CVE-2024-41098 ata: libata-core: Fix null pointer dereference on error

In the Linux kernel, the following vulnerability has been resolved: ata: libata-core: Fix null pointer dereference on error If the ataportalloc call in atahostalloc fails, atahostrelease will get called. However, the code in atahostrelease tries to free ataport struct members unconditionally, whi...

AZL-43393 CVE-2024-41010 affecting package kernel for versions less than 6.6.43.1-7

In the Linux kernel, the following vulnerability has been resolved: bpf: Fix too early release of tcxentry Pedro Pinto and later independently also Hyunwoo Kim and Wongi Lee reported an issue that the tcxentry can be released too early leading to a use after free UAF when an active old-style...

CVE-2024-26933 affecting package kernel for versions less than 5.15.160.1-1

CVE-2024-26933 affecting package kernel for versions less than 5.15.160.1-1. A patched version of the package is available...

PT-2024-29211

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.6.43 Description The issue is related to the ksmbd component in the Linux kernel, where the may open function does not allow a directory to be opened with write access. However, some writing flags set by the...

AZL-69515 CVE-2024-38595 affecting package kernel 6.6.126.1-1

In the Linux kernel, the following vulnerability has been resolved: net/mlx5: Fix peer devlink set for SF representor devlink port The cited patch change register devlink flow, and neglect to reflect the changes for peer devlink set logic. Peer devlink set is triggering a call trace if done after...

AZL-42444 CVE-2024-36901 affecting package kernel for versions less than 6.6.35.1-4

In the Linux kernel, the following vulnerability has been resolved: ipv6: prevent NULL dereference in ip6output According to syzbot, there is a chance that ip6dstidev returns NULL in ip6output. Most places in IPv6 stack deal with a NULL idev just fine, but not here. syzbot reported: general...

CVE-2023-52855

CVE-2023-52855: Linux kernel USB-DWC2 driver race condition. When _dwc2_hcd_urb_enqueue() and _dwc2_hcd_urb_dequeue() run concurrently, urb->hcpriv can be NULL-checked before urb->hcpriv is assigned NULL, enabling a NULL dereference in dwc2_hcd_urb_dequeue. The connected documents confirm t...

CVE-2021-47259

CVE-2021-47259 is a Linux kernel use-after-free in NFS: nfs4_init_client. Public docs confirm KASAN-detected UAF when mounting two exports via two NICs on the same server; affected kernels include around 5.7–5.10 with the root cause linked to refcounting changes. The connected Astra/Unity/EulerOS...

AZL-59566 CVE-2024-35865 affecting package kernel 5.15.200.1-1

In the Linux kernel, the following vulnerability has been resolved: smb: client: fix potential UAF in smb2isvalidoplockbreak Skip sessions that are being teared down status == SESEXITING to avoid UAF...

AZL-54687 CVE-2024-35864 affecting package kernel 5.15.200.1-1

In the Linux kernel, the following vulnerability has been resolved: smb: client: fix potential UAF in smb2isvalidleasebreak Skip sessions that are being teared down status == SESEXITING to avoid UAF...

AZL-62750 CVE-2023-52656 affecting package kernel for versions less than 6.6.96.2-1

In the Linux kernel, the following vulnerability has been resolved: iouring: drop any code related to SCMRIGHTS This is dead code after we dropped support for passing iouring fds over SCMRIGHTS, get rid of it...

PT-2024-28075

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.9.0-rc6 Description The issue arises from the reinitialization of the whole EST structure, which resets the mutex lock embedded in the EST structure and triggers a warning. To address this, the lock is moved to...

CVE-2022-48692

In the Linux kernel, the following vulnerability has been resolved: RDMA/srp: Set scmnd-result only when scmnd is not NULL This change fixes the following kernel NULL pointer dereference which is reproduced by blktests srp/007 occasionally. BUG: kernel NULL pointer dereference, address:...

AZL-59595 CVE-2023-52653 affecting package kernel 5.15.200.1-1

In the Linux kernel, the following vulnerability has been resolved: SUNRPC: fix a memleak in gssimportv2context The ctx-mechused.data allocated by kmemdup is not freed in neither gssimportv2context nor it only caller gsskrb5importseccontext, which frees ctx on error. Thus, this patch reform the...

AZL-40509 CVE-2024-26953 affecting package hyperv-daemons for versions less than 5.15.158.2-1

In the Linux kernel, the following vulnerability has been resolved: net: esp: fix bad handling of pages from pagepool When the skb is reorganized during espoutput !esp-inline, the pages coming from the original skb fragments are supposed to be released back to the system through putpage. But if t...

CVE-2024-26932

In the Linux kernel, the following vulnerability has been resolved: usb: typec: tcpm: fix double-free issue in tcpmportunregisterpd When unregister pd capabilitie in tcpm, KASAN will capture below double -free issue. The root cause is the same capabilitiy will be kfreed twice, the first time is...

PT-2024-7191

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.10.8 Description The issue is related to a negative array index read in the Linux kernel, specifically in the drm/amd/pm module. The problem arises from using negative values for clk idex as an index into an...

PT-2025-18904 · Linux +3 · Linux Kernel +3

Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to the version that includes the fix for the race condition between unloading and reloading kernel modules. Description: A race condition in the Linux kernel has been resolved. The issue was caused by a bug...

PT-2024-4121

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.6.37 Description The issue is related to the erofs kill sb function in the Linux kernel, which can lead to an attempt to free an anon dev that has never been allocated when CONFIG EROFS FS ONDEMAND is enabled...

PT-2024-14773

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The issue is related to the MediaTek vcodec driver in the Linux kernel. The mtk vcodec mem free function is mostly called when the buffer to free exists, but there are instances where th...