CVE-2024-50265

In the Linux kernel, the following vulnerability has been resolved: ocfs2: remove entry once instead of null-ptr-dereference in ocfs2xaremove Syzkaller is able to provoke null-ptr-dereference in ocfs2xaremove: 57.319872 a.out,1161,7:ocfs2xaremove:2028 ERROR: status = -12 57.320420...

CVE-2024-50265 ocfs2: remove entry once instead of null-ptr-dereference in ocfs2_xa_remove()

In the Linux kernel, the following vulnerability has been resolved: ocfs2: remove entry once instead of null-ptr-dereference in ocfs2xaremove Syzkaller is able to provoke null-ptr-dereference in ocfs2xaremove: 57.319872 a.out,1161,7:ocfs2xaremove:2028 ERROR: status = -12 57.320420...

CVE-2024-50109

In the Linux kernel, the following vulnerability has been resolved: md/raid10: fix null ptr dereference in raid10size In raid10run if raid10setqueuelimits succeed, the return value is set to zero, and if following procedures failed raid10run will return zero while mddev-private is still NULL,...

CVE-2024-50109 md/raid10: fix null ptr dereference in raid10_size()

In the Linux kernel, the following vulnerability has been resolved: md/raid10: fix null ptr dereference in raid10size In raid10run if raid10setqueuelimits succeed, the return value is set to zero, and if following procedures failed raid10run will return zero while mddev-private is still NULL,...

CVE-2024-50109 md/raid10: fix null ptr dereference in raid10_size()

In the Linux kernel, the following vulnerability has been resolved: md/raid10: fix null ptr dereference in raid10size In raid10run if raid10setqueuelimits succeed, the return value is set to zero, and if following procedures failed raid10run will return zero while mddev-private is still NULL,...

CVE-2024-50109

In the Linux kernel, the md/raid10 subsystem is affected by a null pointer dereference in raid10_size(). The root cause is that in raid10_run(), when raid10_set_queue_limits() succeeds, the function’s return value is overwritten to zero; if subsequent steps fail, raid10_run() may return zero whil...

CVE-2024-49863 vhost/scsi: null-ptr-dereference in vhost_scsi_get_req()

In the Linux kernel, the following vulnerability has been resolved: vhost/scsi: null-ptr-dereference in vhostscsigetreq Since commit 3f8ca2e115e5 "vhost/scsi: Extract common handling code from control queue handler" a null pointer dereference bug can be triggered when guest sends an SCSI AN...

CVE-2024-49863 vhost/scsi: null-ptr-dereference in vhost_scsi_get_req()

In the Linux kernel, the following vulnerability has been resolved: vhost/scsi: null-ptr-dereference in vhostscsigetreq Since commit 3f8ca2e115e5 "vhost/scsi: Extract common handling code from control queue handler" a null pointer dereference bug can be triggered when guest sends an SCSI AN...

CVE-2024-47684

A flaw was found in the TCP implementation in the Linux kernel. A NULL pointer dereference can be triggered from the Tail Loss Probe TLP path and from the Recent ACKnowledgment RACK case, resulting in a denial of service. Mitigation Mitigation for this issue is either not available or the current...

CVE-2024-47684 tcp: check skb is non-NULL in tcp_rto_delta_us()

In the Linux kernel, the following vulnerability has been resolved: tcp: check skb is non-NULL in tcprtodeltaus We have some machines running stock Ubuntu 20.04.6 which is their 5.4.0-174-generic kernel that are running ceph and recently hit a null ptr dereference in tcprearmrto. Initially hittin...

Unbreakable Enterprise kernel security update

5.15.0-300.163.18.1 - vhost/scsi: null-ptr-dereference in vhostscsigetreq Haoran Zhang Orabug: 37132350...

Important; Unbreakable Enterprise kernel security update

4.1.12-124.90.3.1 - vhost/scsi: null-ptr-dereference in vhostscsigetreq Haoran Zhang Orabug: 37132352...

Unbreakable Enterprise kernel-container security update

5.4.17-2136.335.4.1.el7 - vhost/scsi: null-ptr-dereference in vhostscsigetreq Haoran Zhang Orabug: 37035558...

Unbreakable Enterprise kernel-container security update

5.4.17-2136.335.4.1.el8 - vhost/scsi: null-ptr-dereference in vhostscsigetreq Haoran Zhang Orabug: 37035558...

Unbreakable Enterprise kernel bug fix update

5.4.17-2136.335.4.1 - vhost/scsi: null-ptr-dereference in vhostscsigetreq Haoran Zhang Orabug: 37035558...

CVE-2021-47594

In the Linux kernel, the following vulnerability has been resolved: mptcp: never allow the PM to close a listener subflow Currently, when deleting an endpoint the netlink PM treverses all the local MPTCP sockets, regardless of their status. If an MPTCP listener socket is bound to the IP matching...

CVE-2021-47594

In the Linux kernel, the following vulnerability has been resolved: mptcp: never allow the PM to close a listener subflow Currently, when deleting an endpoint the netlink PM treverses all the local MPTCP sockets, regardless of their status. If an MPTCP listener socket is bound to the IP matching...

CVE-2023-52744

In the Linux kernel, the following vulnerability has been resolved: RDMA/irdma: Fix potential NULL-ptr-dereference indevget can return NULL which will cause a failure once idev is dereferenced in indevforeachifartnl. This patch adds a check for NULL value in idev beforehand. Found by Linux...

CVE-2023-52744

In the Linux kernel, the following vulnerability has been resolved: RDMA/irdma: Fix potential NULL-ptr-dereference indevget can return NULL which will cause a failure once idev is dereferenced in indevforeachifartnl. This patch adds a check for NULL value in idev beforehand. Found by Linux...

CVE-2023-52744

CVE-2023-52744 concerns the Linux kernel RDMA/irdma path. The in_dev_get() function can return NULL, and the code may dereference idev in in_dev_for_each_ifa_rtnl(), causing a crash. A patch was added to check for NULL before dereferencing idev, mitigating the NULL pointer dereference. The issue ...