GSD-2023-1001520 perf: arm_dsu: Fix hotplug callback leak in dsu_pmu_init()

perf: armdsu: Fix hotplug callback leak in dsupmuinit This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.10.163 by commit...

GSD-2023-1001225 perf: arm_dsu: Fix hotplug callback leak in dsu_pmu_init()

perf: armdsu: Fix hotplug callback leak in dsupmuinit This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.15.86 by commit...

GSD-2023-1001224 perf/arm_dmc620: Fix hotplug callback leak in dmc620_pmu_init()

perf/armdmc620: Fix hotplug callback leak in dmc620pmuinit This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.15.86 by commit...

GSD-2023-1001223 perf/smmuv3: Fix hotplug callback leak in arm_smmu_pmu_init()

perf/smmuv3: Fix hotplug callback leak in armsmmupmuinit This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.15.86 by commit...

GSD-2023-1000853 drivers: perf: marvell_cn10k: Fix hotplug callback leak in tad_pmu_init()

drivers: perf: marvellcn10k: Fix hotplug callback leak in tadpmuinit This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v6.0.16 by commit...

GSD-2023-1000852 perf/arm_dmc620: Fix hotplug callback leak in dmc620_pmu_init()

perf/armdmc620: Fix hotplug callback leak in dmc620pmuinit This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v6.0.16 by commit...

GSD-2023-1000851 perf/smmuv3: Fix hotplug callback leak in arm_smmu_pmu_init()

perf/smmuv3: Fix hotplug callback leak in armsmmupmuinit This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v6.0.16 by commit...

PT-2023-33739 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v6.0.16 Description: The issue is related to the removal of cpuhp instance nodes before removing cpuhp states in the coresight trbe component. The actual impact and attack plausibility have not yet been proven...

PT-2023-33929 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v6.0.16 Description: The issue is related to a hotplug callback leak in the dmc620 pmu init function. The actual impact and attack plausibility have not yet been proven. Recommendations: For Linux Kernel version...

PT-2023-33928 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v6.0.16 Description: The issue is related to a hotplug callback leak in the arm smmu pmu init function. The actual impact and attack plausibility have not yet been proven. Recommendations: For Linux Kernel...

PT-2023-34300 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v5.15.86 Description: The issue is related to a hotplug callback leak in the arm smmu pmu init function. The actual impact and attack plausibility have not yet been proven. Recommendations: For Linux Kernel...

GHSA-QV98-3369-G364 KubeVirt vulnerable to arbitrary file read on host

Impact Users with the permission to create VMIs can construct VMI specs which allow them to read arbitrary files on the host. There are three main attack vectors: 1. Some path fields on the VMI spec were not properly validated and allowed passing in relative paths which would have been mounted in...

Ubuntu: Security Advisory (USN-5299-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

EulerOS Virtualization 2.9.0 : kernel (EulerOS-SA-2022-2200)

According to the versions of the kernel packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - An issue was discovered in the Linux kernel 3.11 through 5.10.16, as used by Xen. To service requests to the PV backend, the driv...

Unbreakable Enterprise kernel-container security update

4.14.35-2047.515.3.el7 - uek-rpm: Enable Pensando EMMC reset controller Thomas Tai Orabug: 34325721 - mfd: pensandoelbasr: Add Pensando Elba System Resource Chip Brad Larson Orabug: 34325721 - dsc-drivers: update drivers for 1.15.9-C-65 Shannon Nelson Orabug: 34325721 4.14.35-2047.515.2.el7 -...

[Important] [Security] Virtuozzo ReadyKernel patch 143.0 for Virtuozzo Hybrid Server 7.0, 7.5

The cumulative Virtuozzo ReadyKernel patch was updated with security fixes. The patch applies to all supported kernels of Virtuozzo Hybrid Server 7.x. Vulnerability id: CVE-2022-1966 3.10.0-1127.8.2.vz7.158.8 to 3.10.0-1160.53.1.vz7.185.3 The bug allows to initialize a non-stateful lookup...

Huawei EulerOS: Security Advisory for kernel (EulerOS-SA-2022-1780)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

EulerOS 2.0 SP9 : kernel (EulerOS-SA-2022-1780)

According to the versions of the kernel packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - An issue was discovered in the Linux kernel 3.11 through 5.10.16, as used by Xen. To service requests to the PV backend, the driver maps grant...

kernel: perf/smmuv3: Fix hotplug callback leak in arm_smmu_pmu_init()

A resource-handling flaw was found in the Linux kernel performance monitoring driver for ARM System Memory Management Unit version 3 in the way hotplug callbacks are registered during driver initialization. If driver registration fails, previously added CPU hotplug callbacks are not removed,...

PT-2025-41015

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw exists in the Linux kernel’s perf/smmuv3 component related to a hotplug callback leak within the arm smmu pmu init function. Specifically, the function fails to remove a callback...