25 matches found
ROS-20240823-01
Vulnerability of amdgpurasgetcontext function in drm/amdgpu component of Linux operating system kernel is related to null pointer dereferencing on drmcvtmode failure. Exploitation of the vulnerability could allow an attacker to cause a denial of service Vulnerability of brcmfnotifyescancomplete...
CVE-2024-43880
In the Linux kernel, the following vulnerability has been resolved: mlxsw: spectrumaclerp: Fix object nesting warning ACLs in Spectrum-2 and newer ASICs can reside in the algorithmic TCAM A-TCAM or in the ordinary circuit TCAM C-TCAM. The former can contain more ACLs i.e., tc filters, but the...
CVE-2024-43880
CVE-2024-43880 affects the Linux kernel mlxsw Spectrum ACL TCAM handling. The issue arises in the TCAM masking logic where object aggregation hints could form nested objects (A-TCAM/C-TCAM) due to an aggregation‑helper in the objagg library and driver interaction. This could produce non‑optimal o...
CVE-2024-43880 mlxsw: spectrum_acl_erp: Fix object nesting warning
In the Linux kernel, the following vulnerability has been resolved: mlxsw: spectrumaclerp: Fix object nesting warning ACLs in Spectrum-2 and newer ASICs can reside in the algorithmic TCAM A-TCAM or in the ordinary circuit TCAM C-TCAM. The former can contain more ACLs i.e., tc filters, but the...
CVE-2024-43846 lib: objagg: Fix general protection fault
In the Linux kernel, the following vulnerability has been resolved: lib: objagg: Fix general protection fault The library supports aggregation of objects into other objects only if the parent object does not have a parent itself. That is, nesting is not supported. Aggregation happens in two cases...
CVE-2021-47441 mlxsw: thermal: Fix out-of-bounds memory accesses
In the Linux kernel, the following vulnerability has been resolved: mlxsw: thermal: Fix out-of-bounds memory accesses Currently, mlxsw allows cooling states to be set above the maximum cooling state supported by the driver: cat /sys/class/thermal/thermalzone2/cdev0/type mlxswfan cat...
CVE-2021-47441 mlxsw: thermal: Fix out-of-bounds memory accesses
In the Linux kernel, the following vulnerability has been resolved: mlxsw: thermal: Fix out-of-bounds memory accesses Currently, mlxsw allows cooling states to be set above the maximum cooling state supported by the driver: cat /sys/class/thermal/thermalzone2/cdev0/type mlxswfan cat...
CVE-2021-47441
CVE-2021-47441 concerns the Linux kernel mlxsw thermal driver. The issue arises when cooling state is set above the driver’s maximum state (e.g., cur_state=18 while max_state=10), which triggers out-of-bounds memory accesses in thermal statistics code. The thermal maintainer indicates it is the d...
CVE-2024-36007
In the Linux kernel, the following vulnerability has been resolved: mlxsw: spectrumacltcam: Fix warning during rehash As previously explained, the rehash delayed work migrates filters from one region to another. This is done by iterating over all chunks all the filters with the same priority in t...
CVE-2024-36006 mlxsw: spectrum_acl_tcam: Fix incorrect list API usage
In the Linux kernel, the following vulnerability has been resolved: mlxsw: spectrumacltcam: Fix incorrect list API usage Both the function that migrates all the chunks within a region and the function that migrates all the entries within a chunk call listfirstentry on the respective lists without...
CVE-2024-36007
CVE-2024-36007 involves a Linux kernel flaw in the Mellanox mlxsw spectrum ACL TCAM rehash machinery. The issue stemmed from markers (chunk/entry) used to resume a delayed rehash when credits run out. On error, only the chunk marker was reset, leaving entry markers relative to the chunk, which co...
CVE-2024-36006 mlxsw: spectrum_acl_tcam: Fix incorrect list API usage
In the Linux kernel, the following vulnerability has been resolved: mlxsw: spectrumacltcam: Fix incorrect list API usage Both the function that migrates all the chunks within a region and the function that migrates all the entries within a chunk call listfirstentry on the respective lists without...
CVE-2024-35853
In the Linux kernel, the following vulnerability has been resolved: mlxsw: spectrumacltcam: Fix memory leak during rehash The rehash delayed work migrates filters from one region to another. This is done by iterating over all chunks all the filters with the same priority in the region and in each...
CVE-2024-35855
In the Linux kernel, the following vulnerability has been resolved: mlxsw: spectrumacltcam: Fix possible use-after-free during activity update The rule activity update delayed work periodically traverses the list of configured rules and queries their activity from the device. As part of this task...
CVE-2024-35855
CVE-2024-35855 : Linux kernel issue in mlxsw spectrum_acl_tcam caused a local use-after-free during activity update. The bug happens when the rule activity update traverses configured rules and reads ventry->entry, which can be concurrently changed by the rehash path. The fix closes the race b...
CVE-2024-35853
CVE-2024-35853 affects the Linux kernel mlxsw spectrum_acl_tcam rehash path. The vulnerability arises from memory leaks during the rehash operation when migrating filters between regions. The current migration logic uses two chunks (vchunk->chunk and vchunk->chunk2) and can incorrectly assu...
CVE-2024-35853 mlxsw: spectrum_acl_tcam: Fix memory leak during rehash
In the Linux kernel, the following vulnerability has been resolved: mlxsw: spectrumacltcam: Fix memory leak during rehash The rehash delayed work migrates filters from one region to another. This is done by iterating over all chunks all the filters with the same priority in the region and in each...
CVE-2024-35853 mlxsw: spectrum_acl_tcam: Fix memory leak during rehash
In the Linux kernel, the following vulnerability has been resolved: mlxsw: spectrumacltcam: Fix memory leak during rehash The rehash delayed work migrates filters from one region to another. This is done by iterating over all chunks all the filters with the same priority in the region and in each...
USN-4227-1: Linux kernel vulnerabilities | Cloud Foundry
Severity Medium Vendor Canonical Ubuntu Versions Affected Canonical Ubuntu 16.04 Description It was discovered that a heap-based buffer overflow existed in the Marvell WiFi-Ex Driver for the Linux kernel. A physically proximate attacker could use this to cause a denial of service system crash or...
Ubuntu 18.04 LTS : Linux kernel (HWE) vulnerabilities (USN-4225-2)
The remote Ubuntu 18.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-4225-2 advisory. USN-4225-1 fixed vulnerabilities in the Linux kernel for Ubuntu 19.10. This update provides the corresponding updates for the Linux Hardware Enablement H...