6038 matches found
UBUNTU-CVE-2024-50079
In the Linux kernel, the following vulnerability has been resolved: iouring/sqpoll: ensure task state is TASKRUNNING when running taskwork When the sqpoll is exiting and cancels pending work items, it may need to run taskwork. If this happens from within iouringcancelgeneric, then it may be under...
CVE-2024-50082 blk-rq-qos: fix crash on rq_qos_wait vs. rq_qos_wake_function race
In the Linux kernel, the following vulnerability has been resolved: blk-rq-qos: fix crash on rqqoswait vs. rqqoswakefunction race We're seeing crashes from rqqoswakefunction that look like this: BUG: unable to handle page fault for address: ffffafe180a40084 PF: supervisor write access in kernel...
CVE-2024-50082 blk-rq-qos: fix crash on rq_qos_wait vs. rq_qos_wake_function race
In the Linux kernel, the following vulnerability has been resolved: blk-rq-qos: fix crash on rqqoswait vs. rqqoswakefunction race We're seeing crashes from rqqoswakefunction that look like this: BUG: unable to handle page fault for address: ffffafe180a40084 PF: supervisor write access in kernel...
CVE-2024-50079 io_uring/sqpoll: ensure task state is TASK_RUNNING when running task_work
In the Linux kernel, the following vulnerability has been resolved: iouring/sqpoll: ensure task state is TASKRUNNING when running taskwork When the sqpoll is exiting and cancels pending work items, it may need to run taskwork. If this happens from within iouringcancelgeneric, then it may be under...
CVE-2024-50079
CVE-2024-50079 affects the Linux kernel io_uring/sqpoll path. When sqpoll exits and cancels pending work items, it may call task_work from within io_uring_cancel_generic() while the task is not TASK_RUNNING, risking a scheduler splat as the ring mutex is grabbed in an interruptible state. The roo...
CVE-2024-50079 io_uring/sqpoll: ensure task state is TASK_RUNNING when running task_work
In the Linux kernel, the following vulnerability has been resolved: iouring/sqpoll: ensure task state is TASKRUNNING when running taskwork When the sqpoll is exiting and cancels pending work items, it may need to run taskwork. If this happens from within iouringcancelgeneric, then it may be under...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from not ensuring that the task status is TASKRUNNING when running taskwork, which could result in a warning to t...
The vulnerability of the enqueue_task_dl() function in the Linux operating system allows a hacker to cause a service failure.
The vulnerability of the enqueuetaskdl function in the kernel/sched/deadline.c module of the Linux operating system is related to a memory leak. Exploiting this vulnerability could allow an attacker to cause a service failure...
UBUNTU-CVE-2024-48706
Collabtive 3.1 is vulnerable to Cross-site scripting XSS via the title parameter with action=add or action=editform within the a managemessage.php file and b managetask.php file respectively...
SUSE CVE-2022-48950
In the Linux kernel, the following vulnerability has been resolved: perf: Fix perfpendingtask UaF Per syzbot it is possible for perfpendingtask to run after the event is free'd. There are two related but distinct cases: - the taskwork was already queued before destroying the event; - destroying t...
CVE-2024-50040
In the Linux kernel, the following vulnerability has been resolved: igb: Do not bring the device up after non-fatal error Commit 004d25060c78 "igb: Fix igbdown hung on surprise removal" changed igbioerrordetected to ignore non-fatal pcie errors in order to avoid hung task that can happen when...
Collabtive 安全漏洞
Collabtive is a web-based project management system. The system includes features such as project management, document management and time tracking. A security vulnerability exists in Collabtive version 3.1, which stems from the presence of a cross-site scripting XSS vulnerability that can be...
PT-2024-37055
Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.12.0-rc3 Description A potential deadlock issue has been identified in the Linux kernel's f2fs subsystem. The issue arises from a possible circular locking dependency detected in the f2fs record stop reason...
CVE-2024-48706
Collabtive 3.1 is vulnerable to cross-site scripting (XSS) via the title parameter when using action=add (managemessage.php) or action=editform (managetask.php). Root cause is unsanitized input in the title field. Affected: Collabtive 3.1. Exploitation details are not provided beyond the affected...
CVE-2024-50042
In the Linux kernel, the following vulnerability has been resolved: ice: Fix increasing MSI-X on VF Increasing MSI-X value on a VF leads to invalid memory operations. This is caused by not reallocating some arrays. Reproducer: modprobe ice echo 0 /sys/bus/pci/devices/$PFPCI/sriovdriversautoprobe...
AZL-51453 CVE-2024-50019 affecting package kernel for versions less than 5.15.173.1-1
In the Linux kernel, the following vulnerability has been resolved: kthread: unpark only parked kthread Calling into kthread unparking unconditionally is mostly harmless when the kthread is already unparked. The wake up is then simply ignored because the target is not in TASKPARKED state. However...
CVE-2022-48983
In the Linux kernel, the following vulnerability has been resolved: iouring: Fix a null-ptr-deref in iotctxexitcb Syzkaller reports a NULL deref bug as follows: BUG: KASAN: null-ptr-deref in iotctxexitcb+0x53/0xd3 Read of size 4 at addr 0000000000000138 by task file1/1955 CPU: 1 PID: 1955 Comm:...
DEBIAN-CVE-2022-48950
In the Linux kernel, the following vulnerability has been resolved: perf: Fix perfpendingtask UaF Per syzbot it is possible for perfpendingtask to run after the event is free'd. There are two related but distinct cases: - the taskwork was already queued before destroying the event; - destroying t...
UBUNTU-CVE-2022-48950
In the Linux kernel, the following vulnerability has been resolved: perf: Fix perfpendingtask UaF Per syzbot it is possible for perfpendingtask to run after the event is free'd. There are two related but distinct cases: - the taskwork was already queued before destroying the event; - destroying t...
UBUNTU-CVE-2024-50019
In the Linux kernel, the following vulnerability has been resolved: kthread: unpark only parked kthread Calling into kthread unparking unconditionally is mostly harmless when the kthread is already unparked. The wake up is then simply ignored because the target is not in TASKPARKED state. However...