SUSE CVE-2021-47173

In the Linux kernel, the following vulnerability has been resolved: misc/uss720: fix memory leak in uss720probe uss720probe forgets to decrease the refcount of usbdev in uss720probe. Fix this by decreasing the refcount of usbdev by usbputdev. BUG: memory leak unreferenced object 0xffff88810111380...

UBUNTU-CVE-2024-26641

In the Linux kernel, the following vulnerability has been resolved: ip6tunnel: make sure to pull inner header in ip6tnlrcv syzbot found ip6tnlrcv could access unitiliazed data 1. Call pskbinetmaypull to fix this, and initialize ipv6h variable after this call as it can change skb-head. 1 BUG: KMSA...

PT-2024-14655 · Linux +1 · Linux Kernel +1

Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 6.6.0-rc7+ Description: The Linux kernel has a vulnerability in the drivers/thermal/loongson2 thermal module. The issue arises from an incorrect judgment of PTR ERR, which returns -ENODEV when thermal-zones are...

UBUNTU-CVE-2021-47117

In the Linux kernel, the following vulnerability has been resolved: ext4: fix bug on in ext4escacheextent as ext4splitextentat failed We got follow bugon when run fsstress with injecting IO fault: 130747.323114 kernel BUG at fs/ext4/extentsstatus.c:762! 130747.323117 Internal error: Oops - BUG: 0...

A patched Windows attack surface is still exploitable

On August 8, 2023, Microsoft finally released a kernel patch for a class of vulnerabilities affecting Microsoft Windows since 2015. The vulnerabilities lead to elevation of privilege EoP, which allows an account with user rights to gain SYSTEM privileges on a vulnerable host. The root cause of th...

CVE-2024-26608

In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix global oob in ksmbdnlpolicy Similar to a reported issue check the commit b33fb5b801c6 "net: qualcomm: rmnet: fix global oob in rmnetpolicy", my local fuzzer finds another global out-of-bounds read for policy...

SUSE CVE-2021-47077

In the Linux kernel, the following vulnerability has been resolved: scsi: qedf: Add pointer checks in qedfupdatelinkspeed The following trace was observed: 14.042059 Call Trace: 14.042061 14.042068 qedflinkupdate+0x144/0x1f0 qedf 14.042117 qedlinkupdate+0x5c/0x80 qed 14.042135...

SUSE CVE-2024-26622

In the Linux kernel, the following vulnerability has been resolved: tomoyo: fix UAF write bug in tomoyowritecontrol Since tomoyowritecontrol updates head-writebuf when write of long lines is requested, we need to fetch head-writebuf after head-iosem is held. Otherwise, concurrent write requests c...

DEBIAN-CVE-2023-52504

In the Linux kernel, the following vulnerability has been resolved: x86/alternatives: Disable KASAN in applyalternatives Fei has reported that KASAN triggers during applyalternatives on a 5-level paging machine: BUG: KASAN: out-of-bounds in rcuiswatching Read of size 4 at addr ff110003ee6419a0 by...

CVE-2023-52566 nilfs2: fix potential use after free in nilfs_gccache_submit_read_data()

In the Linux kernel, the following vulnerability has been resolved: nilfs2: fix potential use after free in nilfsgccachesubmitreaddata In nilfsgccachesubmitreaddata, brelsebh is called to drop the reference count of bh when the call to nilfsdattranslate fails. If the reference count hits 0 and it...

UBUNTU-CVE-2021-46999

In the Linux kernel, the following vulnerability has been resolved: sctp: do asoc update earlier in sctpsfdodupcooka There's a panic that occurs in a few of envs, the call trace is as below: general protection fault, ... 0x29acd70f1000a: 0000 1 SMP PTI RIP:...

SUSE CVE-2021-46927

In the Linux kernel, the following vulnerability has been resolved: nitroenclaves: Use getuserpagesunlocked call to handle mmap assert After commit 5b78ed24e8ec "mm/pagemap: add mmapassertlocked annotations to findvma", the call to getuserpages will trigger the mmap assert. static inline void...

SUSE CVE-2021-46928

In the Linux kernel, the following vulnerability has been resolved: parisc: Clear stale IIR value on instruction access rights trap When a trap 7 Instruction access rights occurs, this means the CPU couldn't execute an instruction due to missing execute permissions on the memory region. In this...

DEBIAN-CVE-2021-46929

In the Linux kernel, the following vulnerability has been resolved: sctp: use callrcu to free endpoint This patch is to delay the endpoint free by calling callrcu to fix another use-after-free issue in sctpsockdump: BUG: KASAN: use-after-free in lockacquire+0x36d9/0x4c20 Call Trace:...

UBUNTU-CVE-2021-46928

In the Linux kernel, the following vulnerability has been resolved: parisc: Clear stale IIR value on instruction access rights trap When a trap 7 Instruction access rights occurs, this means the CPU couldn't execute an instruction due to missing execute permissions on the memory region. In this...

DEBIAN-CVE-2020-36775

In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to avoid potential deadlock Using f2fstrylockop in f2fswritecompressedpages to avoid potential deadlock like we did in f2fswritesingledatapage...

CVE-2023-51042 affecting package kernel for versions less than 5.15.148.1-1

CVE-2023-51042 affecting package kernel for versions less than 5.15.148.1-1. A patched version of the package is available...

PT-2024-21507 · Linux +1 · Linux Kernel +1

Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 6.8.0-rc2+ Description: The issue is related to the LoongArch architecture in the Linux kernel. When the hardware platform has more than 64 CPUs, the system will crash due to an array overflow when parsing the...

Important: kernel

Issue Overview: A flaw has been found in Xen. An unprivileged guest can cause Denial of Service DoS of the host by sending network packets to the backend, causing the backend to crash. CVE-2023-46838 In the Linux kernel, the following vulnerability has been resolved: uio: Fix use-after-free in...

kernel: sctp: check send stream number after wait_for_sndbuf

In the Linux kernel, the following vulnerability has been resolved: sctp: check send stream number after waitforsndbuf This patch fixes a corner case where the asoc out stream count may change after waitforsndbuf. When the main thread in the client starts a connection, if its out stream count is...