6033 matches found
CVE-2022-49696
In the Linux kernel, the following vulnerability has been resolved: tipc: fix use-after-free Read in tipcnamedreinit syzbot found the following issue on: ================================================================== BUG: KASAN: use-after-free in tipcnamedreinit+0x94f/0x9b0...
CVE-2022-49647 cgroup: Use separate src/dst nodes when preloading css_sets for migration
In the Linux kernel, the following vulnerability has been resolved: cgroup: Use separate src/dst nodes when preloading csssets for migration Each cset cssset is pinned by its tasks. When we're moving tasks around across csets for a migration, we need to hold the source and destination csets to...
CVE-2022-49647 cgroup: Use separate src/dst nodes when preloading css_sets for migration
In the Linux kernel, the following vulnerability has been resolved: cgroup: Use separate src/dst nodes when preloading csssets for migration Each cset cssset is pinned by its tasks. When we're moving tasks around across csets for a migration, we need to hold the source and destination csets to...
CVE-2022-49647
CVE-2022-49647 affects the Linux kernel cgroups migration code. The vulnerability stems from overloading cset->mg_preload_node for both src and dst preload lists during task migrations, which could allow a cset to be simultaneously sourced and destined, risking a use-after-free if all tasks le...
CVE-2022-49647 cgroup: Use separate src/dst nodes when preloading css_sets for migration
In the Linux kernel, the following vulnerability has been resolved: cgroup: Use separate src/dst nodes when preloading csssets for migration Each cset cssset is pinned by its tasks. When we're moving tasks around across csets for a migration, we need to hold the source and destination csets to...
CVE-2022-49647
In the Linux kernel, the following vulnerability has been resolved: cgroup: Use separate src/dst nodes when preloading csssets for migration Each cset cssset is pinned by its tasks. When we're moving tasks around across csets for a migration, we need to hold the source and destination csets to...
CVE-2022-49547 btrfs: fix deadlock between concurrent dio writes when low on free data space
In the Linux kernel, the following vulnerability has been resolved: btrfs: fix deadlock between concurrent dio writes when low on free data space When reserving data space for a direct IO write we can end up deadlocking if we have multiple tasks attempting a write to the same file range, there ar...
CVE-2022-49465 blk-throttle: Set BIO_THROTTLED when bio has been throttled
In the Linux kernel, the following vulnerability has been resolved: blk-throttle: Set BIOTHROTTLED when bio has been throttled 1.In current process, all bio will set the BIOTHROTTLED flag after blkthrotlbio. 2.If bio needs to be throttled, it will start the timer and stop submit bio directly. Bio...
CVE-2022-49395 um: Fix out-of-bounds read in LDT setup
In the Linux kernel, the following vulnerability has been resolved: um: Fix out-of-bounds read in LDT setup syscallstubdata expects the datacount parameter to be the number of longs, not bytes. ================================================================== BUG: KASAN: stack-out-of-bounds in...
CVE-2022-49217 scsi: pm8001: Fix abort all task initialization
In the Linux kernel, the following vulnerability has been resolved: scsi: pm8001: Fix abort all task initialization In pm80xxsendabortall, the nelem field of the ccb used is not initialized to 0. This missing initialization sometimes lead to the task completion path seeing the ccb with a non-zero...
CVE-2022-49217
CVE-2022-49217 (Linux kernel) : In the PM8001 SCSI path, the n_elem field of the CCB used in abort/read paths can be left uninitialized (n_elem not set to 0). This can cause the task completion path to observe a non‑zero n_elem, triggering invalid dma_unmap_sg() calls in pm8001_ccb_task_free() an...
CVE-2022-49217 scsi: pm8001: Fix abort all task initialization
In the Linux kernel, the following vulnerability has been resolved: scsi: pm8001: Fix abort all task initialization In pm80xxsendabortall, the nelem field of the ccb used is not initialized to 0. This missing initialization sometimes lead to the task completion path seeing the ccb with a non-zero...
CVE-2022-49217
In the Linux kernel, the following vulnerability has been resolved: scsi: pm8001: Fix abort all task initialization In pm80xxsendabortall, the nelem field of the ccb used is not initialized to 0. This missing initialization sometimes lead to the task completion path seeing the ccb with a non-zero...
CVE-2022-49179
CVE-2022-49179 is a Linux kernel UAF in the block I/O BFQ scheduler (block, bfq: don’t move oom_bfqq). The issue manifests as a use-after-free in bfq_put_async_bfqq() during module removal (rmmod) and BFQ/blk-mq teardown, with 1024-byte slab allocations implicated. Unity Linux advisories UTSA-202...
CVE-2022-49169
CVE-2022-49169 concerns the Linux kernel’s f2fs module and a race/lock issue that could cause a hang. The connected advisories document that the fix is to replace a mutex-based path with a spin_lock, specifically to avoid hang scenarios in f2fs when handling certain task reads and statistics oper...
CVE-2022-49123
In the Linux kernel, the following vulnerability has been resolved: ath11k: Fix frames flush failure caused by deadlock We are seeing below warnings: kernel: 25393.301506 ath11kpci 0000:01:00.0: failed to flush mgmt transmit queue 0 kernel: 25398.421509 ath11kpci 0000:01:00.0: failed to flush mgm...
CVE-2022-49120
CVE-2022-49120 pertains to the Linux kernel SCSI pm8001 path. The vulnerability is a task leak in pm8001_send_abort_all() where allocated SAS tasks may not be freed if pm8001_tag_alloc() or pm8001_mpi_build_cmd() fail. The fix ensures proper freeing of the SAS task in those failure paths. Public ...
CVE-2022-49120 scsi: pm8001: Fix task leak in pm8001_send_abort_all()
In the Linux kernel, the following vulnerability has been resolved: scsi: pm8001: Fix task leak in pm8001sendabortall In pm8001sendabortall, make sure to free the allocated sas task if pm8001tagalloc or pm8001mpibuildcmd fail...
CVE-2022-49120 scsi: pm8001: Fix task leak in pm8001_send_abort_all()
In the Linux kernel, the following vulnerability has been resolved: scsi: pm8001: Fix task leak in pm8001sendabortall In pm8001sendabortall, make sure to free the allocated sas task if pm8001tagalloc or pm8001mpibuildcmd fail...
CVE-2022-49120
In the Linux kernel, the following vulnerability has been resolved: scsi: pm8001: Fix task leak in pm8001sendabortall In pm8001sendabortall, make sure to free the allocated sas task if pm8001tagalloc or pm8001mpibuildcmd fail...