CVE-2024-42301

In the Linux kernel, the following vulnerability has been resolved: dev/parport: fix the array out-of-bounds risk Fixed array out-of-bounds issues caused by sprintf by replacing it with snprintf for safer data copying, ensuring the destination buffer is not overflowed. Below is the stack trace I...

CVE-2024-42271

In the Linux kernel, the following vulnerability has been resolved: net/iucv: fix use after free in iucvsockclose iucvseverpath is called from process context and from bh context. iucv-path is used as indicator whether somebody else is taking care of severing the path or it is already removed /...

UBUNTU-CVE-2024-42297

In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to don't dirty inode for readonly filesystem syzbot reports f2fs bug as below: kernel BUG at fs/f2fs/inode.c:933! RIP: 0010:f2fsevictinode+0x1576/0x1590 fs/f2fs/inode.c:933 Call Trace: evict+0x2a4/0x620 fs/inode.c:664...

UBUNTU-CVE-2024-42266

In the Linux kernel, the following vulnerability has been resolved: btrfs: make cowfilerangeinline honor lockedpage on error The btrfs buffered write path runs through extentwritepage which has some tricky return value handling for writepagedelalloc. Specifically, when that returns 1, we exit, bu...

CVE-2024-42305 ext4: check dot and dotdot of dx_root before making dir indexed

In the Linux kernel, the following vulnerability has been resolved: ext4: check dot and dotdot of dxroot before making dir indexed Syzbot reports a issue as follows: ============================================ BUG: unable to handle page fault for address: ffffed11022e24fe PGD 23ffee067 P4D...

CVE-2024-42301 dev/parport: fix the array out-of-bounds risk

In the Linux kernel, the following vulnerability has been resolved: dev/parport: fix the array out-of-bounds risk Fixed array out-of-bounds issues caused by sprintf by replacing it with snprintf for safer data copying, ensuring the destination buffer is not overflowed. Below is the stack trace I...

CVE-2024-42301

In the Linux kernel, the following vulnerability has been resolved: dev/parport: fix the array out-of-bounds risk Fixed array out-of-bounds issues caused by sprintf by replacing it with snprintf for safer data copying, ensuring the destination buffer is not overflowed. Below is the stack trace I...

CVE-2024-42297

CVE-2024-42297 concerns a Linux kernel f2fs issue where inodes are marked dirty during operations on a readonly filesystem, triggering a kernel panic during unmount. Root cause chain: do_sys_open -> f2fs_lookup -> __f2fs_find_entry -> f2fs_i_depth_write -> f2fs_mark_inode_dirty_sync -...

CVE-2024-42297 f2fs: fix to don't dirty inode for readonly filesystem

In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to don't dirty inode for readonly filesystem syzbot reports f2fs bug as below: kernel BUG at fs/f2fs/inode.c:933! RIP: 0010:f2fsevictinode+0x1576/0x1590 fs/f2fs/inode.c:933 Call Trace: evict+0x2a4/0x620 fs/inode.c:664...

CVE-2024-42297 f2fs: fix to don't dirty inode for readonly filesystem

In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to don't dirty inode for readonly filesystem syzbot reports f2fs bug as below: kernel BUG at fs/f2fs/inode.c:933! RIP: 0010:f2fsevictinode+0x1576/0x1590 fs/f2fs/inode.c:933 Call Trace: evict+0x2a4/0x620 fs/inode.c:664...

CVE-2024-42271 net/iucv: fix use after free in iucv_sock_close()

In the Linux kernel, the following vulnerability has been resolved: net/iucv: fix use after free in iucvsockclose iucvseverpath is called from process context and from bh context. iucv-path is used as indicator whether somebody else is taking care of severing the path or it is already removed /...

kernel: netns: Make get_net_ns() handle zero refcount net

A vulnerability was found in the Linux kernel's netns in the getnetns function. This vulnerability occurs when a network namespace reference count is zero, leading to a use-after-free condition that can trigger a kernel panic...

kernel: efi: fix panic in kdump kernel

In the Linux kernel, the following vulnerability has been resolved: efi: fix panic in kdump kernel The Linux kernel CVE team has assigned CVE-2024-35800 to this issue. Upstream advisory: https://lore.kernel.org/linux-cve-announce/2024051738-CVE-2024-35800-219a@gregkh/T...

PT-2024-32225

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The issue is related to the 'device name' array in the 'overflow allocation test' function scope. This array is being used as a driver name when calling 'kunit driver create' from 'kunit...

kernel: virtio-net: tun: mlx5_core short frame denial of service

A denial of service DoS attack was found in the mlx5 driver in the Linux kernel. A KVM guest VM using virtio-net can crash the host by sending a short packet, for example, size = ETHHLEN...

PT-2024-6979 · Linux +2 · Linux Kernel +2

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: The issue is related to a use-after-free panic in the mtk wed setup tc block cb function. When there are multiple ap interfaces on one band and with WED on, turning the interface down...

CBL Mariner 2.0 Security Update: kernel (CVE-2024-39474)

"The version of kernel installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-39474 advisory. - In the Linux kernel, the following vulnerability has been resolved: mm/vmalloc: fix vmalloc which may retur...

CVE-2024-42083

...

CVE-2024-42252

In the Linux kernel, the following vulnerability has been resolved: closures: Change BUGON to WARNON If a BUGON can be hit in the wild, it shouldn't be a BUGON For reference, this has popped up once in the CI, and we'll need more info to debug it: 03240 ------------ cut here ------------ 03240...

kernel: stmmac: Clear variable when destroying workqueue

A vulnerability was found in the stmmac ethernet driver of the Linux kernel, where a workqueue variable was not cleared after being destroyed. This issue could lead to kernel panics if the code later attempted to access or destroy the already-freed workqueue...