19 matches found
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerabilities have been resolved: octeontx2-pf: The use of GFPKERNEL in an atomic context on RT was fixed. The commit 4af1b64f80fb “octeontx2-pf: Fixed the lmtst ID used in aurafree” uses get/putcpu to protect the usage of the percpu pointer in the -aurafreept...
CVE-2022-50699
The CVE-2022-50699 issue affects the Linux kernel SELinux path convert_context(), where GFP_KERNEL allocations inside a critical section could sleep in atomic context, leading to a BUG in __might_sleep and potentially destabilizing the running process. The root cause is a misuse of GFP flags acro...
EUVD-2023-59691
Malicious code in bioql PyPI...
EUVD-2023-59690
Malicious code in bioql PyPI...
CVE-2023-53030
In the Linux kernel, the following vulnerability has been resolved: octeontx2-pf: Avoid use of GFPKERNEL in atomic context Using GFPKERNEL in preemption disable context, causing below warning when CONFIGDEBUGATOMICSLEEP is enabled. 32.542271 BUG: sleeping function called from invalid context at...
CVE-2023-53029
In the Linux kernel, the following vulnerability has been resolved: octeontx2-pf: Fix the use of GFPKERNEL in atomic context on rt The commit 4af1b64f80fb "octeontx2-pf: Fix lmtst ID used in aura free" uses the get/putcpu to protect the usage of percpu pointer in -aurafreeptr callback, but it als...
CVE-2023-53029 octeontx2-pf: Fix the use of GFP_KERNEL in atomic context on rt
In the Linux kernel, the following vulnerability has been resolved: octeontx2-pf: Fix the use of GFPKERNEL in atomic context on rt The commit 4af1b64f80fb "octeontx2-pf: Fix lmtst ID used in aura free" uses the get/putcpu to protect the usage of percpu pointer in -aurafreeptr callback, but it als...
CVE-2023-53030 octeontx2-pf: Avoid use of GFP_KERNEL in atomic context
In the Linux kernel, the following vulnerability has been resolved: octeontx2-pf: Avoid use of GFPKERNEL in atomic context Using GFPKERNEL in preemption disable context, causing below warning when CONFIGDEBUGATOMICSLEEP is enabled. 32.542271 BUG: sleeping function called from invalid context at...
CVE-2023-53030
CVE-2023-53030 affects the Linux kernel in octeontx2-pf where GFP_KERNEL was used in a context with preemption disabled, triggering a warning (CONFIG_DEBUG_ATOMIC_SLEEP) and potential sleeping in atomic context. The issue is resolved by avoiding GFP_KERNEL in atomic contexts and disabling preempt...
CVE-2023-53029
In the Linux kernel, the following vulnerability has been resolved: octeontx2-pf: Fix the use of GFPKERNEL in atomic context on rt The commit 4af1b64f80fb "octeontx2-pf: Fix lmtst ID used in aura free" uses the get/putcpu to protect the usage of percpu pointer in -aurafreeptr callback, but it als...
CVE-2023-53030 octeontx2-pf: Avoid use of GFP_KERNEL in atomic context
In the Linux kernel, the following vulnerability has been resolved: octeontx2-pf: Avoid use of GFPKERNEL in atomic context Using GFPKERNEL in preemption disable context, causing below warning when CONFIGDEBUGATOMICSLEEP is enabled. 32.542271 BUG: sleeping function called from invalid context at...
CVE-2025-21759 ipv6: mcast: extend RCU protection in igmp6_send()
In the Linux kernel, the following vulnerability has been resolved: ipv6: mcast: extend RCU protection in igmp6send igmp6send can be called without RTNL or RCU being held. Extend RCU protection so that we can safely fetch the net pointer and avoid a potential UAF. Note that we no longer can use...
CVE-2024-50065
Technical details for CVE-2024-50065 are not provided in the connected documents. Monitor for updates.
CVE-2024-42235
In the Linux kernel, the following vulnerability has been resolved: s390/mm: Add NULL pointer check to crsttablefree basecrstfree crsttablefree used to work with NULL pointers before the conversion to ptdescs. Since crsttablefree can be called with a NULL pointer error handling in crsttableupgrad...
CVE-2024-42235
In the Linux kernel, the following vulnerability has been resolved: s390/mm: Add NULL pointer check to crsttablefree basecrstfree crsttablefree used to work with NULL pointers before the conversion to ptdescs. Since crsttablefree can be called with a NULL pointer error handling in crsttableupgrad...
CVE-2024-42235 s390/mm: Add NULL pointer check to crst_table_free() base_crst_free()
In the Linux kernel, the following vulnerability has been resolved: s390/mm: Add NULL pointer check to crsttablefree basecrstfree crsttablefree used to work with NULL pointers before the conversion to ptdescs. Since crsttablefree can be called with a NULL pointer error handling in crsttableupgrad...
CVE-2021-47582
In the Linux kernel, the following vulnerability has been resolved: USB: core: Make doproccontrol and doprocbulk killable The USBDEVFSCONTROL and USBDEVFSBULK ioctls invoke usbstartwaiturb, which contains an uninterruptible wait with a user-specified timeout value. If timeout value is very large...
CVE-2021-47582
CVE-2021-47582 affects the Linux kernel USB core (USBDEVFS_CONTROL/USBDEVFS_BULK) where usb_start_wait_urb() can wait uninterruptibly for a very large timeout. The fix changes do_proc_control() and do_proc_bulk() to use a killable wait and GFP_KERNEL instead of GFP_NOIO. Connected advisories (Mir...
GSD-2023-1001659 octeontx2-pf: Fix the use of GFP_KERNEL in atomic context on rt
octeontx2-pf: Fix the use of GFPKERNEL in atomic context on rt This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v6.1.8 by commit...