Azure Linux 3.0 Security Update: kernel (CVE-2024-36478)

The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-36478 advisory. - In the Linux kernel, the following vulnerability has been resolved: nullblk: fix null-ptr-dereference while...

CVE-2024-36478

In the Linux kernel, the following vulnerability has been resolved: nullblk: fix null-ptr-dereference while configuring 'power' and 'submitqueues' Writing 'power' and 'submitqueues' concurrently will trigger kernel panic: Test script: modprobe nullblk nrdevices=0 mkdir -p...

CVE-2024-36478

In the Linux kernel, the following vulnerability has been resolved: nullblk: fix null-ptr-dereference while configuring 'power' and 'submitqueues' Writing 'power' and 'submitqueues' concurrently will trigger kernel panic: Test script: modprobe nullblk nrdevices=0 mkdir -p...

CVE-2024-36478

CVE-2024-36478 affects the Linux kernel null_blk driver. The issue is a NULL pointer dereference that occurs when power and submit_queues are configured concurrently, leading to a kernel panic via a race between del_gendisk and NR HW queue updates. The fixes consolidate protection by reusing a gl...

CVE-2024-36478 null_blk: fix null-ptr-dereference while configuring 'power' and 'submit_queues'

In the Linux kernel, the following vulnerability has been resolved: nullblk: fix null-ptr-dereference while configuring 'power' and 'submitqueues' Writing 'power' and 'submitqueues' concurrently will trigger kernel panic: Test script: modprobe nullblk nrdevices=0 mkdir -p...