DEBIAN-CVE-2022-49597

In the Linux kernel, the following vulnerability has been resolved: tcp: Fix data-races around sysctltcpbasemss. While reading sysctltcpbasemss, it can be changed concurrently. Thus, we need to add READONCE to its readers...

DEBIAN-CVE-2022-49522

In the Linux kernel, the following vulnerability has been resolved: mmc: jz4740: Apply DMA engine limits to maximum segment size Do what is done in other DMA-enabled MMC host drivers cf. host/mmci.c and limit the maximum segment size based on the DMA engine's capabilities. This is needed to avoid...

DEBIAN-CVE-2022-49360

In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to do sanity check on totaldatablocks As Yanming reported in bugzilla: https://bugzilla.kernel.org/showbug.cgi?id=215916 The kernel message is shown below: kernel BUG at fs/f2fs/segment.c:2560! Call Trace:...

CVE-2022-49356

In the Linux kernel, the following vulnerability has been resolved: SUNRPC: Trap RDMA segment overflows Prevent svcrdmabuildwrites from walking off the end of a Write chunk's segment array. Caught with KASAN. The test that this fix replaces is invalid, and might have been left over from an earlie...

UBUNTU-CVE-2022-49522

In the Linux kernel, the following vulnerability has been resolved: mmc: jz4740: Apply DMA engine limits to maximum segment size Do what is done in other DMA-enabled MMC host drivers cf. host/mmci.c and limit the maximum segment size based on the DMA engine's capabilities. This is needed to avoid...

UBUNTU-CVE-2022-49356

In the Linux kernel, the following vulnerability has been resolved: SUNRPC: Trap RDMA segment overflows Prevent svcrdmabuildwrites from walking off the end of a Write chunk's segment array. Caught with KASAN. The test that this fix replaces is invalid, and might have been left over from an earlie...

UBUNTU-CVE-2022-49360

In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to do sanity check on totaldatablocks As Yanming reported in bugzilla: https://bugzilla.kernel.org/showbug.cgi?id=215916 The kernel message is shown below: kernel BUG at fs/f2fs/segment.c:2560! Call Trace:...

DEBIAN-CVE-2022-49214

In the Linux kernel, the following vulnerability has been resolved: powerpc/64s: Don't use DSISR for SLB faults Since commit 46ddcb3950a2 "powerpc/mm: Show if a bad page fault on data is read or write." we use pagefaultiswriteregs-dsisr in badpagefault to determine if the fault is for a read or...

CVE-2022-49214

In the Linux kernel, the following vulnerability has been resolved: powerpc/64s: Don't use DSISR for SLB faults Since commit 46ddcb3950a2 "powerpc/mm: Show if a bad page fault on data is read or write." we use pagefaultiswriteregs-dsisr in badpagefault to determine if the fault is for a read or...

UBUNTU-CVE-2022-49214

In the Linux kernel, the following vulnerability has been resolved: powerpc/64s: Don't use DSISR for SLB faults Since commit 46ddcb3950a2 "powerpc/mm: Show if a bad page fault on data is read or write." we use pagefaultiswriteregs-dsisr in badpagefault to determine if the fault is for a read or...

CVE-2022-49522 mmc: jz4740: Apply DMA engine limits to maximum segment size

In the Linux kernel, the following vulnerability has been resolved: mmc: jz4740: Apply DMA engine limits to maximum segment size Do what is done in other DMA-enabled MMC host drivers cf. host/mmci.c and limit the maximum segment size based on the DMA engine's capabilities. This is needed to avoid...

CVE-2022-49522

CVE-2022-49522 concerns a Linux kernel MMC driver issue (mmc: jz4740) where DMA maps could exceed the DMA engine’s capabilities. The root cause is not a research-level flaw but an inadequate limit on the maximum segment size for DMA data transfers. The fix enforces DMA engine limits on the jz4740...

CVE-2022-49522

In the Linux kernel, the following vulnerability has been resolved: mmc: jz4740: Apply DMA engine limits to maximum segment size Do what is done in other DMA-enabled MMC host drivers cf. host/mmci.c and limit the maximum segment size based on the DMA engine's capabilities. This is needed to avoid...

CVE-2022-49522 mmc: jz4740: Apply DMA engine limits to maximum segment size

In the Linux kernel, the following vulnerability has been resolved: mmc: jz4740: Apply DMA engine limits to maximum segment size Do what is done in other DMA-enabled MMC host drivers cf. host/mmci.c and limit the maximum segment size based on the DMA engine's capabilities. This is needed to avoid...

CVE-2022-49356 SUNRPC: Trap RDMA segment overflows

In the Linux kernel, the following vulnerability has been resolved: SUNRPC: Trap RDMA segment overflows Prevent svcrdmabuildwrites from walking off the end of a Write chunk's segment array. Caught with KASAN. The test that this fix replaces is invalid, and might have been left over from an earlie...

CVE-2022-49356

CVE-2022-49356 concerns a Linux kernel SUNRPC vulnerability where RDMA segment overflows could occur if svc_rdma_build_writes() walks past a Write chunk’s segment array. The fixed commit prevents walking off the end of the array and was validated with KASAN. The description notes the pre-fix test...

CVE-2022-49356

In the Linux kernel, the following vulnerability has been resolved: SUNRPC: Trap RDMA segment overflows Prevent svcrdmabuildwrites from walking off the end of a Write chunk's segment array. Caught with KASAN. The test that this fix replaces is invalid, and might have been left over from an earlie...

CVE-2022-49356 SUNRPC: Trap RDMA segment overflows

In the Linux kernel, the following vulnerability has been resolved: SUNRPC: Trap RDMA segment overflows Prevent svcrdmabuildwrites from walking off the end of a Write chunk's segment array. Caught with KASAN. The test that this fix replaces is invalid, and might have been left over from an earlie...

CVE-2022-49214 powerpc/64s: Don't use DSISR for SLB faults

In the Linux kernel, the following vulnerability has been resolved: powerpc/64s: Don't use DSISR for SLB faults Since commit 46ddcb3950a2 "powerpc/mm: Show if a bad page fault on data is read or write." we use pagefaultiswriteregs-dsisr in badpagefault to determine if the fault is for a read or...

CVE-2022-49214 powerpc/64s: Don't use DSISR for SLB faults

In the Linux kernel, the following vulnerability has been resolved: powerpc/64s: Don't use DSISR for SLB faults Since commit 46ddcb3950a2 "powerpc/mm: Show if a bad page fault on data is read or write." we use pagefaultiswriteregs-dsisr in badpagefault to determine if the fault is for a read or...