DEBIAN-CVE-2024-50045

In the Linux kernel, the following vulnerability has been resolved: netfilter: brnetfilter: fix panic with metadatadst skb Fix a kernel panic in the brnetfilter module when sending untagged traffic via a VxLAN device. This happens during the check for fragmentation in brnfdevqueuexmit. It is...

DEBIAN-CVE-2024-50040

In the Linux kernel, the following vulnerability has been resolved: igb: Do not bring the device up after non-fatal error Commit 004d25060c78 "igb: Fix igbdown hung on surprise removal" changed igbioerrordetected to ignore non-fatal pcie errors in order to avoid hung task that can happen when...

AZL-51252 CVE-2024-50045 affecting package kernel for versions less than 6.6.57.1-1

In the Linux kernel, the following vulnerability has been resolved: netfilter: brnetfilter: fix panic with metadatadst skb Fix a kernel panic in the brnetfilter module when sending untagged traffic via a VxLAN device. This happens during the check for fragmentation in brnfdevqueuexmit. It is...

CVE-2024-50048

In the Linux kernel, the following vulnerability has been resolved: fbcon: Fix a NULL pointer dereference issue in fbconputcs syzbot has found a NULL pointer dereference bug in fbcon. Here is the simplified C reproducer: struct param uint8t type; struct tioclselection ts; ; int main struct...

CVE-2024-50045

In the Linux kernel, the following vulnerability has been resolved: netfilter: brnetfilter: fix panic with metadatadst skb Fix a kernel panic in the brnetfilter module when sending untagged traffic via a VxLAN device. This happens during the check for fragmentation in brnfdevqueuexmit. It is...

CVE-2024-50031

In the Linux kernel, the following vulnerability has been resolved: drm/v3d: Stop the active perfmon before being destroyed When running kmscube with one or more performance monitors enabled via GALLIUMHUD, the following kernel panic can occur: 55.008324 Unable to handle kernel paging request at...

AZL-51533 CVE-2024-50023 affecting package kernel for versions less than 6.6.57.1-1

In the Linux kernel, the following vulnerability has been resolved: net: phy: Remove LED entry from LEDs list on unregister Commit c938ab4da0eb "net: phy: Manual remove LEDs to ensure correct ordering" correctly fixed a problem with using devm but missed removing the LED entry from the LEDs list...

CVE-2024-50023

In the Linux kernel, the following vulnerability has been resolved: net: phy: Remove LED entry from LEDs list on unregister Commit c938ab4da0eb "net: phy: Manual remove LEDs to ensure correct ordering" correctly fixed a problem with using devm but missed removing the LED entry from the LEDs list...

DEBIAN-CVE-2022-49004

In the Linux kernel, the following vulnerability has been resolved: riscv: Sync efi page table's kernel mappings before switching The EFI page table is initially created as a copy of the kernel page table. With VMAPSTACK enabled, kernel stacks are allocated in the vmalloc area: if the stack is...

CVE-2022-48994

In the Linux kernel, the following vulnerability has been resolved: ALSA: seq: Fix function prototype mismatch in sndseqexpandvarevent With clang's kernel control flow integrity kCFI, CONFIGCFICLANG, indirect call targets are validated against the expected function pointer prototype to make sure...

DEBIAN-CVE-2022-48983

In the Linux kernel, the following vulnerability has been resolved: iouring: Fix a null-ptr-deref in iotctxexitcb Syzkaller reports a NULL deref bug as follows: BUG: KASAN: null-ptr-deref in iotctxexitcb+0x53/0xd3 Read of size 4 at addr 0000000000000138 by task file1/1955 CPU: 1 PID: 1955 Comm:...

DEBIAN-CVE-2022-48986

In the Linux kernel, the following vulnerability has been resolved: mm/gup: fix guppudrange for dax For dax pud, pudhuge returns true on x86. So the function works as long as hugetlb is configured. However, dax doesn't depend on hugetlb. Commit 414fd080d125 "mm/gup: fix guppmdrange for dax" fixed...

CVE-2022-48982

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: Fix crash when replugging CSR fake controllers It seems fake CSR 5.0 clones can cause the suspend notifier to be registered twice causing the following kernel panic: 71.986122 Call Trace: 71.986124 71.986125...

CVE-2022-48986

In the Linux kernel, the following vulnerability has been resolved: mm/gup: fix guppudrange for dax For dax pud, pudhuge returns true on x86. So the function works as long as hugetlb is configured. However, dax doesn't depend on hugetlb. Commit 414fd080d125 "mm/gup: fix guppmdrange for dax" fixed...

CVE-2022-48983

In the Linux kernel, the following vulnerability has been resolved: iouring: Fix a null-ptr-deref in iotctxexitcb Syzkaller reports a NULL deref bug as follows: BUG: KASAN: null-ptr-deref in iotctxexitcb+0x53/0xd3 Read of size 4 at addr 0000000000000138 by task file1/1955 CPU: 1 PID: 1955 Comm:...

UBUNTU-CVE-2022-49004

In the Linux kernel, the following vulnerability has been resolved: riscv: Sync efi page table's kernel mappings before switching The EFI page table is initially created as a copy of the kernel page table. With VMAPSTACK enabled, kernel stacks are allocated in the vmalloc area: if the stack is...

UBUNTU-CVE-2022-48983

In the Linux kernel, the following vulnerability has been resolved: iouring: Fix a null-ptr-deref in iotctxexitcb Syzkaller reports a NULL deref bug as follows: BUG: KASAN: null-ptr-deref in iotctxexitcb+0x53/0xd3 Read of size 4 at addr 0000000000000138 by task file1/1955 CPU: 1 PID: 1955 Comm:...

UBUNTU-CVE-2022-48986

In the Linux kernel, the following vulnerability has been resolved: mm/gup: fix guppudrange for dax For dax pud, pudhuge returns true on x86. So the function works as long as hugetlb is configured. However, dax doesn't depend on hugetlb. Commit 414fd080d125 "mm/gup: fix guppmdrange for dax" fixed...

UBUNTU-CVE-2022-48982

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: Fix crash when replugging CSR fake controllers It seems fake CSR 5.0 clones can cause the suspend notifier to be registered twice causing the following kernel panic: 71.986122 Call Trace: 71.986124 71.986125...

UBUNTU-CVE-2024-50034

In the Linux kernel, the following vulnerability has been resolved: net/smc: fix lacks of icsksynmss with IPPROTOSMC Eric report a panic on IPPROTOSMC, and give the facts that when INETPROTOSWICSK was set, icsk-icsksyncmss must be set too. Bug: Unable to handle kernel NULL pointer dereference at...