699 matches found
UBUNTU-CVE-2024-47715
In the Linux kernel, the following vulnerability has been resolved: wifi: mt76: mt7915: fix oops on non-dbdc mt7986 mt7915bandconfig sets bandidx = 1 on the main phy for mt7986 with MT7975ONEADIE or MT7976ONEADIE. Commit 0335c034e726 "wifi: mt76: fix race condition related to checking tx queue fi...
kernel: dmaengine: idxd: Fix oops during rmmod on single-CPU platforms
This is a vulnerability in the Linux kernel's Data Movement Accelerator DMA engine, specifically affecting the Intel Data Streaming Accelerator IDXD driver. The issue arises during the removal rmmod of the idxd driver on systems with only one active CPU. In such scenarios, the driver's cleanup...
SUSE CVE-2024-46824
In the Linux kernel, the following vulnerability has been resolved: iommufd: Require drivers to supply the cacheinvalidateuser ops If drivers don't do this then iommufd will oops invalidation ioctls with something like: Unable to handle kernel NULL pointer dereference at virtual address...
UBUNTU-CVE-2024-46824
In the Linux kernel, the following vulnerability has been resolved: iommufd: Require drivers to supply the cacheinvalidateuser ops If drivers don't do this then iommufd will oops invalidation ioctls with something like: Unable to handle kernel NULL pointer dereference at virtual address...
kernel: SUNRPC: lock against ->sock changing during sysfs read
A vulnerability was found in the Linux kernel's SUNRPC component, where a race condition exists during sysfs read operations due to improper handling of the -sock pointer. If the mutex -recvmutex is not held, -sock may change asynchronously, leading to a potential kernel oops. This vulnerability...
SUSE CVE-2024-46788
In the Linux kernel, the following vulnerability has been resolved: tracing/osnoise: Use a cpumask to know what threads are kthreads The startkthread and stopthread code was not always called with the interfacelock held. This means that the kthread variable could be unexpectedly changed causing t...
CVE-2024-46787
In the Linux kernel, the following vulnerability has been resolved: userfaultfd: fix checks for huge PMDs Patch series "userfaultfd: fix races around pmdtranshuge check", v2. The pmdtranshuge code in mfillatomic is wrong in three different ways depending on kernel version: 1. The pmdtranshuge...
CVE-2024-46762
In the Linux kernel, the following vulnerability has been resolved: xen: privcmd: Fix possible access to a freed kirqfd instance Nothing prevents simultaneous ioctl calls to privcmdirqfdassign and privcmdirqfddeassign. If that happens, it is possible that a kirqfd created and added to the...
DEBIAN-CVE-2024-46762
In the Linux kernel, the following vulnerability has been resolved: xen: privcmd: Fix possible access to a freed kirqfd instance Nothing prevents simultaneous ioctl calls to privcmdirqfdassign and privcmdirqfddeassign. If that happens, it is possible that a kirqfd created and added to the...
CVE-2024-46770
In the Linux kernel, the following vulnerability has been resolved: ice: Add netifdeviceattach/detach into PF reset flow Ethtool callbacks can be executed while reset is in progress and try to access deleted resources, e.g. getting coalesce settings can result in a NULL pointer dereference seen...
UBUNTU-CVE-2024-46788
In the Linux kernel, the following vulnerability has been resolved: tracing/osnoise: Use a cpumask to know what threads are kthreads The startkthread and stopthread code was not always called with the interfacelock held. This means that the kthread variable could be unexpectedly changed causing t...
AZL-55228 CVE-2024-46715 affecting package kernel 5.15.200.1-1
In the Linux kernel, the following vulnerability has been resolved: driver: iio: add missing checks on iioinfo's callback access Some callbacks from iioinfo structure are accessed without any check, so if a driver doesn't implement them trying to access the corresponding sysfs entries produce a...
CVE-2024-46715
In the Linux kernel, the following vulnerability has been resolved: driver: iio: add missing checks on iioinfo's callback access Some callbacks from iioinfo structure are accessed without any check, so if a driver doesn't implement them trying to access the corresponding sysfs entries produce a...
UBUNTU-CVE-2024-46715
In the Linux kernel, the following vulnerability has been resolved: driver: iio: add missing checks on iioinfo's callback access Some callbacks from iioinfo structure are accessed without any check, so if a driver doesn't implement them trying to access the corresponding sysfs entries produce a...
CVE-2024-46762 xen: privcmd: Fix possible access to a freed kirqfd instance
In the Linux kernel, the following vulnerability has been resolved: xen: privcmd: Fix possible access to a freed kirqfd instance Nothing prevents simultaneous ioctl calls to privcmdirqfdassign and privcmdirqfddeassign. If that happens, it is possible that a kirqfd created and added to the...
CVE-2024-46715 driver: iio: add missing checks on iio_info's callback access
In the Linux kernel, the following vulnerability has been resolved: driver: iio: add missing checks on iioinfo's callback access Some callbacks from iioinfo structure are accessed without any check, so if a driver doesn't implement them trying to access the corresponding sysfs entries produce a...
UBUNTU-CVE-2024-46682
In the Linux kernel, the following vulnerability has been resolved: nfsd: prevent panic for nfsv4.0 closed files in nfs4showopen Prior to commit 3f29cc82a84c "nfsd: split scstatus out of sctype" statesshow relied on sctype field to be of valid type before calling into a subfunction to show conten...
CVE-2024-44936 power: supply: rt5033: Bring back i2c_set_clientdata
In the Linux kernel, the following vulnerability has been resolved: power: supply: rt5033: Bring back i2csetclientdata Commit 3a93da231c12 "power: supply: rt5033: Use devmpowersupplyregister helper" reworked the driver to use devm. While at it, the i2csetclientdata was dropped along with the remo...
CVE-2024-44936 power: supply: rt5033: Bring back i2c_set_clientdata
In the Linux kernel, the following vulnerability has been resolved: power: supply: rt5033: Bring back i2csetclientdata Commit 3a93da231c12 "power: supply: rt5033: Use devmpowersupplyregister helper" reworked the driver to use devm. While at it, the i2csetclientdata was dropped along with the remo...
CVE-2024-43899 drm/amd/display: Fix null pointer deref in dcn20_resource.c
In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Fix null pointer deref in dcn20resource.c Fixes a hang thats triggered when MPV is run on a DCN401 dGPU: mpv --hwdec=vaapi --vo=gpu --hwdec-codecs=all and then enabling fullscreen playback double click on the vid...