18 matches found
Important: Red Hat Security Advisory: kernel-rt security update
An update for kernel-rt is now available for Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...
CVE-2024-41054
In the Linux kernel, the following vulnerability has been resolved: scsi: ufs: core: Fix ufshcdclearcmd racing issue When ufshcdclearcmd is racing with the completion ISR, the completed tag of the request's mqhctx pointer will be set to NULL by the ISR. And ufshcdclearcmd's call to...
CVE-2024-41053
A flaw was found in the ufshcd-core module in the Linux kernel. A race condition between the ufshcdabortone function and the completion ISR can cause a NULL pointer dereference, resulting in a denial of service...
CVE-2024-41053
In the Linux kernel, the following vulnerability has been resolved: scsi: ufs: core: Fix ufshcdabortone racing issue When ufshcdabortone is racing with the completion ISR, the completed tag of the request's mqhctx pointer will be set to NULL by ISR. Return success when request is completed by ISR...
CVE-2024-41054 scsi: ufs: core: Fix ufshcd_clear_cmd racing issue
In the Linux kernel, the following vulnerability has been resolved: scsi: ufs: core: Fix ufshcdclearcmd racing issue When ufshcdclearcmd is racing with the completion ISR, the completed tag of the request's mqhctx pointer will be set to NULL by the ISR. And ufshcdclearcmd's call to...
CVE-2024-41054 scsi: ufs: core: Fix ufshcd_clear_cmd racing issue
In the Linux kernel, the following vulnerability has been resolved: scsi: ufs: core: Fix ufshcdclearcmd racing issue When ufshcdclearcmd is racing with the completion ISR, the completed tag of the request's mqhctx pointer will be set to NULL by the ISR. And ufshcdclearcmd's call to...
CVE-2024-41054 scsi: ufs: core: Fix ufshcd_clear_cmd racing issue
In the Linux kernel, the following vulnerability has been resolved: scsi: ufs: core: Fix ufshcdclearcmd racing issue When ufshcdclearcmd is racing with the completion ISR, the completed tag of the request's mqhctx pointer will be set to NULL by the ISR. And ufshcdclearcmd's call to...
CVE-2024-41054
CVE-2024-41054 is a Linux kernel vulnerability in the SCSI/UFS subsystem (ufshcd_clear_cmd racing with the completion ISR). The race can lead to a NULL pointer dereference when the ISR completes a request, with a backtrace showing blk_mq_unique_tag and ufshcd_clear_cmd paths in the ufshc_mediatek...
CVE-2024-41053 scsi: ufs: core: Fix ufshcd_abort_one racing issue
In the Linux kernel, the following vulnerability has been resolved: scsi: ufs: core: Fix ufshcdabortone racing issue When ufshcdabortone is racing with the completion ISR, the completed tag of the request's mqhctx pointer will be set to NULL by ISR. Return success when request is completed by ISR...
CVE-2024-41053 scsi: ufs: core: Fix ufshcd_abort_one racing issue
In the Linux kernel, the following vulnerability has been resolved: scsi: ufs: core: Fix ufshcdabortone racing issue When ufshcdabortone is racing with the completion ISR, the completed tag of the request's mqhctx pointer will be set to NULL by ISR. Return success when request is completed by ISR...
CVE-2024-41053
The CVE-2024-41053 issue affects the Linux kernel’s SCSI/ufs path. It concerns ufshcd_abort_one racing with the completion ISR, which can cause the request’s mq_hctx pointer to be NULL at ISR completion and may lead to a kernel NULL pointer dereference (as shown in the backtrace). The description...
CVE-2023-52785
In the Linux kernel, the following vulnerability has been resolved: scsi: ufs: core: Fix racing issue between ufshcdmcqabort and ISR If command timeout happens and cq complete IRQ is raised at the same time, ufshcdmcqabort clears lprb-cmd and a NULL pointer deref happens in the ISR. Error log:...
CVE-2023-52785
In the Linux kernel, the following vulnerability has been resolved: scsi: ufs: core: Fix racing issue between ufshcdmcqabort and ISR If command timeout happens and cq complete IRQ is raised at the same time, ufshcdmcqabort clears lprb-cmd and a NULL pointer deref happens in the ISR. Error log:...
CVE-2023-52785 scsi: ufs: core: Fix racing issue between ufshcd_mcq_abort() and ISR
In the Linux kernel, the following vulnerability has been resolved: scsi: ufs: core: Fix racing issue between ufshcdmcqabort and ISR If command timeout happens and cq complete IRQ is raised at the same time, ufshcdmcqabort clears lprb-cmd and a NULL pointer deref happens in the ISR. Error log:...
CVE-2023-52785 scsi: ufs: core: Fix racing issue between ufshcd_mcq_abort() and ISR
In the Linux kernel, the following vulnerability has been resolved: scsi: ufs: core: Fix racing issue between ufshcdmcqabort and ISR If command timeout happens and cq complete IRQ is raised at the same time, ufshcdmcqabort clears lprb-cmd and a NULL pointer deref happens in the ISR. Error log:...
CVE-2023-52785 scsi: ufs: core: Fix racing issue between ufshcd_mcq_abort() and ISR
In the Linux kernel, the following vulnerability has been resolved: scsi: ufs: core: Fix racing issue between ufshcdmcqabort and ISR If command timeout happens and cq complete IRQ is raised at the same time, ufshcdmcqabort clears lprb-cmd and a NULL pointer deref happens in the ISR. Error log:...
CVE-2024-26737
CVE-2024-26737 is a Linux kernel vulnerability resolved by a patch that fixes a race between bpf_timer_cancel_and_free and bpf_timer_cancel, which could cause a use-after-free (UAF) of timer structures. The fix frees timer->timer after an RCU grace period (RCU head added to struct bpf_hrtimer)...
GSD-2022-1001107 rxrpc: Fix call timer start racing with call destruction
rxrpc: Fix call timer start racing with call destruction This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.17.2 by commit...