EUVD-2024-53202

Malicious code in bioql PyPI...

Linux Distros Unpatched Vulnerability : CVE-2024-56554

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: binder: fix freeze UAF in binderreleasework When a binder reference is cleaned up, any freez...

SUSE CVE-2024-56554

In the Linux kernel, the following vulnerability has been resolved: binder: fix freeze UAF in binderreleasework When a binder reference is cleaned up, any freeze work queued in the associated process should also be removed. Otherwise, the reference is freed while its ref-freeze.work is still queu...

SUSE CVE-2024-56556

In the Linux kernel, the following vulnerability has been resolved: binder: fix node UAF in binderaddfreezework In binderaddfreezework we iterate over the proc-nodes with the proc-innerlock held. However, this lock is temporarily dropped in order to acquire the node-lock first lock nesting order...

DEBIAN-CVE-2024-56554

In the Linux kernel, the following vulnerability has been resolved: binder: fix freeze UAF in binderreleasework When a binder reference is cleaned up, any freeze work queued in the associated process should also be removed. Otherwise, the reference is freed while its ref-freeze.work is still queu...

DEBIAN-CVE-2024-56555

In the Linux kernel, the following vulnerability has been resolved: binder: fix OOB in binderaddfreezework In binderaddfreezework we iterate over the proc-nodes with the proc-innerlock held. However, this lock is temporarily dropped to acquire the node-lock first lock nesting order. This can race...

CVE-2024-56554

In the Linux kernel, the following vulnerability has been resolved: binder: fix freeze UAF in binderreleasework When a binder reference is cleaned up, any freeze work queued in the associated process should also be removed. Otherwise, the reference is freed while its ref-freeze.work is still queu...

UBUNTU-CVE-2024-56555

In the Linux kernel, the following vulnerability has been resolved: binder: fix OOB in binderaddfreezework In binderaddfreezework we iterate over the proc-nodes with the proc-innerlock held. However, this lock is temporarily dropped to acquire the node-lock first lock nesting order. This can race...

UBUNTU-CVE-2024-56554

In the Linux kernel, the following vulnerability has been resolved: binder: fix freeze UAF in binderreleasework When a binder reference is cleaned up, any freeze work queued in the associated process should also be removed. Otherwise, the reference is freed while its ref-freeze.work is still queu...

UBUNTU-CVE-2024-56556

In the Linux kernel, the following vulnerability has been resolved: binder: fix node UAF in binderaddfreezework In binderaddfreezework we iterate over the proc-nodes with the proc-innerlock held. However, this lock is temporarily dropped in order to acquire the node-lock first lock nesting order...

CVE-2024-56556 binder: fix node UAF in binder_add_freeze_work()

In the Linux kernel, the following vulnerability has been resolved: binder: fix node UAF in binderaddfreezework In binderaddfreezework we iterate over the proc-nodes with the proc-innerlock held. However, this lock is temporarily dropped in order to acquire the node-lock first lock nesting order...

CVE-2024-56554 binder: fix freeze UAF in binder_release_work()

In the Linux kernel, the following vulnerability has been resolved: binder: fix freeze UAF in binderreleasework When a binder reference is cleaned up, any freeze work queued in the associated process should also be removed. Otherwise, the reference is freed while its ref-freeze.work is still queu...

CVE-2024-56554

CVE-2024-56554: Linux kernel binder use-after-free due to freeze work left queued when cleaning up a binder reference. The issue occurs when a reference is freed while ref->freeze.work remains queued in the process workqueue, triggering KASAN slab-use-after-free in binder_release_work. A patch...

CVE-2024-56554 binder: fix freeze UAF in binder_release_work()

In the Linux kernel, the following vulnerability has been resolved: binder: fix freeze UAF in binderreleasework When a binder reference is cleaned up, any freeze work queued in the associated process should also be removed. Otherwise, the reference is freed while its ref-freeze.work is still queu...

PT-2024-36859 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 6.11.0-07343-ga727812a8d45 Description: The issue arises from a race condition in the binder add freeze work function, where the iteration over proc-nodes can be disrupted by binder deferred release, leading to ...

PT-2024-36858 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 6.11.0-rc7-00382-gfc6c92196396 Description: A use-after-free issue was discovered in the Linux kernel, specifically in the binder component. This issue occurs when a binder reference is cleaned up, but the...