79 matches found
SUSE-SU-2024:3375-1 Security update for the Linux Kernel (Live Patch 25 for SLE 15 SP4)
This update for the Linux Kernel 5.14.21-15040024116 fixes several issues. The following security issues were fixed: - CVE-2023-52846: Prevent use after free in prpcreatetaggedframe bsc1225099. - CVE-2022-48662: Fixed a general protection fault GPF in i915perfopenioctl bsc1223521. - CVE-2024-3581...
SUSE-SU-2024:3368-1 Security update for the Linux Kernel (Live Patch 24 for SLE 15 SP4)
This update for the Linux Kernel 5.14.21-15040024111 fixes several issues. The following security issues were fixed: - CVE-2023-52846: Prevent use after free in prpcreatetaggedframe bsc1225099. - CVE-2022-48662: Fixed a general protection fault GPF in i915perfopenioctl bsc1223521. - CVE-2024-3581...
CVE-2022-48921
In the Linux kernel, the following vulnerability has been resolved: sched/fair: Fix fault in reweightentity Syzbot found a GPF in reweightentity. This has been bisected to commit 4ef0c5c6b5ba "kernel/sched: Fix schedfork access an invalid schedtaskgroup" There is a race between schedpostfork and...
CVE-2022-48921
Summary of CVE-2022-48921 : In the Linux kernel, a race between sched_post_fork() and setpriority(PRIO_PGRP) for a thread group can trigger a NULL pointer dereference in reweight_entity() (part of CFS). The scenario: a main process spawns multiple new threads that then call setpriority, while sch...
CVE-2023-52752
In the Linux kernel, the following vulnerability has been resolved: smb: client: fix use-after-free bug in cifsdebugdataprocshow Skip SMB sessions that are being teared down e.g. @ses-sesstatus == SESEXITING in cifsdebugdataprocshow to avoid use-after-free in @ses. This fixes the following GPF wh...
CVE-2021-47340
A vulnerability was found in the Linux kernel's JFS, where the diFree function could access an invalid pointer. This occurs if a certain inode structure has a null pointer, potentially leading to system crashes or unexpected behavior when the kernel tries to manage file system metadata. Mitigatio...
CVE-2021-47482 net: batman-adv: fix error handling
In the Linux kernel, the following vulnerability has been resolved: net: batman-adv: fix error handling Syzbot reported ODEBUG warning in batadvncmeshfree. The problem was in wrong error handling in batadvmeshinit. Before this patch batadvmeshinit was calling batadvmeshfree in case of any...
CVE-2023-52752
In the Linux kernel, the following vulnerability has been resolved: smb: client: fix use-after-free bug in cifsdebugdataprocshow Skip SMB sessions that are being teared down e.g. @ses-sesstatus == SESEXITING in cifsdebugdataprocshow to avoid use-after-free in @ses. This fixes the following GPF wh...
CVE-2023-52752 smb: client: fix use-after-free bug in cifs_debug_data_proc_show()
In the Linux kernel, the following vulnerability has been resolved: smb: client: fix use-after-free bug in cifsdebugdataprocshow Skip SMB sessions that are being teared down e.g. @ses-sesstatus == SESEXITING in cifsdebugdataprocshow to avoid use-after-free in @ses. This fixes the following GPF wh...
CVE-2023-52752
CVE-2023-52752 (Linux kernel) is backed by concrete fix details in connected docs: a use-after-free in the SMB/CIFS client code path (cifs_debug_data_proc_show) when reading /proc/fs/cifs/DebugData during mount/umount. The fix adds a check to skip SMB sessions that are tearing down (ses_status ==...
CVE-2021-47340
In the Linux kernel, the following vulnerability has been resolved: jfs: fix GPF in diFree Avoid passing inode with JFSSBIinode-isb-ipimap == NULL to diFree1. GFP will appear: struct inode ipimap = JFSSBIip-isb-ipimap; struct inomap imap = JFSIPipimap-iimap; JFSIP will return invalid pointer when...
CVE-2021-47340
In the Linux kernel, the following vulnerability has been resolved: jfs: fix GPF in diFree Avoid passing inode with JFSSBIinode-isb-ipimap == NULL to diFree1. GFP will appear: struct inode ipimap = JFSSBIip-isb-ipimap; struct inomap imap = JFSIPipimap-iimap; JFSIP will return invalid pointer when...
CVE-2021-47340
In the Linux kernel, the following vulnerability has been resolved: jfs: fix GPF in diFree Avoid passing inode with JFSSBIinode-isb-ipimap == NULL to diFree1. GFP will appear: struct inode ipimap = JFSSBIip-isb-ipimap; struct inomap imap = JFSIPipimap-iimap; JFSIP will return invalid pointer when...
CVE-2021-47340
CVE-2021-47340 is a Linux kernel vulnerability in the JFS subsystem. The issue arises when diFree() processes an inode without a valid ipimap, causing a NULL dereference via JFS_IP(ipimap) and leading to a GFP-related fault. The fix prevents passing an inode with IPIMAP == NULL to diFree, avoidin...
CVE-2021-47340 jfs: fix GPF in diFree
In the Linux kernel, the following vulnerability has been resolved: jfs: fix GPF in diFree Avoid passing inode with JFSSBIinode-isb-ipimap == NULL to diFree1. GFP will appear: struct inode ipimap = JFSSBIip-isb-ipimap; struct inomap imap = JFSIPipimap-iimap; JFSIP will return invalid pointer when...
CVE-2021-47340 jfs: fix GPF in diFree
In the Linux kernel, the following vulnerability has been resolved: jfs: fix GPF in diFree Avoid passing inode with JFSSBIinode-isb-ipimap == NULL to diFree1. GFP will appear: struct inode ipimap = JFSSBIip-isb-ipimap; struct inomap imap = JFSIPipimap-iimap; JFSIP will return invalid pointer when...
CVE-2021-47340
In the Linux kernel, the following vulnerability has been resolved: jfs: fix GPF in diFree Avoid passing inode with JFSSBIinode-isb-ipimap == NULL to diFree1. GFP will appear: struct inode ipimap = JFSSBIip-isb-ipimap; struct inomap imap = JFSIPipimap-iimap; JFSIP will return invalid pointer when...
CVE-2022-48662
In the Linux kernel, the following vulnerability has been resolved: drm/i915/gem: Really move i915gemcontext.link under ref protection i915perf assumes that it can use the i915gemcontext reference to protect its i915-gem.contexts.list iteration. However, this requires that we do not remove the...
CVE-2022-48662
In the Linux kernel, the following vulnerability has been resolved: drm/i915/gem: Really move i915gemcontext.link under ref protection i915perf assumes that it can use the i915gemcontext reference to protect its i915-gem.contexts.list iteration. However, this requires that we do not remove the...
CVE-2022-48662
In the Linux kernel, the following vulnerability has been resolved: drm/i915/gem: Really move i915gemcontext.link under ref protection i915perf assumes that it can use the i915gemcontext reference to protect its i915-gem.contexts.list iteration. However, this requires that we do not remove the...