Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from octeontx2-pf's misuse of GFPKERNEL in an atomic context...

SUSE CVE-2024-58070

In the Linux kernel, the following vulnerability has been resolved: bpf: bpflocalstorage: Always use bpfmemalloc in PREEMPTRT In PREEMPTRT, kmallocGFPATOMIC is still not safe in non preemptible context. bpfmemalloc must be used in PREEMPTRT. This patch is to enforce bpfmemalloc in the...

Linux Distros Unpatched Vulnerability : CVE-2025-21709

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - kernel: be more careful about dupmmap failures and uprobe registering If a memory allocation fails during dupmmap, the maple tree can be left in an unsafe state...

Linux Distros Unpatched Vulnerability : CVE-2024-40923

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: vmxnet3: disable rx data ring on dma allocation failure When vmxnet3rqcreate fails to alloca...

Linux Distros Unpatched Vulnerability : CVE-2021-47376

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - bpf: Add oversize check before call kvcalloc Commit 7661809d493b mm: don't allow oversized kvmalloc calls add the oversize check. When the allocation is larger...

Linux Distros Unpatched Vulnerability : CVE-2023-23005

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel before 6.2, mm/memory-tiers.c misinterprets the allocmemorytype return value expects it to be NULL in the error case, whereas it is actually...

CVE-2024-56730 net/9p/usbg: fix handling of the failed kzalloc() memory allocation

In the Linux kernel, the following vulnerability has been resolved: net/9p/usbg: fix handling of the failed kzalloc memory allocation On the linux-next, next-20241108 vanilla kernel, the coccinelle tool gave the following error report: ./net/9p/transusbg.c:912:5-11: ERROR: allocation function on...

DEBIAN-CVE-2024-56701

In the Linux kernel, the following vulnerability has been resolved: powerpc/pseries: Fix dtlaccesslock to be a rwsemaphore The dtlaccesslock needs to be a rwsempahore, a sleeping lock, because the code calls kmalloc while holding it, which can sleep: echo 1 /proc/powerpc/vcpudispatchstats BUG:...

SUSE CVE-2024-56544

In the Linux kernel, the following vulnerability has been resolved: udmabuf: change folios array from kmalloc to kvmalloc When PAGESIZE 4096, MAXPAGEORDER 10, 64bit machine, pagealloc only support 4MB. If above this, trigger this warn and return NULL. udmabuf can change size limit, if change it t...

PT-2024-25081 · Qualcomm · Qualcomm Snapdragon Auto To Xr2 5G Platform

Name of the Vulnerable Software and Affected Versions: Qualcomm Snapdragon Auto to XR2 5G Platform affected versions not specified Description: The issue involves memory corruption when analyzing sensor packets in the camera driver. A user-space variable is used while allocating memory in the...

DEBIAN-CVE-2024-50087

In the Linux kernel, the following vulnerability has been resolved: btrfs: fix uninitialized pointer free on readalloconename error The function readalloconename does not initialize the name field of the passed fscryptstr struct if kmalloc fails to allocate the corresponding buffer. Thus, it is n...

OESA-2024-1995 kernel security update

The Linux Kernel, the operating system core itself. Security Fixes: In the Linux kernel, the following vulnerability has been resolved: USB: core: Make doproccontrol and doprocbulk killable The USBDEVFSCONTROL and USBDEVFSBULK ioctls invoke usbstartwaiturb, which contains an uninterruptible wait...

clk: zynq: Prevent null pointer dereference caused by kmalloc failure

...

SUSE CVE-2024-26943

In the Linux kernel, the following vulnerability has been resolved: nouveau/dmem: handle kcalloc allocation failure The kcalloc in nouveaudmemevictchunk will return null if the physical memory has run out. As a result, if we dereference srcpfns, dstpfns or dmaaddrs, the null pointer dereference...

kernel: do_sys_name_to_handle(): use kzalloc() to fix kernel-infoleak

In the Linux kernel, the following vulnerability has been resolved: dosysnametohandle: use kzalloc to fix kernel-infoleak syzbot identified a kernel information leak vulnerability in dosysnametohandle and issued the following report 1. 1 "BUG: KMSAN: kernel-infoleak in instrumentcopytouser...

kernel: ACPI: processor: Check for null return of devm_kzalloc() in fch_misc_setup()

In the Linux kernel, the following vulnerability has been resolved: ACPI: processor: Check for null return of devmkzalloc in fchmiscsetup devmkzalloc may fail, clkdata-name might be NULL and will cause a NULL pointer dereference later. rjw: Subject and changelog edits...

DEBIAN-CVE-2022-48640

In the Linux kernel, the following vulnerability has been resolved: bonding: fix NULL deref in bondrrgenslaveid Fix a NULL dereference of the struct bonding.rrtxcounter member because if a bond is initially created with an initial mode != zero Round Robin the memory required for the counter is...

SUSE CVE-2021-47096

In the Linux kernel, the following vulnerability has been resolved: ALSA: rawmidi - fix the uninitalized userpversion The userpversion was uninitialized for the user space file structure in the open function, because the file private structure use kmalloc for the allocation. The kernel ALSA...

DEBIAN-CVE-2023-52559

In the Linux kernel, the following vulnerability has been resolved: iommu/vt-d: Avoid memory allocation in iommususpend The iommususpend syscore suspend callback is invoked with IRQ disabled. Allocating memory with the GFPKERNEL flag may re-enable IRQs during the suspend callback, which can cause...

Linux kernel security vulnerabilities

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from the fact that allocating memory using the GFPKERNEL flag may re-enable IRQ during a hang callback...