DEBIAN-CVE-2021-47578

In the Linux kernel, the following vulnerability has been resolved: scsi: scsidebug: Don't call kcalloc if size arg is zero If the size arg to kcalloc is zero, it returns ZEROSIZEPTR. Because of that, for a following NULL pointer check to work on the returned pointer, kcalloc must not be called...

CVE-2021-47595 net/sched: sch_ets: don't remove idle classes from the round-robin list

In the Linux kernel, the following vulnerability has been resolved: net/sched: schets: don't remove idle classes from the round-robin list Shuang reported that the following script: 1 tc qdisc add dev ddd0 handle 10: parent 1: ets bands 8 strict 4 priomap 7 7 7 7 7 7 7 7 7 7 7 7 7 7 7 7 2 mauseza...

UBUNTU-CVE-2024-38578

In the Linux kernel, the following vulnerability has been resolved: ecryptfs: Fix buffer size for tag 66 packet The 'TAG 66 Packet Format' description is missing the cipher code and checksum fields that are packed into the message packet. As a result, the buffer allocated for the packet is 3 byte...

CVE-2024-38608 net/mlx5e: Fix netif state handling

In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: Fix netif state handling mlx5esuspend cleans resources only if netifdevicepresent returns true. However, mlx5eresume changes the state of netif, via mlx5enicenable, only if regstate == NETREGREGISTERED. In the below...

UBUNTU-CVE-2024-36886

In the Linux kernel, the following vulnerability has been resolved: tipc: fix UAF in error path Sam Page sam4k working with Trend Micro Zero Day Initiative reported a UAF in the tipcbufappend error path: BUG: KASAN: slab-use-after-free in kfreeskblistreason+0x47e/0x4c0 linux/net/core/skbuff.c:118...

SUSE CVE-2021-47493

In the Linux kernel, the following vulnerability has been resolved: ocfs2: fix race between searching chunks and release journalhead from bufferhead Encountered a race between ocfs2testbgbitallocatable and jbd2journalputjournalhead resulting in the below vmcore. PID: 106879 TASK: ffff880244ba9c00...

DEBIAN-CVE-2021-47549

In the Linux kernel, the following vulnerability has been resolved: satafsl: fix UAF in satafslportstop when rmmod satafsl When the rmmod satafsl.ko command is executed in the PPC64 GNU/Linux, a bug is reported: ================================================================== BUG: Unable to...

UBUNTU-CVE-2021-47566

In the Linux kernel, the following vulnerability has been resolved: proc/vmcore: fix clearing user buffer by properly using clearuser To clear a user buffer we cannot simply use memset, we have to use clearuser. With a virtio-mem device that registers a vmcorecb and has some logically unplugged...

CVE-2021-47536

In the Linux kernel, the following vulnerability has been resolved: net/smc: fix wrong listdel in smclgrcleanupearly smclgrcleanupearly meant to delete the link group from the link group list, but it deleted the list head by mistake. This may cause memory corruption since we didn't remove the rea...

CVE-2021-47572 net: nexthop: fix null pointer dereference when IPv6 is not enabled

In the Linux kernel, the following vulnerability has been resolved: net: nexthop: fix null pointer dereference when IPv6 is not enabled When we try to add an IPv6 nexthop and IPv6 is not enabled !CONFIGIPV6 we'll hit a NULL pointer dereference1 in the error path of nhcreateipv6 due to calling...

CVE-2021-47549 sata_fsl: fix UAF in sata_fsl_port_stop when rmmod sata_fsl

In the Linux kernel, the following vulnerability has been resolved: satafsl: fix UAF in satafslportstop when rmmod satafsl When the rmmod satafsl.ko command is executed in the PPC64 GNU/Linux, a bug is reported: ================================================================== BUG: Unable to...

CVE-2023-52701

In the Linux kernel, the following vulnerability has been resolved: net: use a bounce buffer for copying skb-mark syzbot found arm64 builds would crash in sockrecvmark when CONFIGHARDENEDUSERCOPY=y x86 and powerpc are not detecting the issue because they define useraccessbegin. This will be handl...

CVE-2021-47400

In the Linux kernel, the following vulnerability has been resolved: net: hns3: do not allow call hns3nicnetopen repeatedly hns3nicnetopen is not allowed to called repeatly, but there is no checking for this. When doing device reset and setup tc concurrently, there is a small oppotunity to call...

CVE-2021-47492 mm, thp: bail out early in collapse_file for writeback page

In the Linux kernel, the following vulnerability has been resolved: mm, thp: bail out early in collapsefile for writeback page Currently collapsefile does not explicitly check PGwriteback, instead, pagehasprivate and trytoreleasepage are used to filter writeback pages. This does not work for xfs...

CVE-2021-47468

In the Linux kernel, the following vulnerability has been resolved: isdn: mISDN: Fix sleeping function called from invalid context The driver can call card-isac.release function from an atomic context. Fix this by calling this function after releasing the lock. The following log reveals it:...

CVE-2023-52848

In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to drop metainode's page cache in f2fsputsuper syzbot reports a kernel bug as below: F2FS-fs loop1: detect filesystem reference count leak during umount, type: 10, count: 1 kernel BUG at fs/f2fs/super.c:1639! CPU: 0 PID...

CVE-2023-52848 f2fs: fix to drop meta_inode's page cache in f2fs_put_super()

In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to drop metainode's page cache in f2fsputsuper syzbot reports a kernel bug as below: F2FS-fs loop1: detect filesystem reference count leak during umount, type: 10, count: 1 kernel BUG at fs/f2fs/super.c:1639! CPU: 0 PID...

CVE-2023-52848

Summary (CVE-2023-52848) : The issue, reported for the Linux kernel’s f2fs file system, centers on a bug during f2fs_put_super() where the meta_inode page cache is not dropped after an IO error in f2fs_wait_on_all_pages. This can lead to a reference-count leak and a kernel panic during unmount. T...

CVE-2023-52848

In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to drop metainode's page cache in f2fsputsuper syzbot reports a kernel bug as below: F2FS-fs loop1: detect filesystem reference count leak during umount, type: 10, count: 1 kernel BUG at fs/f2fs/super.c:1639! CPU: 0 PID...

CVE-2023-52848 f2fs: fix to drop meta_inode's page cache in f2fs_put_super()

In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to drop metainode's page cache in f2fsputsuper syzbot reports a kernel bug as below: F2FS-fs loop1: detect filesystem reference count leak during umount, type: 10, count: 1 kernel BUG at fs/f2fs/super.c:1639! CPU: 0 PID...