CVE-2023-52848 f2fs: fix to drop meta_inode's page cache in f2fs_put_super()

In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to drop metainode's page cache in f2fsputsuper syzbot reports a kernel bug as below: F2FS-fs loop1: detect filesystem reference count leak during umount, type: 10, count: 1 kernel BUG at fs/f2fs/super.c:1639! CPU: 0 PID...

CVE-2023-52848

In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to drop metainode's page cache in f2fsputsuper syzbot reports a kernel bug as below: F2FS-fs loop1: detect filesystem reference count leak during umount, type: 10, count: 1 kernel BUG at fs/f2fs/super.c:1639! CPU: 0 PID...

CVE-2023-52848

Summary (CVE-2023-52848) : The issue, reported for the Linux kernel’s f2fs file system, centers on a bug during f2fs_put_super() where the meta_inode page cache is not dropped after an IO error in f2fs_wait_on_all_pages. This can lead to a reference-count leak and a kernel panic during unmount. T...

CVE-2023-52848 f2fs: fix to drop meta_inode's page cache in f2fs_put_super()

In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to drop metainode's page cache in f2fsputsuper syzbot reports a kernel bug as below: F2FS-fs loop1: detect filesystem reference count leak during umount, type: 10, count: 1 kernel BUG at fs/f2fs/super.c:1639! CPU: 0 PID...

DEBIAN-CVE-2021-47410

In the Linux kernel, the following vulnerability has been resolved: drm/amdkfd: fix svmmigratefini warning Device manager releases device-specific resources when a driver disconnects from a device, devmmemunmappages and devmreleasememregion calls in svmmigratefini are redundant. It causes below...

CVE-2021-47400

In the Linux kernel, the following vulnerability has been resolved: net: hns3: do not allow call hns3nicnetopen repeatedly hns3nicnetopen is not allowed to called repeatly, but there is no checking for this. When doing device reset and setup tc concurrently, there is a small oppotunity to call...

CVE-2021-47400

In the Linux kernel, the following vulnerability has been resolved: net: hns3: do not allow call hns3nicnetopen repeatedly hns3nicnetopen is not allowed to called repeatly, but there is no checking for this. When doing device reset and setup tc concurrently, there is a small oppotunity to call...

DEBIAN-CVE-2021-47399

In the Linux kernel, the following vulnerability has been resolved: ixgbe: Fix NULL pointer dereference in ixgbexdpsetup The ixgbe driver currently generates a NULL pointer dereference with some machine online cpus ringfeatureRINGFFDIR.limit = count; It becomes 63. When user use xdp,...

DEBIAN-CVE-2021-47276

In the Linux kernel, the following vulnerability has been resolved: ftrace: Do not blindly read the ip address in ftracebug It was reported that a bug on arm64 caused a bad ip address to be used for updating into a nop in ftraceinit, but the error path rightfully returned -EINVAL and not -EFAULT,...

DEBIAN-CVE-2021-47256

In the Linux kernel, the following vulnerability has been resolved: mm/memory-failure: make sure wait for page writeback in memoryfailure Our syzkaller trigger the "BUGON!listempty&inode-iwblist" in clearinode: kernel BUG at fs/inode.c:519! Internal error: Oops - BUG: 0 1 SMP Modules linked in:...

CVE-2021-47400

In the Linux kernel, the following vulnerability has been resolved: net: hns3: do not allow call hns3nicnetopen repeatedly hns3nicnetopen is not allowed to called repeatly, but there is no checking for this. When doing device reset and setup tc concurrently, there is a small oppotunity to call...

CVE-2021-47400 net: hns3: do not allow call hns3_nic_net_open repeatedly

In the Linux kernel, the following vulnerability has been resolved: net: hns3: do not allow call hns3nicnetopen repeatedly hns3nicnetopen is not allowed to called repeatly, but there is no checking for this. When doing device reset and setup tc concurrently, there is a small oppotunity to call...

CVE-2021-47400

CVE-2021-47400 affects the Linux kernel driver for the HNS3 NIC. The issue occurs when hns3_nic_net_open() is called repeatedly during concurrent device reset and tc setup, because there was no guard against repeated opens, allowing napi_enable to be invoked twice and triggering a kernel BUG. The...

CVE-2021-47379

The CVE-2021-47379 entry describes a kernel vulnerability in the Linux blk-cgroup subsystem related to a use-after-free (UAF) in the block I/O scheduler. The issue arises when destroying the blkcg policy hierarchy, where the BFQ/BLK MQ path can trigger a use-after-free during queue initialization...

SUSE CVE-2024-35947

In the Linux kernel, the following vulnerability has been resolved: dyndbg: fix old BUGON in control parser Fix a BUGON from 2009. Even if it looks "unreachable" I didn't really look, lets make sure by removing it, doing prerr and return -EINVAL instead...

Linux kernel 安全漏洞

Linux kernel is the kernel used by the Linux Foundation's open source operating system Linux. A security vulnerability exists in the Linux kernel, which stems from the fact that a cache created using an object size of less than 24 can cause the freelist pointer to write beyond s-objectsize,...

CVE-2024-35890 gro: fix ownership transfer

In the Linux kernel, the following vulnerability has been resolved: gro: fix ownership transfer If packets are GROed with fraglist they might be segmented later on and continue their journey in the stack. In skbsegmentlist those skbs can be reused as-is. This is an issue as their destructor was...

CVE-2024-35890 gro: fix ownership transfer

In the Linux kernel, the following vulnerability has been resolved: gro: fix ownership transfer If packets are GROed with fraglist they might be segmented later on and continue their journey in the stack. In skbsegmentlist those skbs can be reused as-is. This is an issue as their destructor was...

UBUNTU-CVE-2024-35832

In the Linux kernel, the following vulnerability has been resolved: bcachefs: kvfree bchfs::snapshots in bch2fssnapshotsexit bchfs::snapshots is allocated by kvzalloc in snapshottmut. It should be freed by kvfree not kfree. Or umount will triger: 406.829178 BUG: unable to handle page fault for...

UBUNTU-CVE-2024-27406

In the Linux kernel, the following vulnerability has been resolved: lib/Kconfig.debug: TESTIOVITER depends on MMU Trying to run the ioviter unit test on a nommu system such as the qemu kc705-nommu emulation results in a crash. KTAP version 1 Subtest: ioviter module: kunitioviter 1..9 BUG: failure...