7471 matches found
CVE-2023-54316
In the Linux kernel, the following vulnerability has been resolved: refscale: Fix uninitalized use of waitqueueheadt Running the refscale test occasionally crashes the kernel with the following error: 8569.952896 BUG: unable to handle page fault for address: ffffffffffffffe8 8569.952900 PF:...
CVE-2023-54261
In the Linux kernel, the following vulnerability has been resolved: drm/amdkfd: Add missing gfx11 MQD manager callbacks mqdstride function was introduced in commit 2f77b9a242a2 "drm/amdkfd: Update MQD management on multi XCC setup" but not assigned for gfx11. Fixes a NULL dereference in debugfs...
UBUNTU-CVE-2023-54236
In the Linux kernel, the following vulnerability has been resolved: net/netfailover: fix txq exceeding warning The failover txq is inited as 16 queues. when a packet is transmitted from the failover device firstly, the failover device will select the queue which is returned from the primary devic...
CVE-2022-50838
In the Linux kernel, the following vulnerability has been resolved: net: stream: purge skerrorqueue in skstreamkillqueues Changheon Lee reported TCP socket leaks, with a nice repro. It seems we leak TCP sockets with the following sequence: 1 SOFTIMESTAMPINGTXACK is enabled on the socket. Each ACK...
CVE-2022-50838
In the Linux kernel, the following vulnerability has been resolved: net: stream: purge skerrorqueue in skstreamkillqueues Changheon Lee reported TCP socket leaks, with a nice repro. It seems we leak TCP sockets with the following sequence: 1 SOFTIMESTAMPINGTXACK is enabled on the socket. Each ACK...
UBUNTU-CVE-2022-50838
In the Linux kernel, the following vulnerability has been resolved: net: stream: purge skerrorqueue in skstreamkillqueues Changheon Lee reported TCP socket leaks, with a nice repro. It seems we leak TCP sockets with the following sequence: 1 SOFTIMESTAMPINGTXACK is enabled on the socket. Each ACK...
CVE-2023-54316
CVE-2023-54316 affects the Linux kernel refscale subsystem. The issue is a race where init_waitqueue_head() may be called after torture_create_kthread(), allowing a kthread to use an uninitialized waitqueue head and crash with a kernel PAGE_FAULT [not-present page] during ref_scale_reader executi...
CVE-2023-54316 refscale: Fix uninitalized use of wait_queue_head_t
In the Linux kernel, the following vulnerability has been resolved: refscale: Fix uninitalized use of waitqueueheadt Running the refscale test occasionally crashes the kernel with the following error: 8569.952896 BUG: unable to handle page fault for address: ffffffffffffffe8 8569.952900 PF:...
CVE-2023-54316 refscale: Fix uninitalized use of wait_queue_head_t
In the Linux kernel, the following vulnerability has been resolved: refscale: Fix uninitalized use of waitqueueheadt Running the refscale test occasionally crashes the kernel with the following error: 8569.952896 BUG: unable to handle page fault for address: ffffffffffffffe8 8569.952900 PF:...
CVE-2023-54310
The CVE-2023-54310 issue (Linux kernel, scsi: mptlan) is a use-after-free in mptlan_remove() caused by a race with the post_buckets workqueue started by mptlan_probe(). The probe path initializes priv->post_buckets_task; a wake starts the work. During driver unload, free_netdev()/kfree(dev) ca...
CVE-2023-54302
CVE-2023-54302 pertains to the Linux kernel RDMA/irdma: a data race on CQP completion statistics occurred because the completion counter was read without proper synchronization while updated by a completion thread on another CPU. The fix converts the completion statistics to an atomic variable to...
CVE-2023-54292
In the Linux kernel, the following vulnerability has been resolved: RDMA/irdma: Fix data race on CQP request done KCSAN detects a data race on cqprequest-requestdone memory location which is accessed locklessly in irdmahandlecqpop while being updated in irdmacqpcehandler. Annotate lockless intent...
CVE-2023-54292 RDMA/irdma: Fix data race on CQP request done
In the Linux kernel, the following vulnerability has been resolved: RDMA/irdma: Fix data race on CQP request done KCSAN detects a data race on cqprequest-requestdone memory location which is accessed locklessly in irdmahandlecqpop while being updated in irdmacqpcehandler. Annotate lockless intent...
CVE-2023-54292
CVE-2023-54292: In the Linux kernel, a data race was fixed in RDMA/irdma handling of CQP requests. KCSAN showed a race on cqp_request->request_done; the fix annotates lockless access with READ_ONCE/WRITE_ONCE to avoid compiler optimizations and warnings. Public details in the initial descripti...
CVE-2023-54242
CVE-2023-54242 affects the Linux kernel in the block bfq I/O elevator. The issue is a division by zero when the weighted sum (wsum) equals zero, causing an invalid calculation of the limit during bfq_limit_depth. The vulnerability could trigger a divide error as observed in a stress-ng stress tes...
CVE-2023-54236
CVE-2023-54236 is a Linux kernel vulnerability related to the net_failover path, where the transmit queue (txq) count could exceed the number of available TX queues, leading to a warning such as “eth0 selects TX queue 18, but real number of TX queues is 16.” The provided documents confirm that th...
CVE-2023-54236 net/net_failover: fix txq exceeding warning
In the Linux kernel, the following vulnerability has been resolved: net/netfailover: fix txq exceeding warning The failover txq is inited as 16 queues. when a packet is transmitted from the failover device firstly, the failover device will select the queue which is returned from the primary devic...
CVE-2023-54236
In the Linux kernel, the following vulnerability has been resolved: net/netfailover: fix txq exceeding warning The failover txq is inited as 16 queues. when a packet is transmitted from the failover device firstly, the failover device will select the queue which is returned from the primary devic...
CVE-2023-54236 net/net_failover: fix txq exceeding warning
In the Linux kernel, the following vulnerability has been resolved: net/netfailover: fix txq exceeding warning The failover txq is inited as 16 queues. when a packet is transmitted from the failover device firstly, the failover device will select the queue which is returned from the primary devic...
CVE-2023-54227 blk-mq: fix tags leak when shrink nr_hw_queues
In the Linux kernel, the following vulnerability has been resolved: blk-mq: fix tags leak when shrink nrhwqueues Although we don't need to realloc set-tags when shrink nrhwqueues, we need to free them. Or these tags will be leaked. How to reproduce: 1. mount -t configfs configfs /mnt 2. modprobe...