CVE-2021-47189 btrfs: fix memory ordering between normal and ordered work functions

In the Linux kernel, the following vulnerability has been resolved: btrfs: fix memory ordering between normal and ordered work functions Ordered work functions aren't guaranteed to be handled by the same thread which executed the normal work functions. The only way execution between normal/ordere...

argo-cd: Denial of Service Due to Unsafe Array Modification in Multi-threaded Environment

A flaw was found in Argo CD that may result in a remote denial of service. The expireOldFailedAttempts function modifies an array while it is being iterated over. This issue may cause an application crash when executed in a multi-threaded environment if two threads interact with the same array...

SUSE CVE-2024-26757

In the Linux kernel, the following vulnerability has been resolved: md: Don't ignore read-only array in mdcheckrecovery Usually if the array is not read-write, mdcheckrecovery won't register new syncthread in the first place. And if the array is read-write and syncthread is registered,...

SUSE CVE-2024-26756

In the Linux kernel, the following vulnerability has been resolved: md: Don't register syncthread for reshape directly Currently, if reshape is interrupted, then reassemble the array will register syncthread directly from pers-run, in this case 'MDRECOVERYRUNNING' is set directly, however, there ...

SUSE CVE-2024-26710

In the Linux kernel, the following vulnerability has been resolved: powerpc/kasan: Limit KASAN thread size increase to 32KB KASAN is seen to increase stack usage, to the point that it was reported to lead to stack overflow on some 32-bit machines see link. To avoid overflows the stack size was...

PT-2024-26809 · Linux +4 · Linux Kernel +4

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: The issue arises when the driver attempts to perform a PCI reset on itself via pci reset function in the context of the driver's health thread, while pdsc reset prepare calls pdsc stop...

SUSE CVE-2024-26654

In the Linux kernel, the following vulnerability has been resolved: ALSA: sh: aica: reorder cleanup operations to avoid UAF bugs The dreamcastcard-timer could schedule the spudmawork and the spudmawork could also arm the dreamcastcard-timer. When the sndpcmsubstream is closing, the aicachannel wi...

CVE-2024-26732

A vulnerability was found in the Linux kernel related to the handling of the SOPEEKOFF socket option, which controls peeking into socket buffers. This option is not thread-safe and may lead to possible race conditions, which could cause system hangs...

CVE-2024-26758

In the Linux kernel, the following vulnerability has been resolved: md: Don't ignore suspended array in mdcheckrecovery mddevsuspend never stop syncthread, hence it doesn't make sense to ignore suspended array in mdcheckrecovery, which might cause syncthread can't be unregistered. After commit...

CVE-2024-26758

In the Linux kernel, the following vulnerability has been resolved: md: Don't ignore suspended array in mdcheckrecovery mddevsuspend never stop syncthread, hence it doesn't make sense to ignore suspended array in mdcheckrecovery, which might cause syncthread can't be unregistered. After commit...

AZL-58753 CVE-2024-26756 affecting package kernel 5.15.200.1-1

In the Linux kernel, the following vulnerability has been resolved: md: Don't register syncthread for reshape directly Currently, if reshape is interrupted, then reassemble the array will register syncthread directly from pers-run, in this case 'MDRECOVERYRUNNING' is set directly, however, there ...

AZL-59481 CVE-2024-26758 affecting package kernel 5.15.200.1-1

In the Linux kernel, the following vulnerability has been resolved: md: Don't ignore suspended array in mdcheckrecovery mddevsuspend never stop syncthread, hence it doesn't make sense to ignore suspended array in mdcheckrecovery, which might cause syncthread can't be unregistered. After commit...

DEBIAN-CVE-2024-26758

In the Linux kernel, the following vulnerability has been resolved: md: Don't ignore suspended array in mdcheckrecovery mddevsuspend never stop syncthread, hence it doesn't make sense to ignore suspended array in mdcheckrecovery, which might cause syncthread can't be unregistered. After commit...

CVE-2024-26757

In the Linux kernel, the following vulnerability has been resolved: md: Don't ignore read-only array in mdcheckrecovery Usually if the array is not read-write, mdcheckrecovery won't register new syncthread in the first place. And if the array is read-write and syncthread is registered,...

DEBIAN-CVE-2024-26757

In the Linux kernel, the following vulnerability has been resolved: md: Don't ignore read-only array in mdcheckrecovery Usually if the array is not read-write, mdcheckrecovery won't register new syncthread in the first place. And if the array is read-write and syncthread is registered,...

AZL-58801 CVE-2024-26756 affecting package kernel 6.6.126.1-1

In the Linux kernel, the following vulnerability has been resolved: md: Don't register syncthread for reshape directly Currently, if reshape is interrupted, then reassemble the array will register syncthread directly from pers-run, in this case 'MDRECOVERYRUNNING' is set directly, however, there ...

DEBIAN-CVE-2024-26756

In the Linux kernel, the following vulnerability has been resolved: md: Don't register syncthread for reshape directly Currently, if reshape is interrupted, then reassemble the array will register syncthread directly from pers-run, in this case 'MDRECOVERYRUNNING' is set directly, however, there ...

AZL-59484 CVE-2024-26758 affecting package kernel 6.6.126.1-1

In the Linux kernel, the following vulnerability has been resolved: md: Don't ignore suspended array in mdcheckrecovery mddevsuspend never stop syncthread, hence it doesn't make sense to ignore suspended array in mdcheckrecovery, which might cause syncthread can't be unregistered. After commit...

AZL-59487 CVE-2024-26757 affecting package kernel 6.6.126.1-1

In the Linux kernel, the following vulnerability has been resolved: md: Don't ignore read-only array in mdcheckrecovery Usually if the array is not read-write, mdcheckrecovery won't register new syncthread in the first place. And if the array is read-write and syncthread is registered,...

CVE-2024-26732

In the Linux kernel, the following vulnerability has been resolved: net: implement lockless setsockoptSOPEEKOFF syzbot reported a lockdep violation 1 involving afunix support of SOPEEKOFF. Since SOPEEKOFF is inherently not thread safe it uses a per-socket skpeekoff field, there is really no point...