113 matches found
CVE-2024-50098 scsi: ufs: core: Set SDEV_OFFLINE when UFS is shut down
In the Linux kernel, the following vulnerability has been resolved: scsi: ufs: core: Set SDEVOFFLINE when UFS is shut down There is a history of deadlock if reboot is performed at the beginning of booting. SDEVQUIESCE was set for all LU's scsidevices by UFS shutdown, and at that time the audio...
SUSE CVE-2024-43863
In the Linux kernel, the following vulnerability has been resolved: drm/vmwgfx: Fix a deadlock in dma buf fence polling Introduce a version of the fence ops that on release doesn't remove the fence from the pending list, and thus doesn't require a lock to fix poll-fence wait-fence unref deadlocks...
AZL-55404 CVE-2024-36924 affecting package kernel 5.15.200.1-1
In the Linux kernel, the following vulnerability has been resolved: scsi: lpfc: Release hbalock before calling lpfcworkerwakeup lpfcworkerwakeup calls the lpfcworkdone routine, which takes the hbalock. Thus, lpfcworkerwakeup should not be called while holding the hbalock to avoid potential deadlo...
kernel: md/raid5-cache: fix a deadlock in r5l_exit_log()
A deadlock vulnerability was found in the md RAID5 cache r5l subsystem in the Linux kernel. In r5lexitlog, flushwork is called while holding reconfigmutex, which waits for disablewritebackwork to complete. However, r5cdisablewritebackasync calls waitevent which requires conf-log to be NULL, but...
kernel: hwmon: (coretemp) Simplify platform device handling
A NULL pointer dereference flaw was found in the Linux kernel's coretemp hardware monitoring driver in the platform device handling logic. A local privileged user who disables driversautoprobe for the platform bus can trigger this issue by initiating CPU hotplug operations, causing the driver to...
USN-6740-1: Linux kernel vulnerabilities
Wei Chen discovered that a race condition existed in the TIPC protocol implementation in the Linux kernel, leading to a null pointer dereference vulnerability. A local attacker could use this to cause a denial of service system crash. CVE-2023-1382 It was discovered that the virtio network...
USN-6624-1: Linux kernel vulnerabilities
Marek Marczykowski-Górecki discovered that the Xen event channel infrastructure implementation in the Linux kernel contained a race condition. An attacker in a guest VM could possibly use this to cause a denial of service paravirtualized device unavailability. CVE-2023-34324 Zheng Wang discovered...
Kernel: deadlock leading to denial of service in tipc_crypto_key_revoke
...
Kernel: potential deadlock on &net->sctp.addr_wq_lock leading to dos
...
kernel: blocking operation in dvb_frontend_get_event and wait_event_interruptible
A potential deadlock flaw was found in the Linux’s kernel DVB API used by Digital TV devices functionality. This flaw allows a local user to crash the system...
USN-6397-1: Linux kernel (BlueField) vulnerabilities
Daniel Moghimi discovered that some IntelR Processors did not properly clear microarchitectural state after speculative execution of various instructions. A local unprivileged user could use this to obtain to sensitive information. CVE-2022-40982 Ruihan Li discovered that the bluetooth subsystem ...
USN-6385-1 linux-oem-6.0 vulnerabilities
It was discovered that some AMD x86-64 processors with SMT enabled could speculatively execute instructions using a return address from a sibling thread. A local attacker could possibly use this to expose sensitive information. CVE-2022-27672 William Zhao discovered that the Traffic Control TC...
Ubuntu: Security Advisory (USN-6339-4)
The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
USN-6357-1 linux-ibm, linux-ibm-5.4 vulnerabilities
Daniel Moghimi discovered that some IntelR Processors did not properly clear microarchitectural state after speculative execution of various instructions. A local unprivileged user could use this to obtain to sensitive information. CVE-2022-40982 Ruihan Li discovered that the bluetooth subsystem ...
Ubuntu: Security Advisory (USN-6338-2)
The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Ubuntu: Security Advisory (USN-6340-2)
The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
USN-6339-2: Linux kernel vulnerabilities
It was discovered that the NTFS file system implementation in the Linux kernel did not properly validate MFT flags in certain situations. An attacker could use this to construct a malicious NTFS image that, when mounted and operated on, could cause a denial of service system crash. CVE-2022-48425...
USN-6344-1: Linux kernel (Azure) vulnerabilities
Zi Fan Tan discovered that the binder IPC implementation in the Linux kernel contained a use-after-free vulnerability. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2023-21255 It was discovered that a race condition existed in th...
Ubuntu: Security Advisory (USN-6338-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Ubuntu: Security Advisory (USN-6340-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...