UBUNTU-CVE-2021-47577

In the Linux kernel, the following vulnerability has been resolved: io-wq: check for wq exit after adding new worker taskwork We check IOWQBITEXIT before attempting to create a new worker, and wq exit cancels pending work if we have any. But it's possible to have a race between the two, where...

UBUNTU-CVE-2021-47616

In the Linux kernel, the following vulnerability has been resolved: RDMA: Fix use-after-free in rxequeuecleanup On error handling path in rxeqpfrominit qp-sq.queue is freed and then rxecreateqp will drop last reference to this object. qp clean up function will try to free this queue one time and ...

UBUNTU-CVE-2021-47603

In the Linux kernel, the following vulnerability has been resolved: audit: improve robustness of the audit queue handling If the audit daemon were ever to get stuck in a stopped state the kernel's kauditdthread could get blocked attempting to send audit records to the userspace audit daemon. With...

CVE-2021-47603

In CVE-2021-47603, the Linux kernel audit subsystem is affected: kauditd_thread() could block when sending audit records if the audit daemon is stopped, allowing the audit backlog to grow beyond limits and potentially cause a deadlock. The referenced patch lowers the kernel thread’s socket send t...

DEBIAN-CVE-2024-38591

In the Linux kernel, the following vulnerability has been resolved: RDMA/hns: Fix deadlock on SRQ async events. xalock for SRQ table may be required in AEQ. Use xastoreirq/ xaeraseirq to avoid deadlock...

DEBIAN-CVE-2024-38556

In the Linux kernel, the following vulnerability has been resolved: net/mlx5: Add a timeout to acquire the command queue semaphore Prevent forced completion handling on an entry that has not yet been assigned an index, causing an out of bounds access on idx = -22. Instead of waiting indefinitely...

AZL-57841 CVE-2024-38556 affecting package kernel 5.15.200.1-1

In the Linux kernel, the following vulnerability has been resolved: net/mlx5: Add a timeout to acquire the command queue semaphore Prevent forced completion handling on an entry that has not yet been assigned an index, causing an out of bounds access on idx = -22. Instead of waiting indefinitely...

AZL-59408 CVE-2024-38540 affecting package kernel for versions less than 5.15.182.1-1

In the Linux kernel, the following vulnerability has been resolved: bnxtre: avoid shift undefined behavior in bnxtqpliballocinithwq Undefined behavior is triggered when bnxtqpliballocinithwq is called with hwqattr-auxdepth != 0 and hwqattr-auxstride == 0. In that case,...

DEBIAN-CVE-2024-38545

In the Linux kernel, the following vulnerability has been resolved: RDMA/hns: Fix UAF for cq async event The refcount of CQ is not protected by locks. When CQ asynchronous events and CQ destruction are concurrent, CQ may have been released, which will cause UAF. Use the xalock to protect the CQ...

UBUNTU-CVE-2024-38544

In the Linux kernel, the following vulnerability has been resolved: RDMA/rxe: Fix seg fault in rxecompqueuepkt In rxecompqueuepkt an incoming response packet skb is enqueued to the resppkts queue and then a decision is made whether to run the completer task inline or schedule it. Finally the skb ...

UBUNTU-CVE-2024-38540

In the Linux kernel, the following vulnerability has been resolved: bnxtre: avoid shift undefined behavior in bnxtqpliballocinithwq Undefined behavior is triggered when bnxtqpliballocinithwq is called with hwqattr-auxdepth != 0 and hwqattr-auxstride == 0. In that case,...

UBUNTU-CVE-2024-38556

In the Linux kernel, the following vulnerability has been resolved: net/mlx5: Add a timeout to acquire the command queue semaphore Prevent forced completion handling on an entry that has not yet been assigned an index, causing an out of bounds access on idx = -22. Instead of waiting indefinitely...

UBUNTU-CVE-2024-38591

In the Linux kernel, the following vulnerability has been resolved: RDMA/hns: Fix deadlock on SRQ async events. xalock for SRQ table may be required in AEQ. Use xastoreirq/ xaeraseirq to avoid deadlock...

CVE-2024-38556

CVE-2024-38556 affects the Linux kernel net/mlx5 code. The vulnerability arises from how the command queue semaphore timeout handling can allow an entry to be processed before an index is allocated, risking an out-of-bounds access at idx = -22 if the completion path proceeds without proper synchr...

CVE-2024-38556

In the Linux kernel, the following vulnerability has been resolved: net/mlx5: Add a timeout to acquire the command queue semaphore Prevent forced completion handling on an entry that has not yet been assigned an index, causing an out of bounds access on idx = -22. Instead of waiting indefinitely...

CVE-2024-38544 RDMA/rxe: Fix seg fault in rxe_comp_queue_pkt

In the Linux kernel, the following vulnerability has been resolved: RDMA/rxe: Fix seg fault in rxecompqueuepkt In rxecompqueuepkt an incoming response packet skb is enqueued to the resppkts queue and then a decision is made whether to run the completer task inline or schedule it. Finally the skb ...

CVE-2024-38544

In the Linux kernel, the following vulnerability has been resolved: RDMA/rxe: Fix seg fault in rxecompqueuepkt In rxecompqueuepkt an incoming response packet skb is enqueued to the resppkts queue and then a decision is made whether to run the completer task inline or schedule it. Finally the skb ...

The vulnerability of the Microsoft Message Queuing (MSMQ) queue service on Windows operating systems allows a hacker to execute arbitrary code.

The vulnerability of the Microsoft Message Queuing MSMQ queue service on Windows operating systems is related to the use of memory after it is freed. Exploiting this vulnerability could allow an attacker to execute arbitrary code remotely...

Linux kernel security vulnerabilities

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that stems from incorrect use of the ptp work queue for the second part of the timestamp, which stops when the port is closed...

Linux kernel security vulnerabilities

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from the use of a locking mechanism that only protects the concurrency of a given transfer queue between transfer...