CVE-2024-47716

CVE-2024-47716 affects the Linux kernel on ARM where vfp: Use asm volatile in fmrx/fmxr macros fixes floating-point instructions from userspace that could crash arm kernels. The issue is demonstrated by a minimal userspace reproducer on a Raspberry Pi Zero W and is triggered when the kernel is bu...

CVE-2024-47715

Summary: CVE-2024-47715 affects the Linux kernel’s wifi mt76 driver for MT7915 on MT7986. The issue stemmed from mt7915_band_config() setting band_idx to 1 on the main phy for MT7986 with MT7975_ONE_ADIE or MT7976_ONE_ADIE, which caused a dereference of the phys array via wcid->phy_idx in mt76...

CVE-2024-47715 wifi: mt76: mt7915: fix oops on non-dbdc mt7986

In the Linux kernel, the following vulnerability has been resolved: wifi: mt76: mt7915: fix oops on non-dbdc mt7986 mt7915bandconfig sets bandidx = 1 on the main phy for mt7986 with MT7975ONEADIE or MT7976ONEADIE. Commit 0335c034e726 "wifi: mt76: fix race condition related to checking tx queue fi...

CVE-2024-47715 wifi: mt76: mt7915: fix oops on non-dbdc mt7986

In the Linux kernel, the following vulnerability has been resolved: wifi: mt76: mt7915: fix oops on non-dbdc mt7986 mt7915bandconfig sets bandidx = 1 on the main phy for mt7986 with MT7975ONEADIE or MT7976ONEADIE. Commit 0335c034e726 "wifi: mt76: fix race condition related to checking tx queue fi...

CVE-2024-47688 driver core: Fix a potential null-ptr-deref in module_add_driver()

In the Linux kernel, the following vulnerability has been resolved: driver core: Fix a potential null-ptr-deref in moduleadddriver Inject fault while probing of-fpga-region, if kasprintf fails in moduleadddriver, the second sysfsremovelink in exit path will cause null-ptr-deref as below because...

CVE-2024-47687

The CVE-2024-47687 issue affects the Linux kernel mlx5/vdpa path. It fixes an invalid MR resource destroy where error paths could release uninitialized MR resources. The patch adds a missing check in mlx5_vdpa_destroy_mr_resources() to block destroying non-initialized MR resources, addressing a N...

CVE-2024-47684 tcp: check skb is non-NULL in tcp_rto_delta_us()

In the Linux kernel, the following vulnerability has been resolved: tcp: check skb is non-NULL in tcprtodeltaus We have some machines running stock Ubuntu 20.04.6 which is their 5.4.0-174-generic kernel that are running ceph and recently hit a null ptr dereference in tcprearmrto. Initially hittin...

CVE-2024-47684 tcp: check skb is non-NULL in tcp_rto_delta_us()

In the Linux kernel, the following vulnerability has been resolved: tcp: check skb is non-NULL in tcprtodeltaus We have some machines running stock Ubuntu 20.04.6 which is their 5.4.0-174-generic kernel that are running ceph and recently hit a null ptr dereference in tcprearmrto. Initially hittin...

kernel: dmaengine: idxd: Fix oops during rmmod on single-CPU platforms

This is a vulnerability in the Linux kernel's Data Movement Accelerator DMA engine, specifically affecting the Intel Data Streaming Accelerator IDXD driver. The issue arises during the removal rmmod of the idxd driver on systems with only one active CPU. In such scenarios, the driver's cleanup...

SUSE-SU-2024:3617-1 Security update for the Linux Kernel

The SUSE Linux Enterprise 11 SP4 kernel was updated to receive various security bugfixes. The following security bugs were fixed: - CVE-2024-38538: net: bridge: xmit: make sure we have at least eth header len bytes bsc1226606. - CVE-2024-40902: jfs: xattr: fix buffer overflow for invalid xattr...

OESA-2024-2217 kernel security update

The Linux Kernel, the operating system core itself. Security Fixes: In the Linux kernel, the following vulnerability has been resolved: ALSA: line6: Fix racy access to midibuf There can be concurrent accesses to line6 midibuf from both the URB completion callback and the rawmidi API access. This...

SUSE CVE-2024-46824

In the Linux kernel, the following vulnerability has been resolved: iommufd: Require drivers to supply the cacheinvalidateuser ops If drivers don't do this then iommufd will oops invalidation ioctls with something like: Unable to handle kernel NULL pointer dereference at virtual address...

CVE-2024-46824

In the Linux kernel, the following vulnerability has been resolved: iommufd: Require drivers to supply the cacheinvalidateuser ops If drivers don't do this then iommufd will oops invalidation ioctls with something like: Unable to handle kernel NULL pointer dereference at virtual address...

UBUNTU-CVE-2024-46824

In the Linux kernel, the following vulnerability has been resolved: iommufd: Require drivers to supply the cacheinvalidateuser ops If drivers don't do this then iommufd will oops invalidation ioctls with something like: Unable to handle kernel NULL pointer dereference at virtual address...

CVE-2024-46824 iommufd: Require drivers to supply the cache_invalidate_user ops

In the Linux kernel, the following vulnerability has been resolved: iommufd: Require drivers to supply the cacheinvalidateuser ops If drivers don't do this then iommufd will oops invalidation ioctls with something like: Unable to handle kernel NULL pointer dereference at virtual address...

kernel: SUNRPC: lock against ->sock changing during sysfs read

A vulnerability was found in the Linux kernel's SUNRPC component, where a race condition exists during sysfs read operations due to improper handling of the -sock pointer. If the mutex -recvmutex is not held, -sock may change asynchronously, leading to a potential kernel oops. This vulnerability...

CVE-2022-48945

CVE-2022-48945 is associated with a Linux kernel vulnerability in the media/vivid driver where the compose height adjustment could cause a boundary overrun in V4L2_SEL_TGT_CROP handling. The root cause is a missing boundary check after adjust compose->height, which could lead to memory access ...

SUSE CVE-2024-46788

In the Linux kernel, the following vulnerability has been resolved: tracing/osnoise: Use a cpumask to know what threads are kthreads The startkthread and stopthread code was not always called with the interfacelock held. This means that the kthread variable could be unexpectedly changed causing t...

CVE-2024-46788

In the Linux kernel, the following vulnerability has been resolved: tracing/osnoise: Use a cpumask to know what threads are kthreads The startkthread and stopthread code was not always called with the interfacelock held. This means that the kthread variable could be unexpectedly changed causing t...

CVE-2024-46787

In the Linux kernel, the following vulnerability has been resolved: userfaultfd: fix checks for huge PMDs Patch series "userfaultfd: fix races around pmdtranshuge check", v2. The pmdtranshuge code in mfillatomic is wrong in three different ways depending on kernel version: 1. The pmdtranshuge...