117 matches found
net/mlx5: Fix command bitmask initialization
...
CVE-2025-21644 drm/xe: Fix tlb invalidation when wedging
In the Linux kernel, the following vulnerability has been resolved: drm/xe: Fix tlb invalidation when wedging If GuC fails to load, the driver wedges, but in the process it tries to do stuff that may not be initialized yet. This moves the xegttlbinvalidationinit to be done earlier: as its own doc...
CVE-2024-56677
CVE-2024-56677 (Linux kernel, powerpc fadump) : The issue arises during early init when CMA_MIN_ALIGNMENT_BYTES can be PAGE_SIZE because pageblock_order is not yet initialized. This bypasses the CMA memory alignment check in cma_init_reserved_mem(), allowing a potential misalignment that can trig...
CVE-2024-50264
...
PT-2025-3602 · Linux · Linux Kernel
Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: The issue is related to the Linux kernel's ptrace functionality, specifically with the arm64 architecture. The problem arises when the poe set function does not initialize a temporary...
Important: kernel
Issue Overview: In the Linux kernel, the following vulnerability has been resolved: inet: inetdefrag: prevent sk release while still in use CVE-2024-26921 In the Linux kernel, the following vulnerability has been resolved: netfilter: nftsetpipapo: walk over current view on netlink dump...
CVE-2022-48972 mac802154: fix missing INIT_LIST_HEAD in ieee802154_if_add()
In the Linux kernel, the following vulnerability has been resolved: mac802154: fix missing INITLISTHEAD in ieee802154ifadd Kernel fault injection test reports null-ptr-deref as follows: BUG: kernel NULL pointer dereference, address: 0000000000000008 RIP: 0010:cfg802154netdevnotifiercall+0x120/0x3...
UBUNTU-CVE-2024-46816
In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Stop amdgpudm initialize when link nums greater than maxlinks Why Coverity report OVERRUN warning. There are only maxlinks elements within dc-links. link count could up to AMDGPUDMMAXDISPLAYINDEX 31. How Make sur...
Bluetooth: L2CAP: Fix div-by-zero in l2cap_le_flowctl_init()
...
DEBIAN-CVE-2024-44945
In the Linux kernel, the following vulnerability has been resolved: netfilter: nfnetlink: Initialise extack before use in ACKs Add missing extack initialisation when ACKing BATCHBEGIN and BATCHEND...
SUSE CVE-2024-42161
In the Linux kernel, the following vulnerability has been resolved: bpf: Avoid uninitialized value in BPFCOREREADBITFIELD Changes from V1: - Use a default branch in the switch statement to initialize val'. GCC warns that val' may be used uninitialized in the BPFCREREADBITFIELD macro, defined in...
AZL-47219 CVE-2024-42076 affecting package kernel for versions less than 6.6.43.1-7
In the Linux kernel, the following vulnerability has been resolved: net: can: j1939: Initialize unused data in j1939sendone syzbot reported kernel-infoleak in rawrecvmsg 1. j1939sendone creates full frame including unused data, but it doesn't initialize it. This causes the kernel-infoleak issue...
AZL-68340 CVE-2024-41079 affecting package kernel 5.15.200.1-1
In the Linux kernel, the following vulnerability has been resolved: nvmet: always initialize cqe.result The spec doesn't mandate that the first two double words aka results for the command queue entry need to be set to 0 when they are not used not specified. Though, the target implemention return...
kernel: blk-cgroup: Reinit blkg_iostat_set after clearing in blkcg_reset_stats()
In the Linux kernel, the following vulnerability has been resolved: blk-cgroup: Reinit blkgiostatset after clearing in blkcgresetstats When blkgalloc is called to allocate a blkcggq structure with the associated blkgiostatset's, there are 2 fields within blkgiostatset that requires proper...
CVE-2024-40925
In the Linux kernel, the following vulnerability has been resolved: block: fix request.queuelist usage in flush Friedrich Weber reported a kernel crash problem and bisected to commit 81ada09cc25e "blk-flush: reuse rq queuelist in flush state machine". The root cause is that we use...
kernel: net/mlx5: Properly link new fs rules into the tree
CVE-2024-35960 is a vulnerability in the Linux kernel's Mellanox MLX5 driver that affects flow steering rule handling. When identical rules are created and referenced multiple times, they can fail to properly link into the rule tree, leaving them uninitialized. This can cause system crashes durin...
kernel: net/mlx5: Properly link new fs rules into the tree
CVE-2024-35960 is a vulnerability in the Linux kernel's Mellanox MLX5 driver that affects flow steering rule handling. When identical rules are created and referenced multiple times, they can fail to properly link into the rule tree, leaving them uninitialized. This can cause system crashes durin...
DEBIAN-CVE-2021-47597
In the Linux kernel, the following vulnerability has been resolved: inetdiag: fix kernel-infoleak for UDP sockets KMSAN reported a kernel-infoleak 1, that can exploited by unpriv users. After analysis it turned out UDP was not initializing r-idiagexpires. Other users of inetskdiagfill might make...
UBUNTU-CVE-2024-35992
In the Linux kernel, the following vulnerability has been resolved: phy: marvell: a3700-comphy: Fix out of bounds read There is an out of bounds read access of 'gbephyinitfixfixidx.addr' every iteration after 'fixidx' reaches 'ARRAYSIZEgbephyinitfix'. Make sure 'gbephyinitaddr' is used when all...
UBUNTU-CVE-2024-35837
In the Linux kernel, the following vulnerability has been resolved: net: mvpp2: clear BM pool before initialization Register value persist after booting the kernel using kexec which results in kernel panic. Thus clear the BM pool registers before initialisation to fix the issue...