454 matches found
CVE-2021-46925
In the Linux kernel, the following vulnerability has been resolved: net/smc: fix kernel panic caused by race of smcsock A crash occurs when smccdctxhandler tries to access smcsock but smcrelease has already freed it. 4570.695099 BUG: unable to handle page fault for address: 000000002eae9e88...
CVE-2023-52440 ksmbd: fix slub overflow in ksmbd_decode_ntlmssp_auth_blob()
In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix slub overflow in ksmbddecodentlmsspauthblob If authblob-SessionKey.Length is bigger than session key sizeCIFSKEYSIZE, slub overflow can happen in key exchange codes. cifsarc4crypt copy to session key array from...
SUSE-SU-2023:4136-1 Security update for suse-module-tools
This update for suse-module-tools fixes the following issues: - Update to version 15.5.3: - CVE-2023-1829: Blacklisted the Linux kernel tcindex classifier module bsc1210335. - CVE-2023-23559: Blacklisted the Linux kernel RNDIS modules bsc1205767, jscPED-5731...
kernel: md/raid1: stop mdx_raid1 thread when raid1 array run failed
In the Linux kernel, the following vulnerability has been resolved: md/raid1: stop mdxraid1 thread when raid1 array run failed fail run raid1 array when we assemble array with the inactive disk only, but the mdxraid1 thread were not stop, Even if the associated resources have been released. it wi...
kernel: dm thin: Fix UAF in run_timer_softirq()
In the Linux kernel, the following vulnerability has been resolved: dm thin: Fix UAF in runtimersoftirq When dmresume and dmdestroy are concurrent, it will lead to UAF, as follows: BUG: KASAN: use-after-free in runtimers+0x173/0x710 Write of size 8 at addr ffff88816d9490f0 by task swapper/0/0 Cal...
kernel: nfp: flower: Fix a potential leak in nfp_tunnel_add_shared_mac()
In the Linux kernel, the following vulnerability has been resolved: nfp: flower: Fix a potential leak in nfptunneladdsharedmac idasimpleget returns an id between min 0 and max NFPMAXMACINDEX inclusive. So NFPMAXMACINDEX 0xff is a valid id. In order for the error handling path to work correctly, t...
kernel: sock: redo the psock vs ULP protection check
In the Linux kernel, the following vulnerability has been resolved: sock: redo the psock vs ULP protection check Commit 8a59f9d1e3d4 "sock: Introduce sk-skprot-psockupdateskprot" has moved the inetcskhasulpsk check from skpsockinit to the new tcpbpfupdateproto function. I'm guessing that this was...
kernel: ext4: fix use-after-free in ext4_rename_dir_prepare
In the Linux kernel, the following vulnerability has been resolved: ext4: fix use-after-free in ext4renamedirprepare We got issue as follows: EXT4-fs loop0: mounted filesystem without journal. Opts: ,errors=continue ext4getfirstdirblock: bh-bdata=0xffff88810bee6000 len=34478 ext4getfirstdirblock:...
kernel: dm: fix use-after-free in dm_cleanup_zoned_dev()
In the Linux kernel, the following vulnerability has been resolved: dm: fix use-after-free in dmcleanupzoneddev dmcleanupzoneddev uses queue, so it must be called before blkcleanupdisk starts its killing: blkcleanupdisk-blkcleanupqueue-kobjectput-blkreleasequeue-...
kernel: sfc: fix use after free when disabling sriov
In the Linux kernel, the following vulnerability has been resolved: sfc: fix use after free when disabling sriov Use after free is detected by kfence when disabling sriov. What was read after being freed was vf-pcidev: it was freed from pcidisablesriov and later read in efxef10sriovfreevfvports,...
kernel: dm: fix mempool NULL pointer race when completing IO
In the Linux kernel, the following vulnerability has been resolved: dm: fix mempool NULL pointer race when completing IO dmiodecpending calls endioacct first and will then dec md in-flight pending count. But if a task is swapping DM table at same time this can result in a crash due to...
USN-3249-2: Linux kernel (Xenial HWE) vulnerability
USN-3249-1 fixed a vulnerability in the Linux kernel for Ubuntu 16.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement HWE kernel from Ubuntu 16.04 LTS for Ubuntu 14.04 LTS. It was discovered that the xfrm framework for transforming packets in the Linux kernel...
Fedora Core 1 : kernel-2.4.22-1.2129.nptl (2003-026)
The kernel shipped with Fedora Core 1 was vulnerable to a bug in the error return on a concurrent fork with threaded exit which could be exploited by a user level program to crash the kernel. In addition to this bug fix, the changelog below details various other non-security fixes that have been...
[SECURITY] [DSA 466-1] New Linux 2.2.10 packages fix local root exploit (powerpc/apus)
-------------------------------------------------------------------------- Debian Security Advisory DSA 466-1 [email protected] http://www.debian.org/security/ Martin Schulze March 18th, 2004 http://www.debian.org/security/faq -...