EUVD-2024-53302

Malicious code in bioql PyPI...

AZL-62633 CVE-2024-57875 affecting package kernel 6.6.126.1-1

In the Linux kernel, the following vulnerability has been resolved: block: RCU protect disk-convzonesbitmap Ensure that a disk revalidation changing the conventional zones bitmap of a disk does not cause invalid memory references when using the diskzoneisconv helper by RCU protecting the...

CVE-2024-56654

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hcievent: Fix using rcureadunlock while iterating The usage of rcureadunlock while inside listforeachentryrcu is not safe since for the most part entries fetched this way shall be treated as rcudereference: Note that t...

CVE-2024-56654 Bluetooth: hci_event: Fix using rcu_read_(un)lock while iterating

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hcievent: Fix using rcureadunlock while iterating The usage of rcureadunlock while inside listforeachentryrcu is not safe since for the most part entries fetched this way shall be treated as rcudereference: Note that t...

CVE-2024-53216

In the Linux kernel, the following vulnerability has been resolved: nfsd: release svcexpkey/svcexport with rcuwork The last reference for cachehead can be reduced to zero in cshow and eshowusing rcureadlock and rcureadunlock. Consequently, svcexportput and expkeyput will be invoked, leading to tw...

CVE-2024-53047 mptcp: init: protect sched with rcu_read_lock

In the Linux kernel, the following vulnerability has been resolved: mptcp: init: protect sched with rcureadlock Enabling CONFIGPROVERCULIST with its dependence CONFIGRCUEXPERT creates this splat when an MPTCP socket is created: ============================= WARNING: suspicious RCU usage 6.12.0-rc...

CVE-2024-44986

In the Linux kernel, the following vulnerability has been resolved: ipv6: fix possible UAF in ip6finishoutput2 If skbexpandhead returns NULL, skb has been freed and associated dst/idev could also have been freed. We need to hold rcureadlock to make sure the dst and associated idev are alive...

CVE-2024-44985

In the Linux kernel, the following vulnerability has been resolved: ipv6: prevent possible UAF in ip6xmit If skbexpandhead returns NULL, skb has been freed and the associated dst/idev could also have been freed. We must use rcureadlock to prevent a possible UAF...

CVE-2024-44987

In the Linux kernel, the following vulnerability has been resolved: ipv6: prevent UAF in ip6sendskb syzbot reported an UAF in ip6sendskb 1 After ip6localout has returned, we no longer can safely dereference rt, unless we hold rcureadlock. A similar issue has been fixed in commit a688caa34beb "ipv...

CVE-2024-44985 ipv6: prevent possible UAF in ip6_xmit()

In the Linux kernel, the following vulnerability has been resolved: ipv6: prevent possible UAF in ip6xmit If skbexpandhead returns NULL, skb has been freed and the associated dst/idev could also have been freed. We must use rcureadlock to prevent a possible UAF...

CVE-2024-44986 ipv6: fix possible UAF in ip6_finish_output2()

In the Linux kernel, the following vulnerability has been resolved: ipv6: fix possible UAF in ip6finishoutput2 If skbexpandhead returns NULL, skb has been freed and associated dst/idev could also have been freed. We need to hold rcureadlock to make sure the dst and associated idev are alive...

CVE-2024-44986

CVE-2024-44986 affects the Linux kernel IPv6 path. A use-after-free can occur in ip6_finish_output2() if skb_expand_head() returns NULL, potentially freeing skb and its dst/idev; the code must hold rcu_read_lock() to keep dst/idev alive. The provided connected documents confirm a kernel fix in th...

CVE-2024-44985 ipv6: prevent possible UAF in ip6_xmit()

In the Linux kernel, the following vulnerability has been resolved: ipv6: prevent possible UAF in ip6xmit If skbexpandhead returns NULL, skb has been freed and the associated dst/idev could also have been freed. We must use rcureadlock to prevent a possible UAF...

CVE-2024-43853

A use-after-free UAF flaw was found in the proccpusetshow function. This issue can allow an attacker to access the css of the root caused by a race condition when the cgrouproot should be freed when it is unmounted from the resource. Mitigation No mitigation is available for this issue other than...

CVE-2024-43853

In the Linux kernel, the following vulnerability has been resolved: cgroup/cpuset: Prevent UAF in proccpusetshow An UAF can happen when /proc/cpuset is read as reported in 1. This can be reproduced by the following methods: 1.add an mdelay1000 before acquiring the cgrouplock In the cgrouppathns...

CVE-2024-43834

In the Linux kernel, the following vulnerability has been resolved: xdp: fix invalid wait context of pagepooldestroy If the driver uses a page pool, it creates a page pool with pagepoolcreate. The reference count of page pool is 1 as default. A page pool will be destroyed only when a reference...

CVE-2024-43853 cgroup/cpuset: Prevent UAF in proc_cpuset_show()

In the Linux kernel, the following vulnerability has been resolved: cgroup/cpuset: Prevent UAF in proccpusetshow An UAF can happen when /proc/cpuset is read as reported in 1. This can be reproduced by the following methods: 1.add an mdelay1000 before acquiring the cgrouplock In the cgrouppathns...

CVE-2024-43853 cgroup/cpuset: Prevent UAF in proc_cpuset_show()

In the Linux kernel, the following vulnerability has been resolved: cgroup/cpuset: Prevent UAF in proccpusetshow An UAF can happen when /proc/cpuset is read as reported in 1. This can be reproduced by the following methods: 1.add an mdelay1000 before acquiring the cgrouplock In the cgrouppathns...

CVE-2024-43853 cgroup/cpuset: Prevent UAF in proc_cpuset_show()

In the Linux kernel, the following vulnerability has been resolved: cgroup/cpuset: Prevent UAF in proccpusetshow An UAF can happen when /proc/cpuset is read as reported in 1. This can be reproduced by the following methods: 1.add an mdelay1000 before acquiring the cgrouplock In the cgrouppathns...

CVE-2024-43834 xdp: fix invalid wait context of page_pool_destroy()

In the Linux kernel, the following vulnerability has been resolved: xdp: fix invalid wait context of pagepooldestroy If the driver uses a page pool, it creates a page pool with pagepoolcreate. The reference count of page pool is 1 as default. A page pool will be destroyed only when a reference...