79 matches found
CVE-2024-53095 smb: client: Fix use-after-free of network namespace.
In the Linux kernel, the following vulnerability has been resolved: smb: client: Fix use-after-free of network namespace. Recently, we got a customer report that CIFS triggers oops while reconnecting to a server. 0 The workload runs on Kubernetes, and some pods mount CIFS servers in non-root...
CVE-2024-53095
CVE-2024-53095 – Linux kernel SMB CIFS client UAF Issue: The CIFS/SMB client in the Linux kernel can use-after-free the network namespace (netns) when sockets are freed after the netns lifetime, triggering oopses during reconnect in Kubernetes pods that mount CIFS shares in non-root netns. Root c...
CVE-2024-50257
In the Linux kernel, the following vulnerability has been resolved: netfilter: Fix use-after-free in getinfo ip6tablenat module unload has refcnt warning for UAF. call trace is: WARNING: CPU: 1 PID: 379 at kernel/module/main.c:853 moduleput+0x6f/0x80 Modules linked in: ip6tablenat- CPU: 1 UID: 0...
CVE-2024-50257 netfilter: Fix use-after-free in get_info()
In the Linux kernel, the following vulnerability has been resolved: netfilter: Fix use-after-free in getinfo ip6tablenat module unload has refcnt warning for UAF. call trace is: WARNING: CPU: 1 PID: 379 at kernel/module/main.c:853 moduleput+0x6f/0x80 Modules linked in: ip6tablenat- CPU: 1 UID: 0...
CVE-2024-49988
In the Linux kernel, the following vulnerability has been resolved: ksmbd: add refcnt to ksmbdconn struct When sending an oplock break request, opinfo-conn is used, But freed -conn can be used on multichannel. This patch add a reference count to the ksmbdconn struct so that it can be freed when i...
CVE-2024-49988 ksmbd: add refcnt to ksmbd_conn struct
In the Linux kernel, the following vulnerability has been resolved: ksmbd: add refcnt to ksmbdconn struct When sending an oplock break request, opinfo-conn is used, But freed -conn can be used on multichannel. This patch add a reference count to the ksmbdconn struct so that it can be freed when i...
CVE-2024-49982 aoe: fix the potential use-after-free problem in more places
In the Linux kernel, the following vulnerability has been resolved: aoe: fix the potential use-after-free problem in more places For fixing CVE-2023-6270, f98364e92662 "aoe: fix the potential use-after-free problem in aoecmdcfgpkts" makes tx calling devput instead of doing in aoecmdcfgpkts. It...
SUSE-SU-2024:3499-1 Security update for the Linux Kernel
The SUSE Linux Enterprise 15 SP2 kernel was updated to receive various security bugfixes. The following security bugs were fixed: - CVE-2022-48791: Fix use-after-free for aborted TMF sastask bsc1228002 - CVE-2024-44947: Initialize beyond-EOF page contents before setting uptodate bsc1229454. -...
CVE-2024-42075 bpf: Fix remap of arena.
In the Linux kernel, the following vulnerability has been resolved: bpf: Fix remap of arena. The bpf arena logic didn't account for mremap operation. Add a refcnt for multiple mmap events to prevent use-after-free in arenavmclose...
CVE-2024-40914 mm/huge_memory: don't unpoison huge_zero_folio
In the Linux kernel, the following vulnerability has been resolved: mm/hugememory: don't unpoison hugezerofolio When I did memory failure tests recently, below panic occurs: kernel BUG at include/linux/mm.h:1135! invalid opcode: 0000 1 PREEMPT SMP NOPTI CPU: 9 PID: 137 Comm: kswapd1 Not tainted...
CVE-2024-40914 mm/huge_memory: don't unpoison huge_zero_folio
In the Linux kernel, the following vulnerability has been resolved: mm/hugememory: don't unpoison hugezerofolio When I did memory failure tests recently, below panic occurs: kernel BUG at include/linux/mm.h:1135! invalid opcode: 0000 1 PREEMPT SMP NOPTI CPU: 9 PID: 137 Comm: kswapd1 Not tainted...
OracleVM 3.4 : kernel-uek (OVMSA-2024-0006)
The remote OracleVM system is missing necessary patches to address security updates: 4.1.12-124.87.2- net: sched: fix race condition in qdiscgraft Eric Dumazet Orabug: 35250827 CVE-2023-05904.1.12-124.87.1- ipv4: igmp: fix refcnt uaf issue when receiving igmp query packet Zhengchao Shao Orabug:...
CVE-2021-47532
In the Linux kernel, the following vulnerability has been resolved: drm/msm/devfreq: Fix OPP refcnt leak...
CVE-2021-47555
In the Linux kernel, the following vulnerability has been resolved: net: vlan: fix underflow for the realdev refcnt Inject error before devholdrealdev in registervlandev, and execute the following testcase: ip link add dev dummy1 type dummy ip link add name dummy1.100 link dummy1 type vlan id 100...
CVE-2021-47555
In the Linux kernel, the following vulnerability has been resolved: net: vlan: fix underflow for the realdev refcnt Inject error before devholdrealdev in registervlandev, and execute the following testcase: ip link add dev dummy1 type dummy ip link add name dummy1.100 link dummy1 type vlan id 100...
CVE-2021-47532
In the Linux kernel, the following vulnerability has been resolved: drm/msm/devfreq: Fix OPP refcnt leak...
CVE-2021-47555
In the Linux kernel, the following vulnerability has been resolved: net: vlan: fix underflow for the realdev refcnt Inject error before devholdrealdev in registervlandev, and execute the following testcase: ip link add dev dummy1 type dummy ip link add name dummy1.100 link dummy1 type vlan id 100...
CVE-2021-47532
In the Linux kernel, the following vulnerability has been resolved: drm/msm/devfreq: Fix OPP refcnt leak...
CVE-2021-47555 net: vlan: fix underflow for the real_dev refcnt
In the Linux kernel, the following vulnerability has been resolved: net: vlan: fix underflow for the realdev refcnt Inject error before devholdrealdev in registervlandev, and execute the following testcase: ip link add dev dummy1 type dummy ip link add name dummy1.100 link dummy1 type vlan id 100...
CVE-2021-47555 net: vlan: fix underflow for the real_dev refcnt
In the Linux kernel, the following vulnerability has been resolved: net: vlan: fix underflow for the realdev refcnt Inject error before devholdrealdev in registervlandev, and execute the following testcase: ip link add dev dummy1 type dummy ip link add name dummy1.100 link dummy1 type vlan id 100...