1000 matches found
CVE-2021-47303 bpf: Track subprog poke descriptors correctly and fix use-after-free
In the Linux kernel, the following vulnerability has been resolved: bpf: Track subprog poke descriptors correctly and fix use-after-free Subprograms are calling mappoketrack, but on program release there is no hook to call mappokeuntrack. However, on program release, the aux memory and poke...
SUSE CVE-2024-35960
In the Linux kernel, the following vulnerability has been resolved: net/mlx5: Properly link new fs rules into the tree Previously, addrulefg would only add newly created rules from the handle into the tree when they had a refcount of 1. On the other hand, createflowhandle tries hard to find and...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a problem with netdev reference counting...
UBUNTU-CVE-2024-35869
In the Linux kernel, the following vulnerability has been resolved: smb: client: guarantee refcounted children from parent session Avoid potential use-after-free bugs when walking DFS referrals, mounting and performing DFS failover by ensuring that all children from parent @tcon-ses are also...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from page reference counting of unaligned buffers in the bioreleasepages function...
DEBIAN-CVE-2023-7258
A denial of service exists in Gvisor Sandbox where a bug in reference counting code in mount point tracking could lead to a panic, making it possible for an attacker running as root and with permission to mount volumes to kill the sandbox. We recommend upgrading past...
CVE-2023-7258
A denial of service exists in Gvisor Sandbox where a bug in reference counting code in mount point tracking could lead to a panic, making it possible for an attacker running as root and with permission to mount volumes to kill the sandbox. We recommend upgrading past...
CVE-2023-7258
CVE-2023-7258 describes a denial-of-service issue in the Gvisor Sandbox. A bug in the reference counting for mount point tracking could cause a panic, enabling a root user with mount-permission to terminate the sandbox. Affected component is the Gvisor Sandbox’s mount-tracking logic; root-privile...
PT-2024-15255 · Google +1 · Gvisor Sandbox +1
Name of the Vulnerable Software and Affected Versions: Gvisor Sandbox affected versions not specified Description: A denial of service issue exists due to a bug in reference counting code in mount point tracking, which could lead to a panic. This makes it possible for an attacker running as root...
SUSE CVE-2022-48699
In the Linux kernel, the following vulnerability has been resolved: sched/debug: fix dentry leak in updatescheddomaindebugfs Kuyo reports that the pattern of using debugfsremovedebugfslookup leaks a dentry and with a hotplug stress test, the machine eventually runs out of memory. Fix this up by...
DEBIAN-CVE-2022-48699
In the Linux kernel, the following vulnerability has been resolved: sched/debug: fix dentry leak in updatescheddomaindebugfs Kuyo reports that the pattern of using debugfsremovedebugfslookup leaks a dentry and with a hotplug stress test, the machine eventually runs out of memory. Fix this up by...
SUSE CVE-2024-26957
In the Linux kernel, the following vulnerability has been resolved: s390/zcrypt: fix reference counting on zcrypt card objects Tests with hot-plugging crytpo cards on KVM guests with debug kernel build revealed an use after free for the load field of the struct zcryptcard. The reason was an...
CVE-2024-27389
In the Linux kernel, the following vulnerability has been resolved: pstore: inode: Only dinvalidate is needed Unloading a modular pstore backend with records in pstorefs would trigger the dput double-drop warning: WARNING: CPU: 0 PID: 2569 at fs/dcache.c:762 dput.part.0+0x3f3/0x410 Using the comb...
CVE-2024-26957
In the Linux kernel, the following vulnerability has been resolved: s390/zcrypt: fix reference counting on zcrypt card objects Tests with hot-plugging crytpo cards on KVM guests with debug kernel build revealed an use after free for the load field of the struct zcryptcard. The reason was an...
CVE-2024-27389
In the Linux kernel, the following vulnerability has been resolved: pstore: inode: Only dinvalidate is needed Unloading a modular pstore backend with records in pstorefs would trigger the dput double-drop warning: WARNING: CPU: 0 PID: 2569 at fs/dcache.c:762 dput.part.0+0x3f3/0x410 Using the comb...
AZL-67496 CVE-2024-27389 affecting package kernel 5.15.200.1-1
In the Linux kernel, the following vulnerability has been resolved: pstore: inode: Only dinvalidate is needed Unloading a modular pstore backend with records in pstorefs would trigger the dput double-drop warning: WARNING: CPU: 0 PID: 2569 at fs/dcache.c:762 dput.part.0+0x3f3/0x410 Using the comb...
CVE-2024-27389
In the Linux kernel, the following vulnerability has been resolved: pstore: inode: Only dinvalidate is needed Unloading a modular pstore backend with records in pstorefs would trigger the dput double-drop warning: WARNING: CPU: 0 PID: 2569 at fs/dcache.c:762 dput.part.0+0x3f3/0x410 Using the comb...
DEBIAN-CVE-2024-26957
In the Linux kernel, the following vulnerability has been resolved: s390/zcrypt: fix reference counting on zcrypt card objects Tests with hot-plugging crytpo cards on KVM guests with debug kernel build revealed an use after free for the load field of the struct zcryptcard. The reason was an...
UBUNTU-CVE-2024-26957
In the Linux kernel, the following vulnerability has been resolved: s390/zcrypt: fix reference counting on zcrypt card objects Tests with hot-plugging crytpo cards on KVM guests with debug kernel build revealed an use after free for the load field of the struct zcryptcard. The reason was an...
UBUNTU-CVE-2024-26961
In the Linux kernel, the following vulnerability has been resolved: mac802154: fix llsec key resources release in mac802154llseckeydel mac802154llseckeydel can free resources of a key directly without following the RCU rules for waiting before the end of a grace period. This may lead to...