CVE-2023-47233

The brcm80211 component in the Linux kernel through 6.5.10 has a brcmfcfg80211detach use-after-free in the device unplugging disconnect the USB by hotplug code. For physically proximate attackers with local access, this "could be exploited in a real world scenario." This is related to...

CVE-2023-47233

The brcm80211 component in the Linux kernel through 6.5.10 has a brcmfcfg80211detach use-after-free in the device unplugging disconnect the USB by hotplug code. For physically proximate attackers with local access, this "could be exploited in a real world scenario." This is related to...

CVE-2023-47233

The brcm80211 component in the Linux kernel through 6.5.10 has a brcmfcfg80211detach use-after-free in the device unplugging disconnect the USB by hotplug code. For physically proximate attackers with local access, this "could be exploited in a real world scenario." This is related to...

CLSA-2023-1695901231 Fix of 7 CVEs

CVE-url: https://ubuntu.com/security/CVE-2023-42753 - netfilter: ipset: add the missing IPSETHASHWITHNET0 macro for ipsethashnetportnet.c CVE-2022-40982 // CVE-url: https://ubuntu.com/security/CVE-2022-40982 - init: Provide archcpufinalizeinit - x86/cpu: Switch to archcpufinalizeinit - init: Remo...

AZL-28790 CVE-2023-3301 affecting package qemu for versions less than 6.2.0-23

A flaw was found in QEMU. The async nature of hot-unplug enables a race scenario where the net device backend is cleared before the virtio-net pci frontend has been unplugged. A malicious guest could use this time window to trigger an assertion and cause a denial of service...

qemu-kvm security and bug fix update

7.2.0-14.el92.5 - rhel guest failed boot with multi disks on error Failed to start udev Wait for Complete Device Initialization - CVE-2023-3354 QEMU: VNC: improper I/O watch removal in TLS handshake can lead to remote unauthenticated denial of service - hotplug/hotunplug mlx vdpa device to the...

ALSA-2023:5094 Important: qemu-kvm security and bug fix update

Kernel-based Virtual Machine KVM is a full virtualization solution for Linux on a variety of architectures. The qemu-kvm packages provide the user-space component for running virtual machines that use KVM. Security Fixes: QEMU: VNC: improper I/O watch removal in TLS handshake can lead to remote...

kernel: scsi: qla2xxx: Fix crash when I/O abort times out

In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Fix crash when I/O abort times out While performing CPU hotplug, a crash with the following stack was seen: Call Trace: qla24xxprocessresponsequeue+0x42a/0x970 qla2xxx qla2x00startnvmemq+0x3a2/0x4b0 qla2xxx...

kernel: scsi: qla2xxx: Fix crash when I/O abort times out

In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Fix crash when I/O abort times out While performing CPU hotplug, a crash with the following stack was seen: Call Trace: qla24xxprocessresponsequeue+0x42a/0x970 qla2xxx qla2x00startnvmemq+0x3a2/0x4b0 qla2xxx...

kernel: powerpc/memhotplug: Add add_pages override for PPC

In the Linux kernel, the following vulnerability has been resolved: powerpc/memhotplug: Add addpages override for PPC With commit ffa0b64e3be5 "powerpc: Fix virtaddrvalid for 64-bit Book3E & 32-bit" the kernel now validate the addr against highmemory value. This results in the below BUGON with da...

K52401347: Linux kernel vulnerability CVE-2021-28972

Security Advisory Description In drivers/pci/hotplug/rpadlparsysfs.c in the Linux kernel through 5.11.8, the RPA PCI Hotplug driver has a user-tolerable buffer overflow when writing a new device name to the driver from userspace, allowing userspace to write data to the kernel stack frame directly...

SUSE CVE-2012-2121

The KVM implementation in the Linux kernel before 3.3.4 does not properly manage the relationships between memory slots and the iommu, which allows guest OS users to cause a denial of service memory leak and host OS crash by leveraging administrative access to the guest OS to conduct hotunplug an...

SUSE CVE-2012-5517

The onlinepages function in mm/memoryhotplug.c in the Linux kernel before 3.6 allows local users to cause a denial of service NULL pointer dereference and system crash or possibly have unspecified other impact in opportunistic circumstances by using memory that was hot-added by an administrator...

SUSE CVE-2014-3471

Use-after-free vulnerability in hw/pci/pcie.c in QEMU aka Quick Emulator allows local guest OS users to cause a denial of service QEMU instance crash via hotplug and hotunplug operations of Virtio block devices...

SUSE CVE-2014-5388

Off-by-one error in the pciread function in the ACPI PCI hotplug interface hw/acpi/pcihp.c in QEMU allows local guest users to obtain sensitive information and have other unspecified impact related to a crafted PCI device that triggers memory corruption...

SUSE CVE-2016-9923

Quick Emulator Qemu built with the 'chardev' backend support is vulnerable to a use after free issue. It could occur while hotplug and unplugging the device in the guest. A guest user/process could use this flaw to crash a Qemu process on the host resulting in DoS...

SUSE CVE-2017-15594

An issue was discovered in Xen through 4.9.x allowing x86 SVM PV guest OS users to cause a denial of service hypervisor crash or gain privileges because IDT settings are mishandled during CPU hotplugging...

SUSE CVE-2019-19067

Four memory leaks in the acphwinit function in drivers/gpu/drm/amd/amdgpu/amdgpuacp.c in the Linux kernel before 5.3.8 allow attackers to cause a denial of service memory consumption by triggering mfdaddhotplugdevices or pmgenpdadddevice failures, aka CID-57be09c6e874. NOTE: third parties dispute...

SUSE CVE-2021-28039

An issue was discovered in the Linux kernel 5.9.x through 5.11.3, as used with Xen. In some less-common configurations, an x86 PV guest OS user can crash a Dom0 or driver domain via a large amount of I/O activity. The issue relates to misuse of guest physical addresses when a configuration has...

SUSE CVE-2021-28972

In drivers/pci/hotplug/rpadlparsysfs.c in the Linux kernel through 5.11.8, the RPA PCI Hotplug driver has a user-tolerable buffer overflow when writing a new device name to the driver from userspace, allowing userspace to write data to the kernel stack frame directly. This occurs because...