CVE-2024-49943 drm/xe/guc_submit: add missing locking in wedged_fini

In the Linux kernel, the following vulnerability has been resolved: drm/xe/gucsubmit: add missing locking in wedgedfini Any non-wedged queue can have a zero refcount here and can be running concurrently with an async queue destroy, therefore dereferencing the queue ptr to check wedge status after...

CVE-2024-49943 drm/xe/guc_submit: add missing locking in wedged_fini

In the Linux kernel, the following vulnerability has been resolved: drm/xe/gucsubmit: add missing locking in wedgedfini Any non-wedged queue can have a zero refcount here and can be running concurrently with an async queue destroy, therefore dereferencing the queue ptr to check wedge status after...

SUSE CVE-2024-47746

In the Linux kernel, the following vulnerability has been resolved: fuse: use exclusive lock when FUSEICACHEIOMODE is set This may be a typo. The comment has said shared locks are not allowed when this bit is set. If using shared lock, the wait in fusefilecachedioopen may be forever...

CVE-2024-47744

In the Linux kernel, the following vulnerability has been resolved: KVM: Use dedicated mutex to protect kvmusagecount to avoid deadlock Use a dedicated mutex to guard kvmusagecount to fix a potential deadlock on x86 due to a chain of locks and SRCU synchronizations. Translating the below lockdep...

DEBIAN-CVE-2024-49855

In the Linux kernel, the following vulnerability has been resolved: nbd: fix race between timeout and normal completion If request timetout is handled by nbdrequeuecmd, normal completion has to be stopped for avoiding to complete this requeued request, other use-after-free can be triggered. Fix t...

CVE-2024-47744

In the Linux kernel, the following vulnerability has been resolved: KVM: Use dedicated mutex to protect kvmusagecount to avoid deadlock Use a dedicated mutex to guard kvmusagecount to fix a potential deadlock on x86 due to a chain of locks and SRCU synchronizations. Translating the below lockdep...

CVE-2024-47744 KVM: Use dedicated mutex to protect kvm_usage_count to avoid deadlock

In the Linux kernel, the following vulnerability has been resolved: KVM: Use dedicated mutex to protect kvmusagecount to avoid deadlock Use a dedicated mutex to guard kvmusagecount to fix a potential deadlock on x86 due to a chain of locks and SRCU synchronizations. Translating the below lockdep...

CVE-2024-47744 KVM: Use dedicated mutex to protect kvm_usage_count to avoid deadlock

In the Linux kernel, the following vulnerability has been resolved: KVM: Use dedicated mutex to protect kvmusagecount to avoid deadlock Use a dedicated mutex to guard kvmusagecount to fix a potential deadlock on x86 due to a chain of locks and SRCU synchronizations. Translating the below lockdep...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from an improperly protected devqueuexmitnit call in the vrf subsystem that violates the RCU's lock usage...

The vulnerability of the mcp251x component in the Linux operating system’s kernel allows a hacker to cause a service failure.

The vulnerability of the mcp251x component in the Linux operating system’s kernel is related to incorrect resource locking. Exploiting this vulnerability can allow an attacker to cause a service failure...

F5 BIG-IP 访问控制错误漏洞

F5 BIG-IP is an application delivery platform that integrates network traffic management, application security management, load balancing, and other features from F5 USA. An access control error vulnerability exists in F5 BIG-IP that stems from a monitor feature that could allow an attacker to...

ROS-20241016-01

Vulnerability of nvmet-tcp component of Linux kernel is related to dereferencing of NULL pointer in the nvmettcpinstallqueue function in drivers/nvme/target/tcp.c. Exploitation of the vulnerability could allow an attacker to cause a denial of service Vulnerability in iwldeallocucode function in...

The vulnerability of the BUG_ON() function of the userfaultfd component in the Linux operating system allows a hacker to trigger a service failure.

The vulnerability of the BUGON function of the userfaultfd component in the Linux operating system is related to improper locking mechanisms. Exploiting this vulnerability can allow an attacker to cause a service failure...

The vulnerability of the queued_spin_lock_slowpath() function in the qspinlock component of the Linux operating system allows a hacker to trigger a service failure.

The vulnerability of the queuedspinlockslowpath function in the qspinlock component of the Linux operating system’s kernel is related to improper locking of resources. Exploiting this vulnerability could allow an attacker to cause a service failure...

ROS-20241015-13

A vulnerability in the libceph component of the Linux kernel is related to incorrect input validation of the in the getreply and prepnextsparseread functions in net/ceph/osdclient.c, in the decrypttail and preparereadtailplain in net/ceph/messengerv2.c, in sizeoffooter, readpartialsparsemsgdata,...

ROS-20241009-03

A vulnerability in the ksmbd component of the Linux kernel is related to NULL pointer dereferencing. Exploitation of the vulnerability could allow an attacker to cause a denial of service A vulnerability in the vcap component of the Linux operating system kernel is related to memory usage after...

CentOS 7 : kernel-alt (RHSA-2021:0354)

The remote CentOS Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2021:0354 advisory. - Use-after-free vulnerability in fs/blockdev.c in the Linux kernel before 5.8 allows local users to gain privileges or cause a denial of service by...

The vulnerability of the Linux operating system’s kernel component, which allows a hacker to cause a service failure

The vulnerability of the phy component in the Linux operating system’s kernel is related to improper resource locking. Exploiting this vulnerability can allow an attacker to cause a service failure...

The vulnerability of the `__dma_entry_alloc_check_leak()` function in the dma-debug component of the Linux operating system allows a attacker to trigger a service failure.

The vulnerability of the dmaentryalloccheckleak function in the dma-debug component of the Linux operating system’s kernel is related to improper locking of resources. Exploiting this vulnerability could allow an attacker to cause a service failure...

The vulnerability of the ceph kernel component in the Linux operating system, which allows a hacker to trigger a service failure

The vulnerability of the ceph kernel component in the Linux operating system is related to incorrect resource locking. Exploiting this vulnerability can allow an attacker to cause a service failure...