50 matches found
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from the ice driver not handling scheduling correctly when dealing with aux critical error interrupts, which coul...
kernel: net: avoid potential underflow in qdisc_pkt_len_init() with UFO
In the Linux kernel, the following vulnerability has been resolved: net: avoid potential underflow in qdiscpktleninit with UFO After commit 7c6d2ecbda83 "net: be more gentle about silly gso requests coming from user" virtionethdrtoskb had sanity check to detect malicious attempts from user space ...
CVE-2024-53089
CVE-2024-53089 concerns the Linux kernel on LoongArch with KVM. The issue arises from hrtimers that may be canceled/called in contexts that violate PREEMPT_RT rules, after timers are unmarked to expire in soft expiry but then canceled from a preempt-notifier with preemption disabled. The fix make...
CVE-2024-42290
In the Linux kernel, the following vulnerability has been resolved: irqchip/imx-irqsteer: Handle runtime power management correctly The power domain is automatically activated from clkprepare. However, on certain platforms like i.MX8QM and i.MX8QXP, the power-on handling invokes sleeping function...
CVE-2021-47454 powerpc/smp: do not decrement idle task preempt count in CPU offline
In the Linux kernel, the following vulnerability has been resolved: powerpc/smp: do not decrement idle task preempt count in CPU offline With PREEMPTCOUNT=y, when a CPU is offlined and then onlined again, we get: BUG: scheduling while atomic: swapper/1/0/0x00000000 no locks held by swapper/1/0...
SUSE CVE-2024-26959
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: btnxpuart: Fix btnxpuartclose Fix scheduling while atomic BUG in btnxpuartclose, properly purge the transmit queue and free the receive skb. 10.973809 BUG: scheduling while atomic: kworker/u9:0/80/0x00000002...
Important: kernel-livepatch-5.10.179-171.711
Issue Overview: A use-after-free vulnerability in the Linux kernel's net/sched: clsu32 component can be exploited to achieve local privilege escalation. If tcfchangeindev fails, u32setparms will immediately return an error after incrementing or decrementing the reference counter in tcfbindfilter...
kernel: scsi: qla2xxx: Fix scheduling while atomic
In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Fix scheduling while atomic The driver makes a call into midlayer fcremoteportdelete which can put the thread to sleep. The thread that originates the call is in interrupt context. The combination of the two trigge...
UBUNTU-CVE-2022-0298
Use after free in Scheduling in Google Chrome prior to 97.0.4692.99 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page...
Important: Red Hat Security Advisory: kernel security and bug fix update
An update for kernel is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from th...