Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a missing check for atomicfile status in the f2fs subsystem ioctl interface...

SUSE-SU-2024:3631-1 Security update for the Linux Kernel RT (Live Patch 10 for SLE 15 SP5)

This update for the Linux Kernel 5.14.21-1505001335 fixes several issues. The following security issues were fixed: - CVE-2024-35861: Fixed potential UAF in cifssignalcifsdforreconnect bsc1225312. - CVE-2024-36899: gpiolib: cdev: Fix use after free in lineinfochangednotify bsc1225739. -...

The vulnerability of the blkpg_do_ioctl() function (block/ioctl.c) in the Linux operating system allows a attacker to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the blkpgdoioctl function block/ioctl.c in the Linux operating system is related to integer overflow. Exploiting this vulnerability could allow an attacker to compromise the confidentiality, integrity, and accessibility of the protected information...

PT-2024-8240

Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 6.11.0+ Description: The issue is related to a use-after-free vulnerability in the gsm cleanup mux function in the Linux kernel. This vulnerability can be exploited by an attacker to impact the confidentiality,...

CVE-2024-23376

Memory corruption while sending the persist buffer command packet from the user-space to the kernel space through the IOCTL call...

CVE-2024-23378

Memory corruption while invoking IOCTL calls for MSM module from the user space during audio playback and record...

CVE-2024-21455

Memory corruption when a compat IOCTL call is followed by another IOCTL call from userspace to a driver...

CVE-2024-23370

Memory corruption when a process invokes IOCTL calls from user-space to create a HAB virtual channel and another process invokes IOCTL calls to destroy the same...

CVE-2024-23378 Buffer Copy Without Checking Size of Input (`Classic Buffer Overflow`) in Audio

Memory corruption while invoking IOCTL calls for MSM module from the user space during audio playback and record...

CVE-2024-23376 Use After Free in ComputerVision

Memory corruption while sending the persist buffer command packet from the user-space to the kernel space through the IOCTL call...

CVE-2024-23376

CVE-2024-23376 involves memory corruption while sending the persist buffer IOCTL from user-space to kernel space in Qualcomm-related components (notably Qualcomm Snapdragon Auto). The issue is described as a memory corruption (also characterized as a use-after-free in some feeds) affecting the pe...

CVE-2024-23376 Use After Free in ComputerVision

Memory corruption while sending the persist buffer command packet from the user-space to the kernel space through the IOCTL call...

CVE-2024-21455 Untrusted Pointer Dereference in DSP Service

Memory corruption when a compat IOCTL call is followed by another IOCTL call from userspace to a driver...

CVE-2024-21455

CVE-2024-21455 is a memory corruption issue in Qualcomm’s adsprpc DSP driver exposed to user space via compat IOCTL handling. The root cause involves 32‑bit compatibility handling where a global is_compat flag is set on a file descriptor and later misinterprets a 64‑bit userland request as a 32‑b...

PT-2024-19853

Name of the Vulnerable Software and Affected Versions MSM module affected versions not specified Description The issue involves memory corruption when invoking IOCTL calls for the MSM module from user space during audio playback and record. This occurs due to improper handling of IOCTL calls,...

PT-2024-18880 · Qualcomm · Snapdragon +19

Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided descriptions. Description: The issue involves memory corruption that occurs when a compat IOCTL call is followed by another IOCTL call from userspace to a driver. This can lead to...

Exploit for Use After Free in Linux Linux_Kernel

RU GenIoURingExploit is a PoC exploit targeting a specific...

CVE-2024-46837

In the Linux kernel, the following vulnerability has been resolved: drm/panthor: Restrict high priorities on groupcreate We were allowing any users to create a high priority group without any permission checks. As a result, this was allowing possible denial of service. We now only allow the DRM...

DEBIAN-CVE-2024-46837

In the Linux kernel, the following vulnerability has been resolved: drm/panthor: Restrict high priorities on groupcreate We were allowing any users to create a high priority group without any permission checks. As a result, this was allowing possible denial of service. We now only allow the DRM...

UBUNTU-CVE-2024-46837

In the Linux kernel, the following vulnerability has been resolved: drm/panthor: Restrict high priorities on groupcreate We were allowing any users to create a high priority group without any permission checks. As a result, this was allowing possible denial of service. We now only allow the DRM...