CVE-2023-54261

In the Linux kernel, the following vulnerability has been resolved: drm/amdkfd: Add missing gfx11 MQD manager callbacks mqdstride function was introduced in commit 2f77b9a242a2 "drm/amdkfd: Update MQD management on multi XCC setup" but not assigned for gfx11. Fixes a NULL dereference in debugfs...

CVE-2023-54236

In the Linux kernel, the following vulnerability has been resolved: net/netfailover: fix txq exceeding warning The failover txq is inited as 16 queues. when a packet is transmitted from the failover device firstly, the failover device will select the queue which is returned from the primary devic...

CVE-2023-54227

In the Linux kernel, the following vulnerability has been resolved: blk-mq: fix tags leak when shrink nrhwqueues Although we don't need to realloc set-tags when shrink nrhwqueues, we need to free them. Or these tags will be leaked. How to reproduce: 1. mount -t configfs configfs /mnt 2. modprobe...

CVE-2023-54201

In the Linux kernel, the following vulnerability has been resolved: RDMA/efa: Fix wrong resources deallocation order When trying to destroy QP or CQ, we first decrease the refcount and potentially free memory regions allocated for the object and then request the device to destroy the object. If t...

CVE-2023-54223

In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: xsk: Fix invalid buffer access for legacy rq The below crash can be encountered when using xdpsock in rx mode for legacy rq: the buffer gets released in the XDPREDIRECT path, and then once again in the driver. This fix...

CVE-2023-54166

In the Linux kernel, the following vulnerability has been resolved: igc: Fix Kernel Panic during ndotxtimeout callback The Xeon validation group has been carrying out some loaded tests with various HW configurations, and they have seen some transmit queue time out happening during the test. This...

CVE-2023-54302

In the Linux kernel, the following vulnerability has been resolved: RDMA/irdma: Fix data race on CQP completion stats CQP completion statistics is read lockesly in irdmawaitevent and irdmacheckcqpprogress while it can be updated in the completion thread irdmascccqgetcqeinfo on another CPU as KCSA...

CVE-2023-54292

In the Linux kernel, the following vulnerability has been resolved: RDMA/irdma: Fix data race on CQP request done KCSAN detects a data race on cqprequest-requestdone memory location which is accessed locklessly in irdmahandlecqpop while being updated in irdmacqpcehandler. Annotate lockless intent...

CVE-2023-54236

In the Linux kernel, the following vulnerability has been resolved: net/netfailover: fix txq exceeding warning The failover txq is inited as 16 queues. when a packet is transmitted from the failover device firstly, the failover device will select the queue which is returned from the primary devic...

UBUNTU-CVE-2023-54223

In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: xsk: Fix invalid buffer access for legacy rq The below crash can be encountered when using xdpsock in rx mode for legacy rq: the buffer gets released in the XDPREDIRECT path, and then once again in the driver. This fix...

UBUNTU-CVE-2023-54166

In the Linux kernel, the following vulnerability has been resolved: igc: Fix Kernel Panic during ndotxtimeout callback The Xeon validation group has been carrying out some loaded tests with various HW configurations, and they have seen some transmit queue time out happening during the test. This...

CVE-2023-54201

In the Linux kernel, the following vulnerability has been resolved: RDMA/efa: Fix wrong resources deallocation order When trying to destroy QP or CQ, we first decrease the refcount and potentially free memory regions allocated for the object and then request the device to destroy the object. If t...

CVE-2023-54316

In the Linux kernel, the following vulnerability has been resolved: refscale: Fix uninitalized use of waitqueueheadt Running the refscale test occasionally crashes the kernel with the following error: 8569.952896 BUG: unable to handle page fault for address: ffffffffffffffe8 8569.952900 PF:...

CVE-2023-54261

In the Linux kernel, the following vulnerability has been resolved: drm/amdkfd: Add missing gfx11 MQD manager callbacks mqdstride function was introduced in commit 2f77b9a242a2 "drm/amdkfd: Update MQD management on multi XCC setup" but not assigned for gfx11. Fixes a NULL dereference in debugfs...

UBUNTU-CVE-2023-54236

In the Linux kernel, the following vulnerability has been resolved: net/netfailover: fix txq exceeding warning The failover txq is inited as 16 queues. when a packet is transmitted from the failover device firstly, the failover device will select the queue which is returned from the primary devic...

CVE-2022-50838

In the Linux kernel, the following vulnerability has been resolved: net: stream: purge skerrorqueue in skstreamkillqueues Changheon Lee reported TCP socket leaks, with a nice repro. It seems we leak TCP sockets with the following sequence: 1 SOFTIMESTAMPINGTXACK is enabled on the socket. Each ACK...

CVE-2022-50838

In the Linux kernel, the following vulnerability has been resolved: net: stream: purge skerrorqueue in skstreamkillqueues Changheon Lee reported TCP socket leaks, with a nice repro. It seems we leak TCP sockets with the following sequence: 1 SOFTIMESTAMPINGTXACK is enabled on the socket. Each ACK...

UBUNTU-CVE-2022-50838

In the Linux kernel, the following vulnerability has been resolved: net: stream: purge skerrorqueue in skstreamkillqueues Changheon Lee reported TCP socket leaks, with a nice repro. It seems we leak TCP sockets with the following sequence: 1 SOFTIMESTAMPINGTXACK is enabled on the socket. Each ACK...

CVE-2023-54316

CVE-2023-54316 affects the Linux kernel refscale subsystem. The issue is a race where init_waitqueue_head() may be called after torture_create_kthread(), allowing a kthread to use an uninitialized waitqueue head and crash with a kernel PAGE_FAULT [not-present page] during ref_scale_reader executi...

CVE-2023-54316 refscale: Fix uninitalized use of wait_queue_head_t

In the Linux kernel, the following vulnerability has been resolved: refscale: Fix uninitalized use of waitqueueheadt Running the refscale test occasionally crashes the kernel with the following error: 8569.952896 BUG: unable to handle page fault for address: ffffffffffffffe8 8569.952900 PF:...