CVE-2024-46843

CVE-2024-46843 concerns the Linux kernel SCSI/UFS path. The issue arises when removing the ufshcd driver from a UFS device, potentially causing a kernel panic if ufshcd_async_scan fails during ufshcd_probe_hba before a SCSI host is added. The fix is to guarantee the SCSI host is removed only if i...

CVE-2024-46823 kunit/overflow: Fix UB in overflow_allocation_test

In the Linux kernel, the following vulnerability has been resolved: kunit/overflow: Fix UB in overflowallocationtest The 'devicename' array doesn't exist out of the 'overflowallocationtest' function scope. However, it is being used as a driver name when calling 'kunitdrivercreate' from...

CVE-2024-46823

CVE-2024-46823 is a Linux kernel issue resolved by removing a locally scoped device_name array used as a driver name in kunit_device_register, which caused a KASAN-enabled kernel panic. The fix passes the device name directly into kunit_device_register as an ASCII string, addressing an out-of-sco...

CVE-2024-46823 kunit/overflow: Fix UB in overflow_allocation_test

In the Linux kernel, the following vulnerability has been resolved: kunit/overflow: Fix UB in overflowallocationtest The 'devicename' array doesn't exist out of the 'overflowallocationtest' function scope. However, it is being used as a driver name when calling 'kunitdrivercreate' from...

CVE-2024-46823 kunit/overflow: Fix UB in overflow_allocation_test

In the Linux kernel, the following vulnerability has been resolved: kunit/overflow: Fix UB in overflowallocationtest The 'devicename' array doesn't exist out of the 'overflowallocationtest' function scope. However, it is being used as a driver name when calling 'kunitdrivercreate' from...

PT-2024-33787

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A vulnerability in the Linux kernel has been resolved, specifically in the net/ncsi component. The issue arises when the work function is not disabled before freeing the associated...

kernel: ARM: 9359/1: flush: check if the folio is reserved for no-mapping addresses

A flaw was found in the Linux kernel’s ARM memory management functionality, where certain memory layouts cause a kernel panic. This flaw allows an attacker who can specify or alter memory layouts to cause a denial of service...

kernel: event code falling outside of a bitmap in input_set_capability() leads to panic

A vulnerability was found in drivers/input/input.c in the Linux Kernel, where the inputsetcapability function mishandles scenarios where an event code is outside the bitmap. This issue can lead to a kernel panic when the event code exceeds the bitmap for the specified event type, which could allo...

kernel: wifi: cfg80211: Lock wiphy in cfg80211_get_station

A vulnerability was found in the Linux kernel in wifi driver in cfg80211getstation function, where the wiphy was not locked before calling rdevgetstation, which lead to a NULL pointer dereference when a station disconnects and reconnects during a work queue operation, resulting in a kernel panic...

kernel: virtio-net: tap: mlx5_core short frame denial of service

A denial of service DoS attack was found in the mlx5 driver in the Linux kernel. A KVM guest VM using virtio-net can crash the host by sending a short packet, for example, size = ETHHLEN...

kernel: netns: Make get_net_ns() handle zero refcount net

A vulnerability was found in the Linux kernel's netns in the getnetns function. This vulnerability occurs when a network namespace reference count is zero, leading to a use-after-free condition that can trigger a kernel panic...

kernel: block: don't call rq_qos_ops->done_bio if the bio isn't tracked

A vulnerability was found in the Linux kernel, where improper handling of block I/O requests when a block I/O request bio is not tracked, the kernel erroneously calls the rqqosops-donebio function, potentially leading to use-after-free issues. This situation can occurr when the request queue is...

kernel: perf/x86/lbr: Filter vsyscall addresses

In the Linux kernel, the following vulnerability has been resolved: perf/x86/lbr: Filter vsyscall addresses We found that a panic can occur when a vsyscall is made while LBR sampling is active. If the vsyscall is interrupted NMI for perf sampling, this call sequence can occur most recent at top:...

kernel: cgroup: cgroup_get_from_id() must check the looked-up kn is a directory

A flaw was found in the Linux kernel in which certain cgroup configurations could cause a kernel panic, resulting in a Denial of Service...

kernel: cgroup: cgroup_get_from_id() must check the looked-up kn is a directory

A flaw was found in the Linux kernel in which certain cgroup configurations could cause a kernel panic, resulting in a Denial of Service...

kernel: event code falling outside of a bitmap in input_set_capability() leads to panic

A vulnerability was found in drivers/input/input.c in the Linux Kernel, where the inputsetcapability function mishandles scenarios where an event code is outside the bitmap. This issue can lead to a kernel panic when the event code exceeds the bitmap for the specified event type, which could allo...

kernel: virtio-net: tun: mlx5_core short frame denial of service

A denial of service DoS attack was found in the mlx5 driver in the Linux kernel. A KVM guest VM using virtio-net can crash the host by sending a short packet, for example, size = ETHHLEN...

kernel: netns: Make get_net_ns() handle zero refcount net

A vulnerability was found in the Linux kernel's netns in the getnetns function. This vulnerability occurs when a network namespace reference count is zero, leading to a use-after-free condition that can trigger a kernel panic...

kernel: block: don't call rq_qos_ops->done_bio if the bio isn't tracked

A vulnerability was found in the Linux kernel, where improper handling of block I/O requests when a block I/O request bio is not tracked, the kernel erroneously calls the rqqosops-donebio function, potentially leading to use-after-free issues. This situation can occurr when the request queue is...

kernel: virtio-net: tap: mlx5_core short frame denial of service

A denial of service DoS attack was found in the mlx5 driver in the Linux kernel. A KVM guest VM using virtio-net can crash the host by sending a short packet, for example, size = ETHHLEN...