kernel: dm stats: check for and propagate alloc_percpu failure

In the Linux kernel, the following vulnerability has been resolved: dm stats: check for and propagate allocpercpu failure Check allocprecpu's return value and return an error from dmstatsinit if it fails. Update allocdev to fail if dmstatsinit does. Otherwise, a NULL pointer dereference will occu...

CLSA-2023-1698306895 Fix of 7 CVEs

CVE-2023-0597 // CVE-url: https://ubuntu.com/security/CVE-2023-0597 - x86/kasan: Map shadow for percpu pages on demand - x86/mm: Recompute physical address for every page of per-CPU CEA mapping - x86/mm: Populate KASAN shadow for entire per-CPU range of CPU entry area - x86/mm: Do not shuffle CPU...

kernel security, bug fix, and enhancement update

An update is available for kernel. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The kernel packages contain the Linux kernel, the core of any Linux operating...

kernel: xfrm: Update ipcomp_scratches with NULL when freed

In the Linux kernel, the following vulnerability has been resolved: xfrm: Update ipcompscratches with NULL when freed Currently if ipcompallocscratches fails to allocate memory ipcompscratches holds obsolete address. So when we try to free the percpu scratches using ipcompfreescratches it tries t...

SUSE CVE-2016-4794

Use-after-free vulnerability in mm/percpu.c in the Linux kernel through 4.6 allows local users to cause a denial of service BUG or possibly have unspecified other impact via crafted use of the mmap and bpf system calls...

PT-2025-37642

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: The Linux kernel contains an issue where a percpu counter block can be leaked on an error path when creating a new network namespace. This leak occurs during the allocation of the...

[Important] [Security] Virtuozzo ReadyKernel patch 149.1 for Virtuozzo Hybrid Server 7.5

The cumulative Virtuozzo ReadyKernel patch was updated with security fixes. The patch applies to all supported kernels of Virtuozzo Hybrid Server 7.5. Vulnerability id: PSBM-142895 3.10.0-1160.21.1.vz7.174.13 to 3.10.0-1160.53.1.vz7.185.3 netfilter: core: Improper NAT hooks collision check...

GSD-2022-1006584 netfilter: nf_tables: fix percpu memory leak at nf_tables_addchain()

netfilter: nftables: fix percpu memory leak at nftablesaddchain This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.10.146 by commit...

PT-2022-34773 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v5.19.12 Description: A percpu memory leak was discovered in the nf tables module at the nf tables addchain function. The actual impact and attack plausibility have not yet been proven. Recommendations: For Linu...

Moderate: kernel security, bug fix, and enhancement update

The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: Incomplete cleanup of multi-core shared buffers aka SBDR CVE-2022-21123 Incomplete cleanup of microarchitectural fill buffers aka SBDS CVE-2022-21125 Incomplete cleanup in specific special regist...

OracleVM 3.4 : Unbreakable / etc (OVMSA-2020-0019)

The remote OracleVM system is missing necessary patches to address critical security updates : - KVM: x86: Remove spurious semicolon Joao Martins Orabug: 31413782 - genirq: Use rcu in kstatirqsusr Eric Dumazet - genirq: Make sparseirqlock protect what it should protect Thomas Gleixner Orabug:...

kernel: double free may be caused by the function allocate_trace_buffer in the file kernel/trace/trace.c

A flaw was found in the allocatetracebuffer in kernel/trace/trace.c in the debug subsystem, when failure to allocate a dynamic percpu area, a resource cleanup is called. The pointer buf-buffer still holds the address and is not set to NULL, which can cause a use-after-free problem, leading to a...

kernel: double free may be caused by the function allocate_trace_buffer in the file kernel/trace/trace.c

A flaw was found in the allocatetracebuffer in kernel/trace/trace.c in the debug subsystem, when failure to allocate a dynamic percpu area, a resource cleanup is called. The pointer buf-buffer still holds the address and is not set to NULL, which can cause a use-after-free problem, leading to a...

kernel: double free may be caused by the function allocate_trace_buffer in the file kernel/trace/trace.c

A flaw was found in the allocatetracebuffer in kernel/trace/trace.c in the debug subsystem, when failure to allocate a dynamic percpu area, a resource cleanup is called. The pointer buf-buffer still holds the address and is not set to NULL, which can cause a use-after-free problem, leading to a...

kernel: double free may be caused by the function allocate_trace_buffer in the file kernel/trace/trace.c

A flaw was found in the allocatetracebuffer in kernel/trace/trace.c in the debug subsystem, when failure to allocate a dynamic percpu area, a resource cleanup is called. The pointer buf-buffer still holds the address and is not set to NULL, which can cause a use-after-free problem, leading to a...

kernel: double free may be caused by the function allocate_trace_buffer in the file kernel/trace/trace.c

A flaw was found in the allocatetracebuffer in kernel/trace/trace.c in the debug subsystem, when failure to allocate a dynamic percpu area, a resource cleanup is called. The pointer buf-buffer still holds the address and is not set to NULL, which can cause a use-after-free problem, leading to a...

kernel: double free may be caused by the function allocate_trace_buffer in the file kernel/trace/trace.c

A flaw was found in the allocatetracebuffer in kernel/trace/trace.c in the debug subsystem, when failure to allocate a dynamic percpu area, a resource cleanup is called. The pointer buf-buffer still holds the address and is not set to NULL, which can cause a use-after-free problem, leading to a...

Unbreakable Enterprise kernel security update

4.1.12-124.39.1 - qla2xxx: Update driver version to 9.00.00.00.42.0-k1-v2 Arun Easi Orabug: 30372266 - qla2xxx: Fix device discovery when FCP2 device is lost. Arun Easi Orabug: 30372266 - brcmfmac: add subtype check for event handling in data path John Donnelly Orabug: 30776354 CVE-2019-9503 -...

DEBIAN-CVE-2019-19462

relayopen in kernel/relay.c in the Linux kernel through 5.4.1 allows local users to cause a denial of service such as relay blockage by triggering a NULL allocpercpu result...

Linux kernel information disclosure vulnerability (CNVD-2018-24478)

Linux kernel is the kernel used by Linux, the open source operating system released by the Linux Foundation in the United States. A security vulnerability exists in the 'pcpuembedfirstchunk' function in the mm/percpu.c file in Linux kernel versions 4.14.14 and earlier. A local attacker can exploi...