3275 matches found
SUSE CVE-2024-26681
In the Linux kernel, the following vulnerability has been resolved: netdevsim: avoid potential loop in nsimdevtrapreportwork Many syzbot reports include the following trace 1 If nsimdevtrapreportwork can not grab the mutex, it should rearm itself at least one jiffie later. 1 Sending NMI from CPU ...
SUSE CVE-2024-26672
In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Fix variable 'mcafuncs' dereferenced before NULL check in 'amdgpumcasmugetmcaentry' Fixes the below: drivers/gpu/drm/amd/amdgpu/amdgpumca.c:377 amdgpumcasmugetmcaentry warn: variable dereferenced before check 'mcafunc...
UBUNTU-CVE-2024-26812
In the Linux kernel, the following vulnerability has been resolved: vfio/pci: Create persistent INTx handler A vulnerability exists where the eventfd for INTx signaling can be deconfigured, which unregisters the IRQ handler but still allows eventfds to be signaled with a NULL context through the...
UBUNTU-CVE-2024-26798
In the Linux kernel, the following vulnerability has been resolved: fbcon: always restore the old font data in fbcondosetfont Commit a5a923038d70 fbdev: fbcon: Properly revert changes when vcresize failed started restoring old font data upon failure of vcresize. But it performs so only for user...
DEBIAN-CVE-2024-26761
In the Linux kernel, the following vulnerability has been resolved: cxl/pci: Fix disabling memory if DVSEC CXL Range does not match a CFMWS window The Linux CXL subsystem is built on the assumption that HPA == SPA. That is, the host physical address HPA the HDM decoder registers are programmed wi...
UBUNTU-CVE-2024-26753
In the Linux kernel, the following vulnerability has been resolved: crypto: virtio/akcipher - Fix stack overflow on memcpy sizeofstruct virtiocryptoakciphersessionpara is less than sizeofstruct virtiocryptoopctrlreq::u, copying more bytes from stack variable leads stack overflow. Clang reports th...
UBUNTU-CVE-2024-26748
In the Linux kernel, the following vulnerability has been resolved: usb: cdns3: fix memory double free when handle zero packet 829 if request-complete 830 spinunlock&privdev-lock; 831 usbgadgetgivebackrequest&privep-endpoint, 832 request; 833 spinlock&privdev-lock; 834 835 836 if request-buf ==...
UBUNTU-CVE-2024-26742
In the Linux kernel, the following vulnerability has been resolved: scsi: smartpqi: Fix disablemanagedinterrupts Correct blk-mq registration issue with module parameter disablemanagedinterrupts enabled. When we turn off the default PCIIRQAFFINITY flag, the driver needs to register with blk-mq usi...
DEBIAN-CVE-2024-26690
In the Linux kernel, the following vulnerability has been resolved: net: stmmac: protect updates of 64-bit statistics counters As explained by a comment in , write side of struct u64statssync must ensure mutual exclusion, or one seqcount update could be lost on 32-bit platforms, thus blocking...
DEBIAN-CVE-2024-26676
In the Linux kernel, the following vulnerability has been resolved: afunix: Call kfreeskb for dead unixsk-oobskb in GC. syzbot reported a warning 0 in unixgc with a repro, which creates a socketpair and sends one socket's fd to itself using the peer. socketpairAFUNIX, SOCKSTREAM, 0, 3, 4 = 0...
DEBIAN-CVE-2024-26672
In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Fix variable 'mcafuncs' dereferenced before NULL check in 'amdgpumcasmugetmcaentry' Fixes the below: drivers/gpu/drm/amd/amdgpu/amdgpumca.c:377 amdgpumcasmugetmcaentry warn: variable dereferenced before check 'mcafunc...
UBUNTU-CVE-2023-52622
In the Linux kernel, the following vulnerability has been resolved: ext4: avoid online resizing failures due to oversized flex bg When we online resize an ext4 filesystem with a oversized flexbgsize, mkfs.ext4 -F -G 67108864 $dev -b 4096 100M mount $dev $dir resize2fs $dev 16G the following WARNO...
UBUNTU-CVE-2021-47168
In the Linux kernel, the following vulnerability has been resolved: NFS: fix an incorrect limit in filelayoutdecodelayout The "sizeofstruct nfsfh" is two bytes too large and could lead to memory corruption. It should be NFSMAXFHSIZE because that's the size of the -data buffer. I reversed the size...
SUSE CVE-2021-47126
In the Linux kernel, the following vulnerability has been resolved: ipv6: Fix KASAN: slab-out-of-bounds Read in fib6nhflushexceptions Reported by syzbot: HEAD commit: 90c911ad Merge tag 'fixes' of git://git.kernel.org/pub/scm.. git tree:...
SUSE CVE-2024-26632
In the Linux kernel, the following vulnerability has been resolved: block: Fix iterating over an empty bio with bioforeachfolioall If the bio contains no data, biofirstfolio calls pagefolio on a NULL pointer and oopses. Move the test that we've reached the end of the bio from bionextfolio to...
DEBIAN-CVE-2024-26631
In the Linux kernel, the following vulnerability has been resolved: ipv6: mcast: fix data-race in ipv6mcdown / mldifcwork idev-mcifccount can be written over without proper locking. Originally found by syzbot 1, fix this issue by encapsulating calls to mldifcstopwork and mldgqstopwork for good...
UBUNTU-CVE-2023-52613
In the Linux kernel, the following vulnerability has been resolved: drivers/thermal/loongson2thermal: Fix incorrect PTRERR judgment PTRERR returns -ENODEV when thermal-zones are undefined, and we need -ENODEV as the right value for comparison. Otherwise, tz-type is NULL when thermal-zones is...
PT-2024-3374 · Linux +2 · Linux Kernel +2
Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 6.7.0 Description: The issue is related to a use-after-free problem in the f2fs filemap fault function. This occurs because vmf-vma may not be alive after filemap fault, potentially causing a use-after-free issu...
SUSE CVE-2021-47072
In the Linux kernel, the following vulnerability has been resolved: btrfs: fix removed dentries still existing after log is synced When we move one inode from one directory to another and both the inode and its previous parent directory were logged before, we are not supposed to have the dentry f...
DEBIAN-CVE-2021-47096
In the Linux kernel, the following vulnerability has been resolved: ALSA: rawmidi - fix the uninitalized userpversion The userpversion was uninitialized for the user space file structure in the open function, because the file private structure use kmalloc for the allocation. The kernel ALSA...