9 matches found
Unity Linux 20.1070a Security Update: kernel (UTSA-2025-380884)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-380884 advisory. In the Linux kernel, the following vulnerability has been resolved: ext4: drop ppath from ext4extreplayupdateex to avoid double-free When calling...
kernel: ext4: drop ppath from ext4_ext_replay_update_ex() to avoid double-free
In the Linux kernel, the following vulnerability has been resolved: ext4: drop ppath from ext4extreplayupdateex to avoid double-free When calling ext4forcesplitextentat in ext4extreplayupdateex, the 'ppath' is updated but it is the 'path' that is freed, thus potentially triggering a double-free i...
SUSE CVE-2024-49883
In the Linux kernel, the following vulnerability has been resolved: ext4: aovid use-after-free in ext4extinsertextent As Ojaswin mentioned in Link, in ext4extinsertextent, if the path is reallocated in ext4extcreatenewleaf, we'll use the stale path and cause UAF. Below is a sample trace with dumm...
CVE-2024-49983
In the Linux kernel, the following vulnerability has been resolved: ext4: drop ppath from ext4extreplayupdateex to avoid double-free When calling ext4forcesplitextentat in ext4extreplayupdateex, the 'ppath' is updated but it is the 'path' that is freed, thus potentially triggering a double-free i...
DEBIAN-CVE-2024-49983
In the Linux kernel, the following vulnerability has been resolved: ext4: drop ppath from ext4extreplayupdateex to avoid double-free When calling ext4forcesplitextentat in ext4extreplayupdateex, the 'ppath' is updated but it is the 'path' that is freed, thus potentially triggering a double-free i...
AZL-51843 CVE-2024-49983 affecting package kernel for versions less than 5.15.173.1-1
In the Linux kernel, the following vulnerability has been resolved: ext4: drop ppath from ext4extreplayupdateex to avoid double-free When calling ext4forcesplitextentat in ext4extreplayupdateex, the 'ppath' is updated but it is the 'path' that is freed, thus potentially triggering a double-free i...
AZL-51360 CVE-2024-49883 affecting package kernel for versions less than 5.15.173.1-1
In the Linux kernel, the following vulnerability has been resolved: ext4: aovid use-after-free in ext4extinsertextent As Ojaswin mentioned in Link, in ext4extinsertextent, if the path is reallocated in ext4extcreatenewleaf, we'll use the stale path and cause UAF. Below is a sample trace with dumm...
DEBIAN-CVE-2024-49883
In the Linux kernel, the following vulnerability has been resolved: ext4: aovid use-after-free in ext4extinsertextent As Ojaswin mentioned in Link, in ext4extinsertextent, if the path is reallocated in ext4extcreatenewleaf, we'll use the stale path and cause UAF. Below is a sample trace with dumm...
UBUNTU-CVE-2024-49983
In the Linux kernel, the following vulnerability has been resolved: ext4: drop ppath from ext4extreplayupdateex to avoid double-free When calling ext4forcesplitextentat in ext4extreplayupdateex, the 'ppath' is updated but it is the 'path' that is freed, thus potentially triggering a double-free i...