scsi fnic driver. Root cause: in a patch, flush_work initialization was moved into a conditional block, risking dispatching a work item on an uninitialized work queue. Impact: this could cause the queued work to not be processed, which may...

SUSE CVE-2024-46704

In the Linux kernel, the following vulnerability has been resolved: workqueue: Fix spruious data race in flushwork When flushing a work item for cancellation, flushwork knows that it exclusively owns the work item through its PENDING bit. 134874e2eee9 "workqueue: Allow cancelworksync and...

DEBIAN-CVE-2024-46704

In the Linux kernel, the following vulnerability has been resolved: workqueue: Fix spruious data race in flushwork When flushing a work item for cancellation, flushwork knows that it exclusively owns the work item through its PENDING bit. 134874e2eee9 "workqueue: Allow cancelworksync and...

CVE-2024-46704

In the Linux kernel, the following vulnerability has been resolved: workqueue: Fix spruious data race in flushwork When flushing a work item for cancellation, flushwork knows that it exclusively owns the work item through its PENDING bit. 134874e2eee9 "workqueue: Allow cancelworksync and...

CVE-2024-44934

CVE-2024-44934 — Linux kernel net: bridge: mcast: wait for previous gc cycles when removing port . Syzkaller triggered a use-after-free during port removal because old multicast garbage collection cycles may still be running when a port is freed. The fix is to ensure all prior garbage-collection ...

CVE-2023-52629

CVE-2023-52629 – Linux kernel use-after-free fixed Root cause: in switch_drv_remove(), the worker (flush_work) could be rescheduled by switch_timer, causing a use-after-free when the code frees psw after timer or worker cleanup. Consequence: a potentially exploitable use-after-free condition with...