AZL-52126 CVE-2024-50006 affecting package kernel for versions less than 5.15.173.1-1

In the Linux kernel, the following vulnerability has been resolved: ext4: fix idatasem unlock order in ext4indmigrate Fuzzing reports a possible deadlock in jbd2logwaitcommit. This issue is triggered when an EXT4IOCMIGRATE ioctl is set to require synchronous updates because the file descriptor is...

UBUNTU-CVE-2024-47670

In the Linux kernel, the following vulnerability has been resolved: ocfs2: add bounds checking to ocfs2xattrfindentry Add a paranoia check to make sure it doesn't stray beyond valid memory region containing ocfs2 xattr entries when scanning for a match. It will prevent out-of-bound access in case...

openSUSE Security Advisory (SUSE-SU-2024:3338-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

AZL-49557 CVE-2024-46760 affecting package kernel 5.15.200.1-1

In the Linux kernel, the following vulnerability has been resolved: wifi: rtw88: usb: schedule rx work after everything is set up Right now it's possible to hit NULL pointer dereference in rtwrxfillrxstatus on hw object and/or its fields because initialization routine can start getting USB replie...

kernel: mm/huge_memory: don't unpoison huge_zero_folio

A vulnerability was found in the Linux kernel's memory management component in the unpoisonmemory function, where it involves improper handling of hugezerofolio when memory failures occur, which can lead to a kernel panic due to an erroneous reference count...

CBL Mariner 2.0 Security Update: kernel (CVE-2024-42074)

The version of kernel installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-42074 advisory. - In the Linux kernel, the following vulnerability has been resolved: ASoC: amd: acp: add a null check for...

AZL-42946 CVE-2024-39291 affecting package kernel for versions less than 5.15.160.1-1

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Fix buffer size in gfxv943init cpcomputemicrocode and rlcmicrocode The function gfxv943initmicrocode in gfxv943.c was generating about potential truncation of output when using the snprintf function. The issue was due...

AZL-48310 CVE-2024-38543 affecting package kernel 5.15.200.1-1

In the Linux kernel, the following vulnerability has been resolved: lib/testhmm.c: handle srcpfns and dstpfns allocation failure The kcalloc in dmirrordeviceevictchunk will return null if the physical memory has run out. As a result, if srcpfns or dstpfns is dereferenced, the null pointer...

DEBIAN-CVE-2021-47343

In the Linux kernel, the following vulnerability has been resolved: dm btree remove: assign newroot only when removal succeeds removeraw in dmbtreeremove may fail due to IO read error e.g. read the content of origin block fails during shadowing, and the value of shadowspine::root is uninitialized...

CVE-2021-47300 bpf: Fix tail_call_reachable rejection for interpreter when jit failed

In the Linux kernel, the following vulnerability has been resolved: bpf: Fix tailcallreachable rejection for interpreter when jit failed During testing of f263a81451c1 "bpf: Track subprog poke descriptors correctly and fix use-after-free" under various failure conditions, for example, when...

CVE-2021-47300 bpf: Fix tail_call_reachable rejection for interpreter when jit failed

In the Linux kernel, the following vulnerability has been resolved: bpf: Fix tailcallreachable rejection for interpreter when jit failed During testing of f263a81451c1 "bpf: Track subprog poke descriptors correctly and fix use-after-free" under various failure conditions, for example, when...

The vulnerability of the ovs_ct_limit_exit() function in the Linux operating system allows a hacker to trigger a service failure.

The vulnerability of the ovsctlimitexit function in the netopenvswitch/conntrack.c module of the Linux kernel is related to the reutilization of previously released memory. Exploiting this vulnerability could allow an attacker to cause a service failure...

AZL-40097 CVE-2024-26900 affecting package kernel for versions less than 6.6.35.1-4

In the Linux kernel, the following vulnerability has been resolved: md: fix kmemleak of rdev-serial If kobjectadd is fail in bindrdevtoarray, 'rdev-serial' will be alloc not be freed, and kmemleak occurs. unreferenced object 0xffff88815a350000 size 49152: comm "mdadm", pid 789, jiffies 4294716910...

UBUNTU-CVE-2024-26645

In the Linux kernel, the following vulnerability has been resolved: tracing: Ensure visibility when inserting an element into tracingmap Running the following two commands in parallel on a multi-processor AArch64 machine can sporadically produce an unexpected warning about duplicate histogram...

kernel: use-after-free in sch_qfq network scheduler

A use-after-free flaw was found in qfqdequeue and aggdequeue in net/sched/schqfq.c in the Traffic Control QoS subsystem in the Linux kernel. This issue may allow a local user to crash the system or escalate their privileges on the system...

UBUNTU-CVE-2024-26608

In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix global oob in ksmbdnlpolicy Similar to a reported issue check the commit b33fb5b801c6 "net: qualcomm: rmnet: fix global oob in rmnetpolicy", my local fuzzer finds another global out-of-bounds read for policy...

The vulnerability of the macsec_add_dev() function in the drivers/net/macsec.c module of the Linux kernel allows a hacker to gain access to confidential data, compromise its integrity, and cause service failures.

The vulnerability of the macsecadddev function in the drivers/net/macsec.c module of the Linux kernel is related to the repeated release of memory. Exploiting this vulnerability could allow a remote attacker to gain access to confidential data, compromise its integrity, and cause service failures...

The vulnerability of the io_commit_cring() function in the io_uring/io_uring.c module of the io_uring subsystem in the Linux operating system allows a attacker to compromise the confidentiality, integrity, and accessibility of protected information, or to enhance their privileges.

The vulnerability of the iocommitcrying function in the iouring/iouring.c module of the iouring subsystem of the Linux operating system is related to a violation of synchronization mechanisms. Exploiting this vulnerability can allow an attacker to compromise the confidentiality, integrity, and...

Out-of-bounds write in Linux kernel's net/sched: sch_qfq component

...

SUSE CVE-2006-2444

The snmptrapdecode function in the SNMP NAT helper for Linux kernel before 2.6.16.18 allows remote attackers to cause a denial of service crash via unspecified remote attack vectors that cause failures in snmptrapdecode that trigger 1 frees of random memory or 2 frees of previously-freed memory...