88 matches found
SUSE CVE-2023-52570
In the Linux kernel, the following vulnerability has been resolved: vfio/mdev: Fix a null-ptr-deref bug for mdevunregisterparent Inject fault while probing mdpy.ko, if kstrdup of createdir fails in kobjectaddinternal in kobjectinitandadd in mdevtypeadd in parentcreatesysfsfiles, it will return 0...
CVE-2023-52570
In the Linux kernel, the following vulnerability has been resolved: vfio/mdev: Fix a null-ptr-deref bug for mdevunregisterparent Inject fault while probing mdpy.ko, if kstrdup of createdir fails in kobjectaddinternal in kobjectinitandadd in mdevtypeadd in parentcreatesysfsfiles, it will return 0...
DEBIAN-CVE-2023-52570
In the Linux kernel, the following vulnerability has been resolved: vfio/mdev: Fix a null-ptr-deref bug for mdevunregisterparent Inject fault while probing mdpy.ko, if kstrdup of createdir fails in kobjectaddinternal in kobjectinitandadd in mdevtypeadd in parentcreatesysfsfiles, it will return 0...
CVE-2023-52570
In the Linux kernel, the following vulnerability has been resolved: vfio/mdev: Fix a null-ptr-deref bug for mdevunregisterparent Inject fault while probing mdpy.ko, if kstrdup of createdir fails in kobjectaddinternal in kobjectinitandadd in mdevtypeadd in parentcreatesysfsfiles, it will return 0...
CVE-2023-52570
In the Linux kernel, the following vulnerability has been resolved: vfio/mdev: Fix a null-ptr-deref bug for mdevunregisterparent Inject fault while probing mdpy.ko, if kstrdup of createdir fails in kobjectaddinternal in kobjectinitandadd in mdevtypeadd in parentcreatesysfsfiles, it will return 0...
Spoofing
In the Linux kernel, the following vulnerability has been resolved: vfio/mdev: Fix a null-ptr-deref bug for mdevunregisterparent Inject fault while probing mdpy.ko, if kstrdup of createdir fails in kobjectaddinternal in kobjectinitandadd in mdevtypeadd in parentcreatesysfsfiles, it will return 0...
UBUNTU-CVE-2023-52570
In the Linux kernel, the following vulnerability has been resolved: vfio/mdev: Fix a null-ptr-deref bug for mdevunregisterparent Inject fault while probing mdpy.ko, if kstrdup of createdir fails in kobjectaddinternal in kobjectinitandadd in mdevtypeadd in parentcreatesysfsfiles, it will return 0...
CVE-2023-52570
CVE-2023-52570 affects the Linux kernel vfio/mdev path. The vulnerability is a NULL pointer dereference that can occur in mdev_unregister_parent() during module removal of the mdpy.mdpy (mdpy.ko), traced to probing/initialization flow (kobject_add_internal/kobject_init_and_add) and mdev_type_add(...
CVE-2023-52570
In the Linux kernel, the following vulnerability has been resolved: vfio/mdev: Fix a null-ptr-deref bug for mdevunregisterparent Inject fault while probing mdpy.ko, if kstrdup of createdir fails in kobjectaddinternal in kobjectinitandadd in mdevtypeadd in parentcreatesysfsfiles, it will return 0...
CVE-2023-52570 vfio/mdev: Fix a null-ptr-deref bug for mdev_unregister_parent()
In the Linux kernel, the following vulnerability has been resolved: vfio/mdev: Fix a null-ptr-deref bug for mdevunregisterparent Inject fault while probing mdpy.ko, if kstrdup of createdir fails in kobjectaddinternal in kobjectinitandadd in mdevtypeadd in parentcreatesysfsfiles, it will return 0...
Linux kernel security vulnerabilities
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from the fact that mdevtyperemove may traverse uninitialized parent-typesi in parentremovesysfsfiles...
CVE-2024-26620 s390/vfio-ap: always filter entire AP matrix
In the Linux kernel, the following vulnerability has been resolved: s390/vfio-ap: always filter entire AP matrix The vfioapmdevfiltermatrix function is called whenever a new adapter or domain is assigned to the mdev. The purpose of the function is to update the guest's AP configuration by filteri...
CVE-2024-26620
In the Linux kernel, the following vulnerability has been resolved: s390/vfio-ap: always filter entire AP matrix The vfioapmdevfiltermatrix function is called whenever a new adapter or domain is assigned to the mdev. The purpose of the function is to update the guest's AP configuration by filteri...
CVE-2024-26620 s390/vfio-ap: always filter entire AP matrix
In the Linux kernel, the following vulnerability has been resolved: s390/vfio-ap: always filter entire AP matrix The vfioapmdevfiltermatrix function is called whenever a new adapter or domain is assigned to the mdev. The purpose of the function is to update the guest's AP configuration by filteri...
libvirt security, bug fix, and enhancement update
9.5.0-7.0.1 - The path to the guest agent socket file can become too long and cause problems.rhbz2233744 - Set SOURCEDATEEPOCH from changelog Orabug: 32019554 9.5.0-7 - util: use 'stubDriverType' instead of just 'stubDriver' rhbz2074209 - util: add stub driver name to virPCIDevice object...
PT-2023-8793 · Linux +2 · Linux Kernel +2
Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 6.6.0-rc2+ Description: The issue is related to a null-ptr-deref bug in the mdev unregister parent function. When probing mdpy.ko, if kstrdup of create dir fails, it will return 0 and probe successfully. However...
AZL-27348 CVE-2023-3439 affecting package kernel for versions less than 5.15.126.1-1
A flaw was found in the MCTP protocol in the Linux kernel. The function mctpunregister reclaims the device's relevant resource when a netcard detaches. However, a running routine may be unaware of this and cause the use-after-free of the mdev-addrs object, potentially leading to a denial of servi...
DEBIAN-CVE-2023-3439
A flaw was found in the MCTP protocol in the Linux kernel. The function mctpunregister reclaims the device's relevant resource when a netcard detaches. However, a running routine may be unaware of this and cause the use-after-free of the mdev-addrs object, potentially leading to a denial of servi...
Linux kernel 资源管理错误漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. Linux kernel suffers from a denial of service vulnerability that can be exploited by an attacker to cause mdev-addrs object to be reused and denied service after release...
SUSE CVE-2013-1813
util-linux/mdev.c in BusyBox before 1.21.0 uses 0777 permissions for parent directories when creating nested directories under /dev/, which allows local users to have unknown impact and attack vectors...