CVE-2024-47684 tcp: check skb is non-NULL in tcp_rto_delta_us()

In the Linux kernel, the following vulnerability has been resolved: tcp: check skb is non-NULL in tcprtodeltaus We have some machines running stock Ubuntu 20.04.6 which is their 5.4.0-174-generic kernel that are running ceph and recently hit a null ptr dereference in tcprearmrto. Initially hittin...

CBL Mariner 2.0 Security Update: kernel (CVE-2024-44935)

The version of kernel installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-44935 advisory. - In the Linux kernel, the following vulnerability has been resolved: sctp: Fix null-ptr-deref in...

CBL Mariner 2.0 Security Update: kernel (CVE-2024-42270)

The version of kernel installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-42270 advisory. - In the Linux kernel, the following vulnerability has been resolved: netfilter: iptables: Fix null-ptr- deref...

Unbreakable Enterprise kernel security update

5.15.0-300.163.18.1 - vhost/scsi: null-ptr-dereference in vhostscsigetreq Haoran Zhang Orabug: 37132350...

Important; Unbreakable Enterprise kernel security update

4.1.12-124.90.3.1 - vhost/scsi: null-ptr-dereference in vhostscsigetreq Haoran Zhang Orabug: 37132352...

Unbreakable Enterprise kernel-container security update

5.4.17-2136.335.4.1.el8 - vhost/scsi: null-ptr-dereference in vhostscsigetreq Haoran Zhang Orabug: 37035558...

Unbreakable Enterprise kernel-container security update

5.4.17-2136.335.4.1.el7 - vhost/scsi: null-ptr-dereference in vhostscsigetreq Haoran Zhang Orabug: 37035558...

Unbreakable Enterprise kernel bug fix update

5.4.17-2136.335.4.1 - vhost/scsi: null-ptr-dereference in vhostscsigetreq Haoran Zhang Orabug: 37035558...

CVE-2024-46742

In the Linux kernel, the following vulnerability has been resolved: smb/server: fix potential null-ptr-deref of leasectxinfo in smb2open null-ptr-deref will occur when reqoplevel == SMB2OPLOCKLEVELLEASE and parseleasestate return NULL. Fix this by check if 'leasectxinfo' is NULL. Additionally,...

CVE-2024-46763

In the Linux kernel, the following vulnerability has been resolved: fou: Fix null-ptr-deref in GRO. We observed a null-ptr-deref in fougroreceive while shutting down a host. 0 The NULL pointer is sk-skuserdata, and the offset 8 is of protocol in struct fou. When fourelease is called due to netns...

CVE-2024-46742

In the Linux kernel, the following vulnerability has been resolved: smb/server: fix potential null-ptr-deref of leasectxinfo in smb2open null-ptr-deref will occur when reqoplevel == SMB2OPLOCKLEVELLEASE and parseleasestate return NULL. Fix this by check if 'leasectxinfo' is NULL. Additionally,...

CVE-2024-46763 fou: Fix null-ptr-deref in GRO.

In the Linux kernel, the following vulnerability has been resolved: fou: Fix null-ptr-deref in GRO. We observed a null-ptr-deref in fougroreceive while shutting down a host. 0 The NULL pointer is sk-skuserdata, and the offset 8 is of protocol in struct fou. When fourelease is called due to netns...

CVE-2024-46763 fou: Fix null-ptr-deref in GRO.

In the Linux kernel, the following vulnerability has been resolved: fou: Fix null-ptr-deref in GRO. We observed a null-ptr-deref in fougroreceive while shutting down a host. 0 The NULL pointer is sk-skuserdata, and the offset 8 is of protocol in struct fou. When fourelease is called due to netns...

CVE-2024-46742

CVE-2024-46742 is a Linux kernel vulnerability affecting the SMB server path where a potential null pointer dereference in smb2_open() could occur when lease_ctx_info is NULL (SMB2_OPLOCK_LEVEL_LEASE). The fix adds a NULL check for lease_ctx_info and also removes redundant parentheses in parse_du...

CVE-2024-46742 smb/server: fix potential null-ptr-deref of lease_ctx_info in smb2_open()

In the Linux kernel, the following vulnerability has been resolved: smb/server: fix potential null-ptr-deref of leasectxinfo in smb2open null-ptr-deref will occur when reqoplevel == SMB2OPLOCKLEVELLEASE and parseleasestate return NULL. Fix this by check if 'leasectxinfo' is NULL. Additionally,...

CVE-2024-46742 smb/server: fix potential null-ptr-deref of lease_ctx_info in smb2_open()

In the Linux kernel, the following vulnerability has been resolved: smb/server: fix potential null-ptr-deref of leasectxinfo in smb2open null-ptr-deref will occur when reqoplevel == SMB2OPLOCKLEVELLEASE and parseleasestate return NULL. Fix this by check if 'leasectxinfo' is NULL. Additionally,...

CVE-2024-46688 erofs: fix out-of-bound access when z_erofs_gbuf_growsize() partially fails

In the Linux kernel, the following vulnerability has been resolved: erofs: fix out-of-bound access when zerofsgbufgrowsize partially fails If zerofsgbufgrowsize partially fails on a global buffer due to memory allocation failure or fault injection as reported by syzbot 1, new pages need to be fre...

CVE-2024-45015

In the Linux kernel, the following vulnerability has been resolved: drm/msm/dpu: move dpuencoder's connector assignment to atomicenable For cases where the crtc's connectorschanged was set without enable/active getting toggled , there is an atomicenable call followed by an atomicdisable but witho...

CVE-2024-45015

CVE-2024-45015 affects the Linux kernel component drm/msm/dpu. The vulnerability arises when crtc connectors_changed is set without a corresponding atomic_mode_set(), leading to an atomic_enable() followed by atomic_disable() without re-assigning the connector, causing NULL pointer dereference in...

CVE-2024-45015 drm/msm/dpu: move dpu_encoder's connector assignment to atomic_enable()

In the Linux kernel, the following vulnerability has been resolved: drm/msm/dpu: move dpuencoder's connector assignment to atomicenable For cases where the crtc's connectorschanged was set without enable/active getting toggled , there is an atomicenable call followed by an atomicdisable but witho...