1685 matches found
kernel: Linux kernel: md/raid10 soft lockup due to unlimited plugged bio
A flaw was found in the Linux kernel's Multiple Device MD driver, specifically within the RAID10 implementation. This vulnerability allows a local user to trigger a soft lockup, leading to a Denial of Service DoS. The issue arises because the md/raid10 component lacks a limit on plugged bio block...
kernel: md: don't dereference mddev after export_rdev()
A use-after-free vulnerability was found in the Linux kernel multiple device RAID subsystem's device lifetime management. A local user with privileges to manage MD arrays can trigger concurrent device addition and removal operations via sysfs, causing a race condition where the mddev structure is...
CLSA-2024-1713791231 Fix of 12 CVEs
CVE-url: https://ubuntu.com/security/CVE-2021-46925 - net/smc: get rid of txpend waits in socket closing - net/smc: fix kernel panic caused by race of smcsock CVE-url: https://ubuntu.com/security/CVE-2024-23307 - md/raid5: fix atomicity violation in raid5cachecount CVE-url:...
CLSA-2024-1713791075 Fix of 12 CVEs
CVE-url: https://ubuntu.com/security/CVE-2024-23307 - md/raid5: fix atomicity violation in raid5cachecount CVE-url: https://ubuntu.com/security/CVE-2021-46932 - Input: appletouch - initialize work before device registration CVE-url: https://ubuntu.com/security/CVE-2021-46936 - net: fix...
CLSA-2024-1713790844 Fix of 12 CVEs
CVE-url: https://ubuntu.com/security/CVE-2024-23307 - md/raid5: fix atomicity violation in raid5cachecount CVE-url: https://ubuntu.com/security/CVE-2021-46932 - Input: appletouch - initialize work before device registration CVE-url: https://ubuntu.com/security/CVE-2021-46936 - net: fix...
SUSE CVE-2024-26899
In the Linux kernel, the following vulnerability has been resolved: block: fix deadlock between bdlinkdiskholder and partition scan 'openmutex' of gendisk is used to protect open/close block devices. But in bdlinkdiskholder, it is used to protect the creation of symlink between holding disk and...
CVE-2024-26899
In the Linux kernel, the following vulnerability has been resolved: block: fix deadlock between bdlinkdiskholder and partition scan 'openmutex' of gendisk is used to protect open/close block devices. But in bdlinkdiskholder, it is used to protect the creation of symlink between holding disk and...
CVE-2024-26899 block: fix deadlock between bd_link_disk_holder and partition scan
In the Linux kernel, the following vulnerability has been resolved: block: fix deadlock between bdlinkdiskholder and partition scan 'openmutex' of gendisk is used to protect open/close block devices. But in bdlinkdiskholder, it is used to protect the creation of symlink between holding disk and...
CVE-2024-26899
CVE-2024-26899 — Linux kernel deadlock fix details : Affected component is the block layer in the Linux kernel. The issue arises when bd_link_disk_holder() uses the global open_mutex to guard the creation of a symlink between a holding disk and a slave bdev during driver initialization/modificati...
CVE-2024-26899 block: fix deadlock between bd_link_disk_holder and partition scan
In the Linux kernel, the following vulnerability has been resolved: block: fix deadlock between bdlinkdiskholder and partition scan 'openmutex' of gendisk is used to protect open/close block devices. But in bdlinkdiskholder, it is used to protect the creation of symlink between holding disk and...
The vulnerability of the implementation of RAID arrays based on Intel VROC chips stems from access control deficiencies, allowing attackers to enhance their privileges.
The vulnerability of the implementation of RAID arrays based on Intel VROC chips is related to deficiencies in access control. Exploiting this vulnerability can allow attackers to enhance their privileges...
The vulnerability of the implementation of RAID arrays based on Intel VROC chips arises from the improper use of standard resolutions. This allows a hacker to increase their privileges.
The vulnerability of the implementation of RAID arrays based on Intel VROC chips is related to the improper use of standard resolutions. Exploiting this vulnerability can allow attackers to enhance their privileges...
The vulnerability of the implementation of RAID arrays based on Intel VROC chips lies in the uncontrolled search element, which allows a hacker to increase their privileges.
The vulnerability of the implementation of RAID arrays based on Intel VROC chips is related to an uncontrollable element in the search process. Exploiting this vulnerability can allow attackers to enhance their privileges...
SUSE CVE-2024-26756
In the Linux kernel, the following vulnerability has been resolved: md: Don't register syncthread for reshape directly Currently, if reshape is interrupted, then reassemble the array will register syncthread directly from pers-run, in this case 'MDRECOVERYRUNNING' is set directly, however, there ...
SUSE CVE-2024-26757
In the Linux kernel, the following vulnerability has been resolved: md: Don't ignore read-only array in mdcheckrecovery Usually if the array is not read-write, mdcheckrecovery won't register new syncthread in the first place. And if the array is read-write and syncthread is registered,...
CVE-2024-26756
In the Linux kernel, the following vulnerability has been resolved: md: Don't register syncthread for reshape directly Currently, if reshape is interrupted, then reassemble the array will register syncthread directly from pers-run, in this case 'MDRECOVERYRUNNING' is set directly, however, there ...
CVE-2024-26757
In the Linux kernel, the following vulnerability has been resolved: md: Don't ignore read-only array in mdcheckrecovery Usually if the array is not read-write, mdcheckrecovery won't register new syncthread in the first place. And if the array is read-write and syncthread is registered,...
AZL-58753 CVE-2024-26756 affecting package kernel 5.15.200.1-1
In the Linux kernel, the following vulnerability has been resolved: md: Don't register syncthread for reshape directly Currently, if reshape is interrupted, then reassemble the array will register syncthread directly from pers-run, in this case 'MDRECOVERYRUNNING' is set directly, however, there ...
DEBIAN-CVE-2024-26756
In the Linux kernel, the following vulnerability has been resolved: md: Don't register syncthread for reshape directly Currently, if reshape is interrupted, then reassemble the array will register syncthread directly from pers-run, in this case 'MDRECOVERYRUNNING' is set directly, however, there ...
CVE-2024-26758
In the Linux kernel, the following vulnerability has been resolved: md: Don't ignore suspended array in mdcheckrecovery mddevsuspend never stop syncthread, hence it doesn't make sense to ignore suspended array in mdcheckrecovery, which might cause syncthread can't be unregistered. After commit...