4329 matches found
The vulnerabilities of the functions mcp_pinconf_get() and mcp_pinconf_set() in the Linux kernel driver (drivers/pinctrl/pinctrl-mcp23s08.c), which allow a hacker to cause service failures.
The vulnerability of the mcppinconfget and mcppinconfset functions in the Linux kernel driver drivers/pinctrl/pinctrl-mcp23s08.c is related to insufficient resource locking. Exploiting this vulnerability could allow an attacker to cause a service failure...
DEBIAN-CVE-2023-53020
In the Linux kernel, the following vulnerability has been resolved: l2tp: close all race conditions in l2tptunnelregister The code in l2tptunnelregister is racy in several ways: 1. It modifies the tunnel socket after publishing it. 2. It calls setupudptunnelsock on an existing socket without...
AZL-59411 CVE-2023-52935 affecting package kernel for versions less than 5.15.200.1-1
In the Linux kernel, the following vulnerability has been resolved: mm/khugepaged: fix -anonvma race If an -anonvma is attached to the VMA, collapseandfreepmd requires it to be locked. Page table traversal is allowed under any one of the mmap lock, the anonvma lock if the VMA is associated with a...
UBUNTU-CVE-2023-53022
In the Linux kernel, the following vulnerability has been resolved: net: enetc: avoid deadlock in enetctxonesteptstamp This lockdep splat says it better than I could: ================================ WARNING: inconsistent lock state 6.2.0-rc2-07010-ga9b9500ffaac-dirty 967 Not tainted...
UBUNTU-CVE-2023-53020
In the Linux kernel, the following vulnerability has been resolved: l2tp: close all race conditions in l2tptunnelregister The code in l2tptunnelregister is racy in several ways: 1. It modifies the tunnel socket after publishing it. 2. It calls setupudptunnelsock on an existing socket without...
CVE-2023-53022 net: enetc: avoid deadlock in enetc_tx_onestep_tstamp()
In the Linux kernel, the following vulnerability has been resolved: net: enetc: avoid deadlock in enetctxonesteptstamp This lockdep splat says it better than I could: ================================ WARNING: inconsistent lock state 6.2.0-rc2-07010-ga9b9500ffaac-dirty 967 Not tainted...
CVE-2023-53020
CVE-2023-53020 affects the Linux kernel: l2tp_tunnel_register() contains race conditions that modify the tunnel socket after publishing, call setup_udp_tunnel_sock() on an existing socket without locking, and change sock lock class on the fly. A patch fixes these by initializing the socket before...
CVE-2023-53020
In the Linux kernel, the following vulnerability has been resolved: l2tp: close all race conditions in l2tptunnelregister The code in l2tptunnelregister is racy in several ways: 1. It modifies the tunnel socket after publishing it. 2. It calls setupudptunnelsock on an existing socket without...
CVE-2022-49742 f2fs: initialize locks earlier in f2fs_fill_super()
In the Linux kernel, the following vulnerability has been resolved: f2fs: initialize locks earlier in f2fsfillsuper syzbot is reporting lockdep warning at f2fshandleerror 1, for spinlock&sbi-errorlock is called before spinlockinit is called. For safe locking in error handling, move initialization...
CVE-2023-52935
In the Linux kernel, the following vulnerability has been resolved: mm/khugepaged: fix -anonvma race If an -anonvma is attached to the VMA, collapseandfreepmd requires it to be locked. Page table traversal is allowed under any one of the mmap lock, the anonvma lock if the VMA is associated with a...
Linux kernel 资源管理错误漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A resource management error vulnerability exists in Linux kernel that stems from the mm/khugepaged component not properly locking anonvma when releasing pmd, which could lead t...
The vulnerability of the arm64 component of the Linux operating system’s kernel, which allows a hacker to trigger a service failure
The vulnerability of the arm64 component in the Linux operating system is related to improper locking mechanisms. Exploiting this vulnerability can allow an attacker to trigger a service failure...
The vulnerability of the Linux operating system’s kernel WiFi component, which allows a hacker to trigger a service failure
The vulnerability of the ieee80211dostop function in the Linux kernel’s Wi-Fi component is related to improper locking mechanisms. Exploiting this vulnerability could allow a attacker to trigger a service failure...
The vulnerability of the mm component in the Linux operating system’s kernel allows a hacker to trigger a service failure.
The vulnerability of the mm component in the Linux operating system’s kernel is related to improper locking mechanisms. Exploiting this vulnerability can allow an attacker to cause a service failure...
The vulnerability of the ocfs2 component in the Linux operating system’s kernel allows a hacker to cause a service failure.
The vulnerability of the ocfs2 component in the Linux operating system is related to improper locking mechanisms. Exploiting this vulnerability can allow an attacker to cause a service failure...
The vulnerabilities of the functions io_write_prep() and io_write() in the kernel code of the Linux operating system’s io_uring/io_uring.c module, which allow a hacker to cause a service failure.
The vulnerabilities of the functions iowriteprep and iowrite in the Linux operating system’s iouring/iouring.c kernel are related to improper resource locking. Exploiting these vulnerabilities can allow an attacker to cause service failures...
The vulnerability of the KVM kernel component in the Linux operating system allows a hacker to trigger a service failure.
The vulnerability of the KVM kernel component in the Linux operating system is related to improper locking mechanisms. Exploiting this vulnerability can allow an attacker to trigger a service failure...
The vulnerability of the sock_map component in the Linux operating system’s kernel allows a hacker to cause a service failure.
The vulnerability of the sockhashfree function in the sockmap component of the Linux kernel is related to improper locking mechanisms. Exploiting this vulnerability could allow an attacker to cause a service failure...
The vulnerability of the ip_tunnel_find() function in the net/ipv4/ip_tunnel.c module of the Linux operating system allows a hacker to cause a service failure.
The vulnerability of the iptunnelfind function in the net/ipv4/iptunnel.c module of the Linux operating system is related to incorrect resource locking. Exploiting this vulnerability could allow an attacker to cause a service failure...
The vulnerability of the __ocfs2_change_file_space() function in the ocfs2 component of the Linux operating system allows a attacker to cause a service failure.
The vulnerability of the ocfs2changefilespace function in the ocfs2 component of the Linux operating system is related to improper locking mechanisms. Exploiting this vulnerability could allow an attacker to cause a service failure...