1588 matches found
CVE-2024-46762
In the Linux kernel, the following vulnerability has been resolved: xen: privcmd: Fix possible access to a freed kirqfd instance Nothing prevents simultaneous ioctl calls to privcmdirqfdassign and privcmdirqfddeassign. If that happens, it is possible that a kirqfd created and added to the...
CVE-2024-46762
In the Linux kernel, the following vulnerability has been resolved: xen: privcmd: Fix possible access to a freed kirqfd instance Nothing prevents simultaneous ioctl calls to privcmdirqfdassign and privcmdirqfddeassign. If that happens, it is possible that a kirqfd created and added to the...
DEBIAN-CVE-2024-46762
In the Linux kernel, the following vulnerability has been resolved: xen: privcmd: Fix possible access to a freed kirqfd instance Nothing prevents simultaneous ioctl calls to privcmdirqfdassign and privcmdirqfddeassign. If that happens, it is possible that a kirqfd created and added to the...
CVE-2024-46770
In the Linux kernel, the following vulnerability has been resolved: ice: Add netifdeviceattach/detach into PF reset flow Ethtool callbacks can be executed while reset is in progress and try to access deleted resources, e.g. getting coalesce settings can result in a NULL pointer dereference seen...
UBUNTU-CVE-2024-46788
In the Linux kernel, the following vulnerability has been resolved: tracing/osnoise: Use a cpumask to know what threads are kthreads The startkthread and stopthread code was not always called with the interfacelock held. This means that the kthread variable could be unexpectedly changed causing t...
AZL-55228 CVE-2024-46715 affecting package kernel 5.15.200.1-1
In the Linux kernel, the following vulnerability has been resolved: driver: iio: add missing checks on iioinfo's callback access Some callbacks from iioinfo structure are accessed without any check, so if a driver doesn't implement them trying to access the corresponding sysfs entries produce a...
CVE-2024-46715
In the Linux kernel, the following vulnerability has been resolved: driver: iio: add missing checks on iioinfo's callback access Some callbacks from iioinfo structure are accessed without any check, so if a driver doesn't implement them trying to access the corresponding sysfs entries produce a...
UBUNTU-CVE-2024-46715
In the Linux kernel, the following vulnerability has been resolved: driver: iio: add missing checks on iioinfo's callback access Some callbacks from iioinfo structure are accessed without any check, so if a driver doesn't implement them trying to access the corresponding sysfs entries produce a...
CVE-2024-46788 tracing/osnoise: Use a cpumask to know what threads are kthreads
In the Linux kernel, the following vulnerability has been resolved: tracing/osnoise: Use a cpumask to know what threads are kthreads The startkthread and stopthread code was not always called with the interfacelock held. This means that the kthread variable could be unexpectedly changed causing t...
CVE-2024-46788 tracing/osnoise: Use a cpumask to know what threads are kthreads
In the Linux kernel, the following vulnerability has been resolved: tracing/osnoise: Use a cpumask to know what threads are kthreads The startkthread and stopthread code was not always called with the interfacelock held. This means that the kthread variable could be unexpectedly changed causing t...
CVE-2024-46788 tracing/osnoise: Use a cpumask to know what threads are kthreads
In the Linux kernel, the following vulnerability has been resolved: tracing/osnoise: Use a cpumask to know what threads are kthreads The startkthread and stopthread code was not always called with the interfacelock held. This means that the kthread variable could be unexpectedly changed causing t...
CVE-2024-46785 eventfs: Use list_del_rcu() for SRCU protected list variable
In the Linux kernel, the following vulnerability has been resolved: eventfs: Use listdelrcu for SRCU protected list variable Chi Zhiling reported: We found a null pointer accessing in tracefs1, the reason is that the variable 'eichild' is set to LISTPOISON1, that means the list was removed in...
CVE-2024-46762 xen: privcmd: Fix possible access to a freed kirqfd instance
In the Linux kernel, the following vulnerability has been resolved: xen: privcmd: Fix possible access to a freed kirqfd instance Nothing prevents simultaneous ioctl calls to privcmdirqfdassign and privcmdirqfddeassign. If that happens, it is possible that a kirqfd created and added to the...
CVE-2024-46755 wifi: mwifiex: Do not return unused priv in mwifiex_get_priv_by_id()
In the Linux kernel, the following vulnerability has been resolved: wifi: mwifiex: Do not return unused priv in mwifiexgetprivbyid mwifiexgetprivbyid returns the priv pointer corresponding to the bssnum and bsstype, but without checking if the priv is actually currently in use. Unused priv pointe...
CVE-2024-46715 driver: iio: add missing checks on iio_info's callback access
In the Linux kernel, the following vulnerability has been resolved: driver: iio: add missing checks on iioinfo's callback access Some callbacks from iioinfo structure are accessed without any check, so if a driver doesn't implement them trying to access the corresponding sysfs entries produce a...
UBUNTU-CVE-2024-46682
In the Linux kernel, the following vulnerability has been resolved: nfsd: prevent panic for nfsv4.0 closed files in nfs4showopen Prior to commit 3f29cc82a84c "nfsd: split scstatus out of sctype" statesshow relied on sctype field to be of valid type before calling into a subfunction to show conten...
SUSE CVE-2024-45021
In the Linux kernel, the following vulnerability has been resolved: memcgwriteeventcontrol: fix a user-triggerable oops we are not guaranteed that anything past the terminating NUL is mapped let alone initialized with anything sane...
DEBIAN-CVE-2024-45021
In the Linux kernel, the following vulnerability has been resolved: memcgwriteeventcontrol: fix a user-triggerable oops we are not guaranteed that anything past the terminating NUL is mapped let alone initialized with anything sane...
AZL-49170 CVE-2024-45021 affecting package kernel for versions less than 5.15.167.1-1
In the Linux kernel, the following vulnerability has been resolved: memcgwriteeventcontrol: fix a user-triggerable oops we are not guaranteed that anything past the terminating NUL is mapped let alone initialized with anything sane...
CVE-2024-45021 memcg_write_event_control(): fix a user-triggerable oops
In the Linux kernel, the following vulnerability has been resolved: memcgwriteeventcontrol: fix a user-triggerable oops we are not guaranteed that anything past the terminating NUL is mapped let alone initialized with anything sane...