CVE-2022-48640 bonding: fix NULL deref in bond_rr_gen_slave_id

In the Linux kernel, the following vulnerability has been resolved: bonding: fix NULL deref in bondrrgenslaveid Fix a NULL dereference of the struct bonding.rrtxcounter member because if a bond is initially created with an initial mode != zero Round Robin the memory required for the counter is...

CVE-2024-26903 Bluetooth: rfcomm: Fix null-ptr-deref in rfcomm_check_security

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: rfcomm: Fix null-ptr-deref in rfcommchecksecurity During our fuzz testing of the connection and disconnection process at the RFCOMM layer, we discovered this bug. By comparing the packets from a normal connection and...

Path Traversal

gin-vue-admin is vulnerable to Path Traversal. The vulnerability is due to improper validation for PlugName field within a struct, which allows an attacker to perform directory traversal by manipulating the plugName parameter in the Plugin System - Plugin Template feature...

whoami stack buffer overflow on several Unix platforms

With versions of the whoami crate = 0.5.3 and = 0.5.3 and 1.0.1, calling any of the above functions also leads to a stack buffer overflow on these platforms: - Bitrig - DragonFlyBSD - FreeBSD - NetBSD - OpenBSD This occurs because of an incorrect definition of the passwd struct on those platforms...

CVE-2024-26733

A vulnerability was found in the arpreqget function in the Linux kernel when handling the SIOCGARP ioctl input/output control request. This function copies data over into a fixed-length buffer which could result in a buffer overflow and cause memory corruption, undefined behavior, or crashes...

CVE-2024-26753

In the Linux kernel, the following vulnerability has been resolved: crypto: virtio/akcipher - Fix stack overflow on memcpy sizeofstruct virtiocryptoakciphersessionpara is less than sizeofstruct virtiocryptoopctrlreq::u, copying more bytes from stack variable leads stack overflow. Clang reports th...

CVE-2024-26733 arp: Prevent overflow in arp_req_get().

In the Linux kernel, the following vulnerability has been resolved: arp: Prevent overflow in arpreqget. syzkaller reported an overflown write in arpreqget. 0 When ioctlSIOCGARP is issued, arpreqget looks up an neighbour entry and copies neigh-ha to struct arpreq.arpha.sadata. The arpha here is...

CVE-2024-26690

In the Linux kernel, the following vulnerability has been resolved: net: stmmac: protect updates of 64-bit statistics counters As explained by a comment in , write side of struct u64statssync must ensure mutual exclusion, or one seqcount update could be lost on 32-bit platforms, thus blocking...

CVE-2024-26711 iio: adc: ad4130: zero-initialize clock init data

In the Linux kernel, the following vulnerability has been resolved: iio: adc: ad4130: zero-initialize clock init data The clkinitdata struct does not have all its members initialized, causing issues when trying to expose the internal clock on the CLK pin. Fix this by zero-initializing the...

CVE-2024-26711

In the Linux kernel, the following vulnerability has been resolved: iio: adc: ad4130: zero-initialize clock init data The clkinitdata struct does not have all its members initialized, causing issues when trying to expose the internal clock on the CLK pin. Fix this by zero-initializing the...

CVE-2024-26690

CVE-2024-26690 affects the Linux kernel stmmac driver: it fixes a race in 64-bit statistics counters by splitting u64_stats_sync into three groups and adding per-CPU stats to avoid mutual-exclusion issues across tx, NAPI, and interrupt contexts. The write side of u64_stats_sync must be serialized...

CVE-2024-26690 net: stmmac: protect updates of 64-bit statistics counters

In the Linux kernel, the following vulnerability has been resolved: net: stmmac: protect updates of 64-bit statistics counters As explained by a comment in , write side of struct u64statssync must ensure mutual exclusion, or one seqcount update could be lost on 32-bit platforms, thus blocking...

CVE-2024-26690 net: stmmac: protect updates of 64-bit statistics counters

In the Linux kernel, the following vulnerability has been resolved: net: stmmac: protect updates of 64-bit statistics counters As explained by a comment in , write side of struct u64statssync must ensure mutual exclusion, or one seqcount update could be lost on 32-bit platforms, thus blocking...

CVE-2024-26676

In the Linux kernel, the following vulnerability has been resolved: afunix: Call kfreeskb for dead unixsk-oobskb in GC. syzbot reported a warning 0 in unixgc with a repro, which creates a socketpair and sends one socket's fd to itself using the peer. socketpairAFUNIX, SOCKSTREAM, 0, 3, 4 = 0...

PT-2024-26767 · Linux +3 · Linux Kernel +3

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: The issue is related to a null pointer dereference in the aio complete function. Specifically, list del init careful needs to be the last access to the wait queue entry, as it...

CVE-2021-47180 NFC: nci: fix memory leak in nci_allocate_device

In the Linux kernel, the following vulnerability has been resolved: NFC: nci: fix memory leak in nciallocatedevice nfcmrvldisconnect fails to free the hcidev field in struct ncidev. Fix this by freeing hcidev in ncifreedevice. BUG: memory leak unreferenced object 0xffff888111ea6800 size 1024: com...

CVE-2021-47180

In the Linux kernel, the following vulnerability has been resolved: NFC: nci: fix memory leak in nciallocatedevice nfcmrvldisconnect fails to free the hcidev field in struct ncidev. Fix this by freeing hcidev in ncifreedevice. BUG: memory leak unreferenced object 0xffff888111ea6800 size 1024: com...

CVE-2021-47180

In the Linux kernel, the following vulnerability has been resolved: NFC: nci: fix memory leak in nciallocatedevice nfcmrvldisconnect fails to free the hcidev field in struct ncidev. Fix this by freeing hcidev in ncifreedevice. BUG: memory leak unreferenced object 0xffff888111ea6800 size 1024: com...

PT-2024-11215 · Linux +2 · Linux Kernel +2

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: The issue is related to an incorrect limit in the filelayout decode layout function, where the size of struct nfs fh is two bytes too large, potentially leading to memory corruption. T...

CVE-2024-26638

In the Linux kernel, the following vulnerability has been resolved: nbd: always initialize struct msghdr completely syzbot complains that msg-msggetinq value can be uninitialized 1 struct msghdr got many new fields recently, we should always make sure their values is zero by default. 1 BUG: KMSAN...