Linux Distros Unpatched Vulnerability : CVE-2022-50426

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: remoteproc: imxdsprproc: Add mutex protection for workqueue The workqueue may execute late...

CVE-2024-49859 f2fs: fix to check atomic_file in f2fs ioctl interfaces

In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to check atomicfile in f2fs ioctl interfaces Some f2fs ioctl interfaces like f2fsiocsetpinfile, f2fsmovefilerange, and f2fsdefragmentrange missed to check atomicwrite status, which may cause potential race issue, fix it...

EulerOS 2.0 SP11 : kernel (EulerOS-SA-2024-2585)

According to the versions of the kernel packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : A race condition was found in the Linux kernel's net/bluetooth in sniffmin,maxintervalset function. This can result in a bluetooth sniffing...

CVE-2022-48898

In the Linux kernel, the following vulnerability has been resolved: drm/msm/dp: do not complete dpauxcmdfifotx if irq is not for aux transfer There are 3 possible interrupt sources are handled by DP controller, HPDstatus, Controller state changes and Aux read/write transaction. At every irq, DP...

CVE-2022-48830

CVE-2022-48830 affects the Linux kernel CAN stack (isotp). The issue was a race during CAN frame reception where isotp_rcv_ff()/isotp_rcv_cf() could modify so->rx.len concurrently, causing skb_put to panic (skb_over_panic). The fix introduces a spin_lock around isotp_rcv to ensure state/data s...

RHEL 8 : firefox (RHSA-2023:4469)

The remote Redhat Enterprise Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2023:4469 advisory. Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox...

GSD-2022-1008279 kcm: avoid potential race in kcm_tx_work

kcm: avoid potential race in kcmtxwork This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v4.14.300 by commit...

GSD-2022-1008212 kcm: avoid potential race in kcm_tx_work

kcm: avoid potential race in kcmtxwork This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v4.19.267 by commit...

GSD-2022-1007693 kcm: avoid potential race in kcm_tx_work

kcm: avoid potential race in kcmtxwork This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v6.0.10 by commit 2526ac6b0f5a9b38e7e9073e37141cf78408078...

kernel security update

2.6.32-754.35.1.0.7.OL6 - bluetooth: eliminate the potential race condition when removing the HCI controller Lin Ma CVE-2021-32399 Orabug: 33763116 - RDMA/ucma: Put a lock around every call to the rdmacm layer Jason Gunthorpe Orabug: 33763116 - RDMA/cma: Add missing locking to rdmaaccept Leon...

GSD-2022-1001555 bpf: Fix UAF due to race between btf_try_get_module and load_module

bpf: Fix UAF due to race between btftrygetmodule and loadmodule This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.16.19 by commit...

openSUSE Security Update : wget (openSUSE-2017-9)

This update for wget fixes the following issues : Security issues fixed : - CVE-2016-7098: Fixed a potential race condition by creating files with .tmp ext and making them accessible to the current user only. bsc995964 Non security issues fixed : - bsc1005091: Don't call xfree on string returned ...