1588 matches found
CVE-2024-27047
CVE-2024-27047 affects the Linux kernel: net: phy: fix phy_get_internal_delay accessing an empty array. The issue occurs when a driver calls phy_get_internal_delay without defining delay_values and rx-/tx-internal-delay-ps is 0 in device-tree, risking a NULL pointer dereference and kernel oops. A...
CVE-2024-27047 net: phy: fix phy_get_internal_delay accessing an empty array
In the Linux kernel, the following vulnerability has been resolved: net: phy: fix phygetinternaldelay accessing an empty array The phygetinternaldelay function could try to access to an empty array in the case that the driver is calling phygetinternaldelay without defining delayvalues and...
CVE-2024-27047
In the Linux kernel, the following vulnerability has been resolved: net: phy: fix phygetinternaldelay accessing an empty array The phygetinternaldelay function could try to access to an empty array in the case that the driver is calling phygetinternaldelay without defining delayvalues and...
CVE-2024-27047 net: phy: fix phy_get_internal_delay accessing an empty array
In the Linux kernel, the following vulnerability has been resolved: net: phy: fix phygetinternaldelay accessing an empty array The phygetinternaldelay function could try to access to an empty array in the case that the driver is calling phygetinternaldelay without defining delayvalues and...
CVE-2024-27047 net: phy: fix phy_get_internal_delay accessing an empty array
In the Linux kernel, the following vulnerability has been resolved: net: phy: fix phygetinternaldelay accessing an empty array The phygetinternaldelay function could try to access to an empty array in the case that the driver is calling phygetinternaldelay without defining delayvalues and...
CVE-2024-26989 arm64: hibernate: Fix level3 translation fault in swsusp_save()
In the Linux kernel, the following vulnerability has been resolved: arm64: hibernate: Fix level3 translation fault in swsuspsave On arm64 machines, swsuspsave faults if it attempts to access MEMBLOCKNOMAP memory ranges. This can be reproduced in QEMU using UEFI when booting with rodata=off...
CVE-2022-48640
In the Linux kernel, the following vulnerability has been resolved: bonding: fix NULL deref in bondrrgenslaveid Fix a NULL dereference of the struct bonding.rrtxcounter member because if a bond is initially created with an initial mode != zero Round Robin the memory required for the counter is...
UBUNTU-CVE-2022-48640
In the Linux kernel, the following vulnerability has been resolved: bonding: fix NULL deref in bondrrgenslaveid Fix a NULL dereference of the struct bonding.rrtxcounter member because if a bond is initially created with an initial mode != zero Round Robin the memory required for the counter is...
CVE-2022-48640
In the Linux kernel, the following vulnerability has been resolved: bonding: fix NULL deref in bondrrgenslaveid Fix a NULL dereference of the struct bonding.rrtxcounter member because if a bond is initially created with an initial mode != zero Round Robin the memory required for the counter is...
CVE-2022-48640 bonding: fix NULL deref in bond_rr_gen_slave_id
In the Linux kernel, the following vulnerability has been resolved: bonding: fix NULL deref in bondrrgenslaveid Fix a NULL dereference of the struct bonding.rrtxcounter member because if a bond is initially created with an initial mode != zero Round Robin the memory required for the counter is...
CVE-2022-48640 bonding: fix NULL deref in bond_rr_gen_slave_id
In the Linux kernel, the following vulnerability has been resolved: bonding: fix NULL deref in bondrrgenslaveid Fix a NULL dereference of the struct bonding.rrtxcounter member because if a bond is initially created with an initial mode != zero Round Robin the memory required for the counter is...
CVE-2022-48636
CVE-2022-48636 (Linux kernel, s390/dasd) : A race condition in dasd_alias_get_start_dev can occur when pavgroup is NULL due to a window where lcu->lock is not held. The pavgroup pointer is checked on entry but the lock is not held, allowing _lcu_update() to NULL‑out pavgroup concurrently. The ...
UBUNTU-CVE-2024-26906
In the Linux kernel, the following vulnerability has been resolved: x86/mm: Disallow vsyscall page read for copyfromkernelnofault When trying to use copyfromkernelnofault to read vsyscall page through a bpf program, the following oops was reported: BUG: unable to handle page fault for address:...
CVE-2024-26906 x86/mm: Disallow vsyscall page read for copy_from_kernel_nofault()
In the Linux kernel, the following vulnerability has been resolved: x86/mm: Disallow vsyscall page read for copyfromkernelnofault When trying to use copyfromkernelnofault to read vsyscall page through a bpf program, the following oops was reported: BUG: unable to handle page fault for address:...
Ubuntu 22.04 LTS / 23.10 : Linux kernel vulnerabilities (USN-6724-2)
The remote Ubuntu 22.04 LTS / 23.10 host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-6724-2 advisory. Pratyush Yadav discovered that the Xen network backend implementation in the Linux kernel did not properly handle zero length data request, leadi...
SUSE CVE-2024-26751
In the Linux kernel, the following vulnerability has been resolved: ARM: ep93xx: Add terminator to gpiodlookuptable Without the terminator, if a conid is passed to gpiofind that does not exist in the lookup table the function will not stop looping correctly, and eventually cause an oops...
DEBIAN-CVE-2021-47184
In the Linux kernel, the following vulnerability has been resolved: i40e: Fix NULL ptr dereference on VSI filter sync Remove the reason of null pointer dereference in sync VSI filters. Added new I40EVSIRELEASING flag to signalize deleting and releasing of VSI resources to sync this thread with sy...
CVE-2021-47184
In the Linux kernel, the following vulnerability has been resolved: i40e: Fix NULL ptr dereference on VSI filter sync Remove the reason of null pointer dereference in sync VSI filters. Added new I40EVSIRELEASING flag to signalize deleting and releasing of VSI resources to sync this thread with sy...
CVE-2021-47184 i40e: Fix NULL ptr dereference on VSI filter sync
In the Linux kernel, the following vulnerability has been resolved: i40e: Fix NULL ptr dereference on VSI filter sync Remove the reason of null pointer dereference in sync VSI filters. Added new I40EVSIRELEASING flag to signalize deleting and releasing of VSI resources to sync this thread with sy...
CVE-2021-47184
CVE-2021-47184 relates to the Linux kernel issue where a NULL pointer dereference could occur in the VSI filter synchronization (i40e driver). The patch adds an I40E_VSI_RELEASING flag to coordinate VSI resource deletion/release with the sync filters subtask and removes the cause of the dereferen...