CVE-2024-56569 ftrace: Fix regression with module command in stack_trace_filter

In the Linux kernel, the following vulnerability has been resolved: ftrace: Fix regression with module command in stacktracefilter When executing the following command: echo "write:mod:ext3" /sys/kernel/tracing/stacktracefilter The current mod command causes a null pointer dereference. While comm...

CVE-2024-56569 ftrace: Fix regression with module command in stack_trace_filter

In the Linux kernel, the following vulnerability has been resolved: ftrace: Fix regression with module command in stacktracefilter When executing the following command: echo "write:mod:ext3" /sys/kernel/tracing/stacktracefilter The current mod command causes a null pointer dereference. While comm...

CVE-2024-56569 ftrace: Fix regression with module command in stack_trace_filter

In the Linux kernel, the following vulnerability has been resolved: ftrace: Fix regression with module command in stacktracefilter When executing the following command: echo "write:mod:ext3" /sys/kernel/tracing/stacktracefilter The current mod command causes a null pointer dereference. While comm...

CVE-2024-56569

Technical details about CVE-2024-56569 are not publicly provided in the supplied documents. No vendor/product/version specifics, exploit info, or remediation details are present beyond the initial description. Monitor for updates.

CVE-2024-56550 s390/stacktrace: Use break instead of return statement

In the Linux kernel, the following vulnerability has been resolved: s390/stacktrace: Use break instead of return statement archstackwalkusercommon contains a return statement instead of a break statement in case storeip fails while trying to store a callchain entry of a user space process. This m...

CVE-2024-56550

In the Linux kernel, the following vulnerability has been resolved: s390/stacktrace: Use break instead of return statement archstackwalkusercommon contains a return statement instead of a break statement in case storeip fails while trying to store a callchain entry of a user space process. This m...

UBUNTU-CVE-2024-56543

In the Linux kernel, the following vulnerability has been resolved: wifi: ath12k: Skip Rx TID cleanup for self peer During peer create, dp setup for the peer is done where Rx TID is updated for all the TIDs. Peer object for self peer will not go through dp setup. When core halts, dp cleanup is do...

CVE-2024-51460

IBM InfoSphere Information Server 11.7 could allow an authenticated user to obtain sensitive information when a detailed technical error message is returned in a stack trace. This information could be used in further attacks against the system...

CVE-2024-53095

In the Linux kernel, the following vulnerability has been resolved: smb: client: Fix use-after-free of network namespace. Recently, we got a customer report that CIFS triggers oops while reconnecting to a server. 0 The workload runs on Kubernetes, and some pods mount CIFS servers in non-root...

CVE-2024-50140

CVE-2024-50140 involves a Linux kernel vulnerability in sched/core where page allocation is disabled during task_tick_mm_cid(). With KASAN and PREEMPT_RT enabled, a call to task_work_add() within task_tick_mm_cid() can sleep in an invalid context, triggering a BUG in stack/depot and related alloc...

CVE-2024-50140 sched/core: Disable page allocation in task_tick_mm_cid()

In the Linux kernel, the following vulnerability has been resolved: sched/core: Disable page allocation in tasktickmmcid With KASAN and PREEMPTRT enabled, calling taskworkadd in tasktickmmcid may cause the following splat. 63.696416 BUG: sleeping function called from invalid context at...

CVE-2024-49867 btrfs: wait for fixup workers before stopping cleaner kthread during umount

In the Linux kernel, the following vulnerability has been resolved: btrfs: wait for fixup workers before stopping cleaner kthread during umount During unmount, at closectree, we have the following steps in this order: 1 Park the cleaner kthread - this doesn't destroy the kthread, it basically hal...

CVE-2024-49867 btrfs: wait for fixup workers before stopping cleaner kthread during umount

In the Linux kernel, the following vulnerability has been resolved: btrfs: wait for fixup workers before stopping cleaner kthread during umount During unmount, at closectree, we have the following steps in this order: 1 Park the cleaner kthread - this doesn't destroy the kthread, it basically hal...

CVE-2024-47707 ipv6: avoid possible NULL deref in rt6_uncached_list_flush_dev()

In the Linux kernel, the following vulnerability has been resolved: ipv6: avoid possible NULL deref in rt6uncachedlistflushdev Blamed commit accidentally removed a check for rt-rt6iidev being NULL, as spotted by syzbot: Oops: general protection fault, probably for non-canonical address...

CBL Mariner 2.0 Security Update: kernel (CVE-2024-42301)

The version of kernel installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-42301 advisory. - In the Linux kernel, the following vulnerability has been resolved: dev/parport: fix the array out-of- bound...

CVE-2024-47763 Wasmtime runtime crash when combining tail calls with trapping imports

Wasmtime is an open source runtime for WebAssembly. Wasmtime's implementation of WebAssembly tail calls combined with stack traces can result in a runtime crash in certain WebAssembly modules. The runtime crash may be undefined behavior if Wasmtime was compiled with Rust 1.80 or prior. The runtim...

CVE-2024-47763 Wasmtime runtime crash when combining tail calls with trapping imports

Wasmtime is an open source runtime for WebAssembly. Wasmtime's implementation of WebAssembly tail calls combined with stack traces can result in a runtime crash in certain WebAssembly modules. The runtime crash may be undefined behavior if Wasmtime was compiled with Rust 1.80 or prior. The runtim...

CVE-2024-46760

In the Linux kernel, the following vulnerability has been resolved: wifi: rtw88: usb: schedule rx work after everything is set up Right now it's possible to hit NULL pointer dereference in rtwrxfillrxstatus on hw object and/or its fields because initialization routine can start getting USB replie...

CVE-2024-46760 wifi: rtw88: usb: schedule rx work after everything is set up

In the Linux kernel, the following vulnerability has been resolved: wifi: rtw88: usb: schedule rx work after everything is set up Right now it's possible to hit NULL pointer dereference in rtwrxfillrxstatus on hw object and/or its fields because initialization routine can start getting USB replie...

CVE-2024-46734 btrfs: fix race between direct IO write and fsync when using same fd

In the Linux kernel, the following vulnerability has been resolved: btrfs: fix race between direct IO write and fsync when using same fd If we have 2 threads that are using the same file descriptor and one of them is doing direct IO writes while the other is doing fsync, we have a race where we c...