DEBIAN-CVE-2021-47410

In the Linux kernel, the following vulnerability has been resolved: drm/amdkfd: fix svmmigratefini warning Device manager releases device-specific resources when a driver disconnects from a device, devmmemunmappages and devmreleasememregion calls in svmmigratefini are redundant. It causes below...

CVE-2021-47400

In the Linux kernel, the following vulnerability has been resolved: net: hns3: do not allow call hns3nicnetopen repeatedly hns3nicnetopen is not allowed to called repeatly, but there is no checking for this. When doing device reset and setup tc concurrently, there is a small oppotunity to call...

CVE-2021-47400

In the Linux kernel, the following vulnerability has been resolved: net: hns3: do not allow call hns3nicnetopen repeatedly hns3nicnetopen is not allowed to called repeatly, but there is no checking for this. When doing device reset and setup tc concurrently, there is a small oppotunity to call...

DEBIAN-CVE-2021-47399

In the Linux kernel, the following vulnerability has been resolved: ixgbe: Fix NULL pointer dereference in ixgbexdpsetup The ixgbe driver currently generates a NULL pointer dereference with some machine online cpus ringfeatureRINGFFDIR.limit = count; It becomes 63. When user use xdp,...

DEBIAN-CVE-2021-47276

In the Linux kernel, the following vulnerability has been resolved: ftrace: Do not blindly read the ip address in ftracebug It was reported that a bug on arm64 caused a bad ip address to be used for updating into a nop in ftraceinit, but the error path rightfully returned -EINVAL and not -EFAULT,...

DEBIAN-CVE-2021-47256

In the Linux kernel, the following vulnerability has been resolved: mm/memory-failure: make sure wait for page writeback in memoryfailure Our syzkaller trigger the "BUGON!listempty&inode-iwblist" in clearinode: kernel BUG at fs/inode.c:519! Internal error: Oops - BUG: 0 1 SMP Modules linked in:...

CVE-2021-47400

In the Linux kernel, the following vulnerability has been resolved: net: hns3: do not allow call hns3nicnetopen repeatedly hns3nicnetopen is not allowed to called repeatly, but there is no checking for this. When doing device reset and setup tc concurrently, there is a small oppotunity to call...

CVE-2021-47400 net: hns3: do not allow call hns3_nic_net_open repeatedly

In the Linux kernel, the following vulnerability has been resolved: net: hns3: do not allow call hns3nicnetopen repeatedly hns3nicnetopen is not allowed to called repeatly, but there is no checking for this. When doing device reset and setup tc concurrently, there is a small oppotunity to call...

CVE-2021-47400

CVE-2021-47400 affects the Linux kernel driver for the HNS3 NIC. The issue occurs when hns3_nic_net_open() is called repeatedly during concurrent device reset and tc setup, because there was no guard against repeated opens, allowing napi_enable to be invoked twice and triggering a kernel BUG. The...

CVE-2021-47379

The CVE-2021-47379 entry describes a kernel vulnerability in the Linux blk-cgroup subsystem related to a use-after-free (UAF) in the block I/O scheduler. The issue arises when destroying the blkcg policy hierarchy, where the BFQ/BLK MQ path can trigger a use-after-free during queue initialization...

SUSE CVE-2024-35947

In the Linux kernel, the following vulnerability has been resolved: dyndbg: fix old BUGON in control parser Fix a BUGON from 2009. Even if it looks "unreachable" I didn't really look, lets make sure by removing it, doing prerr and return -EINVAL instead...

Linux kernel 安全漏洞

Linux kernel is the kernel used by the Linux Foundation's open source operating system Linux. A security vulnerability exists in the Linux kernel, which stems from the fact that a cache created using an object size of less than 24 can cause the freelist pointer to write beyond s-objectsize,...

CVE-2024-35890 gro: fix ownership transfer

In the Linux kernel, the following vulnerability has been resolved: gro: fix ownership transfer If packets are GROed with fraglist they might be segmented later on and continue their journey in the stack. In skbsegmentlist those skbs can be reused as-is. This is an issue as their destructor was...

CVE-2024-35890 gro: fix ownership transfer

In the Linux kernel, the following vulnerability has been resolved: gro: fix ownership transfer If packets are GROed with fraglist they might be segmented later on and continue their journey in the stack. In skbsegmentlist those skbs can be reused as-is. This is an issue as their destructor was...

UBUNTU-CVE-2024-35832

In the Linux kernel, the following vulnerability has been resolved: bcachefs: kvfree bchfs::snapshots in bch2fssnapshotsexit bchfs::snapshots is allocated by kvzalloc in snapshottmut. It should be freed by kvfree not kfree. Or umount will triger: 406.829178 BUG: unable to handle page fault for...

UBUNTU-CVE-2024-27406

In the Linux kernel, the following vulnerability has been resolved: lib/Kconfig.debug: TESTIOVITER depends on MMU Trying to run the ioviter unit test on a nommu system such as the qemu kc705-nommu emulation results in a crash. KTAP version 1 Subtest: ioviter module: kunitioviter 1..9 BUG: failure...

kernel security, bug fix, and enhancement update

An update is available for kernel. This update affects Rocky Linux SIG Cloud 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The kernel packages contain the Linux kernel, the core of any Linux...

SUSE CVE-2024-26956

In the Linux kernel, the following vulnerability has been resolved: nilfs2: fix failure to detect DAT corruption in btree and direct mappings Patch series "nilfs2: fix kernel bug at submitbhwbc". This resolves a kernel BUG reported by syzbot. Since there are two flaws involved, I've made each one...

CVE-2024-26956

In the Linux kernel, the following vulnerability has been resolved: nilfs2: fix failure to detect DAT corruption in btree and direct mappings Patch series "nilfs2: fix kernel bug at submitbhwbc". This resolves a kernel BUG reported by syzbot. Since there are two flaws involved, I've made each one...

DEBIAN-CVE-2024-26955

In the Linux kernel, the following vulnerability has been resolved: nilfs2: prevent kernel bug at submitbhwbc Fix a bug where nilfsgetblock returns a successful status when searching and inserting the specified block both fail inconsistently. If this inconsistent behavior is not due to a previous...