CVE-2022-49049 mm/secretmem: fix panic when growing a memfd_secret

In the Linux kernel, the following vulnerability has been resolved: mm/secretmem: fix panic when growing a memfdsecret When one tries to grow an existing memfdsecret with ftruncate, one gets a panic 1. For example, doing the following reliably induces the panic: fd = memfdsecret; ftruncatefd, 10;...

CVE-2022-49049

CVE-2022-49049 concerns the Linux kernel mm/secretmem path (memfd_secret) where growing a secret memfd via ftruncate could trigger a kernel panic when zeroing pages during truncation. The issue arises because memfd_secret pages are not mapped via the direct map, so page_address() results could be...

CVE-2022-49049

In the Linux kernel, the following vulnerability has been resolved: mm/secretmem: fix panic when growing a memfdsecret When one tries to grow an existing memfdsecret with ftruncate, one gets a panic 1. For example, doing the following reliably induces the panic: fd = memfdsecret; ftruncatefd, 10;...

CVE-2024-57913

In the Linux kernel, the following vulnerability has been resolved: usb: gadget: ffs: Remove WARNON in functionfsbind This commit addresses an issue related to below kernel panic where paniconwarn is enabled. It is caused by the unnecessary use of WARNON in functionsfsbind, which easily leads to...

CVE-2024-57916

In the Linux kernel, the following vulnerability has been resolved: misc: microchip: pci1xxxx: Resolve kernel panic during GPIO IRQ handling Resolve kernel panic caused by improper handling of IRQs while accessing GPIO values. This is done by replacing generichandleirq with handlenestedirq...

openSUSE: Security Advisory for redis7 (SUSE-SU-2025:0160-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2024-39282

CVE-2024-39282 : Linux kernel vulnerability in net: wwan: t7xx where the FSM command timeout handling can lead to a fault when an asynchronous worker finishes after the main thread releases its completion object. The issue manifests as a page fault (CR2 fffffffffffffff8) in complete_all during FS...

DEBIAN-CVE-2024-56599

In the Linux kernel, the following vulnerability has been resolved: wifi: ath10k: avoid NULL pointer error during sdio remove When running 'rmmod ath10k', ath10ksdioremove will free sdio workqueue by destroyworkqueue. But if CONFIGINITONFREEDEFAULTON is set to yes, kernel panic will happen: Call...

CVE-2024-53180 ALSA: pcm: Add sanity NULL check for the default mmap fault handler

In the Linux kernel, the following vulnerability has been resolved: ALSA: pcm: Add sanity NULL check for the default mmap fault handler A driver might allow the mmap access before initializing its runtime-dmaarea properly. Add a proper NULL check before passing to virttopage for avoiding a panic...

OESA-2024-2506 golang security update

. Security Fixes: Calling Decoder.Decode on a message which contains deeply nested structures can cause a panic due to stack exhaustion. This is a follow-up to CVE-2022-30635.CVE-2024-34156...

CVE-2024-50045

...

SUSE CVE-2024-49872

In the Linux kernel, the following vulnerability has been resolved: mm/gup: fix memfdpinfolios alloc race panic If memfdpinfolios tries to create a hugetlb page, but someone else already did, then folio gets the value -EEXIST here: folio = memfdallocfoliomemfd, startidx; if ISERRfolio ret =...

SUSE CVE-2024-49887

In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to don't panic system for no free segment fault injection f2fs: fix to don't panic system for no free segment fault injection syzbot reports a f2fs bug as below: F2FS-fs loop0: inject no free segment in getnewsegment of...

UBUNTU-CVE-2024-49872

In the Linux kernel, the following vulnerability has been resolved: mm/gup: fix memfdpinfolios alloc race panic If memfdpinfolios tries to create a hugetlb page, but someone else already did, then folio gets the value -EEXIST here: folio = memfdallocfoliomemfd, startidx; if ISERRfolio ret =...

CVE-2024-49887

CVE-2024-49887 targets the f2fs file system in the Linux kernel. Root cause: when injecting a fault for “no free segment,” the kernel could panic in __allocate_new_segment / get_new_segment, triggering a serious system halt. The description notes the issue was resolved by a fix that prevents pani...

CVE-2024-49873

CVE-2024-49873 : In the Linux kernel, memfd_pin_folios with THP-backed memory may panic or cause a NULL-pointer dereference when the requested start offset is not aligned to a huge page boundary. The issue arises because filemap_get_folios_contig could load a folio that is a sibling and then fail...

Security update for etcd

This update for etcd fixes the following issues: Update to version 3.5.12: Security fixes: CVE-2018-16873: Fixed remote command execution in cmd/go bsc1118897 CVE-2018-16874: Fixed directory traversal in cmd/go bsc1118898 CVE-2018-16875: Fixed CPU denial of service in crypto/x509 bsc1118899...

CVE-2024-46864

In the Linux kernel, the following vulnerability has been resolved: x86/hyperv: fix kexec crash due to VP assist page corruption commit 9636be85cc5b "x86/hyperv: Fix hypervpcpuinputarg handling when CPUs go online/offline" introduces a new cpuhp state for hyperv initialization. cpuhpsetupstate...

SUSE CVE-2024-43864

In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: Fix CT entry update leaks of modify header context The cited commit allocates a new modify header to replace the old one when updating CT entry. But if failed to allocate a new one, eg. exceed the max number firmware c...

DEBIAN-CVE-2024-43864

In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: Fix CT entry update leaks of modify header context The cited commit allocates a new modify header to replace the old one when updating CT entry. But if failed to allocate a new one, eg. exceed the max number firmware c...