PT-2026-27650

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw exists in the Linux kernel where a null-pointer dereference can occur in the drbd request endio function. This happens when READ COMPLETED WITH ERROR is passed to req mod with a...

CVE-2024-58001 ocfs2: handle a symlink read error correctly

In the Linux kernel, the following vulnerability has been resolved: ocfs2: handle a symlink read error correctly Patch series "Convert ocfs2 to use folios". Mark did a conversion of ocfs2 to use folios and sent it to me as a giant patch for review ;- So I've redone it as individual patches, and...

kernel: net: asix: add proper error handling of usb read errors

In the Linux kernel, the following vulnerability has been resolved: net: asix: add proper error handling of usb read errors Syzbot once again hit uninit value in asix driver. The problem still the same -- asixreadcmd reads less bytes, than was requested by caller. Since all read requests are...

CLSA-2024-1707420277 Fix CVE(s): CVE-2023-46589

SECURITY UPDATE: Incorrect parsing of HTTP trailer headers - debian/patches/CVE-2023-46589.patch: Ensure IOException on request read always triggers error handling - CVE-2023-46589 Internal tests: - debian/patches/0100-stop-testing-if-a-failure-occurs.patch: Stop testing if a failure occurs -...

evince: uninitialized memory use in function tiff_document_render() and tiff_document_get_thumbnail()

The tiffdocumentrender and tiffdocumentgetthumbnail functions in the TIFF document backend in GNOME Evince through 3.32.0 did not handle errors from TIFFReadRGBAImageOriented, leading to uninitialized memory use when processing certain TIFF image files...