24 matches found
DEBIAN-CVE-2024-50140
In the Linux kernel, the following vulnerability has been resolved: sched/core: Disable page allocation in tasktickmmcid With KASAN and PREEMPTRT enabled, calling taskworkadd in tasktickmmcid may cause the following splat. 63.696416 BUG: sleeping function called from invalid context at...
DEBIAN-CVE-2024-50079
In the Linux kernel, the following vulnerability has been resolved: iouring/sqpoll: ensure task state is TASKRUNNING when running taskwork When the sqpoll is exiting and cancels pending work items, it may need to run taskwork. If this happens from within iouringcancelgeneric, then it may be under...
CVE-2024-50079 io_uring/sqpoll: ensure task state is TASK_RUNNING when running task_work
In the Linux kernel, the following vulnerability has been resolved: iouring/sqpoll: ensure task state is TASKRUNNING when running taskwork When the sqpoll is exiting and cancels pending work items, it may need to run taskwork. If this happens from within iouringcancelgeneric, then it may be under...
CVE-2024-50079 io_uring/sqpoll: ensure task state is TASK_RUNNING when running task_work
In the Linux kernel, the following vulnerability has been resolved: iouring/sqpoll: ensure task state is TASKRUNNING when running taskwork When the sqpoll is exiting and cancels pending work items, it may need to run taskwork. If this happens from within iouringcancelgeneric, then it may be under...
CVE-2024-50079
CVE-2024-50079 affects the Linux kernel io_uring/sqpoll path. When sqpoll exits and cancels pending work items, it may call task_work from within io_uring_cancel_generic() while the task is not TASK_RUNNING, risking a scheduler splat as the ring mutex is grabbed in an interruptible state. The roo...
SUSE CVE-2022-48983
In the Linux kernel, the following vulnerability has been resolved: iouring: Fix a null-ptr-deref in iotctxexitcb Syzkaller reports a NULL deref bug as follows: BUG: KASAN: null-ptr-deref in iotctxexitcb+0x53/0xd3 Read of size 4 at addr 0000000000000138 by task file1/1955 CPU: 1 PID: 1955 Comm:...
CVE-2022-48950
A use-after-free vulnerability was found in the Linux kernel. It is possible for perfpendingtask to run after the event is free, resulting in a loss of system availability. Mitigation Mitigation for this issue is either not available or the currently available options don't meet the Red Hat Produ...
CVE-2022-48983
In the Linux kernel, the following vulnerability has been resolved: iouring: Fix a null-ptr-deref in iotctxexitcb Syzkaller reports a NULL deref bug as follows: BUG: KASAN: null-ptr-deref in iotctxexitcb+0x53/0xd3 Read of size 4 at addr 0000000000000138 by task file1/1955 CPU: 1 PID: 1955 Comm:...
UBUNTU-CVE-2022-48983
In the Linux kernel, the following vulnerability has been resolved: iouring: Fix a null-ptr-deref in iotctxexitcb Syzkaller reports a NULL deref bug as follows: BUG: KASAN: null-ptr-deref in iotctxexitcb+0x53/0xd3 Read of size 4 at addr 0000000000000138 by task file1/1955 CPU: 1 PID: 1955 Comm:...
CVE-2022-48983 io_uring: Fix a null-ptr-deref in io_tctx_exit_cb()
In the Linux kernel, the following vulnerability has been resolved: iouring: Fix a null-ptr-deref in iotctxexitcb Syzkaller reports a NULL deref bug as follows: BUG: KASAN: null-ptr-deref in iotctxexitcb+0x53/0xd3 Read of size 4 at addr 0000000000000138 by task file1/1955 CPU: 1 PID: 1955 Comm:...
DEBIAN-CVE-2024-43870
In the Linux kernel, the following vulnerability has been resolved: perf: Fix event leak upon exit When a task is scheduled out, pending sigtrap deliveries are deferred to the target task upon resume to userspace via taskwork. However failures while adding an event's callback to the taskwork engi...
CVE-2024-43870
In the Linux kernel, the following vulnerability has been resolved: perf: Fix event leak upon exit When a task is scheduled out, pending sigtrap deliveries are deferred to the target task upon resume to userspace via taskwork. However failures while adding an event's callback to the taskwork engi...
CVE-2024-43870
CVE-2024-43870 : In the Linux kernel perf subsystem, a window exists during task_exit where pending sigtrap deliveries may be queued but not added to the event’s task_work due to a failure when adding the event’s callback to task_work. This creates a small window in which the event refcount can b...
CVE-2021-47577
In the Linux kernel, the following vulnerability has been resolved: io-wq: check for wq exit after adding new worker taskwork We check IOWQBITEXIT before attempting to create a new worker, and wq exit cancels pending work if we have any. But it's possible to have a race between the two, where...
SUSE CVE-2021-47504
In the Linux kernel, the following vulnerability has been resolved: iouring: ensure taskwork gets run as part of cancelations If we successfully cancel a work item but that work item needs to be processed through taskwork, then we can be sleeping uninterruptibly in iouringcancelgeneric and never...
CVE-2021-47504
In the Linux kernel, the following vulnerability has been resolved: iouring: ensure taskwork gets run as part of cancelations If we successfully cancel a work item but that work item needs to be processed through taskwork, then we can be sleeping uninterruptibly in iouringcancelgeneric and never...
DEBIAN-CVE-2021-47504
In the Linux kernel, the following vulnerability has been resolved: iouring: ensure taskwork gets run as part of cancelations If we successfully cancel a work item but that work item needs to be processed through taskwork, then we can be sleeping uninterruptibly in iouringcancelgeneric and never...
CVE-2021-47504
In the Linux kernel, the following vulnerability has been resolved: iouring: ensure taskwork gets run as part of cancelations If we successfully cancel a work item but that work item needs to be processed through taskwork, then we can be sleeping uninterruptibly in iouringcancelgeneric and never...
CVE-2021-47504
In the Linux kernel, the following vulnerability has been resolved: iouring: ensure taskwork gets run as part of cancelations If we successfully cancel a work item but that work item needs to be processed through taskwork, then we can be sleeping uninterruptibly in iouringcancelgeneric and never...
UBUNTU-CVE-2021-47504
In the Linux kernel, the following vulnerability has been resolved: iouring: ensure taskwork gets run as part of cancelations If we successfully cancel a work item but that work item needs to be processed through taskwork, then we can be sleeping uninterruptibly in iouringcancelgeneric and never...