4827 matches found
CVE-2023-52787 blk-mq: make sure active queue usage is held for bio_integrity_prep()
In the Linux kernel, the following vulnerability has been resolved: blk-mq: make sure active queue usage is held for biointegrityprep blkintegrityunregister can come if queue usage counter isn't held for one bio with integrity prepared, so this request may be completed with calling...
CVE-2023-52784
In the Linux kernel, the following vulnerability has been resolved: bonding: stop the device in bondsetupbyslave Commit 9eed321cde22 "net: lapbether: only support ethernet devices" has been able to keep syzbot away from net/lapb, until today. In the following splat 1, the issue is that a lapbethe...
CVE-2023-52783 net: wangxun: fix kernel panic due to null pointer
In the Linux kernel, the following vulnerability has been resolved: net: wangxun: fix kernel panic due to null pointer When the device uses a custom subsystem vendor ID, the function wxswinit returns before the memory of 'wx-mactable' is allocated. The null pointer will causes the kernel panic...
CVE-2023-52783 net: wangxun: fix kernel panic due to null pointer
In the Linux kernel, the following vulnerability has been resolved: net: wangxun: fix kernel panic due to null pointer When the device uses a custom subsystem vendor ID, the function wxswinit returns before the memory of 'wx-mactable' is allocated. The null pointer will causes the kernel panic...
CVE-2023-52783 net: wangxun: fix kernel panic due to null pointer
In the Linux kernel, the following vulnerability has been resolved: net: wangxun: fix kernel panic due to null pointer When the device uses a custom subsystem vendor ID, the function wxswinit returns before the memory of 'wx-mactable' is allocated. The null pointer will causes the kernel panic...
CVE-2023-52783
In the Linux kernel, the following vulnerability has been resolved: net: wangxun: fix kernel panic due to null pointer When the device uses a custom subsystem vendor ID, the function wxswinit returns before the memory of 'wx-mactable' is allocated. The null pointer will causes the kernel panic...
CVE-2023-52783
CVE-2023-52783 affects the Linux kernel and fixes a local kernel-panic scenario in the net/wangxun path. When a device uses a custom subsystem vendor ID, wx_sw_init() may return before wx->mac_table is allocated, causing a NULL pointer dereference and a kernel panic. The connected documents co...
CVE-2023-52774
In the Linux kernel, the following vulnerability has been resolved: s390/dasd: protect device queue against concurrent access In dasdprofilestart the amount of requests on the device queue are counted. The access to the device queue is unprotected against concurrent access. With a lot of parallel...
CVE-2023-52774 s390/dasd: protect device queue against concurrent access
In the Linux kernel, the following vulnerability has been resolved: s390/dasd: protect device queue against concurrent access In dasdprofilestart the amount of requests on the device queue are counted. The access to the device queue is unprotected against concurrent access. With a lot of parallel...
CVE-2023-52774
CVE-2023-52774 : In the Linux kernel (s390/dasd), the device queue could be accessed concurrently in dasd_profile_start(), allowing the queue to change while it is being read; this could trigger a kernel panic due to invalid pointer accesses when I/O is highly parallel (aliases). The root cause i...
CVE-2023-52763 i3c: master: mipi-i3c-hci: Fix a kernel panic for accessing DAT_data.
In the Linux kernel, the following vulnerability has been resolved: i3c: master: mipi-i3c-hci: Fix a kernel panic for accessing DATdata. The i3cmasterbusinit function may attach the I2C devices before the I3C bus initialization. In this flow, the DAT allocentry will be used before the DAT init...
CVE-2023-52763
In the Linux kernel, the following vulnerability has been resolved: i3c: master: mipi-i3c-hci: Fix a kernel panic for accessing DATdata. The i3cmasterbusinit function may attach the I2C devices before the I3C bus initialization. In this flow, the DAT allocentry will be used before the DAT init...
CVE-2023-52763 i3c: master: mipi-i3c-hci: Fix a kernel panic for accessing DAT_data.
In the Linux kernel, the following vulnerability has been resolved: i3c: master: mipi-i3c-hci: Fix a kernel panic for accessing DATdata. The i3cmasterbusinit function may attach the I2C devices before the I3C bus initialization. In this flow, the DAT allocentry will be used before the DAT init...
CVE-2023-52761
CVE-2023-52761 : In the Linux kernel, the riscv VMAP_STACK overflow detection patch (commit 31da94c25aea) adds CONFIG_VMAP_STACK support and fixes a race where two CPUs could overflow the kernel stack and corrupt each other. The changes introduce a per-CPU overflow stack lookup (via an asm macro)...
CVE-2023-52759
CVE-2023-52759 is rejected/withdrawn and does not represent an active vulnerability entry.
DEBIAN-CVE-2021-47412
In the Linux kernel, the following vulnerability has been resolved: block: don't call rqqosops-donebio if the bio isn't tracked rqqos framework is only applied on request based driver, so: 1 rqqosdonebio needn't to be called for bio based driver 2 rqqosdonebio needn't to be called for bio which...
CVE-2021-47412
In the Linux kernel, the following vulnerability has been resolved: block: don't call rqqosops-donebio if the bio isn't tracked rqqos framework is only applied on request based driver, so: 1 rqqosdonebio needn't to be called for bio based driver 2 rqqosdonebio needn't to be called for bio which...
CVE-2021-47299
In the Linux kernel, the following vulnerability has been resolved: xdp, net: Fix use-after-free in bpfxdplinkrelease The problem occurs between devgetbyindex and devxdpattachlink. At this point, devxdpuninstall is called. Then xdp link will not be detached automatically when dev is released. But...
CVE-2021-47266
In the Linux kernel, the following vulnerability has been resolved: RDMA/ipoib: Fix warning caused by destroying non-initial netns After the commit 5ce2dced8e95 "RDMA/ipoib: Set rtnllinkops for ipoib interfaces", if the IPoIB device is moved to non-initial netns, destroying that netns lets the...
DEBIAN-CVE-2021-47272
In the Linux kernel, the following vulnerability has been resolved: usb: dwc3: gadget: Bail from dwc3gadgetexit if dwc-gadget is NULL There exists a possible scenario in which dwc3gadgetinit can fail: during during host - peripheral mode switch in dwc3setmode, and a pending gadget driver fails to...