CVE-2024-56693

In the Linux kernel, the following vulnerability has been resolved: brd: defer automatic disk creation until module initialization succeeds My colleague Wupeng found the following problems during fault injection: BUG: unable to handle page fault for address: fffffbfff809d073 PGD 6e648067 P4D...

CVE-2024-56693 brd: defer automatic disk creation until module initialization succeeds

In the Linux kernel, the following vulnerability has been resolved: brd: defer automatic disk creation until module initialization succeeds My colleague Wupeng found the following problems during fault injection: BUG: unable to handle page fault for address: fffffbfff809d073 PGD 6e648067 P4D...

CBL Mariner 2.0 Security Update: kernel (CVE-2024-50002)

The version of kernel installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-50002 advisory. - In the Linux kernel, the following vulnerability has been resolved: staticcall: Handle module init failure...

SUSE CVE-2024-50002

In the Linux kernel, the following vulnerability has been resolved: staticcall: Handle module init failure correctly in staticcalldelmodule Module insertion invokes staticcalladdmodule to initialize the static calls in a module. staticcalladdmodule invokes staticcallinit, which allocates a struct...

DEBIAN-CVE-2024-50002

In the Linux kernel, the following vulnerability has been resolved: staticcall: Handle module init failure correctly in staticcalldelmodule Module insertion invokes staticcalladdmodule to initialize the static calls in a module. staticcalladdmodule invokes staticcallinit, which allocates a struct...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that stems from a generalized pointer misreference that may result from the mishandling of staticcall in the event of a module...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from improper destruction of a work queue by the ixgbevf driver when initializing a module, resulting in a resour...

Linux kernel security vulnerabilities

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel, which stems from a potential overflow in the tls module tlsinit...

DEBIAN-CVE-2021-47093

In the Linux kernel, the following vulnerability has been resolved: platform/x86: intelpmccore: fix memleak on registration failure In case device registration fails during module initialisation, the platform device structure needs to be freed using platformdeviceput to properly free all resource...

CVE-2021-47093

In the Linux kernel, the following vulnerability has been resolved: platform/x86: intelpmccore: fix memleak on registration failure In case device registration fails during module initialisation, the platform device structure needs to be freed using platformdeviceput to properly free all resource...

kernel: perf/arm_dmc620: Fix hotplug callback leak in dmc620_pmu_init()

A resource leak flaw was found in the ARM DMC-620 PMU driver. If platformdriverregister fails during module initialization, the CPU hotplug callback registered earlier is not removed, leaving a dangling callback...

Race condition

The insertmodule function in runtime/staprun/staprunfuncs.c in the systemtap runtime tool staprun in SystemTap before 1.6 does not properly validate a module when loading it, which allows local users to gain privileges via a race condition between the signature validation and the module...

CVE-2011-2503

CVE-2011-2503 affects SystemTap's runtime staprun on Linux, where the insert_module path allows a local user to escalate privileges due to a race between signature validation and module initialization in versions before 1.6. The vulnerability arises from improper module validation during loading,...

CVE-2011-2503

The insertmodule function in runtime/staprun/staprunfuncs.c in the systemtap runtime tool staprun in SystemTap before 1.6 does not properly validate a module when loading it, which allows local users to gain privileges via a race condition between the signature validation and the module...

NULL dereference in iwl driver

The iwlsetrate function in compatible/iwl3945-base.c in iwlwifi 1.1.21 and earlier dereferences an iwlgethwmode return value without checking for NULL, which might allow remote attackers to cause a denial of service kernel panic via unspecified vectors during module initialization...

CVE-2007-5938

The iwlsetrate function in compatible/iwl3945-base.c in iwlwifi 1.1.21 and earlier dereferences an iwlgethwmode return value without checking for NULL, which might allow remote attackers to cause a denial of service kernel panic via unspecified vectors during module initialization...

Code injection

The iwlsetrate function in compatible/iwl3945-base.c in iwlwifi 1.1.21 and earlier dereferences an iwlgethwmode return value without checking for NULL, which might allow remote attackers to cause a denial of service kernel panic via unspecified vectors during module initialization...

CVE-2007-5938

The iwlsetrate function in compatible/iwl3945-base.c in iwlwifi 1.1.21 and earlier dereferences an iwlgethwmode return value without checking for NULL, which might allow remote attackers to cause a denial of service kernel panic via unspecified vectors during module initialization...

Debian DSA-580-1 : iptables - missing initialisation

Faheem Mitha noticed that the iptables command, an administration tool for IPv4 packet filtering and NAT, did not always load the required modules on its own as it was supposed to. This could lead to firewall rules not being loaded on system startup. This caused a failure in connection with rules...