35 matches found
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: iommufd: Fixed a race condition during abort for file descriptors The fput function does not call the fileoperations::release function synchronously. Instead, it places the file in a work queue, and it will eventually be released...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: net/handshake: Fix handshakereqdestroytest1 Recently, the handshakereqdestroytest1 test started failing: The expected value of handshakereqdestroytest should be req, but the actual value is 0000000000000000. The correct value...
SUSE CVE-2026-31654
In the Linux kernel, the following vulnerability has been resolved: mm/vma: fix memory leak in mmapregion commit 605f6586ecf7 "mm/vma: do not leak memory when .mmapprepare swaps the file" handled the success path by skipping getfile via filedoesntneedget, but missed the error path. When /dev/zero...
EUVD-2025-34606
In the Linux kernel, the following vulnerability has been resolved: iommufd: Fix race during abort for file descriptors fput doesn't actually call fileoperations release synchronously, it puts the file on a work queue and it will be released eventually. This is normally fine, except for iommufd t...
CVE-2025-39966
CVE-2025-39966 (Linux kernel, iommufd) : A race during abort for file descriptors could cause a use-after-free when the object is freed while a file’s private_data references it. The bug arises because fput() defers release() to a workqueue; ifAbort allocation fails before installing the file, th...
Linux Distros Unpatched Vulnerability : CVE-2024-26831
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: net/handshake: Fix handshakereqdestroytest1 Recently, handshakereqdestroytest1 started...
SUSE CVE-2023-2236
A use-after-free vulnerability in the Linux Kernel iouring subsystem can be exploited to achieve local privilege escalation. Both ioinstallfixedfile and its callers call fput in a file in case of an error, causing a reference underflow which leads to a use-after-free vulnerability. We recommend...
CVE-2024-56624
In the Linux kernel, the following vulnerability has been resolved: iommufd: Fix outfput in iommufdfaultalloc As fput calls the file-fop-release op, where fault obj and ictx are getting released, there is no need to release these two after fput one more time, which would result in imbalanced...
DEBIAN-CVE-2024-56624
In the Linux kernel, the following vulnerability has been resolved: iommufd: Fix outfput in iommufdfaultalloc As fput calls the file-fop-release op, where fault obj and ictx are getting released, there is no need to release these two after fput one more time, which would result in imbalanced...
CVE-2022-49018 mptcp: fix sleep in atomic at close time
In the Linux kernel, the following vulnerability has been resolved: mptcp: fix sleep in atomic at close time Matt reported a splat at msk close time: BUG: sleeping function called from invalid context at net/mptcp/protocol.c:2877 inatomic: 1, irqsdisabled: 0, nonblock: 0, pid: 155, name:...
SUSE CVE-2022-48821
In the Linux kernel, the following vulnerability has been resolved: misc: fastrpc: avoid double fput on failed usercopy If the copy back to userland fails for the FASTRPCIOCTLALLOCDMABUFF ioctl, we shouldn't assume that 'buf-dmabuf' is still valid. In fact, dmabuffd called fdinstall before, i.e...
UBUNTU-CVE-2022-48821
In the Linux kernel, the following vulnerability has been resolved: misc: fastrpc: avoid double fput on failed usercopy If the copy back to userland fails for the FASTRPCIOCTLALLOCDMABUFF ioctl, we shouldn't assume that 'buf-dmabuf' is still valid. In fact, dmabuffd called fdinstall before, i.e...
CVE-2022-48821 misc: fastrpc: avoid double fput() on failed usercopy
In the Linux kernel, the following vulnerability has been resolved: misc: fastrpc: avoid double fput on failed usercopy If the copy back to userland fails for the FASTRPCIOCTLALLOCDMABUFF ioctl, we shouldn't assume that 'buf-dmabuf' is still valid. In fact, dmabuffd called fdinstall before, i.e...
CVE-2023-52707 sched/psi: Fix use-after-free in ep_remove_wait_queue()
In the Linux kernel, the following vulnerability has been resolved: sched/psi: Fix use-after-free in epremovewaitqueue If a non-root cgroup gets removed when there is a thread that registered trigger and is polling on a pressure file within the cgroup, the polling waitqueue gets freed in the...
CVE-2024-26831
CVE-2024-26831 : Linux kernel vulnerability affecting the handshake path in net/handshake, where the test handshake_req_destroy_test1 failed due to replacing sock_release(sock) with fput(filp). This change delayed final close/cleanup, risking that hp_destroy might not be invoked before the test c...
CVE-2024-26831 net/handshake: Fix handshake_req_destroy_test1
In the Linux kernel, the following vulnerability has been resolved: net/handshake: Fix handshakereqdestroytest1 Recently, handshakereqdestroytest1 started failing: Expected handshakereqdestroytest == req, but handshakereqdestroytest == 0000000000000000 req == 0000000060f99b40 not ok 11 reqdestroy...
SUSE CVE-2008-5029
The scmdestroy function in net/core/scm.c in the Linux kernel 2.6.27.4, 2.6.26, and earlier makes indirect recursive calls to itself through calls to the fput function, which allows local users to cause a denial of service panic via vectors related to sending an SCMRIGHTS message through a UNIX...
PT-2022-7350 · Linux +2 · Linux Kernel +2
Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to 6.0 Description: The issue is related to an improper update of reference count in io uring, leading to Use-After-Free and Local Privilege Escalation. When io msg ring is invoked with a fixed file, it calls io fp...
GSD-2022-1000424 misc: fastrpc: avoid double fput() on failed usercopy
misc: fastrpc: avoid double fput on failed usercopy This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.15.24 by commit...
GSD-2022-1000364 misc: fastrpc: avoid double fput() on failed usercopy
misc: fastrpc: avoid double fput on failed usercopy This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.10.101 by commit...