200 matches found
CVE-2024-46783 tcp_bpf: fix return value of tcp_bpf_sendmsg()
In the Linux kernel, the following vulnerability has been resolved: tcpbpf: fix return value of tcpbpfsendmsg When we cork messages in psock-cork, the last message triggers the flushing will result in sending a skmsg larger than the current message size. In this case, in tcpbpfsendverdict, 'copie...
PT-2024-32131 · Linux · Linux Kernel
Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A data race issue has been resolved in the Linux kernel's workqueue. The issue occurred when flushing a work item for cancellation, and the flush work function knew it exclusively owne...
CVE-2024-43802
A flaw was found in Vim. This issue may allow a heap-buffer overflow via improper management of the typeahead buffer, leading to crashes when error messages occur in combination with several long mappings. Mitigation Mitigation for this issue is either not available or the currently available...
PT-2024-30742 · Linux +1 · Linux Kernel +1
Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: The issue is related to a double inode unlock for direct IO sync writes in the btrfs file system. When a direct IO sync write is performed at btrfs sync file, and inode logging needs t...
CVE-2022-48920
In the Linux kernel, the following vulnerability has been resolved: btrfs: get rid of warning on transaction commit when using flushoncommit When using the flushoncommit mount option, during almost every transaction commit we trigger a warning from writebackinodessbnr: $ cat fs/fs-writeback.c:...
SUSE CVE-2024-41033
In the Linux kernel, the following vulnerability has been resolved: cachestat: do not flush stats in recency check syzbot detects that cachestat is flushing stats, which can sleep, in its RCU read section see 1. This is done in the workingsettestrecent step which checks if the folio's eviction is...
CVE-2024-41033
In the Linux kernel, the following vulnerability has been resolved: cachestat: do not flush stats in recency check syzbot detects that cachestat is flushing stats, which can sleep, in its RCU read section see 1. This is done in the workingsettestrecent step which checks if the folio's eviction is...
CVE-2024-42109
In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: unconditionally flush pending work before notifier syzbot reports: KASAN: slab-uaf in nftctxupdate include/net/netfilter/nftables.h:1831 KASAN: slab-uaf in nftcommitrelease net/netfilter/nftablesapi.c:9530...
CVE-2024-42135
In the Linux kernel, the following vulnerability has been resolved: vhosttask: Handle SIGKILL by flushing work and exiting Instead of lingering until the device is closed, this has us handle SIGKILL by: 1. marking the worker as killed so we no longer try to use it with new virtqueues and new flus...
CVE-2024-42135
In the Linux kernel, the following vulnerability has been resolved: vhosttask: Handle SIGKILL by flushing work and exiting Instead of lingering until the device is closed, this has us handle SIGKILL by: 1. marking the worker as killed so we no longer try to use it with new virtqueues and new flus...
DEBIAN-CVE-2024-41033
In the Linux kernel, the following vulnerability has been resolved: cachestat: do not flush stats in recency check syzbot detects that cachestat is flushing stats, which can sleep, in its RCU read section see 1. This is done in the workingsettestrecent step which checks if the folio's eviction is...
UBUNTU-CVE-2024-41033
In the Linux kernel, the following vulnerability has been resolved: cachestat: do not flush stats in recency check syzbot detects that cachestat is flushing stats, which can sleep, in its RCU read section see 1. This is done in the workingsettestrecent step which checks if the folio's eviction is...
SUSE CVE-2024-40900
In the Linux kernel, the following vulnerability has been resolved: cachefiles: remove requests from xarray during flushing requests Even with CACHEFILESDEAD set, we can still read the requests, so in the following concurrency the request may be used after it has been freed: mount | daemonthread1...
CVE-2024-40918
In the Linux kernel, the following vulnerability has been resolved: parisc: Try to fix random segmentation faults in package builds PA-RISC systems with PA8800 and PA8900 processors have had problems with random segmentation faults for many years. Systems with earlier processors are much more...
DEBIAN-CVE-2024-40900
In the Linux kernel, the following vulnerability has been resolved: cachefiles: remove requests from xarray during flushing requests Even with CACHEFILESDEAD set, we can still read the requests, so in the following concurrency the request may be used after it has been freed: mount | daemonthread1...
UBUNTU-CVE-2024-40900
In the Linux kernel, the following vulnerability has been resolved: cachefiles: remove requests from xarray during flushing requests Even with CACHEFILESDEAD set, we can still read the requests, so in the following concurrency the request may be used after it has been freed: mount | daemonthread1...
CVE-2024-40918 parisc: Try to fix random segmentation faults in package builds
In the Linux kernel, the following vulnerability has been resolved: parisc: Try to fix random segmentation faults in package builds PA-RISC systems with PA8800 and PA8900 processors have had problems with random segmentation faults for many years. Systems with earlier processors are much more...
CVE-2024-40900 cachefiles: remove requests from xarray during flushing requests
In the Linux kernel, the following vulnerability has been resolved: cachefiles: remove requests from xarray during flushing requests Even with CACHEFILESDEAD set, we can still read the requests, so in the following concurrency the request may be used after it has been freed: mount | daemonthread1...
Astra Linux – Vulnerability in Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: arm64/sme: Always exit smealloc early when there is existing storage. When smealloc is called with existing storage and we do not flush it, we will always allocate new storage, resulting in the loss of the existing storage and...
ROS-20240625-04
A vulnerability in the e1000e component of the QEMU server is related to DMA re-entry. Exploitation of the vulnerability could allow an attacker to cause a denial of service A vulnerability in the registervfs function hw/pci/pciesriov.c of the QEMU hardware emulator is related to a buffer overflo...