CLSA-2025-1739524909 Fix of 7 CVEs

CVE-url: https://ubuntu.com/security/CVE-2024-53104 - media: uvcvideo: Skip parsing frames of type UVCVSUNDEFINED in uvcparseformat CVE-url: https://ubuntu.com/security/CVE-2024-41020 - filelock: Fix fcntl/close race recovery compat path CVE-url: https://ubuntu.com/security/CVE-2024-43892 - memcg...

CVE-2024-42249 spi: don't unoptimize message in spi_async()

In the Linux kernel, the following vulnerability has been resolved: spi: don't unoptimize message in spiasync Calling spimaybeunoptimizemessage in spiasync is wrong because the message is likely to be in the queue and not transferred yet. This can corrupt the message while it is being used by the...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from the spi module calling spimaybeunoptimizemessage in spiasync is incorrect because the message may still be i...

Linux kernel security vulnerabilities

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel, which originates from a null pointer dereference in the spi module spisync...

CVE-2023-52749

CVE-2023-52749: In the Linux kernel, a race condition can cause a null pointer dereference during resume if a synchronous SPI transfer is active when suspending. The issue arises when a transfer context resumes after cur_msg was reset to NULL during suspend. Public details state a fix: ensure syn...