4324 matches found
CVE-2024-38662 bpf: Allow delete from sockmap/sockhash only if update is allowed
In the Linux kernel, the following vulnerability has been resolved: bpf: Allow delete from sockmap/sockhash only if update is allowed We have seen an influx of syzkaller reports where a BPF program attached to a tracepoint triggers a locking rule violation by performing a mapdelete on a...
CVE-2024-38662 bpf: Allow delete from sockmap/sockhash only if update is allowed
In the Linux kernel, the following vulnerability has been resolved: bpf: Allow delete from sockmap/sockhash only if update is allowed We have seen an influx of syzkaller reports where a BPF program attached to a tracepoint triggers a locking rule violation by performing a mapdelete on a...
CVE-2024-38662 bpf: Allow delete from sockmap/sockhash only if update is allowed
In the Linux kernel, the following vulnerability has been resolved: bpf: Allow delete from sockmap/sockhash only if update is allowed We have seen an influx of syzkaller reports where a BPF program attached to a tracepoint triggers a locking rule violation by performing a mapdelete on a...
DEBIAN-CVE-2024-38628
In the Linux kernel, the following vulnerability has been resolved: usb: gadget: uaudio: Fix race condition use of controls after free during gadget unbind. Hang on to the control IDs instead of pointers since those are correctly handled with locks...
CVE-2023-52884
In the Linux kernel, the following vulnerability has been resolved: Input: cyapa - add missing input core locking to suspend/resume functions Grab input-mutex during suspend/resume functions like it is done in other input drivers. This fixes the following warning during system suspend/resume cycl...
UBUNTU-CVE-2023-52884
In the Linux kernel, the following vulnerability has been resolved: Input: cyapa - add missing input core locking to suspend/resume functions Grab input-mutex during suspend/resume functions like it is done in other input drivers. This fixes the following warning during system suspend/resume cycl...
CVE-2024-38634 serial: max3100: Lock port->lock when calling uart_handle_cts_change()
In the Linux kernel, the following vulnerability has been resolved: serial: max3100: Lock port-lock when calling uarthandlectschange uarthandlectschange has to be called with port lock taken, Since we run it in a separate work, the lock may not be taken at the time of running. Make sure that it's...
CVE-2023-52884 Input: cyapa - add missing input core locking to suspend/resume functions
In the Linux kernel, the following vulnerability has been resolved: Input: cyapa - add missing input core locking to suspend/resume functions Grab input-mutex during suspend/resume functions like it is done in other input drivers. This fixes the following warning during system suspend/resume cycl...
CVE-2023-52884
CVE-2023-52884 is a Linux kernel issue where the input core locking for the cyapa driver’s suspend/resume paths was missing, allowing a warning to be emitted during suspend on Samsung Exynos5250 Snow Chromebook. The fix adds input->mutex locking in suspend/resume to prevent races with other in...
CVE-2023-52884 Input: cyapa - add missing input core locking to suspend/resume functions
In the Linux kernel, the following vulnerability has been resolved: Input: cyapa - add missing input core locking to suspend/resume functions Grab input-mutex during suspend/resume functions like it is done in other input drivers. This fixes the following warning during system suspend/resume cycl...
CVE-2023-52884 Input: cyapa - add missing input core locking to suspend/resume functions
In the Linux kernel, the following vulnerability has been resolved: Input: cyapa - add missing input core locking to suspend/resume functions Grab input-mutex during suspend/resume functions like it is done in other input drivers. This fixes the following warning during system suspend/resume cycl...
SUSE CVE-2021-47587
In the Linux kernel, the following vulnerability has been resolved: net: systemport: Add global locking for descriptor lifecycle The descriptor list is a shared resource across all of the transmit queues, and the locking mechanism used today only protects concurrency across a given transmit queue...
Linux kernel security vulnerabilities
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that originates from the serial:max3100 module locking port-lock when calling uarthandlectschange...
Linux Kernel USB/IP VHCI Driver Race Condition Privilege Escalation Vulnerability
This vulnerability allows physically present attackers to escalate privileges on affected installations of Linux Kernel. Authentication is not required to exploit this vulnerability. The specific flaw exists within the processing of the reset event. The issue results from the lack of proper locki...
Linux Kernel ICMPv6 Router Advertisement Race Condition Remote Code Execution Vulnerability
This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Linux Kernel. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of Route Information options. The issue results from the lack of...
CVE-2024-38589
In the Linux kernel, the following vulnerability has been resolved: netrom: fix possible dead-lock in nrrtioctl syzbot loves netrom, and found a possible deadlock in nrrtioctl 1 Make sure we always acquire nrnodelistlock before nrnodelocknrnode 1 WARNING: possible circular locking dependency...
DEBIAN-CVE-2022-48726
In the Linux kernel, the following vulnerability has been resolved: RDMA/ucma: Protect mc during concurrent multicast leaves Partially revert the commit mentioned in the Fixes line to make sure that allocation and erasing multicast struct are locked. BUG: KASAN: use-after-free in...
CVE-2021-47587
In the Linux kernel, the following vulnerability has been resolved: net: systemport: Add global locking for descriptor lifecycle The descriptor list is a shared resource across all of the transmit queues, and the locking mechanism used today only protects concurrency across a given transmit queue...
CVE-2021-47587
In the Linux kernel, the following vulnerability has been resolved: net: systemport: Add global locking for descriptor lifecycle The descriptor list is a shared resource across all of the transmit queues, and the locking mechanism used today only protects concurrency across a given transmit queue...
CVE-2021-47587
In the Linux kernel, the following vulnerability has been resolved: net: systemport: Add global locking for descriptor lifecycle The descriptor list is a shared resource across all of the transmit queues, and the locking mechanism used today only protects concurrency across a given transmit queue...