CVE-2024-26879

In the Linux kernel, the following vulnerability has been resolved: clk: meson: Add missing clocks to axgclkregmaps Some clocks were missing from axgclkregmaps, which caused kernel panic during cat /sys/kernel/debug/clk/clksummary 57.349402 Unable to handle kernel NULL pointer dereference at...

SUSE CVE-2024-26707

In the Linux kernel, the following vulnerability has been resolved: net: hsr: remove WARNONCE in sendhsrsupervisionframe Syzkaller reported 1 hitting a warning after failing to allocate resources for skb in hsrinitskb. Since a WARNONCE call will not help much in this case, it might be prudent to...

CVE-2024-26718

In the Linux kernel, the following vulnerability has been resolved: dm-crypt, dm-verity: disable tasklets Tasklets have an inherent problem with memory corruption. The function taskletactioncommon calls tasklettrylock, then it calls the tasklet callback and then it calls taskletunlock. If the...

DEBIAN-CVE-2024-26718

In the Linux kernel, the following vulnerability has been resolved: dm-crypt, dm-verity: disable tasklets Tasklets have an inherent problem with memory corruption. The function taskletactioncommon calls tasklettrylock, then it calls the tasklet callback and then it calls taskletunlock. If the...

UBUNTU-CVE-2024-26718

In the Linux kernel, the following vulnerability has been resolved: dm-crypt, dm-verity: disable tasklets Tasklets have an inherent problem with memory corruption. The function taskletactioncommon calls tasklettrylock, then it calls the tasklet callback and then it calls taskletunlock. If the...

CVE-2024-26707 net: hsr: remove WARN_ONCE() in send_hsr_supervision_frame()

In the Linux kernel, the following vulnerability has been resolved: net: hsr: remove WARNONCE in sendhsrsupervisionframe Syzkaller reported 1 hitting a warning after failing to allocate resources for skb in hsrinitskb. Since a WARNONCE call will not help much in this case, it might be prudent to...

AZL-56816 CVE-2023-52488 affecting package kernel for versions less than 5.15.176.3-1

In the Linux kernel, the following vulnerability has been resolved: serial: sc16is7xx: convert from raw to noinc regmap functions for FIFO The SC16IS7XX IC supports a burst mode to access the FIFOs where the initial register address is sent $00, followed by all the FIFO data without having to...

BIT-TENSORFLOW-2022-35999 `CHECK` fail in `Conv2DBackpropInput` in TensorFlow

TensorFlow is an open source platform for machine learning. When Conv2DBackpropInput receives empty outbackprop inputs e.g. 3, 1, 0, 1, the current CPU/GPU kernels CHECK fail one with dnnl, the other with cudnn. This can be used to trigger a denial of service attack. We have patched the issue in...

CVE-2021-47039

In the Linux kernel, the following vulnerability has been resolved: ataflop: potential out of bounds in doformat The function uses "type" as an array index: q = unitdrive.disktype-queue; Unfortunately the bounds check on "type" isn't done until later in the function. Fix this by moving the bounds...

CVE-2024-24859

A race condition was found in the Linux kernel's net/bluetooth in sniffmin,maxintervalset function. This can result in a bluetooth sniffing exception issue, possibly leading denial of service...

CVE-2023-52340

The IPv6 implementation in the Linux kernel before 6.3 has a net/ipv6/route.c maxsize threshold that can be consumed easily, e.g., leading to a denial of service network is unreachable errors when IPv6 packets are sent in a loop via a raw socket...

AZL-34029 CVE-2023-6200 affecting package kernel for versions less than 5.15.153.1-1

A race condition was found in the Linux Kernel. Under certain conditions, an unauthenticated attacker from an adjacent network could send an ICMPv6 router advertisement packet, causing arbitrary code execution...

Information disclosure

For migration as well as to work around kernels unaware of L1TF see XSA-273, PV guests may be run in shadow paging mode. Since Xen itself needs to be mapped when PV guests run, Xen and shadowed PV guests run directly the respective shadow page tables. For 64-bit PV guests this means running on th...

AZL-32264 CVE-2023-6931 affecting package kernel for versions less than 5.15.143.1-1

A heap out-of-bounds write vulnerability in the Linux kernel's Performance Events system component can be exploited to achieve local privilege escalation. A perfevent's readsize can overflow, leading to an heap out-of-bounds increment or write in perfreadgroup. We recommend upgrading past commit...

CVE-2023-6931

A heap out-of-bounds write vulnerability in the Linux kernel's Performance Events system component can be exploited to achieve local privilege escalation. A perfevent's readsize can overflow, leading to an heap out-of-bounds increment or write in perfreadgroup. We recommend upgrading past commit...

[Important] [Security] Virtuozzo ReadyKernel Patch 164.1 for Virtuozzo Hybrid Server 7.5

The cumulative Virtuozzo ReadyKernel patch was updated with security fixes. The patch applies to all supported kernels of Virtuozzo Hybrid Server 7.5. Vulnerability id: CVE-2023-32233 3.10.0-1160.53.1.vz7.185.3 to 3.10.0-1160.90.1.vz7.200.7 Fixed a use-after-free vulnerability that occurred if...

Weston Embedded uC-HTTP HTTP Server out-of-bounds write vulnerability

Talos Vulnerability Report TALOS-2023-1725 Weston Embedded uC-HTTP HTTP Server out-of-bounds write vulnerability November 14, 2023 CVE Number CVE-2023-24585 SUMMARY An out-of-bounds write vulnerability exists in the HTTP Server functionality of Weston Embedded uC-HTTP v3.01.01. A specially crafte...

CVE-2023-4610

Rejected reason: The SRCU code was added in upstream kernel v6.4-rc1 and removed before v6.4. This bug only existed in development kernels. Please see https://lore.kernel.org/all/[email protected] and https://bugzilla.suse.com/showbug.cgi?id=1215932 for more information...

UBUNTU-CVE-2023-4610

Rejected reason: The SRCU code was added in upstream kernel v6.4-rc1 and removed before v6.4. This bug only existed in development kernels. Please see https://lore.kernel.org/all/[email protected] and https://bugzilla.suse.com/showbug.cgi?id=1215932 for more information...

SUSE CVE-2023-4610

The SRCU code was added in upstream kernel v6.4-rc1 and removed before v6.4. This bug only existed in development kernels. Please see https://lore.kernel.org/all/[email protected] and https://bugzilla.suse.com/showbug.cgi?id=1215932 for more information...