239 matches found
CVE-2024-36907
...
CVE-2024-36884 iommu/arm-smmu: Use the correct type in nvidia_smmu_context_fault()
In the Linux kernel, the following vulnerability has been resolved: iommu/arm-smmu: Use the correct type in nvidiasmmucontextfault This was missed because of the function pointer indirection. nvidiasmmucontextfault is also installed as a irq function, and the 'void ' was changed to a struct...
CVE-2021-47535
In the Linux kernel, the following vulnerability has been resolved: drm/msm/a6xx: Allocate enough space for GMU registers In commit 142639a52a01 "drm/msm/a6xx: fix crashstate capture for A650" we changed a6xxgetgmuregisters to read 3 sets of registers. Unfortunately, we didn't change the memory...
CVE-2021-47535
In the Linux kernel, the following vulnerability has been resolved: drm/msm/a6xx: Allocate enough space for GMU registers In commit 142639a52a01 "drm/msm/a6xx: fix crashstate capture for A650" we changed a6xxgetgmuregisters to read 3 sets of registers. Unfortunately, we didn't change the memory...
SUSE CVE-2021-47337
In the Linux kernel, the following vulnerability has been resolved: scsi: core: Fix bad pointer dereference when ehandler kthread is invalid Commit 66a834d09293 "scsi: core: Fix error handling of scsihostalloc" changed the allocation logic to call putdevice to perform host cleanup with the...
CVE-2021-47337
A vulnerability was found in the Linux kernel's SCSI subsystem. The issue occurs when the system tries to stop an error handler thread that failed to start; if the thread fails to spawn, the kernel may dereference a bad pointer, leading to potential system crash. Mitigation Red Hat has investigat...
CVE-2021-47497 nvmem: Fix shift-out-of-bound (UBSAN) with byte size cells
In the Linux kernel, the following vulnerability has been resolved: nvmem: Fix shift-out-of-bound UBSAN with byte size cells If a cell has 'nbits' equal to a multiple of BITSPERBYTE the logic p &= GENMASKcell-nbits%BITSPERBYTE - 1, 0; will become undefined behavior because nbits modulo BITSPERBYT...
CVE-2023-52842
In the Linux kernel, the following vulnerability has been resolved: virtio/vsock: Fix uninit-value in virtiotransportrecvpkt KMSAN reported the following uninit-value access issue: ===================================================== BUG: KMSAN: uninit-value in virtiotransportrecvpkt+0x1dfb/0x26...
CVE-2021-47337
In the Linux kernel, the following vulnerability has been resolved: scsi: core: Fix bad pointer dereference when ehandler kthread is invalid Commit 66a834d09293 "scsi: core: Fix error handling of scsihostalloc" changed the allocation logic to call putdevice to perform host cleanup with the...
CVE-2021-47337
In the Linux kernel, the following vulnerability has been resolved: scsi: core: Fix bad pointer dereference when ehandler kthread is invalid Commit 66a834d09293 "scsi: core: Fix error handling of scsihostalloc" changed the allocation logic to call putdevice to perform host cleanup with the...
UBUNTU-CVE-2021-47337
In the Linux kernel, the following vulnerability has been resolved: scsi: core: Fix bad pointer dereference when ehandler kthread is invalid Commit 66a834d09293 "scsi: core: Fix error handling of scsihostalloc" changed the allocation logic to call putdevice to perform host cleanup with the...
CVE-2021-47337 scsi: core: Fix bad pointer dereference when ehandler kthread is invalid
In the Linux kernel, the following vulnerability has been resolved: scsi: core: Fix bad pointer dereference when ehandler kthread is invalid Commit 66a834d09293 "scsi: core: Fix error handling of scsihostalloc" changed the allocation logic to call putdevice to perform host cleanup with the...
CVE-2021-47337
The CVE-2021-47337 issue is in the Linux kernel SCSI core path: when an error arises during scsi_host_alloc() and the error-handling ehandler thread fails to spawn, shost->ehandler may be set to ERR_PTR(-ENOMEM) and scsi_host_dev_release() would call kthread_stop() on a NULL/invalid pointer, r...
CVE-2021-47337 scsi: core: Fix bad pointer dereference when ehandler kthread is invalid
In the Linux kernel, the following vulnerability has been resolved: scsi: core: Fix bad pointer dereference when ehandler kthread is invalid Commit 66a834d09293 "scsi: core: Fix error handling of scsihostalloc" changed the allocation logic to call putdevice to perform host cleanup with the...
CVE-2024-35971
In the Linux kernel, the following vulnerability has been resolved: net: ks8851: Handle softirqs at the end of IRQ thread to fix hang The ks8851irq thread may call ks8851rxpkts in case there are any packets in the MAC FIFO, which calls netifrx. This netifrx implementation is guarded by...
CVE-2024-35971
In the Linux kernel, the following vulnerability has been resolved: net: ks8851: Handle softirqs at the end of IRQ thread to fix hang The ks8851irq thread may call ks8851rxpkts in case there are any packets in the MAC FIFO, which calls netifrx. This netifrx implementation is guarded by...
CVE-2024-36007
CVE-2024-36007 involves a Linux kernel flaw in the Mellanox mlxsw spectrum ACL TCAM rehash machinery. The issue stemmed from markers (chunk/entry) used to resume a delayed rehash when credits run out. On error, only the chunk marker was reset, leaving entry markers relative to the chunk, which co...
CVE-2024-35929 rcu/nocb: Fix WARN_ON_ONCE() in the rcu_nocb_bypass_lock()
In the Linux kernel, the following vulnerability has been resolved: rcu/nocb: Fix WARNONONCE in the rcunocbbypasslock For the kernels built with CONFIGRCUNOCBCPUDEFAULTALL=y and CONFIGRCULAZY=y, the following scenarios will trigger WARNONONCE in the rcunocbbypasslock and rcunocbwaitcontended...
CVE-2024-35929 rcu/nocb: Fix WARN_ON_ONCE() in the rcu_nocb_bypass_lock()
In the Linux kernel, the following vulnerability has been resolved: rcu/nocb: Fix WARNONONCE in the rcunocbbypasslock For the kernels built with CONFIGRCUNOCBCPUDEFAULTALL=y and CONFIGRCULAZY=y, the following scenarios will trigger WARNONONCE in the rcunocbbypasslock and rcunocbwaitcontended...
CVE-2024-35853
In the Linux kernel, the following vulnerability has been resolved: mlxsw: spectrumacltcam: Fix memory leak during rehash The rehash delayed work migrates filters from one region to another. This is done by iterating over all chunks all the filters with the same priority in the region and in each...