AZL-40565 CVE-2024-27396 affecting package hyperv-daemons for versions less than 6.6.35.1-1

In the Linux kernel, the following vulnerability has been resolved: net: gtp: Fix Use-After-Free in gtpdellink Since callrcu, which is called in the hlistforeachentryrcu traversal of gtpdellink, is not part of the RCU read critical section, it is possible that the RCU grace period will pass durin...

PT-2024-3599 · Microsoft · Windows Hyper-V +1

Name of the Vulnerable Software and Affected Versions: Windows Hyper-V affected versions not specified Description: The issue is related to a buffer overflow in dynamic memory, which can be exploited by a remote attacker to execute arbitrary code. This can potentially affect the system...

AZL-40298 CVE-2024-27078 affecting package hyperv-daemons for versions less than 6.6.29.1-1

In the Linux kernel, the following vulnerability has been resolved: media: v4l2-tpg: fix some memleaks in tpgalloc In tpgalloc, resources should be deallocated in each and every error-handling paths, since they are allocated in for statements. Otherwise there would be memleaks because tpgfree is...

AZL-40328 CVE-2024-27051 affecting package hyperv-daemons for versions less than 6.6.29.1-1

In the Linux kernel, the following vulnerability has been resolved: cpufreq: brcmstb-avs-cpufreq: add check for cpufreqcpuget's return value cpufreqcpuget may return NULL. To avoid NULL-dereference check it and return 0 in case of error. Found by Linux Verification Center linuxtesting.org with...

AZL-40334 CVE-2024-27061 affecting package hyperv-daemons for versions less than 6.6.29.1-1

In the Linux kernel, the following vulnerability has been resolved: crypto: sun8i-ce - Fix use after free in unprepare sun8icecipherunprepare should be called before cryptofinalizeskcipherrequest, because client callbacks may immediately free memory, that isn't needed anymore. But it will be used...

AZL-40331 CVE-2024-27045 affecting package hyperv-daemons for versions less than 6.6.29.1-1

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Fix a potential buffer overflow in 'dpdscclockenread' Tell snprintf to store at most 10 bytes in the output buffer instead of 30. Fixes the below:...

AZL-42031 CVE-2024-27018 affecting package hyperv-daemons for versions less than 5.15.158.1-1

In the Linux kernel, the following vulnerability has been resolved: netfilter: brnetfilter: skip conntrack input hook for promisc packets For historical reasons, when bridge device is in promisc mode, packets that are directed to the taps follow bridge input hook path. This patch adds a workaroun...

AZL-46027 CVE-2024-27018 affecting package hyperv-daemons for versions less than 6.6.35.1-1

In the Linux kernel, the following vulnerability has been resolved: netfilter: brnetfilter: skip conntrack input hook for promisc packets For historical reasons, when bridge device is in promisc mode, packets that are directed to the taps follow bridge input hook path. This patch adds a workaroun...

AZL-40454 CVE-2024-27000 affecting package hyperv-daemons for versions less than 5.15.158.1-1

In the Linux kernel, the following vulnerability has been resolved: serial: mxs-auart: add spinlock around changing cts state The uarthandlectschange function in serialcore expects the caller to hold uport-lock. For example, I have seen the below kernel splat, when the Bluetooth driver is loaded ...

AZL-40425 CVE-2024-26984 affecting package hyperv-daemons for versions less than 5.15.158.1-1

In the Linux kernel, the following vulnerability has been resolved: nouveau: fix instmem race condition around ptr stores Running a lot of VK CTS in parallel against nouveau, once every few hours you might see something like this crash. BUG: kernel NULL pointer dereference, address:...

AZL-40416 CVE-2024-26977 affecting package hyperv-daemons for versions less than 5.15.158.1-1

In the Linux kernel, the following vulnerability has been resolved: pciiounmap: Fix MMIO mapping leak The ifdef ARCHHASGENERICIOPORTMAP accidentally also guards iounmap, which means MMIO mappings are leaked. Move the guard so we call iounmap for MMIO mappings...

AZL-40458 CVE-2024-26973 affecting package hyperv-daemons for versions less than 5.15.158.1-1

In the Linux kernel, the following vulnerability has been resolved: fat: fix uninitialized field in nostale filehandles When fatencodefhnostale encodes file handle without a parent it stores only first 10 bytes of the file handle. However the length of the file handle must be a multiple of 4 so t...

AZL-40481 CVE-2024-26961 affecting package hyperv-daemons for versions less than 5.15.158.1-1

In the Linux kernel, the following vulnerability has been resolved: mac802154: fix llsec key resources release in mac802154llseckeydel mac802154llseckeydel can free resources of a key directly without following the RCU rules for waiting before the end of a grace period. This may lead to...

AZL-40430 CVE-2024-26965 affecting package hyperv-daemons for versions less than 5.15.158.1-1

In the Linux kernel, the following vulnerability has been resolved: clk: qcom: mmcc-msm8974: fix terminating of frequency table arrays The frequency table arrays are supposed to be terminated with an empty element. Add such entry to the end of the arrays where it is missing in order to avoid...

AZL-40497 CVE-2024-26951 affecting package hyperv-daemons for versions less than 5.15.158.1-1

In the Linux kernel, the following vulnerability has been resolved: wireguard: netlink: check for dangling peer via isdead instead of empty list If all peers are removed via wgpeerremoveall, rather than setting peerlist to empty, the peer is added to a temporary list with a head on the stack of...

AZL-40509 CVE-2024-26953 affecting package hyperv-daemons for versions less than 5.15.158.2-1

In the Linux kernel, the following vulnerability has been resolved: net: esp: fix bad handling of pages from pagepool When the skb is reorganized during espoutput !esp-inline, the pages coming from the original skb fragments are supposed to be released back to the system through putpage. But if t...

UBUNTU-CVE-2024-26820

In the Linux kernel, the following vulnerability has been resolved: hvnetvsc: Register VF in netvscprobe if NETDEVICEREGISTER missed If hvnetvsc driver is unloaded and reloaded, the NETDEVICEREGISTER handler cannot perform VF register successfully as the register call is received before netvscpro...

SUSE CVE-2021-47217

In the Linux kernel, the following vulnerability has been resolved: x86/hyperv: Fix NULL deref in sethvtscchangecb if Hyper-V setup fails Check for a valid hvvpindex array prior to derefencing hvvpindex when setting Hyper-V's TSC change callback. If Hyper-V setup failed in hypervinit, the kernel...

CVE-2021-47217

In the Linux kernel, the following vulnerability has been resolved: x86/hyperv: Fix NULL deref in sethvtscchangecb if Hyper-V setup fails Check for a valid hvvpindex array prior to derefencing hvvpindex when setting Hyper-V's TSC change callback. If Hyper-V setup failed in hypervinit, the kernel...

UBUNTU-CVE-2021-47217

In the Linux kernel, the following vulnerability has been resolved: x86/hyperv: Fix NULL deref in sethvtscchangecb if Hyper-V setup fails Check for a valid hvvpindex array prior to derefencing hvvpindex when setting Hyper-V's TSC change callback. If Hyper-V setup failed in hypervinit, the kernel...