34 matches found
UBUNTU-CVE-2022-49492
In the Linux kernel, the following vulnerability has been resolved: nvme-pci: fix a NULL pointer dereference in nvmeallocadmintags In nvmeallocadmintags, the adminq can be set to an error typically -ENOMEM if the blkmqinitqueue call fails to set up the queue, which is checked immediately after th...
PT-2024-35665
Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to the fixed version Description A race condition exists in the Linux kernel's f2fs file system, specifically in the f2fs stop gc thread function. This issue arises when concurrent calls are made to shut down the f2...
SUSE CVE-2024-47691
In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to avoid use-after-free in f2fsstopgcthread syzbot reports a f2fs bug as below: dumpstack lib/dumpstack.c:88 inline dumpstacklvl+0x241/0x360 lib/dumpstack.c:114 printreport+0xe8/0x550 mm/kasan/report.c:491...
AZL-50882 CVE-2024-47691 affecting package kernel for versions less than 6.6.56.1-5
In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to avoid use-after-free in f2fsstopgcthread syzbot reports a f2fs bug as below: dumpstack lib/dumpstack.c:88 inline dumpstacklvl+0x241/0x360 lib/dumpstack.c:114 printreport+0xe8/0x550 mm/kasan/report.c:491...
SUSE CVE-2022-48894
In the Linux kernel, the following vulnerability has been resolved: iommu/arm-smmu-v3: Don't unregister on shutdown Similar to SMMUv2, this driver calls iommudeviceunregister from the shutdown path, which removes the IOMMU groups with no coordination whatsoever with their users - shutdown methods...
CVE-2022-48894
In the Linux kernel, the following vulnerability has been resolved: iommu/arm-smmu-v3: Don't unregister on shutdown Similar to SMMUv2, this driver calls iommudeviceunregister from the shutdown path, which removes the IOMMU groups with no coordination whatsoever with their users - shutdown methods...
CVE-2022-48894
In the Linux kernel, the following vulnerability has been resolved: iommu/arm-smmu-v3: Don't unregister on shutdown Similar to SMMUv2, this driver calls iommudeviceunregister from the shutdown path, which removes the IOMMU groups with no coordination whatsoever with their users - shutdown methods...
CVE-2022-48894 iommu/arm-smmu-v3: Don't unregister on shutdown
In the Linux kernel, the following vulnerability has been resolved: iommu/arm-smmu-v3: Don't unregister on shutdown Similar to SMMUv2, this driver calls iommudeviceunregister from the shutdown path, which removes the IOMMU groups with no coordination whatsoever with their users - shutdown methods...
DEBIAN-CVE-2024-43874
In the Linux kernel, the following vulnerability has been resolved: crypto: ccp - Fix null pointer dereference in sevsnpshutdownlocked Fix a null pointer dereference induced by DEBUGTESTDRIVERREMOVE. Return from sevsnpshutdownlocked if the pspdevice or the sevdevice structs are not initialized...
CVE-2024-26769
In the Linux kernel, the following vulnerability has been resolved: nvmet-fc: avoid deadlock on delete association path When deleting an association the shutdown path is deadlocking because we try to flush the nvmetwq nested. Avoid this by deadlock by deferring the put work into its own work item...
SUSE CVE-2020-12658
gssproxy aka gss-proxy before 0.8.3 does not unlock condmutex before pthread exit in gpworkermain in gpworkers.c. NOTE: An upstream comment states "We are already on a shutdown path when running the code in question, so a DoS there doesn't make any sense, and there has been no additional...
DEBIAN-CVE-2022-43552
A use after free vulnerability exists in curl 7.87.0. Curl can be asked to tunnel virtually all protocols it supports through an HTTP proxy. HTTP proxies can and often do deny such tunnel operations. When getting denied to tunnel the specific protocols SMB or TELNET, curl would use a heap-allocat...
UBUNTU-CVE-2020-12658
DISPUTED gssproxy aka gss-proxy before 0.8.3 does not unlock condmutex before pthread exit in gpworkermain in gpworkers.c. NOTE: An upstream comment states "We are already on a shutdown path when running the code in question, so a DoS there doesn't make any sense, and there has been no additional...
Design/Logic Flaw
An issue was discovered in URVE Build 24.03.2020. Using the internal/pc/shutdown.php path, it is possible to shutdown the system. Among others, the following files and scripts are also accessible: internal/pc/abort.php, internal/pc/restart.php, internal/pc/vpro.php, internal/pc/wake.php,...