CVE-2024-26703

In the Linux kernel, the following vulnerability has been resolved: tracing/timerlat: Move hrtimerinit to timerlatfd open Currently, the timerlat's hrtimer is initialized at the first read of timerlatfd, and destroyed at close. It works, but it causes an error if the user program open and close t...

CVE-2024-26703 tracing/timerlat: Move hrtimer_init to timerlat_fd open()

In the Linux kernel, the following vulnerability has been resolved: tracing/timerlat: Move hrtimerinit to timerlatfd open Currently, the timerlat's hrtimer is initialized at the first read of timerlatfd, and destroyed at close. It works, but it causes an error if the user program open and close t...

kernel: net/sched: sch_taprio: fix possible use-after-free

In the Linux kernel, the following vulnerability has been resolved: net/sched: schtaprio: fix possible use-after-free syzbot reported a nasty crash 1 in nettxaction which made little sense until we got a repro. This repro installs a taprio qdisc, but providing an invalid TCARATE attribute...

Important: kernel

Issue Overview: A side channel vulnerability on some of the AMD CPUs may allow an attacker to influence the return address prediction. This may result in speculative execution at an attacker-controlled?address, potentially leading to information disclosure. CVE-2023-20569 A use-after-free...

Ubuntu 22.04 LTS : Linux kernel (OEM) vulnerabilities (USN-6249-1)

The remote Ubuntu 22.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-6249-1 advisory. Ruihan Li discovered that the memory management subsystem in the Linux kernel contained a race condition when accessing VMAs in certain conditions, leadi...

OESA-2023-1424 kernel security update

The Linux Kernel, the operating system core itself. Security Fixes: A use-after-free vulnerability in the Linux Kernel iouring subsystem can be exploited to achieve local privilege escalation. Racing a iouring cancel poll request with a linked timeout can cause a UAF in a hrtimer. We recommend...

OESA-2023-1425 kernel security update

The Linux Kernel, the operating system core itself. Security Fixes: A use-after-free vulnerability in the Linux Kernel iouring subsystem can be exploited to achieve local privilege escalation. Racing a iouring cancel poll request with a linked timeout can cause a UAF in a hrtimer. We recommend...

OESA-2023-1423 kernel security update

The Linux Kernel, the operating system core itself. Security Fixes: A use-after-free vulnerability in the Linux Kernel iouring subsystem can be exploited to achieve local privilege escalation. Racing a iouring cancel poll request with a linked timeout can cause a UAF in a hrtimer. We recommend...

DEBIAN-CVE-2023-3389

A use-after-free vulnerability in the Linux Kernel iouring subsystem can be exploited to achieve local privilege escalation. Racing a iouring cancel poll request with a linked timeout can cause a UAF in a hrtimer. We recommend upgrading past commit ef7dfac51d8ed961b742218f526bd589f3900a59...

CVE-2023-3389

A use-after-free vulnerability in the Linux Kernel iouring subsystem can be exploited to achieve local privilege escalation. Racing a iouring cancel poll request with a linked timeout can cause a UAF in a hrtimer. We recommend upgrading past commit ef7dfac51d8ed961b742218f526bd589f3900a59...

CVE-2023-3389

A use-after-free vulnerability in the Linux Kernel iouring subsystem can be exploited to achieve local privilege escalation. Racing a iouring cancel poll request with a linked timeout can cause a UAF in a hrtimer. We recommend upgrading past commit ef7dfac51d8ed961b742218f526bd589f3900a59...

CVE-2023-3389

A use-after-free vulnerability in the Linux Kernel iouring subsystem can be exploited to achieve local privilege escalation. Racing a iouring cancel poll request with a linked timeout can cause a UAF in a hrtimer. We recommend upgrading past commit ef7dfac51d8ed961b742218f526bd589f3900a59...

SUSE CVE-2007-6712

Integer overflow in the hrtimerforward function hrtimer.c in Linux kernel 2.6.21-rc4, when running on 64-bit systems, allows local users to cause a denial of service infinite loop via a timer with a large expiry value, which causes the timer to always be expired...

SUSE CVE-2016-2549

sound/core/hrtimer.c in the Linux kernel before 4.4.1 does not prevent recursive callback access, which allows local users to cause a denial of service deadlock via a crafted ioctl call...

GSD-2023-1000510 futex: Fix futex_waitv() hrtimer debug object leak on kcalloc error

futex: Fix futexwaitv hrtimer debug object leak on kcalloc error This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v6.0.17 by commit...

RLSA-2023:0101 Important: kernel security and bug fix update

The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: memory corruption in AX88179178A based USB ethernet device. CVE-2022-2964 kernel: i915: Incorrect GPU TLB flush can lead to random memory access CVE-2022-4139 For more details about the...

kernel security and bug fix update

An update is available for kernel. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The kernel packages contain the Linux kernel, the core of any Linux operating...

Important: Red Hat Security Advisory: kernel security and bug fix update

An update for kernel is now available for Red Hat Enterprise Linux 8.6 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...

kernel security and bug fix update

4.18.0-372.19.1.0.16.OL8 - Update Oracle Linux certificates Kevin Lyons - Disable signing for aarch64 Ilya Okomin - Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list olkmodsigningkey.pem Orabug: 29539237 - Update x509.genkey Orabug: 24817676 - Conflict with shim-ia32...

GSD-2021-1001722 mac80211-hwsim: fix late beacon hrtimer handling

mac80211-hwsim: fix late beacon hrtimer handling This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.14.10 by commit...