DEBIAN-CVE-2024-50221

In the Linux kernel, the following vulnerability has been resolved: drm/amd/pm: Vangogh: Fix kernel memory out of bounds write KASAN reports that the GPU metrics table allocated in vangoghtablesinit is not large enough for the memset done in smucmninitsoftgpumetrics. Condensed report follows:...

UBUNTU-CVE-2024-50236

In the Linux kernel, the following vulnerability has been resolved: wifi: ath10k: Fix memory leak in management tx In the current logic, memory is allocated for storing the MSDU context during management packet TX but this memory is not being freed during management TX completion. Similar leaks a...

UBUNTU-CVE-2024-50221

In the Linux kernel, the following vulnerability has been resolved: drm/amd/pm: Vangogh: Fix kernel memory out of bounds write KASAN reports that the GPU metrics table allocated in vangoghtablesinit is not large enough for the memset done in smucmninitsoftgpumetrics. Condensed report follows:...

CVE-2024-50221 drm/amd/pm: Vangogh: Fix kernel memory out of bounds write

In the Linux kernel, the following vulnerability has been resolved: drm/amd/pm: Vangogh: Fix kernel memory out of bounds write KASAN reports that the GPU metrics table allocated in vangoghtablesinit is not large enough for the memset done in smucmninitsoftgpumetrics. Condensed report follows:...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from an out-of-bounds write to kernel memory...

DEBIAN-CVE-2024-50165

In the Linux kernel, the following vulnerability has been resolved: bpf: Preserve param-string when parsing mount options In bpfparseparam, keep the value of param-string intact so it can be freed later. Otherwise, the kmalloc area pointed to by param-string will be leaked as shown below:...

AZL-53349 CVE-2024-50143 affecting package kernel for versions less than 6.6.64.2-1

In the Linux kernel, the following vulnerability has been resolved: udf: fix uninit-value use in udfgetfileshortad Check for overflow when computing alen in udfcurrentaext to mitigate later uninit-value use in udfgetfileshortad KMSAN bug1. After applying the patch reproducer did not trigger any...

UBUNTU-CVE-2024-50172

In the Linux kernel, the following vulnerability has been resolved: RDMA/bnxtre: Fix a possible memory leak In bnxtresetupchipctx when bnxtqplibmapdbbar fails driver is not freeing the memory allocated for "rdev-chipctx"...

UBUNTU-CVE-2024-50143

In the Linux kernel, the following vulnerability has been resolved: udf: fix uninit-value use in udfgetfileshortad Check for overflow when computing alen in udfcurrentaext to mitigate later uninit-value use in udfgetfileshortad KMSAN bug1. After applying the patch reproducer did not trigger any...

VulnCheck KEV: CVE-2024-50302

The Linux kernel contains a use of uninitialized resource vulnerability that allows an attacker to leak kernel memory via a specially crafted HID report...

The vulnerability of the hugetlb_fault() function in the Linux kernel’s memory management subsystem allows attackers to compromise the confidentiality, integrity, and accessibility of protected information.

The vulnerability of the hugetlbfault function in the mm/hugetlb.c module of the Linux kernel’s memory management subsystem is related to the repeated use of previously released memory. Exploiting this vulnerability could allow an attacker to compromise the confidentiality, integrity, and...

UBUNTU-CVE-2024-50110

In the Linux kernel, the following vulnerability has been resolved: xfrm: fix one more kernel-infoleak in algo dumping During fuzz testing, the following issue was discovered: BUG: KMSAN: kernel-infoleak in copytoiter+0x598/0x2a30 copytoiter+0x598/0x2a30 skbdatagramiter+0x168/0x1060...

kernel: block: initialize integrity buffer to zero before writing it to media

A flaw was found in the Linux kernel, where it initialized the integrity buffer to zero before writing it to media. Metadata added by biointegrityprep uses plain kmalloc, which leads to random kernel memory being written. Protection Information PI metadata is limited to the app tag not used by...

The vulnerability of the RtsPer.sys and RtsUer.sys drivers of Realtek SD card readers, related to memory release errors, allows an attacker to gain access to the kernel’s stack memory and dynamic memory.

The vulnerability of the RtsPer.sys and RtsUer.sys drivers of Realtek SD card readers is related to memory release errors. Exploiting this vulnerability can allow an attacker to gain access to kernel memory from the stack and dynamic memory...

The vulnerability of the RtsPer.sys and RtsUer.sys drivers of Realtek SD card readers arises from writing beyond the buffer boundaries in memory. This allows an attacker to write data into the kernel memory beyond the system buffer IRP.

The vulnerability of the RtsPer.sys and RtsUer.sys drivers of Realtek SD card readers is related to writing data beyond the buffer boundaries in memory. Exploiting this vulnerability allows an attacker to write data into the kernel’s memory beyond the boundaries of the system buffer...

The vulnerability of the RtsPer.sys driver in Realtek’s SD card readers relates to writing beyond the buffer boundaries in memory. This allows an attacker to write data into the kernel memory beyond the boundaries of the system buffer.

The vulnerability of the RtsPer.sys driver in Realtek’s SD card readers is related to writing data beyond the buffer boundaries in memory. Exploiting this vulnerability allows an attacker to write data into the kernel memory beyond the system buffer limits...

kernel: block: initialize integrity buffer to zero before writing it to media

A flaw was found in the Linux kernel, where it initialized the integrity buffer to zero before writing it to media. Metadata added by biointegrityprep uses plain kmalloc, which leads to random kernel memory being written. Protection Information PI metadata is limited to the app tag not used by...

DEBIAN-CVE-2024-50087

In the Linux kernel, the following vulnerability has been resolved: btrfs: fix uninitialized pointer free on readalloconename error The function readalloconename does not initialize the name field of the passed fscryptstr struct if kmalloc fails to allocate the corresponding buffer. Thus, it is n...

The vulnerabilities of the crst_table_free() and base_crst_free() functions in the Linux kernel’s memory management subsystem on the s390 platform allow a hacker to trigger a service failure.

The vulnerability of the functions crsttablefree and basecrstfree in the arch/s390/mm/pgalloc.c file, belonging to the memory management subsystem of the Linux operating system on the s390 platform, is related to the assignment of a null pointer. Exploiting this vulnerability could allow an...

PT-2024-28419 · Freebsd · Freebsd

Name of the Vulnerable Software and Affected Versions: FreeBSD affected versions not specified Description: The issue allows the caller to specify an arbitrary size using the ctl persistent reserve out command, which will be passed to the kernel's memory allocator. This could potentially lead to...