CVE-2024-36939 nfs: Handle error of rpc_proc_register() in nfs_net_init().

In the Linux kernel, the following vulnerability has been resolved: nfs: Handle error of rpcprocregister in nfsnetinit. syzkaller reported a warning 0 triggered while destroying immature netns. rpcprocregister was called in initnfsfs, but its error has been ignored since at least the initial comm...

CVE-2024-36902 ipv6: fib6_rules: avoid possible NULL dereference in fib6_rule_action()

In the Linux kernel, the following vulnerability has been resolved: ipv6: fib6rules: avoid possible NULL dereference in fib6ruleaction syzbot is able to trigger the following crash 1, caused by unsafe ip6dstidev use. Indeed ip6dstidev can return NULL, and must always be checked. 1 Oops: general...

CVE-2024-36882 mm: use memalloc_nofs_save() in page_cache_ra_order()

In the Linux kernel, the following vulnerability has been resolved: mm: use memallocnofssave in pagecacheraorder See commit f2c817bed58d "mm: use memallocnofssave in readahead path", ensure that pagecacheraorder do not attempt to reclaim file-backed pages too, or it leads to a deadlock, found iss...

CVE-2021-47563 ice: avoid bpf_prog refcount underflow

In the Linux kernel, the following vulnerability has been resolved: ice: avoid bpfprog refcount underflow Ice driver has the routines for managing XDP resources that are shared between ndobpf op and VSI rebuild flow. The latter takes place for example when user changes queue count on an interface...

CVE-2021-47462 mm/mempolicy: do not allow illegal MPOL_F_NUMA_BALANCING | MPOL_LOCAL in mbind()

In the Linux kernel, the following vulnerability has been resolved: mm/mempolicy: do not allow illegal MPOLFNUMABALANCING | MPOLLOCAL in mbind syzbot reported access to unitialized memory in mbind 1 Issue came with commit bda420b98505 "numa balancing: migrate on fault among multiple bound nodes"...

CVE-2023-52793

Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority...

CVE-2023-52793

CVE-2023-52793 is rejected by its CVE Numbering Authority and does not represent an active vulnerability entry.

CVE-2023-52793

Removed by vendor...

CVE-2023-52770

CVE-2023-52770 is a Linux-kernel (f2fs) issue: the bug stems from how extent_cache is allocated, with a split between initial and dynamic conditions that could trigger a panic during extent_cache updates (observed during a file creation with compressed flag and subsequent operations). The vulnera...

CVE-2021-47418 net_sched: fix NULL deref in fifo_set_limit()

In the Linux kernel, the following vulnerability has been resolved: netsched: fix NULL deref in fifosetlimit syzbot reported another NULL deref in fifosetlimit 1 I could repro the issue with : unshare -n tc qd add dev lo root handle 1:0 tbf limit 200000 burst 70000 rate 100Mbit tc qd replace dev ...

CVE-2021-47418 net_sched: fix NULL deref in fifo_set_limit()

In the Linux kernel, the following vulnerability has been resolved: netsched: fix NULL deref in fifosetlimit syzbot reported another NULL deref in fifosetlimit 1 I could repro the issue with : unshare -n tc qd add dev lo root handle 1:0 tbf limit 200000 burst 70000 rate 100Mbit tc qd replace dev ...

CVE-2021-47418

In the Linux kernel, the following vulnerability has been resolved: netsched: fix NULL deref in fifosetlimit syzbot reported another NULL deref in fifosetlimit 1 I could repro the issue with : unshare -n tc qd add dev lo root handle 1:0 tbf limit 200000 burst 70000 rate 100Mbit tc qd replace dev ...

CVE-2021-47395

In the Linux kernel, the following vulnerability has been resolved: mac80211: limit injected vht mcs/nss in ieee80211parsetxradiotap Limit max values for vht mcs and nss in ieee80211parsetxradiotap routine in order to fix the following warning reported by syzbot: WARNING: CPU: 0 PID: 10717 at...

CVE-2021-47376 bpf: Add oversize check before call kvcalloc()

In the Linux kernel, the following vulnerability has been resolved: bpf: Add oversize check before call kvcalloc Commit 7661809d493b "mm: don't allow oversized kvmalloc calls" add the oversize check. When the allocation is larger than what kmalloc supports, the following warning triggered: WARNIN...

CVE-2021-47376

CVE-2021-47376 is a Linux kernel issue where an oversize allocation in kmalloc path could trigger a warning during BPF verification. The provided description and connected advisories indicate the fix adds an oversize check before kvcalloc() via the commit that introduces the guard in mm/kvmalloc(...

CVE-2021-47375

In the Linux kernel, the following vulnerability has been resolved: blktrace: Fix uaf in blktrace access after removing by sysfs There is an use-after-free problem triggered by following process: P1sda P2sdb echo 0 /sys/block/sdb/trace/enable blktraceremovequeue synchronizercu blktracefree...

CVE-2021-47341

In the Linux kernel, the following vulnerability has been resolved: KVM: mmio: Fix use-after-free Read in kvmvmioctlunregistercoalescedmmio BUG: KASAN: use-after-free in kvmvmioctlunregistercoalescedmmio+0x7c/0x1ec arch/arm64/kvm/../../../virt/kvm/coalescedmmio.c:183 Read of size 8 at addr...

CVE-2024-35976 xsk: validate user input for XDP_{UMEM|COMPLETION}_FILL_RING

In the Linux kernel, the following vulnerability has been resolved: xsk: validate user input for XDPUMEM|COMPLETIONFILLRING syzbot reported an illegal copy in xsksetsockopt 1 Make sure to validate setsockopt @optlen parameter. 1 BUG: KASAN: slab-out-of-bounds in copyfromsockptroffset...

CVE-2024-35871

In the Linux kernel, the following vulnerability has been resolved: riscv: process: Fix kernel gp leakage childregs represents the registers which are active for the new thread in user context. For a kernel thread, childregs-gp is never used since the kernel gp is not touched by switchto. For a...

CVE-2024-35873 riscv: Fix vector state restore in rt_sigreturn()

In the Linux kernel, the following vulnerability has been resolved: riscv: Fix vector state restore in rtsigreturn The RISC-V Vector specification states in "Appendix D: Calling Convention for Vector State" 1 that "Executing a system call causes all caller-saved vector registers v0-v31, vl, vtype...