37 matches found
CVE-2025-21761
CVE-2025-21761 affects the Linux kernel/Open vSwitch area. The root cause is that ovs_vport_cmd_fill_info() could be invoked without RTNL or RCU, risking a use-after-free. The fix adds RCU protection and uses dev_net_rcu() to prevent UAF. This is a kernel-level issue with potential impact describ...
SUSE-SU-2024:4122-1 Security update for the Linux Kernel RT (Live Patch 10 for SLE 15 SP5)
This update for the Linux Kernel 5.14.21-1505001335 fixes several issues. The following security issues were fixed: - CVE-2021-47517: Fix panic when interrupt coaleceing is set via ethtool bsc1225429. - CVE-2024-36904: tcp: Use refcountincnotzero in tcptwskunique bsc1225733. - CVE-2024-43861: Fix...
CVE-2022-48960
In the Linux kernel, the following vulnerability has been resolved: net: hisilicon: Fix potential use-after-free in hix5hd2rx The skb is delivered to napigroreceive which may free it, after calling this, dereferencing skb may trigger use-after-free...
CVE-2022-49015
The CVE-2022-49015 entry concerns a Linux kernel use-after-free in the net: hsr path. The issue arises when a socket buffer (skb) delivered to netif_rx() may be freed, and subsequent dereferencing of skb could trigger a UAF. Affects the Linux kernel’s hsr subsystem (net: hsr) and is tied to skb l...
CVE-2024-47732
In the Linux kernel, the following vulnerability has been resolved: crypto: iaa - Fix potential use after free bug The freedevicecompressionmodeiaadevice, devicemode function frees "devicemode" but it iss passed to iaacompressionmodesi-free a few lines later resulting in a use after free. The goo...
CVE-2022-48754
In the Linux kernel, the following vulnerability has been resolved: phylib: fix potential use-after-free Commit bafbdd527d56 "phylib: Add device reset GPIO support" added call to phydeviceresetphydev after the putdevice call in phydetach. The comment before the putdevice call says that the phydev...
CVE-2023-52800 wifi: ath11k: fix htt pktlog locking
In the Linux kernel, the following vulnerability has been resolved: wifi: ath11k: fix htt pktlog locking The ath11k active pdevs are protected by RCU but the htt pktlog handling code calling ath11kmacgetarbypdevid was not marked as a read-side critical section. Mark the code in question as an RCU...
CVE-2023-52769
In the Linux kernel, the following vulnerability has been resolved: wifi: ath12k: fix htt mlo-offset event locking The ath12k active pdevs are protected by RCU but the htt mlo-offset event handling code calling ath12kmacgetarbypdevid was not marked as a read-side critical section. Mark the code i...
CVE-2024-3857
The Mozilla Foundation Security Advisory describes this flaw as: The JIT created incorrect code for arguments in certain cases. This led to potential use-after-free crashes during garbage collection...
RHEL 7 : firefox (RHSA-2024:1910)
The remote Redhat Enterprise Linux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2024:1910 advisory. Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox...
CVE-2024-26866
In the Linux kernel, the following vulnerability has been resolved: spi: lpspi: Avoid potential use-after-free in probe fsllpspiprobe is allocating/disposing memory manually with spiallochost/spialloctarget, but uses devmspiregistercontroller. In case of error after the latter call the memory wil...
CVE-2021-47081
A use-after-free vulnerability was found in the Linux kernel, which affects the gaudi component and is caused by a reference attempt cb-id, which may have been previously freed during a call to the hlcbput function...
CVE-2021-47081 habanalabs/gaudi: Fix a potential use after free in gaudi_memset_device_memory
In the Linux kernel, the following vulnerability has been resolved: habanalabs/gaudi: Fix a potential use after free in gaudimemsetdevicememory Our code analyzer reported a uaf. In gaudimemsetdevicememory, cb is get via hlcbkernelcreate with 2 refcount. If hlcsallocatejob failed, the execution ru...
CVE-2021-47081
In the Linux kernel, the following vulnerability has been resolved: habanalabs/gaudi: Fix a potential use after free in gaudimemsetdevicememory Our code analyzer reported a uaf. In gaudimemsetdevicememory, cb is get via hlcbkernelcreate with 2 refcount. If hlcsallocatejob failed, the execution ru...
kernel: Fix of 7 CVEs
KVM: nSVM: avoid picking up unsupported bits from L2 in intctl CVE-2021-3653 CVE-2021-3653 - xen/netfront: fix leaking data in shared pages CVE-2022-33740 - xfs: fix up non-directory creation in SGID directories CVE-2021-4037 - netsched: clsroute: remove from list when handle is 0 CVE-2022-2588 -...
CVE-2021-46973
In the Linux kernel, the following vulnerability has been resolved: net: qrtr: Avoid potential use after free in MHI send It is possible that the MHI ulcallback will be invoked immediately following the queueing of the skb for transmission, leading to the callback decrementing the refcount of the...
CVE-2019-25162 i2c: Fix a potential use after free
In the Linux kernel, the following vulnerability has been resolved: i2c: Fix a potential use after free Free the adap structure only after we are done using it. This patch just moves the putdevice down a bit to avoid the use after free. wsa: added comment to the code, added Fixes tag...
RHEL 8 : firefox (RHSA-2023:4075)
The remote Redhat Enterprise Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2023:4075 advisory. Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox...
GSD-2023-1000350 net: hisilicon: Fix potential use-after-free in hix5hd2_rx()
net: hisilicon: Fix potential use-after-free in hix5hd2rx This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v4.14.302 by commit...
GSD-2023-1000317 net: hisilicon: Fix potential use-after-free in hisi_femac_rx()
net: hisilicon: Fix potential use-after-free in hisifemacrx This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v4.19.269 by commit...