995 matches found
CVE-2024-47685
A flaw was found in the Netfilter and IPV6 functionality in the Linux kernel leading to a leak of 4 random bits. This issue may allow a remote user to preform an unauthorized read of random bits from the server. Mitigation If IPV6 or netfilter is not being used, then the issue is not applicable. ...
DEBIAN-CVE-2024-47716
In the Linux kernel, the following vulnerability has been resolved: ARM: 9410/1: vfp: Use asm volatile in fmrx/fmxr macros Floating point instructions in userspace can crash some arm kernels built with clang/LLD 17.0.6: BUG: unsupported FP instruction in kernel mode FPEXC == 0xc0000780 Internal...
UBUNTU-CVE-2024-47695
In the Linux kernel, the following vulnerability has been resolved: RDMA/rtrs-clt: Reset cid to connum - 1 to stay in bounds In the function initconns, after the createcon and createcm for loop if something fails. In the cleanup for loop after the destroy tag, we access out of bound memory becaus...
CVE-2024-47690
CVE-2024-47690 concerns the Linux kernel F2FS: online repair in f2fs_lookup() can race with a readonly remount, potentially leaving a dirty inode and triggering a kernel panic during eviction. The advisory states the fix is to remove online repair in f2fs_lookup() and delegate integrity checks to...
OESA-2024-2256 kernel security update
The Linux Kernel, the operating system core itself. Security Fixes: In the Linux kernel, the following vulnerability has been resolved: net: hns3: do not allow call hns3nicnetopen repeatedly hns3nicnetopen is not allowed to called repeatly, but there is no checking for this. When doing device res...
userfaultfd: don't BUG_ON() if khugepaged yanks our page table
...
AZL-49983 CVE-2024-46853 affecting package kernel for versions less than 5.15.176.3-1
In the Linux kernel, the following vulnerability has been resolved: spi: nxp-fspi: fix the KASAN report out-of-bounds bug Change the memcpy length to fix the out-of-bounds issue when writing the data that is not 4 byte aligned to TX FIFO. To reproduce the issue, write 3 bytes data to NOR chip. dd...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that stems from an array out-of-bounds problem...
kernel: proc/vmcore: fix clearing user buffer by properly using clear_user()
In the Linux kernel, the following vulnerability has been resolved: proc/vmcore: fix clearing user buffer by properly using clearuser To clear a user buffer we cannot simply use memset, we have to use clearuser. With a virtio-mem device that registers a vmcorecb and has some logically unplugged...
kernel: kyber: fix out of bounds access when preempted
In the Linux kernel, the following vulnerability has been resolved: kyber: fix out of bounds access when preempted blkmqschedbiomerge gets the ctx and hctx for the current CPU and passes the hctx to -biomerge. kyberbiomerge then gets the ctx for the current CPU again and uses that to get the...
CVE-2024-46783
In the Linux kernel, the following vulnerability has been resolved: tcpbpf: fix return value of tcpbpfsendmsg When we cork messages in psock-cork, the last message triggers the flushing will result in sending a skmsg larger than the current message size. In this case, in tcpbpfsendverdict, 'copie...
kernel: ipv6: sr: fix out-of-bounds read when setting HMAC data.
An out-of-bounds read flaw was found when setting HMAC data in net/ipv6/seg6.c in the Linux kernel. This issue may lead to a crash...
CVE-2024-46783
In the Linux kernel, the following vulnerability has been resolved: tcpbpf: fix return value of tcpbpfsendmsg When we cork messages in psock-cork, the last message triggers the flushing will result in sending a skmsg larger than the current message size. In this case, in tcpbpfsendverdict, 'copie...
UBUNTU-CVE-2024-46783
In the Linux kernel, the following vulnerability has been resolved: tcpbpf: fix return value of tcpbpfsendmsg When we cork messages in psock-cork, the last message triggers the flushing will result in sending a skmsg larger than the current message size. In this case, in tcpbpfsendverdict, 'copie...
CVE-2024-46783 tcp_bpf: fix return value of tcp_bpf_sendmsg()
In the Linux kernel, the following vulnerability has been resolved: tcpbpf: fix return value of tcpbpfsendmsg When we cork messages in psock-cork, the last message triggers the flushing will result in sending a skmsg larger than the current message size. In this case, in tcpbpfsendverdict, 'copie...
CVE-2024-46734 btrfs: fix race between direct IO write and fsync when using same fd
In the Linux kernel, the following vulnerability has been resolved: btrfs: fix race between direct IO write and fsync when using same fd If we have 2 threads that are using the same file descriptor and one of them is doing direct IO writes while the other is doing fsync, we have a race where we c...
The vulnerability of the driver responsible for the computer’s interaction with the CLFS.sys device in the Windows operating system allows a hacker to trigger a Service-Breaking Failure (BSoD).
The vulnerability of the driver responsible for the computer’s interaction with CLFS.sys devices and devices in the Windows operating system is related to incorrect configuration data input. Exploiting this vulnerability can cause a Service-Breaking Failure BSoD through the forced invocation of t...
RHSA-2008:0089 Red Hat Security Advisory: kernel security and bug fix update
Bulletin has no description...
SUSE CVE-2024-46684
In the Linux kernel, the following vulnerability has been resolved: binfmtelffdpic: fix AUXV size calculation when ELFHWCAP2 is defined createelffdpictables does not correctly account the space for the AUX vector when an architecture has ELFHWCAP2 defined. Prior to the commit 10e29251be0e...
RHSA-2018:0182 Red Hat Security Advisory: kernel security and bug fix update
Bulletin has no description...