CVE-2023-52921 drm/amdgpu: fix possible UAF in amdgpu_cs_pass1()

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: fix possible UAF in amdgpucspass1 Since the gangsize check is outside of chunk parsing loop, we need to reset i before we free the chunk data. Suggested by Ye Zhang @VAR10CK of Baidu Security...

kernel security update

5.14.0-503.14.15.OL9 - Disable UKI signing Orabug: 36571828 - Update Oracle Linux certificates Kevin Lyons - Disable signing for aarch64 Ilya Okomin - Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list olkmodsigningkey.pem Orabug: 29539237 - Update x509.genkey Orabug:...

CVE-2024-34729

In multiple locations, there is a possible arbitrary code execution due to a logic error in the code. This could lead to local escalation of privilege in the kernel with no additional execution privileges needed. User interaction is not needed for exploitation...

Moderate: Red Hat Security Advisory: kernel security update

An update for kernel is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the...

kernel: PM / devfreq: Fix buffer overflow in trans_stat_show

In the Linux kernel, the following vulnerability has been resolved: PM / devfreq: Fix buffer overflow in transstatshow Fix buffer overflow in transstatshow. Convert simple snprintf to the more secure scnprintf with size of PAGESIZE. Add condition checking if we are exceeding PAGESIZE and exit ear...

kernel: lz4: fix LZ4_decompress_safe_partial read out of bound

In the Linux kernel, the following vulnerability has been resolved: lz4: fix LZ4decompresssafepartial read out of bound When partialDecoding, it is EOF if we've either filled the output buffer or can't proceed with reading an offset for following match. In some extreme corner cases when compresse...

kernel: RDMA/mlx5: Fix fortify source warning while accessing Eth segment

A flaw was found in the Linux kernel's mlx5 InfiniBand driver. Certain scenarios could lead to a use-after-free issue, potentially allowing an attacker to escalate their privileges or affect system integrity or stability...

kernel: dyndbg: fix old BUG_ON in >control parser

In the Linux kernel, the following vulnerability has been resolved: dyndbg: fix old BUGON in control parser The Linux kernel CVE team has assigned CVE-2024-35947 to this issue. Upstream advisory: https://lore.kernel.org/linux-cve-announce/2024051952-CVE-2024-35947-09bb@gregkh/T...

kernel: drm/radeon: fix UBSAN warning in kv_dpm.c

A vulnerability was found in the Linux kernel's DRM/Radeon driver, specifically in the sumovidmappingentry within the kvdpm.c file. Insufficient bounds checking can lead to memory corruption...

CVE-2024-50261 macsec: Fix use-after-free while sending the offloading packet

In the Linux kernel, the following vulnerability has been resolved: macsec: Fix use-after-free while sending the offloading packet KASAN reports the following UAF. The metadatadst, which is used to store the SCI value for macsec offload, is already freed by metadatadstfree in macsecfreenetdev,...

CVE-2024-50223

CVE-2024-50223: In Linux kernel sched/numa, a potential null pointer dereference in task_numa_work() could occur when a stress scenario unmapped a child address space, causing vma_next() to return NULL. The backtrace shows dereferencing a NULL vma in vma_migratable, leading to a crash. Root cause...

bpf: Fix use-after-free in bpf_uprobe_multi_link_attach()

...

SUSE CVE-2024-50162

In the Linux kernel, the following vulnerability has been resolved: bpf: devmap: provide rxq after redirect rxq contains a pointer to the device from where the redirect happened. Currently, the BPF program that was executed after a redirect via BPFMAPTYPEDEVMAP does not have it set. This is...

EulerOS 2.0 SP9 : kernel (EulerOS-SA-2024-2815)

According to the versions of the kernel packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : vsock/virtio: free queued packets when closing socketCVE-2021-47024 KVM: PPC: Fix kvmarchvcpuioctl vcpuload leakCVE-2021-47296 kernel:RDMA/cma:...

CVE-2024-50150 usb: typec: altmode should keep reference to parent

In the Linux kernel, the following vulnerability has been resolved: usb: typec: altmode should keep reference to parent The altmode device release refers to its parent device, but without keeping a reference to it. When registering the altmode, get a reference to the parent and put it in the...

CVE-2024-50124 Bluetooth: ISO: Fix UAF on iso_sock_timeout

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: ISO: Fix UAF on isosocktimeout conn-sk maybe have been unlinked/freed while waiting for isoconnlock so this checks if the conn-sk is still valid by checking if it part of isosklist...

LSN-0107-1: Kernel Live Patch Security Notice

In the Linux kernel, the following vulnerability has been resolved: inet: inetdefrag: prevent sk release while still in use iplocalout and other functions can pass skb-sk as function argument. If the skb is a fragment and reassembly happens before such function call returns, the sk must not be...

LSN-0107-1 Kernel Live Patch Security Notice

In the Linux kernel, the following vulnerability has been resolved: inet: inetdefrag: prevent sk release while still in use iplocalout and other functions can pass skb-sk as function argument. If the skb is a fragment and reassembly happens before such function call returns, the sk must not be...

AlmaLinux 9 : kernel (ALSA-2024:8617)

The remote AlmaLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2024:8617 advisory. hw: cpu: intel: Native Branch History Injection BHI CVE-2024-2201 kernel: tcp: add sanity checks to rx zerocopy CVE-2024-26640 kernel: mptcp: fix data...

SUSE SLES15 Security Update : kernel (Live Patch 45 for SLE 15 SP3) (SUSE-SU-2024:3774-1)

The remote SUSE Linux SLES15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:3774-1 advisory. This update for the Linux Kernel 5.3.18-15030059164 fixes several issues. The following security issues were fixed: - CVE-2021-47598: schcake: ...