CVE-2024-40954

In the Linux kernel, the following vulnerability has been resolved: net: do not leave a dangling sk pointer, when socket creation fails It is possible to trigger a use-after-free by: attaching an fentry probe to sockrelease and the probe calling the bpfgetsocketcookie helper running traceroute -I...

CVE-2024-40982

Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority...

CVE-2024-40954

The CVE-2024-40954 entry concerns a Linux kernel UAF: a dangling sk pointer may be created on socket creation failure when an fentry probe hits __sock_release() and bpf_get_socket_cookie() is invoked, enabling a use-after-free in __sock_gen_cookie. Reproducing scenario described via traceroute -I...

CVE-2024-40954 net: do not leave a dangling sk pointer, when socket creation fails

In the Linux kernel, the following vulnerability has been resolved: net: do not leave a dangling sk pointer, when socket creation fails It is possible to trigger a use-after-free by: attaching an fentry probe to sockrelease and the probe calling the bpfgetsocketcookie helper running traceroute -I...

CVE-2024-40954 net: do not leave a dangling sk pointer, when socket creation fails

In the Linux kernel, the following vulnerability has been resolved: net: do not leave a dangling sk pointer, when socket creation fails It is possible to trigger a use-after-free by: attaching an fentry probe to sockrelease and the probe calling the bpfgetsocketcookie helper running traceroute -I...

CVE-2024-39486 drm/drm_file: Fix pid refcounting race

In the Linux kernel, the following vulnerability has been resolved: drm/drmfile: Fix pid refcounting race , Maxime Ripard , Thomas Zimmermann filp-pid is supposed to be a refcounted pointer; however, before this patch, drmfileupdatepid only increments the refcount of a struct pid after storing a...

CVE-2024-39477

In the Linux kernel, the following vulnerability has been resolved: mm/hugetlb: do not call vmaaddreservation upon ENOMEM sysbot reported a splat 1 on unmaphugepagerange. This is because vmaneedsreservation can return -ENOMEM if allocatefileregionentries fails to allocate the fileregion struct fo...

AZL-43071 CVE-2024-37298 affecting package libcontainers-common for versions less than 20210626-4

gorilla/schema converts structs to and from form values. Prior to version 1.4.1 Running schema.Decoder.Decode on a struct that has a field of type struct... opens it up to malicious attacks regarding memory allocations, taking advantage of the sparse slice functionality. Any use of...

CVE-2024-37298

gorilla/schema converts structs to and from form values. Prior to version 1.4.1 Running schema.Decoder.Decode on a struct that has a field of type struct... opens it up to malicious attacks regarding memory allocations, taking advantage of the sparse slice functionality. Any use of...

CVE-2024-39461

In the Linux kernel, the following vulnerability has been resolved: clk: bcm: rpi: Assign -num before accessing -hws Commit f316cdff8d67 "clk: Annotate struct clkhwonecelldata with countedby" annotated the hws member of 'struct clkhwonecelldata' with countedby, which informs the bounds sanitizer...

CVE-2024-39462

In the Linux kernel, the following vulnerability has been resolved: clk: bcm: dvp: Assign -num before accessing -hws Commit f316cdff8d67 "clk: Annotate struct clkhwonecelldata with countedby" annotated the hws member of 'struct clkhwonecelldata' with countedby, which informs the bounds sanitizer...

CVE-2024-39461

In the Linux kernel, the following vulnerability has been resolved: clk: bcm: rpi: Assign -num before accessing -hws Commit f316cdff8d67 "clk: Annotate struct clkhwonecelldata with countedby" annotated the hws member of 'struct clkhwonecelldata' with countedby, which informs the bounds sanitizer...

CVE-2024-39462 clk: bcm: dvp: Assign ->num before accessing ->hws

In the Linux kernel, the following vulnerability has been resolved: clk: bcm: dvp: Assign -num before accessing -hws Commit f316cdff8d67 "clk: Annotate struct clkhwonecelldata with countedby" annotated the hws member of 'struct clkhwonecelldata' with countedby, which informs the bounds sanitizer...

CVE-2024-39461 clk: bcm: rpi: Assign ->num before accessing ->hws

In the Linux kernel, the following vulnerability has been resolved: clk: bcm: rpi: Assign -num before accessing -hws Commit f316cdff8d67 "clk: Annotate struct clkhwonecelldata with countedby" annotated the hws member of 'struct clkhwonecelldata' with countedby, which informs the bounds sanitizer...

CVE-2024-39461

In Linux kernel CVE-2024-39461, the Raspberry Pi clock code (clk/bcm/clk-raspberrypi.c) accessed the hws array before initializing hws->num, triggering UBSAN array-index-out-of-bounds warnings. The fix moves the initialization of ->num ahead of the first access to ->hws, removing the out...

SUSE CVE-2024-36481

In the Linux kernel, the following vulnerability has been resolved: tracing/probes: fix error check in parsebtffield btffindstructmember might return NULL or an error via the ERRPTR macro. However, its caller in parsebtffield only checks for the NULL condition. Fix this by using ISERR and returni...

SUSE CVE-2024-38594

In the Linux kernel, the following vulnerability has been resolved: net: stmmac: move the EST lock to struct stmmacpriv Reinitialize the whole EST structure would also reset the mutex lock which is embedded in the EST structure, and then trigger the following warning. To address this, move the lo...

AZL-42854 CVE-2024-36481 affecting package kernel for versions less than 5.15.160.1-1

In the Linux kernel, the following vulnerability has been resolved: tracing/probes: fix error check in parsebtffield btffindstructmember might return NULL or an error via the ERRPTR macro. However, its caller in parsebtffield only checks for the NULL condition. Fix this by using ISERR and returni...

CVE-2024-36481

In the Linux kernel, the following vulnerability has been resolved: tracing/probes: fix error check in parsebtffield btffindstructmember might return NULL or an error via the ERRPTR macro. However, its caller in parsebtffield only checks for the NULL condition. Fix this by using ISERR and returni...

CVE-2022-48716

In the Linux kernel, the following vulnerability has been resolved: ASoC: codecs: wcd938x: fix incorrect used of portid Mixer controls have the channel id in mixer-reg, which is not same as port id. port id should be derived from chaninfo array. So fix this. Without this, its possible that we cou...