764 matches found
OESA-2024-2030 kernel security update
The Linux Kernel, the operating system core itself. Security Fixes: In the Linux kernel, the following vulnerability has been resolved: ALSA: gus: fix null pointer dereference on pointer block The pointer block return from sndgf1dmanextblock could be null, so there is a potential null pointer...
kernel: mlxsw: spectrum_acl_tcam: Fix stack corruption
A kernel stack flaw that corrupted the Linux kernel’s Mellanox Technologies Spectrum Ethernet driver was found when a user initialized more than 16 access control lists ACLs. This flaw allows a local user to crash or potentially escalate their privileges on the system...
Kernel: stack overflow problem in open vswitch kernel module leading to dos
...
CVE-2024-38575
In the Linux kernel, the following vulnerability has been resolved: wifi: brcmfmac: pcie: handle randbuf allocation failure The kzalloc in brcmfpciedownloadfwnvram will return null if the physical memory has run out. As a result, if we use getrandombytes to generate random bytes in the randbuf, t...
CVE-2024-38575
In the Linux kernel, the following vulnerability has been resolved: wifi: brcmfmac: pcie: handle randbuf allocation failure The kzalloc in brcmfpciedownloadfwnvram will return null if the physical memory has run out. As a result, if we use getrandombytes to generate random bytes in the randbuf, t...
CVE-2024-38575 wifi: brcmfmac: pcie: handle randbuf allocation failure
In the Linux kernel, the following vulnerability has been resolved: wifi: brcmfmac: pcie: handle randbuf allocation failure The kzalloc in brcmfpciedownloadfwnvram will return null if the physical memory has run out. As a result, if we use getrandombytes to generate random bytes in the randbuf, t...
CVE-2024-38575 wifi: brcmfmac: pcie: handle randbuf allocation failure
In the Linux kernel, the following vulnerability has been resolved: wifi: brcmfmac: pcie: handle randbuf allocation failure The kzalloc in brcmfpciedownloadfwnvram will return null if the physical memory has run out. As a result, if we use getrandombytes to generate random bytes in the randbuf, t...
kernel: mlxsw: spectrum_acl_tcam: Fix stack corruption
A kernel stack flaw that corrupted the Linux kernel’s Mellanox Technologies Spectrum Ethernet driver was found when a user initialized more than 16 access control lists ACLs. This flaw allows a local user to crash or potentially escalate their privileges on the system...
CVE-2023-52700
In the Linux kernel, the following vulnerability has been resolved: tipc: fix kernel warning when sending SYN message When sending a SYN message, this kernel stack trace is observed: ... 13.396352 RIP: 0010:copyfromiter+0xb4/0x550 ... 13.398494 Call Trace: 13.398630 13.398630 ? allocskb+0xed/0x1a...
CVE-2023-52761 riscv: VMAP_STACK overflow detection thread-safe
In the Linux kernel, the following vulnerability has been resolved: riscv: VMAPSTACK overflow detection thread-safe commit 31da94c25aea "riscv: add VMAPSTACK overflow detection" added support for CONFIGVMAPSTACK. If overflow is detected, CPU switches to shadowstack temporarily before switching...
DEBIAN-CVE-2021-47255
In the Linux kernel, the following vulnerability has been resolved: kvm: LAPIC: Restore guard to prevent illegal APIC register access Per the SDM, "any access that touches bytes 4 through 15 of an APIC register may cause undefined behavior and must not be executed." Worse, such an access in...
CVE-2021-47255
In the Linux kernel, the following vulnerability has been resolved: kvm: LAPIC: Restore guard to prevent illegal APIC register access Per the SDM, "any access that touches bytes 4 through 15 of an APIC register may cause undefined behavior and must not be executed." Worse, such an access in...
UBUNTU-CVE-2021-47255
In the Linux kernel, the following vulnerability has been resolved: kvm: LAPIC: Restore guard to prevent illegal APIC register access Per the SDM, "any access that touches bytes 4 through 15 of an APIC register may cause undefined behavior and must not be executed." Worse, such an access in...
CVE-2021-47339 media: v4l2-core: explicitly clear ioctl input data
In the Linux kernel, the following vulnerability has been resolved: media: v4l2-core: explicitly clear ioctl input data As seen from a recent syzbot bug report, mistakes in the compat ioctl implementation can lead to uninitialized kernel stack data getting used as input for driver ioctl handlers...
CVE-2021-47255
In CVE-2021-47255, the Linux kernel vulnerability affects KVM LAPIC: a read access path in kvm_lapic_reg_read could touch bytes 4–15 of an APIC register, risking leakage of kernel stack contents. The issue was resolved by restoring a guard removed in a prior commit and aligning with the SDM requi...
CVE-2021-47255 kvm: LAPIC: Restore guard to prevent illegal APIC register access
In the Linux kernel, the following vulnerability has been resolved: kvm: LAPIC: Restore guard to prevent illegal APIC register access Per the SDM, "any access that touches bytes 4 through 15 of an APIC register may cause undefined behavior and must not be executed." Worse, such an access in...
CVE-2021-47255 kvm: LAPIC: Restore guard to prevent illegal APIC register access
In the Linux kernel, the following vulnerability has been resolved: kvm: LAPIC: Restore guard to prevent illegal APIC register access Per the SDM, "any access that touches bytes 4 through 15 of an APIC register may cause undefined behavior and must not be executed." Worse, such an access in...
PT-2024-14697 · Linux +5 · Linux Kernel +5
Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: The issue is related to a kernel warning that occurs when sending a SYN message. The warning is caused by a lack of copy direction from the iterator viewpoint, which leads to a kernel...
CVE-2024-35893
In the Linux kernel, the following vulnerability has been resolved: net/sched: actskbmod: prevent kernel-infoleak syzbot found that tcfskbmoddump was copying four bytes from kernel stack to user space 1. The issue here is that 'struct tcskbmod' has a four bytes hole. We need to clear the structur...
kernel: mlxsw: spectrum_acl_tcam: Fix stack corruption
A kernel stack flaw that corrupted the Linux kernel’s Mellanox Technologies Spectrum Ethernet driver was found when a user initialized more than 16 access control lists ACLs. This flaw allows a local user to crash or potentially escalate their privileges on the system...