CVE-2024-50226

CVE-2024-50226 : Linux kernel vulnerability in the CXL port code. A use-after-free during teardown of a region with multiple endpoint decoders (example: decoders 7.0 and 14.0 sharing a switch-decoder 3.0) could allow out-of-order shutdown and leave stale references. The patch ensures: (1) proper ...

CVE-2024-50226 cxl/port: Fix use-after-free, permit out-of-order decoder shutdown

In the Linux kernel, the following vulnerability has been resolved: cxl/port: Fix use-after-free, permit out-of-order decoder shutdown In support of investigating an initialization failure report 1, cxltest was updated to register mock memory-devices after the mock root-port/bus device had been...

DEBIAN-CVE-2024-50136

In the Linux kernel, the following vulnerability has been resolved: net/mlx5: Unregister notifier on eswitch init failure It otherwise remains registered and a subsequent attempt at eswitch enabling might trigger warnings of the sort: 682.589148 ------------ cut here ------------ 682.590204...

kernel: net/mlx5e: Fix netif state handling

A vulnerability was found in the Linux kernel within the net/mlx5e component, where improper handling of network interface states could lead to a NULL pointer dereference or resource leaks if network registration fails during initialization. This condition could cause system instability, as...

SUSE CVE-2022-48971

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: Fix not cleanup led when btinit fails btinit calls btledsinit to register led, but if it fails later, btledscleanup is not called to unregister it. This can cause panic if the argument "bluetooth-power" in text is free...

UBUNTU-CVE-2022-48971

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: Fix not cleanup led when btinit fails btinit calls btledsinit to register led, but if it fails later, btledscleanup is not called to unregister it. This can cause panic if the argument "bluetooth-power" in text is free...

DEBIAN-CVE-2024-50002

In the Linux kernel, the following vulnerability has been resolved: staticcall: Handle module init failure correctly in staticcalldelmodule Module insertion invokes staticcalladdmodule to initialize the static calls in a module. staticcalladdmodule invokes staticcallinit, which allocates a struct...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from the Bluetooth component failing to properly clean up LEDs when btinit fails...

PT-2024-33978

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A vulnerability in the Linux kernel has been resolved, specifically in the net/mlx5e module. The issue occurs when profile rollback fails in mlx5e netdev change profile, causing the...

Unspecified vulnerability in Linux kernel (CNVD-2024-40273)

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from failing to ensure that the connector is fully initialized before sending an HPD event. No details of the...

SUSE CVE-2024-46817

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Stop amdgpudm initialize when stream nums greater than 6 Why Coverity reports OVERRUN warning. Should abort amdgpudm initialize. How Return failure to amdgpudminit...

UBUNTU-CVE-2024-46817

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Stop amdgpudm initialize when stream nums greater than 6 Why Coverity reports OVERRUN warning. Should abort amdgpudm initialize. How Return failure to amdgpudminit...

UBUNTU-CVE-2024-46673

In the Linux kernel, the following vulnerability has been resolved: scsi: aacraid: Fix double-free on probe failure aacprobeone calls hardware-specific init functions through the aacdriverident::init pointer, all of which eventually call down to aacinitadapter. If aacinitadapter fails after...

DEBIAN-CVE-2024-45027

In the Linux kernel, the following vulnerability has been resolved: usb: xhci: Check for xhci-interrupters being allocated in xhcimemclearup If xhcimeminit fails, it calls into xhcimemcleanup to mop up the damage. If it fails early enough, before xhci-interrupters is allocated but after...

DEBIAN-CVE-2022-48880

In the Linux kernel, the following vulnerability has been resolved: platform/surface: aggregator: Add missing call to ssamrequestsyncfree Although rare, ssamrequestsyncinit can fail. In that case, the request should be freed via ssamrequestsyncfree. Currently it is leaked instead. Fix this...

mozilla: Uninitialized memory used by WebGL

The Mozilla Foundation Security Advisory describes this flaw as: ANGLE failed to initialize parameters which led to reading from uninitialized memory. This could be leveraged to leak sensitive data from memory...

UBUNTU-CVE-2024-42147

In the Linux kernel, the following vulnerability has been resolved: crypto: hisilicon/debugfs - Fix debugfs uninit process issue During the zip probe process, the debugfs failure does not stop the probe. When debugfs initialization fails, jumping to the error branch will also release regs, in...

SUSE CVE-2022-48824

In the Linux kernel, the following vulnerability has been resolved: scsi: myrs: Fix crash in error case In myrsdetect, cs-disableintr is NULL when privdata-hwinit fails with non-zero. In this case, myrscleanupcs will call a NULL ptr and crash the kernel. 1.105606 myrs 0000:00:03.0: Unknown...

DEBIAN-CVE-2022-48824

In the Linux kernel, the following vulnerability has been resolved: scsi: myrs: Fix crash in error case In myrsdetect, cs-disableintr is NULL when privdata-hwinit fails with non-zero. In this case, myrscleanupcs will call a NULL ptr and crash the kernel. 1.105606 myrs 0000:00:03.0: Unknown...

DEBIAN-CVE-2024-40933

In the Linux kernel, the following vulnerability has been resolved: iio: temperature: mlx90635: Fix ERRPTR dereference in mlx90635probe When devmregmapiniti2c fails, regmapee could be error pointer, instead of checking for ISERRregmapee, regmap is checked which looks like a copy paste error...