CVE-2024-27031 NFS: Fix nfs_netfs_issue_read() xarray locking for writeback interrupt

In the Linux kernel, the following vulnerability has been resolved: NFS: Fix nfsnetfsissueread xarray locking for writeback interrupt The loop inside nfsnetfsissueread currently does not disable interrupts while iterating through pages in the xarray to submit for NFS read. This is not safe though...

CVE-2024-27031

CVE-2024-27031 (Linux kernel) : The NFS read path (nfs_netfs_issue_read) locked with xa_lock while submitting pages for writeback, but did not disable interrupts during iteration, creating a deadlock risk if an interrupt runs and touches the xa_lock. The fix replaces manual iteration with xa_for_...

CVE-2024-27031

In the Linux kernel, the following vulnerability has been resolved: NFS: Fix nfsnetfsissueread xarray locking for writeback interrupt The loop inside nfsnetfsissueread currently does not disable interrupts while iterating through pages in the xarray to submit for NFS read. This is not safe though...

CVE-2024-27014

In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: Prevent deadlock while disabling aRFS When disabling aRFS under the priv-statelock, any scheduled aRFS works are canceled using the cancelworksync function, which waits for the work to end if it has already started...

DEBIAN-CVE-2024-27010

In the Linux kernel, the following vulnerability has been resolved: net/sched: Fix mirred deadlock on device recursion When the mirred action is used on a classful egress qdisc and a packet is mirrored or redirected to self we hit a qdisc lock deadlock. See trace below. ..... other info removed f...

CVE-2024-27005

In the Linux kernel, the following vulnerability has been resolved: interconnect: Don't access reqlist while it's being manipulated The icclock mutex was split into separate icclock and iccbwlock mutexes in 1 to avoid lockdep splats. However, this didn't adequately protect access to...

AZL-59644 CVE-2024-27005 affecting package kernel 5.15.200.1-1

In the Linux kernel, the following vulnerability has been resolved: interconnect: Don't access reqlist while it's being manipulated The icclock mutex was split into separate icclock and iccbwlock mutexes in 1 to avoid lockdep splats. However, this didn't adequately protect access to...

DEBIAN-CVE-2024-27005

In the Linux kernel, the following vulnerability has been resolved: interconnect: Don't access reqlist while it's being manipulated The icclock mutex was split into separate icclock and iccbwlock mutexes in 1 to avoid lockdep splats. However, this didn't adequately protect access to...

CVE-2024-26987

In the Linux kernel, the following vulnerability has been resolved: mm/memory-failure: fix deadlock when hugetlboptimizevmemmap is enabled When I did hard offline test with hugetlb pages, below deadlock occurs: ====================================================== WARNING: possible circular...

CVE-2024-27005

In the Linux kernel, the following vulnerability has been resolved: interconnect: Don't access reqlist while it's being manipulated The icclock mutex was split into separate icclock and iccbwlock mutexes in 1 to avoid lockdep splats. However, this didn't adequately protect access to...

UBUNTU-CVE-2024-27010

In the Linux kernel, the following vulnerability has been resolved: net/sched: Fix mirred deadlock on device recursion When the mirred action is used on a classful egress qdisc and a packet is mirrored or redirected to self we hit a qdisc lock deadlock. See trace below. ..... other info removed f...

UBUNTU-CVE-2024-27005

In the Linux kernel, the following vulnerability has been resolved: interconnect: Don't access reqlist while it's being manipulated The icclock mutex was split into separate icclock and iccbwlock mutexes in 1 to avoid lockdep splats. However, this didn't adequately protect access to...

CVE-2024-27014 net/mlx5e: Prevent deadlock while disabling aRFS

In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: Prevent deadlock while disabling aRFS When disabling aRFS under the priv-statelock, any scheduled aRFS works are canceled using the cancelworksync function, which waits for the work to end if it has already started...

CVE-2024-27014

CVE-2024-27014 affects the Linux kernel component net/mlx5e, where a deadlock could occur when disabling accelerated Receive Flow Steering (aRFS). The issue arises because a scheduled aRFS work item cancels under priv->state_lock, but the work handler later tries to reacquire that same lock, c...

CVE-2024-27014

In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: Prevent deadlock while disabling aRFS When disabling aRFS under the priv-statelock, any scheduled aRFS works are canceled using the cancelworksync function, which waits for the work to end if it has already started...

CVE-2024-27005 interconnect: Don't access req_list while it's being manipulated

In the Linux kernel, the following vulnerability has been resolved: interconnect: Don't access reqlist while it's being manipulated The icclock mutex was split into separate icclock and iccbwlock mutexes in 1 to avoid lockdep splats. However, this didn't adequately protect access to...

CVE-2024-27005

In the Linux kernel, the following vulnerability has been resolved: interconnect: Don't access reqlist while it's being manipulated The icclock mutex was split into separate icclock and iccbwlock mutexes in 1 to avoid lockdep splats. However, this didn't adequately protect access to...

CVE-2024-26987 mm/memory-failure: fix deadlock when hugetlb_optimize_vmemmap is enabled

In the Linux kernel, the following vulnerability has been resolved: mm/memory-failure: fix deadlock when hugetlboptimizevmemmap is enabled When I did hard offline test with hugetlb pages, below deadlock occurs: ====================================================== WARNING: possible circular...

CVE-2024-26939 drm/i915/vma: Fix UAF on destroy against retire race

In the Linux kernel, the following vulnerability has been resolved: drm/i915/vma: Fix UAF on destroy against retire race Object debugging tools were sporadically reporting illegal attempts to free a still active i915 VMA object when parking a GT believed to be idle. 161.359441 ODEBUG: free active...

CVE-2024-26934

CVE-2024-26934: Linux kernel USB core deadlock in usb_deauthorize_interface() when sysfs attribute callbacks hold a parent device lock. Affected: drivers/usb/core/sysfs.c (interface_authorized_store) acquiring parent device lock; fix uses sysfs_break_active_protection() to avoid waiting for the c...