CVE-2024-47703

In the Linux kernel, the following vulnerability has been resolved: bpf, lsm: Add check for BPF LSM return value A bpf prog returning a positive number attached to fileallocsecurity hook makes kernel panic. This happens because file system can not filter out the positive number returned by the LS...

AZL-51182 CVE-2024-47703 affecting package kernel 5.15.200.1-1

In the Linux kernel, the following vulnerability has been resolved: bpf, lsm: Add check for BPF LSM return value A bpf prog returning a positive number attached to fileallocsecurity hook makes kernel panic. This happens because file system can not filter out the positive number returned by the LS...

UBUNTU-CVE-2024-47703

In the Linux kernel, the following vulnerability has been resolved: bpf, lsm: Add check for BPF LSM return value A bpf prog returning a positive number attached to fileallocsecurity hook makes kernel panic. This happens because file system can not filter out the positive number returned by the LS...

CVE-2024-47703 bpf, lsm: Add check for BPF LSM return value

In the Linux kernel, the following vulnerability has been resolved: bpf, lsm: Add check for BPF LSM return value A bpf prog returning a positive number attached to fileallocsecurity hook makes kernel panic. This happens because file system can not filter out the positive number returned by the LS...

CVE-2024-47703 bpf, lsm: Add check for BPF LSM return value

In the Linux kernel, the following vulnerability has been resolved: bpf, lsm: Add check for BPF LSM return value A bpf prog returning a positive number attached to fileallocsecurity hook makes kernel panic. This happens because file system can not filter out the positive number returned by the LS...

CVE-2024-47703

CVE-2024-47703 — Linux kernel (bpf, lsm): The vulnerability stems from a BPF LSM return value not being checked, which could cause a kernel panic when a BPF prog attached to file_alloc_security returns a positive value that is misinterpreted as a file pointer. The issue was addressed by adding a ...

CVE-2024-47694 IB/mlx5: Fix UMR pd cleanup on error flow of driver init

In the Linux kernel, the following vulnerability has been resolved: IB/mlx5: Fix UMR pd cleanup on error flow of driver init The cited commit moves the pd allocation from function mlx5rumrresourcecleanup to a new function mlx5rumrcleanup. So the fix in commit 1 is broken. In error flow, will hit...

CVE-2024-47688 driver core: Fix a potential null-ptr-deref in module_add_driver()

In the Linux kernel, the following vulnerability has been resolved: driver core: Fix a potential null-ptr-deref in moduleadddriver Inject fault while probing of-fpga-region, if kasprintf fails in moduleadddriver, the second sysfsremovelink in exit path will cause null-ptr-deref as below because...

PT-2024-33768

Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 6.6.58 Description: A vulnerability in the Linux kernel has been resolved, which previously caused the kernel to panic when interrupt allocation failed under certain conditions during runtime. The issue was...

PT-2024-33780

Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 6.6.58 Description: A vulnerability in the Linux kernel has been resolved, related to the wifi driver rtw89. The issue occurs when SER L2 happens during the WoWLAN resume flow, causing the add interface flow to ...

PT-2024-33888

Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 6.6.58 Description: A NULL pointer dereference issue in the Linux kernel's fbcon putcs function has been resolved. The issue was discovered by syzbot and can be triggered by calling ioctlfd1, TIOCLINUX, &param...

PT-2025-8841

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A vulnerability in the Linux kernel has been identified, specifically in the nvkm/gsp component. The issue arises from the incorrect advancement of the read pointer of the GSP message...

PT-2025-2775

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: There is a potential infinite loop issue that can occur when using a combination of tail calls and freplace in the Linux kernel. This issue arises because the tail call cnt in entry...

CentOS 9 : kernel-5.14.0-516.el9

The remote CentOS Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the kernel-5.14.0-516.el9 build changelog. - In the Linux kernel, the following vulnerability has been resolved: r8169: Fix possible ring buffer corruption on fragmented Tx packets...

Exploit for Use After Free in Apple Macos

EN GenEtherExploit is a Proof-of-Concept PoC exploit for t...

CVE-2024-46843

In the Linux kernel, the following vulnerability has been resolved: scsi: ufs: core: Remove SCSI host only if added If host tries to remove ufshcd driver from a UFS device it would cause a kernel panic if ufshcdasyncscan fails during ufshcdprobehba before adding a SCSI host with scsiaddhost and M...

DEBIAN-CVE-2024-46823

In the Linux kernel, the following vulnerability has been resolved: kunit/overflow: Fix UB in overflowallocationtest The 'devicename' array doesn't exist out of the 'overflowallocationtest' function scope. However, it is being used as a driver name when calling 'kunitdrivercreate' from...

UBUNTU-CVE-2024-46843

In the Linux kernel, the following vulnerability has been resolved: scsi: ufs: core: Remove SCSI host only if added If host tries to remove ufshcd driver from a UFS device it would cause a kernel panic if ufshcdasyncscan fails during ufshcdprobehba before adding a SCSI host with scsiaddhost and M...

CVE-2024-46843 scsi: ufs: core: Remove SCSI host only if added

In the Linux kernel, the following vulnerability has been resolved: scsi: ufs: core: Remove SCSI host only if added If host tries to remove ufshcd driver from a UFS device it would cause a kernel panic if ufshcdasyncscan fails during ufshcdprobehba before adding a SCSI host with scsiaddhost and M...

CVE-2024-46843 scsi: ufs: core: Remove SCSI host only if added

In the Linux kernel, the following vulnerability has been resolved: scsi: ufs: core: Remove SCSI host only if added If host tries to remove ufshcd driver from a UFS device it would cause a kernel panic if ufshcdasyncscan fails during ufshcdprobehba before adding a SCSI host with scsiaddhost and M...