DEBIAN-CVE-2024-36977

In the Linux kernel, the following vulnerability has been resolved: usb: dwc3: Wait unconditionally after issuing EndXfer command Currently all controller IP/revisions except DWC3usb3 = 310a wait 1ms unconditionally for ENDXFER completion when IOC is not set. This is because DWCusb3 controller...

DEBIAN-CVE-2024-36933

In the Linux kernel, the following vulnerability has been resolved: nsh: Restore skb-protocol,data,macheader for outer header in nshgsosegment. syzbot triggered various splats see 0 and links by a crafted GSO packet of VIRTIONETHDRGSOUDP layering the following protocols: ETHP8021AD + ETHPNSH +...

Medium: kernel

Issue Overview: A flaw has been found in Xen. An unprivileged guest can cause Denial of Service DoS of the host by sending network packets to the backend, causing the backend to crash. CVE-2023-46838 In the Linux kernel, the following vulnerability has been resolved: EDAC/thunderx: Fix possible...

SUSE CVE-2021-47515

In the Linux kernel, the following vulnerability has been resolved: seg6: fix the iif in the IPv6 socket control block When an IPv4 packet is received, the iprcvcore... sets the receiving interface index into the IPv4 socket control block v5.16-rc4, net/ipv4/ipinput.c line 510: IPCBskb-iif =...

kernel: x86/i8259: Mark legacy PIC interrupts with IRQ_LEVEL

In the Linux kernel, the following vulnerability has been resolved: x86/i8259: Mark legacy PIC interrupts with IRQLEVEL Baoquan reported that after triggering a crash the subsequent crash-kernel fails to boot about half of the time. It triggers a NULL pointer dereference in the periodic tick code...

SUSE CVE-2021-47429

In the Linux kernel, the following vulnerability has been resolved: powerpc/64s: Fix unrecoverable MCE calling async handler from NMI The machine check handler is not considered NMI on 64s. The early handler is the true NMI handler, and then it schedules the machinecheckexception handler to run...

DEBIAN-CVE-2023-52769

In the Linux kernel, the following vulnerability has been resolved: wifi: ath12k: fix htt mlo-offset event locking The ath12k active pdevs are protected by RCU but the htt mlo-offset event handling code calling ath12kmacgetarbypdevid was not marked as a read-side critical section. Mark the code i...

UBUNTU-CVE-2021-47322

In the Linux kernel, the following vulnerability has been resolved: NFSv4: Fix an Oops in pnfsmarkrequestcommit when doing ODIRECT Fix an Oopsable condition in pnfsmarkrequestcommit when we're putting a set of writes on the commit list to reschedule them after a failed pNFS attempt...

SUSE CVE-2023-52683

In the Linux kernel, the following vulnerability has been resolved: ACPI: LPIT: Avoid u32 multiplication overflow In lpitupdateresidency there is a possibility of overflow in multiplication, if tsckhz is large enough UINTMAX/1000. Change multiplication to mulu32u32. Found by Linux Verification...

SUSE CVE-2024-35927

In the Linux kernel, the following vulnerability has been resolved: drm: Check output polling initialized before disabling In drmkmshelperpolldisable check if output polling support is initialized before disabling polling. If not flag this as a warning. Additionally in drmmodeconfighelpersuspend...

UBUNTU-CVE-2024-36007

In the Linux kernel, the following vulnerability has been resolved: mlxsw: spectrumacltcam: Fix warning during rehash As previously explained, the rehash delayed work migrates filters from one region to another. This is done by iterating over all chunks all the filters with the same priority in t...

DEBIAN-CVE-2024-35932

In the Linux kernel, the following vulnerability has been resolved: drm/vc4: don't check if plane-state-fb == state-fb Currently, when using non-blocking commits, we can see the following kernel warning: 110.908514 ------------ cut here ------------ 110.908529 refcountt: underflow; use-after-free...

UBUNTU-CVE-2024-26971

In the Linux kernel, the following vulnerability has been resolved: clk: qcom: gcc-ipq5018: fix terminating of frequency table arrays The frequency table arrays are supposed to be terminated with an empty element. Add such entry to the end of the arrays where it is missing in order to avoid...

CVE-2024-26961 mac802154: fix llsec key resources release in mac802154_llsec_key_del

In the Linux kernel, the following vulnerability has been resolved: mac802154: fix llsec key resources release in mac802154llseckeydel mac802154llseckeydel can free resources of a key directly without following the RCU rules for waiting before the end of a grace period. This may lead to...

kernel: scsi: qla2xxx: Pointer may be dereferenced

In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Pointer may be dereferenced Klocwork tool reported pointer 'rport' returned from call to function fcbsgtorport may be NULL and will be dereferenced. Add a fix to validate rport before dereferencing...

DEBIAN-CVE-2022-48658

In the Linux kernel, the following vulnerability has been resolved: mm: slub: fix flushcpuslab/freeslab invocations in task context. Commit 5a836bf6b09f "mm: slub: move flushcpuslab invocations freeslab invocations out of IRQ context" moved all flushcpuslab invocations to the global workqueue to...

SUSE CVE-2024-26862

In the Linux kernel, the following vulnerability has been resolved: packet: annotate data-races around ignoreoutgoing ignoreoutgoing is read locklessly from devqueuexmitnit and packetgetsockopt Add appropriate READONCE/WRITEONCE annotations. syzbot reported: BUG: KCSAN: data-race in devqueuexmitn...

AZL-40162 CVE-2024-26900 affecting package kernel for versions less than 5.15.159.1-1

In the Linux kernel, the following vulnerability has been resolved: md: fix kmemleak of rdev-serial If kobjectadd is fail in bindrdevtoarray, 'rdev-serial' will be alloc not be freed, and kmemleak occurs. unreferenced object 0xffff88815a350000 size 49152: comm "mdadm", pid 789, jiffies 4294716910...

DEBIAN-CVE-2024-26761

In the Linux kernel, the following vulnerability has been resolved: cxl/pci: Fix disabling memory if DVSEC CXL Range does not match a CFMWS window The Linux CXL subsystem is built on the assumption that HPA == SPA. That is, the host physical address HPA the HDM decoder registers are programmed wi...

DEBIAN-CVE-2024-26690

In the Linux kernel, the following vulnerability has been resolved: net: stmmac: protect updates of 64-bit statistics counters As explained by a comment in , write side of struct u64statssync must ensure mutual exclusion, or one seqcount update could be lost on 32-bit platforms, thus blocking...