PT-2024-20912 · Rt-Thread · Rt-Thread

Name of the Vulnerable Software and Affected Versions: RT-Thread versions through 5.0.2 Description: The issue is related to an integer signedness error and resultant buffer overflow in the drivers/wlan/wlan mgmt,c component. Recommendations: For RT-Thread versions through 5.0.2, update to a...

PT-2024-20920 · Rt-Thread · Rt-Thread

Name of the Vulnerable Software and Affected Versions: RT-Thread versions through 5.0.2 Description: A buffer overflow occurs in the utilities/rt-link/src/rtlink.c file. Recommendations: For RT-Thread versions through 5.0.2, update to a version that contains a fix for this issue. At the moment,...

PT-2024-26748

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The issue arises from the direct call to md reap sync thread from raid message without holding the reconfig mutex. This is unsafe because md reap sync thread can change fields protected ...

PT-2024-26743

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The issue is related to the dm-raid component in the Linux kernel, where the sync thread is not properly frozen during suspend. This is caused by the removal of the MD RECOVERY FROZEN fl...

PT-2024-20368 · Rt-Thread · Rt-Thread

Name of the Vulnerable Software and Affected Versions: RT-Thread versions 5.0.2 and earlier Description: A heap buffer overflow occurs in the dfs v2 romfs filesystem. Recommendations: For RT-Thread versions 5.0.2 and earlier, at the moment, there is no information about a newer version that...

PT-2024-20916 · Rt-Thread · Rt-Thread

Name of the Vulnerable Software and Affected Versions: RT-Thread versions through 5.0.2 Description: A stack buffer overflow occurs in the libc/posix/ipc/mqueue.c file. Recommendations: For RT-Thread versions through 5.0.2, at the moment, there is no information about a newer version that contain...

PT-2024-20913 · Rt-Thread · Rt-Thread

Name of the Vulnerable Software and Affected Versions: RT-Thread versions through 5.0.2 Description: The issue is related to a weak random number generation algorithm used in RT-Thread. The algorithm, defined as seed = 214013L seed + 2531011L; return seed 16 & 0x7FFF;, is implemented in the calc...

CLSA-2024-1709562163 Fix CVE(s): CVE-2023-50387, CVE-2023-50868

SECURITY UPDATE: KeyTrap denial of service vulnerability - debian/patches/CVE-2023-50387-20230-50868.patch: Fix DNSSEC verification complexity issue by updating verification function signatures. - debian/patches/CVE-2023-50387-fix-1.patch: Allow the original CVE-2023-50387 patch to work if multip...

CVE-2023-52572

In the Linux kernel, the following vulnerability has been resolved: cifs: Fix UAF in cifsdemultiplexthread There is a UAF when xfstests on cifs: BUG: KASAN: use-after-free in smb2isnetworknamedeleted+0x27/0x160 Read of size 4 at addr ffff88810103fc08 by task cifsd/923 CPU: 1 PID: 923 Comm: cifsd...

AZL-54137 CVE-2023-52572 affecting package kernel for versions less than 5.15.182.1-1

In the Linux kernel, the following vulnerability has been resolved: cifs: Fix UAF in cifsdemultiplexthread There is a UAF when xfstests on cifs: BUG: KASAN: use-after-free in smb2isnetworknamedeleted+0x27/0x160 Read of size 4 at addr ffff88810103fc08 by task cifsd/923 CPU: 1 PID: 923 Comm: cifsd...

DEBIAN-CVE-2023-52572

In the Linux kernel, the following vulnerability has been resolved: cifs: Fix UAF in cifsdemultiplexthread There is a UAF when xfstests on cifs: BUG: KASAN: use-after-free in smb2isnetworknamedeleted+0x27/0x160 Read of size 4 at addr ffff88810103fc08 by task cifsd/923 CPU: 1 PID: 923 Comm: cifsd...

CVE-2024-26614 tcp: make sure init the accept_queue's spinlocks once

In the Linux kernel, the following vulnerability has been resolved: tcp: make sure init the acceptqueue's spinlocks once When I run syz's reproduction C program locally, it causes the following issue: pvqspinlock: lock 0xffff9d181cd5c660 has corrupted value 0x0! WARNING: CPU: 19 PID: 21160 at...

Race condition

In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix race condition between session lookup and expire Thread A + Thread B ksmbdsessionlookup | smb2sesssetup sess = xaload | | | xaerase&conn-sessions, sess-id; | | ksmbdsessiondestroysess -- kfreesess | // UAF! |...

CVE-2023-52480

In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix race condition between session lookup and expire Thread A + Thread B ksmbdsessionlookup | smb2sesssetup sess = xaload | | | xaerase&conn-sessions, sess-id; | | ksmbdsessiondestroysess -- kfreesess | // UAF! |...

Linux kernel security vulnerabilities

The Linux kernel is the kernel used by the Linux Foundation's open source operating system Linux. A security vulnerability exists in the Linux kernel that arises from a kernel thread using and not releasing the CPU for longer than a specified period of time...

kernel: GSM multiplexing race condition leads to privilege escalation

A race condition was found in the GSM 0710 tty multiplexor in the Linux kernel. This issue occurs when two threads execute the GSMIOCSETCONF ioctl on the same tty file descriptor with the gsm line discipline enabled, and can lead to a use-after-free problem on a struct gsmdlci while restarting th...

Design/Logic Flaw

In the Linux kernel, the following vulnerability has been resolved: kyber: fix out of bounds access when preempted blkmqschedbiomerge gets the ctx and hctx for the current CPU and passes the hctx to -biomerge. kyberbiomerge then gets the ctx for the current CPU again and uses that to get the...

CVE-2020-36776 thermal/drivers/cpufreq_cooling: Fix slab OOB issue

In the Linux kernel, the following vulnerability has been resolved: thermal/drivers/cpufreqcooling: Fix slab OOB issue Slab OOB issue is scanned by KASAN in cpupowertofreq. If power is limited below the power of OPP0 in EM table, it will cause slab out-of-bound issue with negative array index...

Linux kernel security vulnerabilities

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a contention between a task that aborts a transaction during a commit, a task that performs fsync, and a...

CVE-2024-26585

In the Linux kernel, the following vulnerability has been resolved: tls: fix race between tx work scheduling and socket close Similarly to previous commit, the submitting thread recvmsg/sendmsg may exit as soon as the async crypto handler calls complete. Reorder scheduling the work before calling...