ROS-20241129-02

A vulnerability in the openvswitch component of the Linux operating system kernel is related to incorrect input validation in the parseicmpv6 function in net/openvswitch/flow.c. Exploitation of the vulnerability could allow an attacker to cause a denial of service A vulnerability in the cppccpufr...

Vulnerability of components such as locking/ww_mutex/test in the Linux operating system’s kernel, allowing a hacker to trigger a service failure

The vulnerability of the locking/wwmutex/test components in the Linux operating system is related to improper locking of resources. Exploiting this vulnerability can allow an attacker to cause a service failure...

CVE-2024-53100 nvme: tcp: avoid race between queue_lock lock and destroy

In the Linux kernel, the following vulnerability has been resolved: nvme: tcp: avoid race between queuelock lock and destroy Commit 76d54bf20cdc "nvme-tcp: don't access released socket during error recovery" added a mutexlock call for the queue-queuelock in nvmetcpgetaddress. However, the mutexlo...

The vulnerability of the ext4_dio_write_iter() function in the ext4 component of Linux operating system kernels allows a hacker to cause a service failure.

The vulnerability of the ext4diowriteiter function in the ext4 component of Linux operating systems is related to improper locking of resources. Exploiting this vulnerability can allow an attacker to cause a service failure...

The vulnerability of the ufshcd_mcq_abort() function in the ufs component of Linux operating systems allows a hacker to trigger a service failure.

The vulnerability of the ufshcdmcqabort function in the ufs component of Linux operating systems is related to a pointer dereferencing error due to incorrect resource locking. Exploiting this vulnerability can allow an attacker to cause a service failure...

Vulnerability of components of the Linux operating system’s kernel, net/mlx5e, which allows a hacker to cause a service failure

The vulnerability of the accel/ivpu components in Linux operating systems is related to improper locking of resources. Exploiting this vulnerability can allow an attacker to cause a service failure...

CVE-2024-53080

In the Linux kernel, the following vulnerability has been resolved: drm/panthor: Lock XArray when getting entries for the VM Similar to commit cac075706f29 "drm/panthor: Fix race when converting group handle to group object" we need to use the XArray's internal locking when retrieving a vm pointe...

CVE-2024-50294

In the Linux kernel, the following vulnerability has been resolved: rxrpc: Fix missing locking causing hanging calls If a call gets aborted e.g. because kafs saw a signal between it being queued for connection and the I/O thread picking up the call, the abort will be prioritised over the connecti...

CVE-2024-50210

In the Linux kernel, the following vulnerability has been resolved: posix-clock: posix-clock: Fix unbalanced locking in pcclocksettime If getclockdesc succeeds, it calls fget for the clockid's fd, and get the clk-rwsem read lock, so the error path should release the lock to make the lock balance...

The vulnerability of the zoned kernel component in the Linux operating system, which allows a hacker to cause a service failure

The vulnerability of the zoned kernel component in the Linux operating system is related to improper locking of resources in the btrfszoneactivate function. Exploiting this vulnerability can allow an attacker to cause a service failure...

The vulnerability of the Linux operating system’s kernel bridge component, which allows a hacker to trigger a service failure

The vulnerability of the Linux operating system’s kernel bridge component is related to improper locking of resources. Exploiting this vulnerability can allow an attacker to cause a service failure...

The vulnerability of DRM/AST components in Linux operating systems allows a perpetrator to trigger a service failure.

The vulnerability of DRM/ast components in Linux operating systems is related to improper locking of resources in the astdpsetonoff function. Exploiting this vulnerability can allow a perpetrator to cause service failures...

The vulnerability of the io_uring/kbuf components in Linux kernel allows a hacker to cause a service failure.

The vulnerability of the iouring/kbuf components in Linux operating systems is related to improper locking of resources. Exploiting this vulnerability can allow an attacker to cause a service failure...

Vulnerability of components of Linux operating system’s kernel’s net/sched module, allowing a hacker to cause a service failure

The vulnerability of the net/sched component of the Linux operating system’s kernel is related to improper locking of resources in the qdisctreereducebacklog function. Exploiting this vulnerability can allow an attacker to cause a service failure...

The vulnerability of the btrfs component in the Linux operating system’s kernel allows a hacker to trigger a service failure.

The vulnerability of the btrfs component in the Linux operating system’s kernel is related to improper locking of resources. Exploiting this vulnerability can allow an attacker to cause a service failure...

The vulnerability of the qbman component in the Linux operating system’s kernel allows a hacker to trigger a service failure.

The vulnerability of the qbman component in the Linux operating system’s kernel is related to improper locking of resources. Exploiting this vulnerability can allow an attacker to cause a service failure...

The vulnerability of the accel/ivpu components in the Linux operating system’s kernel allows a hacker to trigger a service failure.

The vulnerability of the accel/ivpu components in the Linux operating system’s kernel is related to improper locking of resources in the ivpudevinit function. Exploiting this vulnerability can allow an attacker to cause a service failure...

Unspecified vulnerability in Linux kernel (CNVD-2024-46417)

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from not locking XArray when fetching VM entries.No details of the vulnerability are available at this time...

SUSE CVE-2024-53080

In the Linux kernel, the following vulnerability has been resolved: drm/panthor: Lock XArray when getting entries for the VM Similar to commit cac075706f29 "drm/panthor: Fix race when converting group handle to group object" we need to use the XArray's internal locking when retrieving a vm pointe...

SUSE CVE-2024-53085

In the Linux kernel, the following vulnerability has been resolved: tpm: Lock TPM chip in tpmpmsuspend first Setting TPMCHIPFLAGSUSPENDED in the end of tpmpmsuspend can be racy according, as this leaves window for tpmhwrngread to be called while the operation is in progress. The recent bug report...