699 matches found
SUSE CVE-2022-48922
In the Linux kernel, the following vulnerability has been resolved: riscv: fix oops caused by irqsoff latency tracer The tracehardirqson,off require the caller to setup frame pointer properly. This because these two functions use macro 'CALLERADDR1' aka. builtinreturnaddress1 to acquire caller...
CVE-2022-48887
In the Linux kernel, the following vulnerability has been resolved: drm/vmwgfx: Remove rcu locks from user resources User resource lookups used rcu to avoid two extra atomics. Unfortunately the rcu paths were buggy and it was easy to make the driver crash by submitting command buffers from two...
CVE-2022-48887 drm/vmwgfx: Remove rcu locks from user resources
In the Linux kernel, the following vulnerability has been resolved: drm/vmwgfx: Remove rcu locks from user resources User resource lookups used rcu to avoid two extra atomics. Unfortunately the rcu paths were buggy and it was easy to make the driver crash by submitting command buffers from two...
CVE-2022-48887
In the Linux kernel, the following vulnerability has been resolved: drm/vmwgfx: Remove rcu locks from user resources User resource lookups used rcu to avoid two extra atomics. Unfortunately the rcu paths were buggy and it was easy to make the driver crash by submitting command buffers from two...
CVE-2022-48887 drm/vmwgfx: Remove rcu locks from user resources
In the Linux kernel, the following vulnerability has been resolved: drm/vmwgfx: Remove rcu locks from user resources User resource lookups used rcu to avoid two extra atomics. Unfortunately the rcu paths were buggy and it was easy to make the driver crash by submitting command buffers from two...
CVE-2024-42302
In the Linux kernel, the following vulnerability has been resolved: PCI/DPC: Fix use-after-free on concurrent DPC and hot-removal Keith reports a use-after-free when a DPC event occurs concurrently to hot-removal of the same portion of the hierarchy: The dpchandler awaits readiness of the seconda...
SUSE CVE-2024-42078
In the Linux kernel, the following vulnerability has been resolved: nfsd: initialise nfsdinfo.mutex early. nfsdinfo.mutex can be dereferenced by svcpoolstatsstart immediately after the new netns is created. Currently this can trigger an oops. Move the initialisation earlier before it can possibly...
CVE-2024-41084 cxl/region: Avoid null pointer dereference in region lookup
In the Linux kernel, the following vulnerability has been resolved: cxl/region: Avoid null pointer dereference in region lookup cxldpatoregion looks up a region based on a memdev and DPA. It wrongly assumes an endpoint found mapping the DPA is also of a fully assembled region. When not true it...
DEBIAN-CVE-2022-48816
In the Linux kernel, the following vulnerability has been resolved: SUNRPC: lock against -sock changing during sysfs read -sock can be set to NULL asynchronously unless -recvmutex is held. So it is important to hold that mutex. Otherwise a sysfs read can trigger an oops. Commit 17f09d3f619a...
SUSE CVE-2024-38608
In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: Fix netif state handling mlx5esuspend cleans resources only if netifdevicepresent returns true. However, mlx5eresume changes the state of netif, via mlx5enicenable, only if regstate == NETREGREGISTERED. In the below...
CVE-2024-38633
In the Linux kernel, the following vulnerability has been resolved: serial: max3100: Update uartdriverregistered on driver removal The removal of the last MAX3100 device triggers the removal of the driver. However, code doesn't update the respective global variable and after insmod — rmmod — insm...
CVE-2024-38633 serial: max3100: Update uart_driver_registered on driver removal
In the Linux kernel, the following vulnerability has been resolved: serial: max3100: Update uartdriverregistered on driver removal The removal of the last MAX3100 device triggers the removal of the driver. However, code doesn't update the respective global variable and after insmod — rmmod — insm...
CVE-2022-48770
In the Linux kernel, the following vulnerability has been resolved: bpf: Guard against accessing NULL ptregs in bpfgettaskstack taskptregs can return NULL on powerpc for kernel threads. This is then used in bpfgetstack to check for user mode, resulting in a kernel oops. Guard against this by...
DEBIAN-CVE-2022-48770
In the Linux kernel, the following vulnerability has been resolved: bpf: Guard against accessing NULL ptregs in bpfgettaskstack taskptregs can return NULL on powerpc for kernel threads. This is then used in bpfgetstack to check for user mode, resulting in a kernel oops. Guard against this by...
CVE-2022-48770
In the Linux kernel, the following vulnerability has been resolved: bpf: Guard against accessing NULL ptregs in bpfgettaskstack taskptregs can return NULL on powerpc for kernel threads. This is then used in bpfgetstack to check for user mode, resulting in a kernel oops. Guard against this by...
CVE-2022-48770 bpf: Guard against accessing NULL pt_regs in bpf_get_task_stack()
In the Linux kernel, the following vulnerability has been resolved: bpf: Guard against accessing NULL ptregs in bpfgettaskstack taskptregs can return NULL on powerpc for kernel threads. This is then used in bpfgetstack to check for user mode, resulting in a kernel oops. Guard against this by...
CVE-2022-48770 bpf: Guard against accessing NULL pt_regs in bpf_get_task_stack()
In the Linux kernel, the following vulnerability has been resolved: bpf: Guard against accessing NULL ptregs in bpfgettaskstack taskptregs can return NULL on powerpc for kernel threads. This is then used in bpfgetstack to check for user mode, resulting in a kernel oops. Guard against this by...
CVE-2022-48770 bpf: Guard against accessing NULL pt_regs in bpf_get_task_stack()
In the Linux kernel, the following vulnerability has been resolved: bpf: Guard against accessing NULL ptregs in bpfgettaskstack taskptregs can return NULL on powerpc for kernel threads. This is then used in bpfgetstack to check for user mode, resulting in a kernel oops. Guard against this by...
CVE-2022-48750 hwmon: (nct6775) Fix crash in clear_caseopen
In the Linux kernel, the following vulnerability has been resolved: hwmon: nct6775 Fix crash in clearcaseopen Paweł Marciniak reports the following crash, observed when clearing the chassis intrusion alarm. BUG: kernel NULL pointer dereference, address: 0000000000000028 PGD 0 P4D 0 Oops: 0000 1...
CVE-2022-48746
In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: Fix handling of wrong devices during bond netevent Current implementation of bond netevent handler only check if the handled netdev is VF representor and it missing a check if the VF representor is on the same phys...