4830 matches found
UBUNTU-CVE-2022-49096
In the Linux kernel, the following vulnerability has been resolved: net: sfc: add missing xdp queue reinitialization After rx/tx ring buffer size is changed, kernel panic occurs when it acts XDPTX or XDPREDIRECT. When tx/rx ring buffer size is changedethtool -G, sfc driver reallocates and...
UBUNTU-CVE-2022-49084
In the Linux kernel, the following vulnerability has been resolved: qede: confirm skb is allocated before using qedebuildskb assumes buildskb always works and goes straight to skbreserve. However, buildskb can fail under memory pressure. This results in a kernel panic because the skb to reserve i...
CVE-2021-47647
In the Linux kernel, the following vulnerability has been resolved: clk: qcom: ipq8074: fix PCI-E clock oops Fix PCI-E clock related kernel oops that are caused by a missing clock parent. pcie0rchngclksrc has numparents set to 2 but only one parent is actually set via parenthws, it should also ha...
CVE-2021-47647
In the Linux kernel, the following vulnerability has been resolved: clk: qcom: ipq8074: fix PCI-E clock oops Fix PCI-E clock related kernel oops that are caused by a missing clock parent. pcie0rchngclksrc has numparents set to 2 but only one parent is actually set via parenthws, it should also ha...
CVE-2022-49726 clocksource: hyper-v: unexport __init-annotated hv_init_clocksource()
In the Linux kernel, the following vulnerability has been resolved: clocksource: hyper-v: unexport init-annotated hvinitclocksource EXPORTSYMBOL and init is a bad combination because the .init.text section is freed up after the initialization. Hence, modules cannot use symbols annotated init. The...
CVE-2022-49726
CVE-2022-49726 concerns the Linux kernel clocksource for Hyper-V. The issue arises from exporting an __init-annotated hv_init_clocksource() symbol, while the __init code may be freed after initialization, making the symbol potentially invalid for modules. The vulnerability can lead to a kernel pa...
CVE-2022-49726
In the Linux kernel, the following vulnerability has been resolved: clocksource: hyper-v: unexport init-annotated hvinitclocksource EXPORTSYMBOL and init is a bad combination because the .init.text section is freed up after the initialization. Hence, modules cannot use symbols annotated init. The...
CVE-2022-49726 clocksource: hyper-v: unexport __init-annotated hv_init_clocksource()
In the Linux kernel, the following vulnerability has been resolved: clocksource: hyper-v: unexport init-annotated hvinitclocksource EXPORTSYMBOL and init is a bad combination because the .init.text section is freed up after the initialization. Hence, modules cannot use symbols annotated init. The...
CVE-2022-49721
CVE-2022-49721 affects the Linux kernel (arm64) ftrace. The root cause is inconsistent handling of PLT entries when calling ftrace trampolines: ftrace_modify_call() can produce out-of-range branches, causing warnings and no code change, or replace the old branch with a BRK, risking a kernel panic...
CVE-2022-49721 arm64: ftrace: consistently handle PLTs.
In the Linux kernel, the following vulnerability has been resolved: arm64: ftrace: consistently handle PLTs. Sometimes it is necessary to use a PLT entry to call an ftrace trampoline. This is handled by ftracemakecall and ftracemakenop, with each having almost identical logic, but this is not...
CVE-2022-49721
In the Linux kernel, the following vulnerability has been resolved: arm64: ftrace: consistently handle PLTs. Sometimes it is necessary to use a PLT entry to call an ftrace trampoline. This is handled by ftracemakecall and ftracemakenop, with each having almost identical logic, but this is not...
CVE-2022-49721 arm64: ftrace: consistently handle PLTs.
In the Linux kernel, the following vulnerability has been resolved: arm64: ftrace: consistently handle PLTs. Sometimes it is necessary to use a PLT entry to call an ftrace trampoline. This is handled by ftracemakecall and ftracemakenop, with each having almost identical logic, but this is not...
CVE-2022-49675 tick/nohz: unexport __init-annotated tick_nohz_full_setup()
In the Linux kernel, the following vulnerability has been resolved: tick/nohz: unexport init-annotated ticknohzfullsetup EXPORTSYMBOL and init is a bad combination because the .init.text section is freed up after the initialization. Hence, modules cannot use symbols annotated init. The access to ...
CVE-2022-49675
Summary (CVE-2022-49675): In the Linux kernel, the function tick_nohz_full_setup() is exported while annotated with init , which risks a use-after-free of the init text and kernel panic. The issue was detected after a section-mismatch warning from modpost and fixed by the commit 28438794aba4 (“mo...
CVE-2022-49675
In the Linux kernel, the following vulnerability has been resolved: tick/nohz: unexport init-annotated ticknohzfullsetup EXPORTSYMBOL and init is a bad combination because the .init.text section is freed up after the initialization. Hence, modules cannot use symbols annotated init. The access to ...
CVE-2022-49675 tick/nohz: unexport __init-annotated tick_nohz_full_setup()
In the Linux kernel, the following vulnerability has been resolved: tick/nohz: unexport init-annotated ticknohzfullsetup EXPORTSYMBOL and init is a bad combination because the .init.text section is freed up after the initialization. Hence, modules cannot use symbols annotated init. The access to ...
CVE-2022-49625 sfc: fix kernel panic when creating VF
In the Linux kernel, the following vulnerability has been resolved: sfc: fix kernel panic when creating VF When creating VFs a kernel panic can happen when calling to efxef10tryupdatenicstatsvf. When releasing a DMA coherent buffer, sometimes, I don't know in what specific circumstances, it has t...
CVE-2022-49625
CVE-2022-49625: In the Linux kernel, the sfc driver could trigger a kernel panic when creating VFs due to a faulty buffer release path in vunmap in IRQ context. The issue stems from an IRQ/BH context restriction during DMA buffer release, with a patch that re-enables BH to safely release the buff...
CVE-2022-49625
In the Linux kernel, the following vulnerability has been resolved: sfc: fix kernel panic when creating VF When creating VFs a kernel panic can happen when calling to efxef10tryupdatenicstatsvf. When releasing a DMA coherent buffer, sometimes, I don't know in what specific circumstances, it has t...
CVE-2022-49625 sfc: fix kernel panic when creating VF
In the Linux kernel, the following vulnerability has been resolved: sfc: fix kernel panic when creating VF When creating VFs a kernel panic can happen when calling to efxef10tryupdatenicstatsvf. When releasing a DMA coherent buffer, sometimes, I don't know in what specific circumstances, it has t...