137 matches found
CVE-2024-41098 ata: libata-core: Fix null pointer dereference on error
In the Linux kernel, the following vulnerability has been resolved: ata: libata-core: Fix null pointer dereference on error If the ataportalloc call in atahostalloc fails, atahostrelease will get called. However, the code in atahostrelease tries to free ataport struct members unconditionally, whi...
CVE-2024-41087 ata: libata-core: Fix double free on error
In the Linux kernel, the following vulnerability has been resolved: ata: libata-core: Fix double free on error If e.g. the ataportalloc call in atahostalloc fails, we will jump to the errout label, which will call devresreleasegroup. devresreleasegroup will trigger a call to atahostrelease...
CVE-2024-41087
CVE-2024-41087 (Linux kernel) : The issue stems from the libata-core path “ata_host_alloc” where, on error, control may jump to err_out and call devres_release_group(), which triggers ata_host_release() and a subsequent kfree(host). If kfree(host) runs again in the normal path, a double free occu...
CVE-2024-41087 ata: libata-core: Fix double free on error
In the Linux kernel, the following vulnerability has been resolved: ata: libata-core: Fix double free on error If e.g. the ataportalloc call in atahostalloc fails, we will jump to the errout label, which will call devresreleasegroup. devresreleasegroup will trigger a call to atahostrelease...
kernel: ata: libata-core: fix NULL pointer deref in ata_host_alloc_pinfo()
A flaw was found in the libata module in the Linux kernel. A NULL pointer dereference can be triggered in the unlikely case that the PPI, an array of ATA portinfo, argument of the atahostallocpinfo function is NULL. This issue causes a crash and results in a denial of service...
SUSE CVE-2008-5700
libata in the Linux kernel before 2.6.27.9 does not set minimum timeouts for SGIO requests, which allows local users to cause a denial of service Programmed I/O mode on drives via multiple simultaneous invocations of an unspecified test program...
GSD-2022-1008230 ata: libata-transport: fix double ata_host_put() in ata_tport_add()
ata: libata-transport: fix double atahostput in atatportadd This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v4.19.267 by commit...
GSD-2022-1008151 ata: libata-transport: fix double ata_host_put() in ata_tport_add()
ata: libata-transport: fix double atahostput in atatportadd This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.4.225 by commit...
GSD-2022-1008049 ata: libata-transport: fix error handling in ata_tlink_add()
ata: libata-transport: fix error handling in atatlinkadd This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.10.156 by commit...
GSD-2022-1007913 ata: libata-transport: fix error handling in ata_tlink_add()
ata: libata-transport: fix error handling in atatlinkadd This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.15.80 by commit...
GSD-2022-1007748 ata: libata-transport: fix double ata_host_put() in ata_tport_add()
ata: libata-transport: fix double atahostput in atatportadd This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v6.0.10 by commit...
GSD-2022-1007746 ata: libata-transport: fix error handling in ata_tlink_add()
ata: libata-transport: fix error handling in atatlinkadd This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v6.0.10 by commit...
GSD-2022-1004949 ata: libata-core: fix NULL pointer deref in ata_host_alloc_pinfo()
ata: libata-core: fix NULL pointer deref in atahostallocpinfo This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v4.9.320 by commit...
GSD-2022-1004766 ata: libata-core: fix NULL pointer deref in ata_host_alloc_pinfo()
ata: libata-core: fix NULL pointer deref in atahostallocpinfo This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.4.200 by commit...
Security update for the Linux Kernel (important)
openSUSE Security Update: Security update for the Linux Kernel Announcement ID: openSUSE-SU-2022:0760-1 Rating: important References: 1089644 1154353 1157038 1157923 1176447 1176940 1178134 1181147 1181588 1183872 1187716 1188404 1189126 1190812 1190972 1191580 1191655 1191741 1192210 1192483...
kernel security and bug fix update
2.6.32-754.35.1.OL6 - Update genkey bug 25599697 2.6.32-754.35.1 - ata libata: fix NULL sdev dereference race in atapiqccomplete Kenneth Yin 1876296 2.6.32-754.34.1 - mm mm: prevent getuserpages from overflowing page refcount Aristeu Rozanski 1705003 - mm mm/hugetlb.c: getuserpages ignores certai...
Denial Of Service (DoS)
kernel is vulnerable to denial of service. A deficiency was found in the libATA implementation. This could, potentially, lead to a denial of service. By default, the /dev/sg devices are accessible only to the root user...
kernel security, bug fix, and enhancement update
2.6.32-431.23.3 - netdrv pppol2tp: fail when socket option level is not SOLPPPOL2TP 1119461 1119462 CVE-2014-4943 2.6.32-431.23.2 - kernel utrace: force IRET path after utracefinishvfork Oleg Nesterov 1115932 1115933 CVE-2014-4699 2.6.32-431.23.1 - net iptunnel: fix iptunnelfind to return NULL in...
openSUSE Security Update : Kernel (openSUSE-SU-2012:0812-1)
This kernel update of the openSUSE 12.1 kernel brings various bug and security fixes. Following issues were fixed : - tcp: drop SYN+FIN messages bnc765102, CVE-2012-2663. - net: sock: validate datalen before allocating skb in sockallocsendpskb bnc765320, CVE-2012-2136. - thp: avoid atomic64read i...
kernel security and bug fix update
2.6.32-279.9.1.el6 - md raid1, raid10: avoid deadlock during resync/recovery. Dave Wysochanski 845464 835613 - fs dlm: fix deadlock between dlmsend and dlmcontrold David Teigland 849051 824964 - ata libata: Add space to fix 2GB ATA Flash Disk/ADMA428M blacklist Prarit Bhargava 851445 843849 - fs...