47 matches found
CVE-2023-53446 PCI/ASPM: Disable ASPM on MFD function removal to avoid use-after-free
In the Linux kernel, the following vulnerability has been resolved: PCI/ASPM: Disable ASPM on MFD function removal to avoid use-after-free Struct pcielinkstate-downstream is a pointer to the pcidev of function 0. Previously we retained that pointer when removing function 0, and subsequent ASPM...
CVE-2023-53446
CVE-2023-53446 is a Linux kernel issue affecting PCI/ASPM handling for multi-function devices (MFD). The root cause is a use-after-free: pcie_link_state->downstream pointed to the function’s pci_dev and was not cleared when function 0 was removed, leading to dereference during ASPM policy chan...
CVE-2023-53446 PCI/ASPM: Disable ASPM on MFD function removal to avoid use-after-free
In the Linux kernel, the following vulnerability has been resolved: PCI/ASPM: Disable ASPM on MFD function removal to avoid use-after-free Struct pcielinkstate-downstream is a pointer to the pcidev of function 0. Previously we retained that pointer when removing function 0, and subsequent ASPM...
PCI/ASPM: Fix link state exit during switch upstream function removal
...
PT-2025-49033
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel had a synchronization issue related to SR-IOV Single Root I/O Virtualization enabling and disabling. Specifically, the sriov disable function lacked proper locking...
Linux Distros Unpatched Vulnerability : CVE-2025-21883
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: ice: Fix deinitializing VF in error path If iceenavfs fails after calling icecreatevfentries...
DEBIAN-CVE-2022-50053
In the Linux kernel, the following vulnerability has been resolved: iavf: Fix reset error handling Do not call iavfclose in iavfresettask error handling. Doing so can lead to double call of napidisable, which can lead to deadlock there. Removing VF would lead to iavfremove task being stuck, becau...
UBUNTU-CVE-2022-50053
In the Linux kernel, the following vulnerability has been resolved: iavf: Fix reset error handling Do not call iavfclose in iavfresettask error handling. Doing so can lead to double call of napidisable, which can lead to deadlock there. Removing VF would lead to iavfremove task being stuck, becau...
OESA-2025-1464 kernel security update
The Linux Kernel, the operating system core itself. Security Fixes: In the Linux kernel, the following vulnerability has been resolved: PCI/ASPM: Fix link state exit during switch upstream function removal Before 456d8aa37d0f "PCI/ASPM: Disable ASPM on MFD function removal to avoid use-after-free...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from the iavf driver not handling VF removal correctly during reboot, which could cause the system to hang...
SUSE CVE-2024-58093
In the Linux kernel, the following vulnerability has been resolved: PCI/ASPM: Fix link state exit during switch upstream function removal Before 456d8aa37d0f "PCI/ASPM: Disable ASPM on MFD function removal to avoid use-after-free", we would free the ASPM link only after the last function on the b...
CVE-2024-58093
In the Linux kernel, the following vulnerability has been resolved: PCI/ASPM: Fix link state exit during switch upstream function removal Before 456d8aa37d0f "PCI/ASPM: Disable ASPM on MFD function removal to avoid use-after-free", we would free the ASPM link only after the last function on the b...
UBUNTU-CVE-2024-58093
In the Linux kernel, the following vulnerability has been resolved: PCI/ASPM: Fix link state exit during switch upstream function removal Before 456d8aa37d0f "PCI/ASPM: Disable ASPM on MFD function removal to avoid use-after-free", we would free the ASPM link only after the last function on the b...
CVE-2024-58093 PCI/ASPM: Fix link state exit during switch upstream function removal
In the Linux kernel, the following vulnerability has been resolved: PCI/ASPM: Fix link state exit during switch upstream function removal Before 456d8aa37d0f "PCI/ASPM: Disable ASPM on MFD function removal to avoid use-after-free", we would free the ASPM link only after the last function on the b...
CVE-2024-58093
CVE-2024-58093 affects the Linux kernel’s PCI/ASPM link state handling. The issue arises when removing functions on a bus with a PCIe switch/MFD: freeing the ASPM link state either too late (function 0 removed last) or too early (before all subordinate links are gone), leading to use-after-free o...
CVE-2024-58093
In the Linux kernel, the following vulnerability has been resolved: PCI/ASPM: Fix link state exit during switch upstream function removal Before 456d8aa37d0f "PCI/ASPM: Disable ASPM on MFD function removal to avoid use-after-free", we would free the ASPM link only after the last function on the b...
CVE-2024-58093 PCI/ASPM: Fix link state exit during switch upstream function removal
In the Linux kernel, the following vulnerability has been resolved: PCI/ASPM: Fix link state exit during switch upstream function removal Before 456d8aa37d0f "PCI/ASPM: Disable ASPM on MFD function removal to avoid use-after-free", we would free the ASPM link only after the last function on the b...
SUSE CVE-2025-21883
In the Linux kernel, the following vulnerability has been resolved: ice: Fix deinitializing VF in error path If iceenavfs fails after calling icecreatevfentries, it frees all VFs without removing them from snapshot PF-VF mailbox list, leading to list corruption. Reproducer: devlink dev eswitch se...
DEBIAN-CVE-2025-21883
In the Linux kernel, the following vulnerability has been resolved: ice: Fix deinitializing VF in error path If iceenavfs fails after calling icecreatevfentries, it frees all VFs without removing them from snapshot PF-VF mailbox list, leading to list corruption. Reproducer: devlink dev eswitch se...
CVE-2024-58072
CVE-2024-58072 corresponds to a Linux kernel issue in the rtlwifi subsystem. The fix removes an unused private-data hook (check_buddy_priv) and related data structures that were added to a global private data list. The description states the list and lock were unused and could lead to access of f...