1028 matches found
SUSE CVE-2024-56549
In the Linux kernel, the following vulnerability has been resolved: cachefiles: Fix NULL pointer dereference in object-file At present, the object-file has the NULL pointer dereference problem in ondemand-mode. The root cause is that the allocated fd and object-file lifetime are inconsistent, and...
CVE-2024-56645
In the Linux kernel, the following vulnerability has been resolved: can: j1939: j1939sessionnew: fix skb reference counting Since j1939sessionskbqueue does an extra skbget for each new skb, do the same for the initial one in j1939sessionnew to avoid refcount underflow. mkl: clean up commit messag...
DEBIAN-CVE-2024-56645
In the Linux kernel, the following vulnerability has been resolved: can: j1939: j1939sessionnew: fix skb reference counting Since j1939sessionskbqueue does an extra skbget for each new skb, do the same for the initial one in j1939sessionnew to avoid refcount underflow. mkl: clean up commit messag...
UBUNTU-CVE-2024-56645
In the Linux kernel, the following vulnerability has been resolved: can: j1939: j1939sessionnew: fix skb reference counting Since j1939sessionskbqueue does an extra skbget for each new skb, do the same for the initial one in j1939sessionnew to avoid refcount underflow. mkl: clean up commit messag...
CVE-2024-56645
CVE-2024-56645 affects the Linux kernel CAN j1939 implementation. The fix in j1939_session_new() adds an extra skb_get() for the initial skb to match j1939_session_skb_queue() and prevent skb refcount underflow. Connected advisories (Astra Linux, AlmaLinux errata, etc.) reiterate the same, confir...
CVE-2024-56645 can: j1939: j1939_session_new(): fix skb reference counting
In the Linux kernel, the following vulnerability has been resolved: can: j1939: j1939sessionnew: fix skb reference counting Since j1939sessionskbqueue does an extra skbget for each new skb, do the same for the initial one in j1939sessionnew to avoid refcount underflow. mkl: clean up commit messag...
CVE-2024-56645 can: j1939: j1939_session_new(): fix skb reference counting
In the Linux kernel, the following vulnerability has been resolved: can: j1939: j1939sessionnew: fix skb reference counting Since j1939sessionskbqueue does an extra skbget for each new skb, do the same for the initial one in j1939sessionnew to avoid refcount underflow. mkl: clean up commit messag...
DEBIAN-CVE-2024-56549
In the Linux kernel, the following vulnerability has been resolved: cachefiles: Fix NULL pointer dereference in object-file At present, the object-file has the NULL pointer dereference problem in ondemand-mode. The root cause is that the allocated fd and object-file lifetime are inconsistent, and...
AZL-55195 CVE-2024-56549 affecting package kernel for versions less than 6.6.78.1-1
In the Linux kernel, the following vulnerability has been resolved: cachefiles: Fix NULL pointer dereference in object-file At present, the object-file has the NULL pointer dereference problem in ondemand-mode. The root cause is that the allocated fd and object-file lifetime are inconsistent, and...
DEBIAN-CVE-2024-53177
In the Linux kernel, the following vulnerability has been resolved: smb: prevent use-after-free due to opencacheddir error paths If opencacheddir encounters an error parsing the lease from the server, the error handling may race with receiving a lease break, resulting in opencacheddir freeing the...
UBUNTU-CVE-2024-53177
In the Linux kernel, the following vulnerability has been resolved: smb: prevent use-after-free due to opencacheddir error paths If opencacheddir encounters an error parsing the lease from the server, the error handling may race with receiving a lease break, resulting in opencacheddir freeing the...
CVE-2024-53177
CVE-2024-53177 relates to the Linux kernel SMB/CIFS implementation. The issue is a use-after-free in smb2_cached_lease_break/open_cached_dir race: when open_cached_dir() errors parsing a lease, a race with a lease-break can free a cfid while pending work remains. The fix drops references instead ...
AZL-54135 CVE-2024-53138 affecting package kernel for versions less than 6.6.64.2-1
In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: kTLS, Fix incorrect page refcounting The kTLS tx handling code is using a mix of getpage and pagerefinc APIs to increment the page reference. But on the release path mlx5ektlstxhandleresyncdumpcomp, only putpage is use...
UBUNTU-CVE-2024-53138
In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: kTLS, Fix incorrect page refcounting The kTLS tx handling code is using a mix of getpage and pagerefinc APIs to increment the page reference. But on the release path mlx5ektlstxhandleresyncdumpcomp, only putpage is use...
kernel: drm/amdgpu: change vm->task_info handling
In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: change vm-taskinfo handling This patch changes the handling and lifecycle of vm-taskinfo object. The major changes are: - vm-taskinfo is a dynamically allocated ptr now, and its uasge is reference counted. - introduci...
SUSE CVE-2024-53095
In the Linux kernel, the following vulnerability has been resolved: smb: client: Fix use-after-free of network namespace. Recently, we got a customer report that CIFS triggers oops while reconnecting to a server. 0 The workload runs on Kubernetes, and some pods mount CIFS servers in non-root...
DEBIAN-CVE-2024-53095
In the Linux kernel, the following vulnerability has been resolved: smb: client: Fix use-after-free of network namespace. Recently, we got a customer report that CIFS triggers oops while reconnecting to a server. 0 The workload runs on Kubernetes, and some pods mount CIFS servers in non-root...
UBUNTU-CVE-2024-53095
In the Linux kernel, the following vulnerability has been resolved: smb: client: Fix use-after-free of network namespace. Recently, we got a customer report that CIFS triggers oops while reconnecting to a server. 0 The workload runs on Kubernetes, and some pods mount CIFS servers in non-root...
CVE-2024-53095 smb: client: Fix use-after-free of network namespace.
In the Linux kernel, the following vulnerability has been resolved: smb: client: Fix use-after-free of network namespace. Recently, we got a customer report that CIFS triggers oops while reconnecting to a server. 0 The workload runs on Kubernetes, and some pods mount CIFS servers in non-root...
Unspecified vulnerability in Linux kernel (CNVD-2024-46400)
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from improper handling of reference counting in the macprobe function, leading to reference disclosure. No detail...