CVE-2024-26946 kprobes/x86: Use copy_from_kernel_nofault() to read from unsafe address

In the Linux kernel, the following vulnerability has been resolved: kprobes/x86: Use copyfromkernelnofault to read from unsafe address Read from an unsafe address with copyfromkernelnofault in archadjustkprobeaddr because this function is used before checking the address is in text or not...

CVE-2024-26946

CVE-2024-26946: In the Linux kernel, the vulnerability resides in kprobes/x86 where arch_adjust_kprobe_addr() could read from an unsafe address. The fix switches the read to copy_from_kernel_nofault() to prevent kernel panics when data is inaccessible, as Syzcaller reported. Public details confir...

CVE-2024-26946

In the Linux kernel, the following vulnerability has been resolved: kprobes/x86: Use copyfromkernelnofault to read from unsafe address Read from an unsafe address with copyfromkernelnofault in archadjustkprobeaddr because this function is used before checking the address is in text or not...

CVE-2024-26942 net: phy: qcom: at803x: fix kernel panic with at8031_probe

In the Linux kernel, the following vulnerability has been resolved: net: phy: qcom: at803x: fix kernel panic with at8031probe On reworking and splitting the at803x driver, in splitting function of at803x PHYs it was added a NULL dereference bug where priv is referenced before it's actually...

CVE-2024-26942 net: phy: qcom: at803x: fix kernel panic with at8031_probe

In the Linux kernel, the following vulnerability has been resolved: net: phy: qcom: at803x: fix kernel panic with at8031probe On reworking and splitting the at803x driver, in splitting function of at803x PHYs it was added a NULL dereference bug where priv is referenced before it's actually...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. Linux kernel has a security vulnerability. Attackers have exploited the vulnerability to cause a kernel panic...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. Linux kernel has a security vulnerability. Attackers have exploited the vulnerability to cause a kernel panic...

PT-2024-21626 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: The issue arises from the function wq update node max active incorrectly calling cpumask test cpu with -1 CPU, leading to kernel panics on some architectures. This occurs when @off cpu...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. Linux kernel has a security vulnerability. Attackers have exploited the vulnerability to cause a kernel panic...

kernel: Linux kernel Bluetooth: Denial of Service via race condition in hidp_session_thread

A flaw was found in the Linux kernel's Bluetooth subsystem. A race condition in the hidpsessionthread can lead to a use-after-free vulnerability. This occurs when a timer is active while its deletion function is called, causing memory to be accessed after it has been freed. A local attacker could...

kernel: Linux kernel: Out-of-bounds write in VXLAN due to incorrect nexthop hash size leading to denial of service

A flaw was found in the Linux kernel's Virtual Extensible LAN VXLAN implementation. An attacker with elevated privileges CAPNETADMIN can exploit this vulnerability by configuring the system to accept and forward VXLAN packets. The issue arises from an incorrect nexthop hash size, where a 32-bit...

kernel: ext4: fix delayed allocation bug in ext4_clu_mapped for bigalloc + inline

In the Linux kernel, the following vulnerability has been resolved: ext4: fix delayed allocation bug in ext4clumapped for bigalloc + inline When converting files with inline data to extents, delayed allocations made on a file system created with both the bigalloc and inline options can result in...

kernel: igc: Fix Kernel Panic during ndo_tx_timeout callback

A race condition was identified in the Intel “igc” network driver in the Linux kernel. Under specific heavy traffic and timing scenarios, such as when the transmit queue times out ndotxtimeout and the adapter reset path is invoked concurrently with device teardown or reinitialization, the driver...

kernel: Linux kernel: Denial of Service in RDMA/bnxt_re driver due to race condition during QP destruction

A flaw was found in the Linux kernel's Remote Direct Memory Access RDMA bnxtre driver. A local user could exploit a race condition that occurs when a Queue Pair QP is destroyed, but completion queue CQ polling continues. This can lead to a kernel panic, resulting in a Denial of Service DoS on the...

kernel: ixgbe: Fix panic during XDP_TX with > 64 CPUs

A flaw was found in the Linux kernel's ixgbe network driver. On systems with more than 64 CPUs, XDPTX operations can cause a kernel panic due to an array-index-out-of-bounds access. The ixgbexdplockingkey variable can be incorrectly decremented to zero during ring reconfiguration, causing the...

kernel: blk-cgroup: Reinit blkg_iostat_set after clearing in blkcg_reset_stats()

In the Linux kernel, the following vulnerability has been resolved: blk-cgroup: Reinit blkgiostatset after clearing in blkcgresetstats When blkgalloc is called to allocate a blkcggq structure with the associated blkgiostatset's, there are 2 fields within blkgiostatset that requires proper...

kernel: Linux kernel: Denial of Service in DRM scheduler due to improper work queue handling

A flaw was found in the Linux kernel's Direct Rendering Manager DRM scheduler. A local attacker with low privileges could exploit this vulnerability by triggering a GPU reset test. This improper handling of the scheduler work queue can lead to a kernel panic, which is a system crash, resulting in...

kernel: USB: Gadget: core: Help prevent panic during UVC unconfigure

A deadlock flaw was found in the Linux kernel's USB Gadget subsystem in the driver unbind path. A local privileged user can trigger this issue by removing a UVC gadget driver from a gadget configuration, causing the unbind callback to call usbgadgetdeactivate while the caller holds the connectloc...

CVE-2022-48638

In the Linux kernel, the following vulnerability has been resolved: cgroup: cgroupgetfromid must check the looked-up kn is a directory cgroup has to be one kernfs dir, otherwise kernel panic is caused, especially cgroup id is provide from userspace...

DEBIAN-CVE-2022-48638

In the Linux kernel, the following vulnerability has been resolved: cgroup: cgroupgetfromid must check the looked-up kn is a directory cgroup has to be one kernfs dir, otherwise kernel panic is caused, especially cgroup id is provide from userspace...