CVE-2022-49196 powerpc/pseries: Fix use after free in remove_phb_dynamic()

In the Linux kernel, the following vulnerability has been resolved: powerpc/pseries: Fix use after free in removephbdynamic In removephbdynamic we use &phb-ioresource, after we've called deviceunregister&hostbridge-dev. But the unregister may have freed phb, because pcibiosfreecontrollerdeferred ...

CVE-2024-38592

In the Linux kernel, the following vulnerability has been resolved: drm/mediatek: Init ddpcomp with devmkcalloc In the case where connroutes is true we allocate an extra slot in the ddpcomp array but mtkdrmcrtccreate never seemed to initialize it in the test case I ran. For me, this caused a late...

CVE-2024-38592 drm/mediatek: Init `ddp_comp` with devm_kcalloc()

In the Linux kernel, the following vulnerability has been resolved: drm/mediatek: Init ddpcomp with devmkcalloc In the case where connroutes is true we allocate an extra slot in the ddpcomp array but mtkdrmcrtccreate never seemed to initialize it in the test case I ran. For me, this caused a late...

CVE-2021-47561 i2c: virtio: disable timeout handling

In the Linux kernel, the following vulnerability has been resolved: i2c: virtio: disable timeout handling If a timeout is hit, it can result is incorrect data on the I2C bus and/or memory corruptions in the guest since the device can still be operating on the buffers it was given while the guest...

CVE-2022-48649

In the Linux kernel, the following vulnerability has been resolved: mm/slabcommon: fix possible double free of kmemcache When doing slubdebug test, kfence's 'testmemcachetypesafebyrcu' kunit test case cause a use-after-free error: BUG: KASAN: use-after-free in kobjectdel+0x14/0x30 Read of size 8 ...

CVE-2023-52562

In the Linux kernel, the following vulnerability has been resolved: mm/slabcommon: fix slabcaches list corruption after kmemcachedestroy After the commit in Fixes:, if a module that created a slab cache does not release all of its allocated objects before destroying the cache at rmmod time, we...

CVE-2023-52562 mm/slab_common: fix slab_caches list corruption after kmem_cache_destroy()

In the Linux kernel, the following vulnerability has been resolved: mm/slabcommon: fix slabcaches list corruption after kmemcachedestroy After the commit in Fixes:, if a module that created a slab cache does not release all of its allocated objects before destroying the cache at rmmod time, we...

CVE-2023-52562 mm/slab_common: fix slab_caches list corruption after kmem_cache_destroy()

In the Linux kernel, the following vulnerability has been resolved: mm/slabcommon: fix slabcaches list corruption after kmemcachedestroy After the commit in Fixes:, if a module that created a slab cache does not release all of its allocated objects before destroying the cache at rmmod time, we...

Ubuntu 19.10 - ubuntu-aufs-modified mmap_region() Breaks Refcounting in overlayfsshiftfs Error Path

Ubuntu 19.10 - ubuntu-aufs-modified mmapregion Breaks Refcounting in overlayfsshiftfs Error Path Tested on 19.10. Ubuntu's aufs kernel patch includes the following change which I interestingly can't see in the AUFS code at https://github.com/sfjro/aufs5-linux/blob/master/mm/mmap.c:...

Ubuntu 19.10 - ubuntu-aufs-modified mmap_region() Breaks Refcounting in overlayfs/shiftfs Error Path

Tested on 19.10. Ubuntu's aufs kernel patch includes the following change which I interestingly can't see in the AUFS code at https://github.com/sfjro/aufs5-linux/blob/master/mm/mmap.c: ================================================================== +define vmafputvma vmadofputvma, func, LINE...

Ubuntu ubuntu-aufs-modified mmap_region() Refcounting Issue

Ubuntu: ubuntu-aufs-modified mmapregion breaks refcounting in overlayfs/shiftfs error path Tested on 19.10. Ubuntu's aufs kernel patch includes the following change which I interestingly can't see in the AUFS code at https://github.com/sfjro/aufs5-linux/blob/master/mm/mmap.c:...