UBUNTU-CVE-2024-26961

In the Linux kernel, the following vulnerability has been resolved: mac802154: fix llsec key resources release in mac802154llseckeydel mac802154llseckeydel can free resources of a key directly without following the RCU rules for waiting before the end of a grace period. This may lead to...

CVE-2024-26957

In the Linux kernel, the following vulnerability has been resolved: s390/zcrypt: fix reference counting on zcrypt card objects Tests with hot-plugging crytpo cards on KVM guests with debug kernel build revealed an use after free for the load field of the struct zcryptcard. The reason was an...

CVE-2024-26957 s390/zcrypt: fix reference counting on zcrypt card objects

In the Linux kernel, the following vulnerability has been resolved: s390/zcrypt: fix reference counting on zcrypt card objects Tests with hot-plugging crytpo cards on KVM guests with debug kernel build revealed an use after free for the load field of the struct zcryptcard. The reason was an...

CVE-2024-26957 s390/zcrypt: fix reference counting on zcrypt card objects

In the Linux kernel, the following vulnerability has been resolved: s390/zcrypt: fix reference counting on zcrypt card objects Tests with hot-plugging crytpo cards on KVM guests with debug kernel build revealed an use after free for the load field of the struct zcryptcard. The reason was an...

CVE-2024-26957

CVE-2024-26957 relates to the Linux kernel’s s390/zcrypt subsystem, where reference counting on zcrypt card objects was fixed to prevent a use-after-free of the zcrypt_card during hot-plug/probe/remove cycles. The issue could allow freeing a zcrypt card object while it is still in use, as demonst...

CVE-2024-26957 s390/zcrypt: fix reference counting on zcrypt card objects

In the Linux kernel, the following vulnerability has been resolved: s390/zcrypt: fix reference counting on zcrypt card objects Tests with hot-plugging crytpo cards on KVM guests with debug kernel build revealed an use after free for the load field of the struct zcryptcard. The reason was an...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. Linux kernel has a security vulnerability that stems from a security flaw in refcount...

kernel: smb: client: fix missed ses refcounting

A use-after-free vulnerability was found in the Linux kernel's SMB client implementation. When handling SMB sessions with DFS Distributed File System root sessions, the code fails to properly increment the reference count for both the session and its dfsrootses. This can cause the dfsrootses to b...

kernel: perf/x86/intel/uncore: Fix reference count leak in hswep_has_limit_sbox()

In the Linux kernel, the following vulnerability has been resolved: perf/x86/intel/uncore: Fix reference count leak in hswephaslimitsbox pcigetdevice will increase the reference count for the returned 'dev'. We need to call pcidevput to decrease the reference count. Since 'dev' is only used in...

Mozilla: Potential use-after-free due to AlignedBuffer self-move

The Mozilla Foundation Security Advisory describes this flaw as: If an AlignedBuffer were assigned to itself, the subsequent self-move could result in an incorrect reference count and later use-after-free...

Use-After-Free

Firefox and Thunderbird are vulnerable to a use-after-free vulnerability. The vulnerability is due to incorrect reference counting, where assigning an AlignedBuffer to itself can lead to an incorrect reference count and subsequent use-after-free...

Mozilla: Potential use-after-free due to AlignedBuffer self-move

The Mozilla Foundation Security Advisory describes this flaw as: If an AlignedBuffer were assigned to itself, the subsequent self-move could result in an incorrect reference count and later use-after-free...

Important: xorg-x11-server

Issue Overview: A heap-based buffer over-read vulnerability was found in the X.org server's ProcXIGetSelectedEvents function. This issue occurs when byte-swapped length values are used in replies, potentially leading to memory leakage and segmentation faults, particularly when triggered by a clie...

Mozilla Firefox 安全漏洞

Mozilla Firefox is an open source web browser from the Mozilla Foundation in the United States. A security vulnerability exists in Mozilla Firefox version 125, which stems from the fact that if an AlignedBuffer is assigned to itself, subsequent self-moves may result in incorrect reference countin...

SUSE CVE-2021-47200

In the Linux kernel, the following vulnerability has been resolved: drm/prime: Fix use after free in mmap with drmgemttmmmap drmgemttmmmap drops a reference to the gem object on success. If the gem object's refcount == 1 on entry to drmgemprimemmap, that drop will free the gem object, and the...

CVE-2023-52638

A vulnerability was found in the Linux kernel's Controller Area Network CAN protocol, within the J1939 protocol implementation. This issue occurs due to a potential deadlock caused by a race condition involving three locks: j1939sockslock, activesessionlistlock, and sksessionqueuelock. This issue...

DEBIAN-CVE-2023-52638

In the Linux kernel, the following vulnerability has been resolved: can: j1939: prevent deadlock by changing j1939sockslock to rwlock The following 3 locks would race against each other, causing the deadlock situation in the Syzbot bug report: - j1939sockslock - activesessionlistlock -...

CVE-2023-52638 can: j1939: prevent deadlock by changing j1939_socks_lock to rwlock

In the Linux kernel, the following vulnerability has been resolved: can: j1939: prevent deadlock by changing j1939sockslock to rwlock The following 3 locks would race against each other, causing the deadlock situation in the Syzbot bug report: - j1939sockslock - activesessionlistlock -...

CVE-2023-52638

CVE-2023-52638 : Linux kernel patch changes the j1939_socks_lock to an rwlock to prevent a deadlock among j1939_socks_lock, active_session_list_lock, and sk_session_queue_lock. Patched code reduces circular lock dependency when a thread already holds j1939_socks_lock and may acquire sk_session_qu...

SUSE CVE-2021-47118

In the Linux kernel, the following vulnerability has been resolved: pid: take a reference when initializing cadpid During boot, kernelinitfreeable initializes cadpid to the init task's struct pid. Later on, we may change cadpid via a sysctl, and when this happens procdocadpid will increment the...