Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a failure of the f2fs file system to properly handle scenarios where blkaddr is valid when processing...

SUSE CVE-2021-47455

In the Linux kernel, the following vulnerability has been resolved: ptp: Fix possible memory leak in ptpclockregister I got memory leak as follows when doing fault injection test: unreferenced object 0xffff88800906c618 size 8: comm "i2c-idt82p33931", pid 4421, jiffies 4294948083 age 13.188s hex...

UBUNTU-CVE-2023-52708

In the Linux kernel, the following vulnerability has been resolved: mmc: mmcspi: fix error handling in mmcspiprobe If mmcaddhost fails, it doesn't need to call mmcremovehost, or it will cause null-ptr-deref, because of deleting a not added device in mmcremovehost. To fix this, goto label...

CVE-2023-52863

In the Linux kernel, the following vulnerability has been resolved: hwmon: axi-fan-control Fix possible NULL pointer dereference axifancontrolirqhandler, dependent on the private axifancontroldata structure, might be called before the hwmon device is registered. That will cause an "Unable to hand...

UBUNTU-CVE-2021-47258

In the Linux kernel, the following vulnerability has been resolved: scsi: core: Fix error handling of scsihostalloc After device is initialized via deviceinitialize, or its name is set via devsetname, the device has to be freed via putdevice. Otherwise device name will be leaked because it is...

SUSE CVE-2024-35904

In the Linux kernel, the following vulnerability has been resolved: selinux: avoid dereference of garbage after mount failure In case kernmount fails and returns an error pointer return in the error branch instead of continuing and dereferencing the error pointer. While on it drop the never read...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that stems from an event log cache that triggers a kernel error...

CVE-2024-26703 tracing/timerlat: Move hrtimer_init to timerlat_fd open()

In the Linux kernel, the following vulnerability has been resolved: tracing/timerlat: Move hrtimerinit to timerlatfd open Currently, the timerlat's hrtimer is initialized at the first read of timerlatfd, and destroyed at close. It works, but it causes an error if the user program open and close t...

CVE-2021-47094

In the Linux kernel, the following vulnerability has been resolved: KVM: x86/mmu: Don't advance iterator after restart due to yielding After dropping mmulock in the TDP MMU, restart the iterator during tdpiternext and do not advance the iterator. Advancing the iterator results in skipping the...

CVE-2023-52459

In the Linux kernel, the following vulnerability has been resolved: media: v4l: async: Fix duplicated list deletion The list deletion call dropped here is already called from the helper function in the line before. Having a second listdel call results in either a warning with CONFIGDEBUGLIST=y:...

CVE-2023-52459

CVE-2023-52459 concerns the Linux kernel, specifically the media: v4l: async path. The vulnerability is caused by a duplicated list deletion: a second list_del() is performed after the list item was already removed, which can lead to list_del corruption (LIST_POISON) when CONFIG_DEBUG_LIST is ena...

CVE-2023-52459 media: v4l: async: Fix duplicated list deletion

In the Linux kernel, the following vulnerability has been resolved: media: v4l: async: Fix duplicated list deletion The list deletion call dropped here is already called from the helper function in the line before. Having a second listdel call results in either a warning with CONFIGDEBUGLIST=y:...

CVE-2023-52459 media: v4l: async: Fix duplicated list deletion

In the Linux kernel, the following vulnerability has been resolved: media: v4l: async: Fix duplicated list deletion The list deletion call dropped here is already called from the helper function in the line before. Having a second listdel call results in either a warning with CONFIGDEBUGLIST=y:...

DEBIAN-CVE-2023-52446

In the Linux kernel, the following vulnerability has been resolved: bpf: Fix a race condition between btfput and mapfree When running ./testprogs -j in my local vm with latest kernel, I once hit a kasan error like below: 1887.184724 BUG: KASAN: slab-use-after-free in bpfrbrootfree+0x1f8/0x2b0...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. The Linux kernel suffers from an out-of-bounds write vulnerability that can be exploited by an attacker to cause a kernel error...

GSD-2022-1007655 RDMA/rxe: Fix "kernel NULL pointer dereference" error

RDMA/rxe: Fix "kernel NULL pointer dereference" error This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v4.9.331 by commit...

FreeBSD 安全漏洞

FreeBSD is a set of Unix-like operating systems from the FreeBSD Foundation. A security vulnerability exists in FreeBSD versions 11.0 through 13.0, which stems from an aioaqueue kernel reference count error that can lead to local elevation of privilege...

Design/Logic Flaw

Butter is a system usability utility. Due to a kernel error the JPNS kernel is being discontinued. Affected users are recommend to update to the Trinity kernel. There are no workarounds...

Butter 输入验证错误漏洞

Butter is a small playground program. Butter has an input validation error vulnerability that stems from a kernel error...

Zephyr 代码问题漏洞

Zephyr is an open source, small, scalable real-time operating system from the Linux Foundation. Zephyr suffers from a security vulnerability that stems from error handling in the Bluetooth HCI kernel. No detailed vulnerability details are provided at this time...