DEBIAN-CVE-2021-47355

In the Linux kernel, the following vulnerability has been resolved: atm: nicstar: Fix possible use-after-free in nicstarcleanup This module's remove path calls deltimer. However, that function does not wait until the timer handler finishes. This means that the timer handler may still be running...

DEBIAN-CVE-2021-47321

In the Linux kernel, the following vulnerability has been resolved: watchdog: Fix possible use-after-free by calling deltimersync This driver's remove path calls deltimer. However, that function does not wait until the timer handler finishes. This means that the timer handler may still be running...

DEBIAN-CVE-2021-47324

In the Linux kernel, the following vulnerability has been resolved: watchdog: Fix possible use-after-free in wdtstartup This module's remove path calls deltimer. However, that function does not wait until the timer handler finishes. This means that the timer handler may still be running after the...

UBUNTU-CVE-2021-47321

In the Linux kernel, the following vulnerability has been resolved: watchdog: Fix possible use-after-free by calling deltimersync This driver's remove path calls deltimer. However, that function does not wait until the timer handler finishes. This means that the timer handler may still be running...

UBUNTU-CVE-2021-47324

In the Linux kernel, the following vulnerability has been resolved: watchdog: Fix possible use-after-free in wdtstartup This module's remove path calls deltimer. However, that function does not wait until the timer handler finishes. This means that the timer handler may still be running after the...

UBUNTU-CVE-2021-47323

In the Linux kernel, the following vulnerability has been resolved: watchdog: sc520wdt: Fix possible use-after-free in wdtturnoff This module's remove path calls deltimer. However, that function does not wait until the timer handler finishes. This means that the timer handler may still be running...

UBUNTU-CVE-2021-47305

In the Linux kernel, the following vulnerability has been resolved: dma-buf/syncfile: Don't leak fences on merge failure Each addfence call does a dmafenceget on the relevant fence. In the error path, we weren't calling dmafenceput so all those fences got leaked. Also, in the kreallocarray failur...

UBUNTU-CVE-2021-47357

In the Linux kernel, the following vulnerability has been resolved: atm: iphase: fix possible use-after-free in iamoduleexit This module's remove path calls deltimer. However, that function does not wait until the timer handler finishes. This means that the timer handler may still be running afte...

UBUNTU-CVE-2021-47356

In the Linux kernel, the following vulnerability has been resolved: mISDN: fix possible use-after-free in HFCcleanup This module's remove path calls deltimer. However, that function does not wait until the timer handler finishes. This means that the timer handler may still be running after the...

SUSE CVE-2024-35794

In the Linux kernel, the following vulnerability has been resolved: dm-raid: really frozen syncthread during suspend 1 commit f52f5c71f3d4 "md: fix stopping sync thread" remove MDRECOVERYFROZEN from mdstopwrites and doesn't realize that dm-raid relies on mdstopwrites to frozen syncthread...

SUSE CVE-2024-35808

In the Linux kernel, the following vulnerability has been resolved: md/dm-raid: don't call mdreapsyncthread directly Currently mdreapsyncthread is called from raidmessage directly without holding 'reconfigmutex', this is definitely unsafe because mdreapsyncthread can change many fields that is...

SUSE CVE-2024-35887

In the Linux kernel, the following vulnerability has been resolved: ax25: fix use-after-free bugs caused by ax25dsdeltimer When the ax25 device is detaching, the ax25devdevicedown calls ax25dsdeltimer to cleanup the slavetimer. When the timer handler is running, the ax25dsdeltimer that calls...

SUSE CVE-2024-35910

In the Linux kernel, the following vulnerability has been resolved: tcp: properly terminate timers for kernel sockets We had various syzbot reports about tcp timers firing after the corresponding netns has been dismantled. Fortunately Josef Bacik could trigger the issue more often, and could test...

DEBIAN-CVE-2024-35978

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: Fix memory leak in hcireqsynccomplete In 'hcireqsynccomplete', always free the previous sync request state before assigning reference to a new one...

AZL-42226 CVE-2024-35978 affecting package kernel for versions less than 5.15.158.1-1

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: Fix memory leak in hcireqsynccomplete In 'hcireqsynccomplete', always free the previous sync request state before assigning reference to a new one...

UBUNTU-CVE-2024-35978

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: Fix memory leak in hcireqsynccomplete In 'hcireqsynccomplete', always free the previous sync request state before assigning reference to a new one...

AZL-54730 CVE-2024-35887 affecting package kernel 5.15.200.1-1

In the Linux kernel, the following vulnerability has been resolved: ax25: fix use-after-free bugs caused by ax25dsdeltimer When the ax25 device is detaching, the ax25devdevicedown calls ax25dsdeltimer to cleanup the slavetimer. When the timer handler is running, the ax25dsdeltimer that calls...

UBUNTU-CVE-2024-35910

In the Linux kernel, the following vulnerability has been resolved: tcp: properly terminate timers for kernel sockets We had various syzbot reports about tcp timers firing after the corresponding netns has been dismantled. Fortunately Josef Bacik could trigger the issue more often, and could test...

UBUNTU-CVE-2024-35887

In the Linux kernel, the following vulnerability has been resolved: ax25: fix use-after-free bugs caused by ax25dsdeltimer When the ax25 device is detaching, the ax25devdevicedown calls ax25dsdeltimer to cleanup the slavetimer. When the timer handler is running, the ax25dsdeltimer that calls...

SUSE CVE-2024-27408

In the Linux kernel, the following vulnerability has been resolved: dmaengine: dw-edma: eDMA: Add sync read before starting the DMA transfer in remote setup The Linked list element and pointer are not stored in the same memory as the eDMA controller register. If the doorbell register is toggled...