551 matches found
SUSE CVE-2024-26862
In the Linux kernel, the following vulnerability has been resolved: packet: annotate data-races around ignoreoutgoing ignoreoutgoing is read locklessly from devqueuexmitnit and packetgetsockopt Add appropriate READONCE/WRITEONCE annotations. syzbot reported: BUG: KCSAN: data-race in devqueuexmitn...
AZL-40162 CVE-2024-26900 affecting package kernel for versions less than 5.15.159.1-1
In the Linux kernel, the following vulnerability has been resolved: md: fix kmemleak of rdev-serial If kobjectadd is fail in bindrdevtoarray, 'rdev-serial' will be alloc not be freed, and kmemleak occurs. unreferenced object 0xffff88815a350000 size 49152: comm "mdadm", pid 789, jiffies 4294716910...
DEBIAN-CVE-2024-26761
In the Linux kernel, the following vulnerability has been resolved: cxl/pci: Fix disabling memory if DVSEC CXL Range does not match a CFMWS window The Linux CXL subsystem is built on the assumption that HPA == SPA. That is, the host physical address HPA the HDM decoder registers are programmed wi...
DEBIAN-CVE-2024-26690
In the Linux kernel, the following vulnerability has been resolved: net: stmmac: protect updates of 64-bit statistics counters As explained by a comment in , write side of struct u64statssync must ensure mutual exclusion, or one seqcount update could be lost on 32-bit platforms, thus blocking...
DEBIAN-CVE-2024-26672
In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Fix variable 'mcafuncs' dereferenced before NULL check in 'amdgpumcasmugetmcaentry' Fixes the below: drivers/gpu/drm/amd/amdgpu/amdgpumca.c:377 amdgpumcasmugetmcaentry warn: variable dereferenced before check 'mcafunc...
UBUNTU-CVE-2023-52622
In the Linux kernel, the following vulnerability has been resolved: ext4: avoid online resizing failures due to oversized flex bg When we online resize an ext4 filesystem with a oversized flexbgsize, mkfs.ext4 -F -G 67108864 $dev -b 4096 100M mount $dev $dir resize2fs $dev 16G the following WARNO...
UBUNTU-CVE-2023-52613
In the Linux kernel, the following vulnerability has been resolved: drivers/thermal/loongson2thermal: Fix incorrect PTRERR judgment PTRERR returns -ENODEV when thermal-zones are undefined, and we need -ENODEV as the right value for comparison. Otherwise, tz-type is NULL when thermal-zones is...
DEBIAN-CVE-2021-47096
In the Linux kernel, the following vulnerability has been resolved: ALSA: rawmidi - fix the uninitalized userpversion The userpversion was uninitialized for the user space file structure in the open function, because the file private structure use kmalloc for the allocation. The kernel ALSA...
UBUNTU-CVE-2023-52577
In the Linux kernel, the following vulnerability has been resolved: dccp: fix dccpv4err/dccpv6err again dh-dccphx is the 9th byte offset 8 in "struct dccphdr", not in the "byte 7" as Jann claimed. We need to make sure the ICMP messages are big enough, using more standard ways no more assumptions...
kernel: HID: betop: check shape of output reports
In the Linux kernel, the following vulnerability has been resolved: HID: betop: check shape of output reports betopffinit only checks the total sum of the report counts for each report field to be at least 4, but hidbetopffplay expects 4 report fields. A device advertising an output report with o...
kernel: EDAC/i10nm: fix refcount leak in pci_get_dev_wrapper()
In the Linux kernel, the following vulnerability has been resolved: EDAC/i10nm: fix refcount leak in pcigetdevwrapper As the comment of pcigetdomainbusandslot says, it returns a PCI device with refcount incremented, so it doesn't need to call an extra pcidevget in pcigetdevwrapper, and the PCI...
kernel: wifi: ath9k: verify the expected usb_endpoints are present
In the Linux kernel, the following vulnerability has been resolved: wifi: ath9k: verify the expected usbendpoints are present The bug arises when a USB device claims to be an ATH9K but doesn't have the expected endpoints. In this case there was an interrupt endpoint where the driver expected a bu...
kernel: wifi: iwlwifi: mvm: fix double list_add at iwl_mvm_mac_wake_tx_queue
In the Linux kernel, the following vulnerability has been resolved: wifi: iwlwifi: mvm: fix double listadd at iwlmvmmacwaketxqueue After successfull station association, if station queues are disabled for some reason, the related lists are not emptied. So if some new element is added to the list ...
kernel: scsi: qla2xxx: Fix crash when I/O abort times out
In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Fix crash when I/O abort times out While performing CPU hotplug, a crash with the following stack was seen: Call Trace: qla24xxprocessresponsequeue+0x42a/0x970 qla2xxx qla2x00startnvmemq+0x3a2/0x4b0 qla2xxx...
kernel: perf/x86/intel/uncore: Fix reference count leak in snr_uncore_mmio_map()
In the Linux kernel, the following vulnerability has been resolved: perf/x86/intel/uncore: Fix reference count leak in snruncoremmiomap pcigetdevice will increase the reference count for the returned pcidev, so snruncoregetmcdev will return a pcidev with its reference count increased. We need to...
GSD-2022-1008212 kcm: avoid potential race in kcm_tx_work
kcm: avoid potential race in kcmtxwork This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v4.19.267 by commit...
PT-2025-49468
Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.1.0-rc5-wt-ath-656295-gef907406320c-dirty 6 Description The Linux kernel contains a flaw within the ath11k module related to monitor mode bringup. When an interface is activated in monitor mode, a NULL pointer...
kernel: scsi: lpfc: Inhibit aborts if external loopback plug is inserted
In the Linux kernel, the following vulnerability has been resolved: scsi: lpfc: Inhibit aborts if external loopback plug is inserted After running a short external loopback test, when the external loopback is removed and a normal cable inserted that is directly connected to a target device, the...
GSD-2022-1007511 drivers: serial: jsm: fix some leaks in probe
drivers: serial: jsm: fix some leaks in probe This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v4.19.262 by commit...
kernel: KVM: Unconditionally get a ref to /dev/kvm module when creating a VM
REJECTED CVE In the Linux kernel, the following vulnerability has been resolved: KVM: Unconditionally get a ref to /dev/kvm module when creating a VM...