CVE-2024-57994

In the Linux kernel, the following vulnerability has been resolved: ptrring: do not block hard interrupts in ptrringresizemultiple Jakub added a lockdepassertnohardirq check in pagepoolputpage to increase test coverage. syzbot found a splat caused by hard irq blocking in ptrringresizemultiple 1 A...

DEBIAN-CVE-2022-49537

In the Linux kernel, the following vulnerability has been resolved: scsi: lpfc: Fix call trace observed during I/O with CMF enabled The following was seen with CMF enabled: BUG: using smpprocessorid in preemptible code: systemd-udevd/31711 kernel: caller is lpfcupdatecmfcmd+0x214/0x420 lpfc kerne...

Security update for the Linux Kernel

The SUSE Linux Enterprise 12 SP5 kernel was updated to receive various security bugfixes. The following security bugs were fixed: CVE-2021-47222: net: bridge: fix vlan tunnel dst refcnt when egressing bsc1224857. CVE-2021-47223: net: bridge: fix vlan tunnel dst null pointer dereference bsc1224856...

DEBIAN-CVE-2024-57890

In the Linux kernel, the following vulnerability has been resolved: RDMA/uverbs: Prevent integer overflow issue In the expression "cmd.wqesize cmd.wrcount", both variables are u32 values that come from the user so the multiplication can lead to integer wrapping. Then we pass the result to...

UBUNTU-CVE-2024-56702

In the Linux kernel, the following vulnerability has been resolved: bpf: Mark rawtp arguments with PTRMAYBENULL Arguments to a raw tracepoint are tagged as trusted, which carries the semantics that the pointer will be non-NULL. However, in certain cases, a raw tracepoint argument may end up being...

CVE-2024-53130

CVE-2024-53130 affects the Linux kernel nilfs2 code. The issue is a NULL pointer dereference in the block_dirty_buffer tracepoint when using mark_buffer_dirty(), caused by bh->b_bdev->bd_dev being dereferenced even if the buffer head lacks a block_device pointer. The kernel fix makes nilfs_...

CVE-2024-53120

In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: CT: Fix null-ptr-deref in add rule err flow In error flow of mlx5tcctentryaddrule, in case ctruleadd callback returns error, zonerule-attr is used uninitiated. Fix it to use attr which has the needed pointer value...

CVE-2024-53064

In the Linux kernel, the following vulnerability has been resolved: idpf: fix idpfvccoreinit error path In an event where the platform running the device control plane is rebooted, reset is detected on the driver. It releases all the resources and waits for the reset to complete. Once the reset i...

CVE-2024-50255

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hci: fix null-ptr-deref in hcireadsupportedcodecs Fix hcicmdsyncsk to return not NULL for unknown opcodes. hcicmdsyncsk returns NULL if a command returns a status event. However, it also returns NULL where an opcode...

CVE-2024-53064

In the Linux kernel, the following vulnerability has been resolved: idpf: fix idpfvccoreinit error path In an event where the platform running the device control plane is rebooted, reset is detected on the driver. It releases all the resources and waits for the reset to complete. Once the reset i...

CVE-2024-53064 idpf: fix idpf_vc_core_init error path

In the Linux kernel, the following vulnerability has been resolved: idpf: fix idpfvccoreinit error path In an event where the platform running the device control plane is rebooted, reset is detected on the driver. It releases all the resources and waits for the reset to complete. Once the reset i...

CVE-2024-53064 idpf: fix idpf_vc_core_init error path

In the Linux kernel, the following vulnerability has been resolved: idpf: fix idpfvccoreinit error path In an event where the platform running the device control plane is rebooted, reset is detected on the driver. It releases all the resources and waits for the reset to complete. Once the reset i...

CVE-2024-53064

CVE-2024-53064 is a Linux kernel issue in the idpf/vc_core mailbox path. During a reboot-retry sequence, the mailbox workqueue may still run after resources are freed, leading to a NULL pointer dereference when the released control queue is accessed. The fix unrolls the workqueue cancellation and...

CVE-2024-50265

In the Linux kernel, the following vulnerability has been resolved: ocfs2: remove entry once instead of null-ptr-dereference in ocfs2xaremove Syzkaller is able to provoke null-ptr-dereference in ocfs2xaremove: 57.319872 a.out,1161,7:ocfs2xaremove:2028 ERROR: status = -12 57.320420...

CVE-2024-50265 ocfs2: remove entry once instead of null-ptr-dereference in ocfs2_xa_remove()

In the Linux kernel, the following vulnerability has been resolved: ocfs2: remove entry once instead of null-ptr-dereference in ocfs2xaremove Syzkaller is able to provoke null-ptr-dereference in ocfs2xaremove: 57.319872 a.out,1161,7:ocfs2xaremove:2028 ERROR: status = -12 57.320420...

Medium: kernel

Issue Overview: In the Linux kernel, the following vulnerability has been resolved: fou: Fix null-ptr-deref in GRO. CVE-2024-46763 Affected Packages: kernel Note: This advisory is applicable to Amazon Linux 2 AL2 Core repository. Visit this FAQ section for the difference between AL2 Core and AL2...

`simd-json-derive` vulnerable to `MaybeUninit` misuse

An invalid use of MaybeUninit::uninit.assumeinit in simd-json-derive's derive macro can cause undefined behavior. The original code used MaybeUninit to avoid initialisation of the struct and then set the fields using ptr::write. The undefined behavior triggered by this misuse of MaybeUninit can...

CVE-2024-50255 Bluetooth: hci: fix null-ptr-deref in hci_read_supported_codecs

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hci: fix null-ptr-deref in hcireadsupportedcodecs Fix hcicmdsyncsk to return not NULL for unknown opcodes. hcicmdsyncsk returns NULL if a command returns a status event. However, it also returns NULL where an opcode...

CVE-2024-50255

The CVE CVE-2024-50255 affects the Linux kernel Bluetooth stack. A null-ptr-deref in hci_read_supported_codecs can occur due to __hci_cmd_sync_sk() returning NULL for unknown opcodes and the hci_cmd_complete_evt() assuming status from skb->data[0] when an opcode is missing from hci_cc, trigger...

CVE-2024-50255

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hci: fix null-ptr-deref in hcireadsupportedcodecs Fix hcicmdsyncsk to return not NULL for unknown opcodes. hcicmdsyncsk returns NULL if a command returns a status event. However, it also returns NULL where an opcode...