CVE-2024-50067 uprobe: avoid out-of-bounds memory access of fetching args

In the Linux kernel, the following vulnerability has been resolved: uprobe: avoid out-of-bounds memory access of fetching args Uprobe needs to fetch args into a percpu buffer, and then copy to ring buffer to avoid non-atomic context problem. Sometimes user-space strings, arrays can be very large,...

SUSE CVE-2024-49952

In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: prevent nfskbduplicated corruption syzbot found that nfdupipv4 or nfdupipv6 could write per-cpu variable nfskbduplicated in an unsafe way 1. Disabling preemption as hinted by the splat is not enough, we have ...

PT-2024-35621

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A memory leak issue has been resolved in the Linux kernel. The problem occurs when percpu memory allocation fails during the creation of a new IPC namespace, and the failure is not handl...

CVE-2024-49926

In the Linux kernel, the following vulnerability has been resolved: rcu-tasks: Fix access non-existent percpu rtpcp variable in rcutasksneedgpcb For kernels built with CONFIGFORCENRCPUS=y, the nrcpuids is defined as NRCPUS instead of the number of possible cpus, this will cause the following syst...

UBUNTU-CVE-2022-48966

In the Linux kernel, the following vulnerability has been resolved: net: mvneta: Prevent out of bounds read in mvnetaconfigrss The pp-indir0 value comes from the user. It is passed to: if cpuonlinepp-rxqdef inside the mvnetapercpuelect function. It needs bounds checkeding to ensure that it is not...

AZL-52896 CVE-2024-49926 affecting package kernel 5.15.200.1-1

In the Linux kernel, the following vulnerability has been resolved: rcu-tasks: Fix access non-existent percpu rtpcp variable in rcutasksneedgpcb For kernels built with CONFIGFORCENRCPUS=y, the nrcpuids is defined as NRCPUS instead of the number of possible cpus, this will cause the following syst...

UBUNTU-CVE-2024-49926

In the Linux kernel, the following vulnerability has been resolved: rcu-tasks: Fix access non-existent percpu rtpcp variable in rcutasksneedgpcb For kernels built with CONFIGFORCENRCPUS=y, the nrcpuids is defined as NRCPUS instead of the number of possible cpus, this will cause the following syst...

CVE-2024-49926 rcu-tasks: Fix access non-existent percpu rtpcp variable in rcu_tasks_need_gpcb()

In the Linux kernel, the following vulnerability has been resolved: rcu-tasks: Fix access non-existent percpu rtpcp variable in rcutasksneedgpcb For kernels built with CONFIGFORCENRCPUS=y, the nrcpuids is defined as NRCPUS instead of the number of possible cpus, this will cause the following syst...

PT-2024-33901

Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 6.12.0-rc3+ Description: The issue is related to the uprobe functionality in the Linux kernel, which can lead to out-of-bounds memory access when fetching arguments. This occurs because the percpu buffer used by...

CVE-2024-43871

...

kernel: devres: Fix memory leakage caused by driver API devm_free_percpu()

In the Linux kernel, the following vulnerability has been resolved: devres: Fix memory leakage caused by driver API devmfreepercpu It will cause memory leakage when use driver API devmfreepercpu to free memory allocated by devmallocpercpu, fixed by using devresrelease instead of devresdestroy...

kernel: devres: Fix memory leakage caused by driver API devm_free_percpu()

In the Linux kernel, the following vulnerability has been resolved: devres: Fix memory leakage caused by driver API devmfreepercpu It will cause memory leakage when use driver API devmfreepercpu to free memory allocated by devmallocpercpu, fixed by using devresrelease instead of devresdestroy...

SUSE CVE-2022-48868

In the Linux kernel, the following vulnerability has been resolved: dmaengine: idxd: Let probe fail when workqueue cannot be enabled The workqueue is enabled when the appropriate driver is loaded and disabled when the driver is removed. When the driver is removed it assumes that the workqueue was...

SUSE CVE-2024-43871

In the Linux kernel, the following vulnerability has been resolved: devres: Fix memory leakage caused by driver API devmfreepercpu It will cause memory leakage when use driver API devmfreepercpu to free memory allocated by devmallocpercpu, fixed by using devresrelease instead of devresdestroy...

AZL-48471 CVE-2024-43871 affecting package kernel for versions less than 5.15.167.1-1

In the Linux kernel, the following vulnerability has been resolved: devres: Fix memory leakage caused by driver API devmfreepercpu It will cause memory leakage when use driver API devmfreepercpu to free memory allocated by devmallocpercpu, fixed by using devresrelease instead of devresdestroy...

DEBIAN-CVE-2024-43871

In the Linux kernel, the following vulnerability has been resolved: devres: Fix memory leakage caused by driver API devmfreepercpu It will cause memory leakage when use driver API devmfreepercpu to free memory allocated by devmallocpercpu, fixed by using devresrelease instead of devresdestroy...

UBUNTU-CVE-2024-43871

In the Linux kernel, the following vulnerability has been resolved: devres: Fix memory leakage caused by driver API devmfreepercpu It will cause memory leakage when use driver API devmfreepercpu to free memory allocated by devmallocpercpu, fixed by using devresrelease instead of devresdestroy...

SUSE CVE-2024-42126

In the Linux kernel, the following vulnerability has been resolved: powerpc: Avoid nmienter/nmiexit in real mode interrupt. nmienter/nmiexit touches per cpu variables which can lead to kernel crash when invoked during real mode interrupt handling e.g. early HMI/MCE interrupt handler if percpu...

CVE-2024-42126

In the Linux kernel, the following vulnerability has been resolved: powerpc: Avoid nmienter/nmiexit in real mode interrupt. nmienter/nmiexit touches per cpu variables which can lead to kernel crash when invoked during real mode interrupt handling e.g. early HMI/MCE interrupt handler if percpu...

CVE-2024-42126 powerpc: Avoid nmi_enter/nmi_exit in real mode interrupt.

In the Linux kernel, the following vulnerability has been resolved: powerpc: Avoid nmienter/nmiexit in real mode interrupt. nmienter/nmiexit touches per cpu variables which can lead to kernel crash when invoked during real mode interrupt handling e.g. early HMI/MCE interrupt handler if percpu...