CVE-2022-48919 cifs: fix double free race when mount fails in cifs_get_root()

In the Linux kernel, the following vulnerability has been resolved: cifs: fix double free race when mount fails in cifsgetroot When cifsgetroot fails during cifssmb3domount we call deactivatelockedsuper which eventually will call delayedfree which will free the context. In this situation we shoul...

CVE-2021-47441 mlxsw: thermal: Fix out-of-bounds memory accesses

In the Linux kernel, the following vulnerability has been resolved: mlxsw: thermal: Fix out-of-bounds memory accesses Currently, mlxsw allows cooling states to be set above the maximum cooling state supported by the driver: cat /sys/class/thermal/thermalzone2/cdev0/type mlxswfan cat...

CVE-2021-47309

In the Linux kernel, the following vulnerability has been resolved: net: validate lwtstate-data before returning from skbtunnelinfo skbtunnelinfo returns pointer of lwtstate-data as iptunnelinfo type without validation. lwtstate-data can have various types such as mplsiptunnelencap, etc and these...

CVE-2023-52637

CVE-2023-52637 refers to a Linux kernel vulnerability in the j1939 subsystem where a use-after-free (UAF) could occur due to modification of jsk->filters while receiving packets and during setsockopt(SO_J1939_FILTER). The fix adds locking on jsk->sk to prevent UAF and stabilize access to fi...