3366 matches found
DEBIAN-CVE-2023-52509
In the Linux kernel, the following vulnerability has been resolved: ravb: Fix use-after-free issue in ravbtxtimeoutwork The ravbstop should call cancelworksync. Otherwise, ravbtxtimeoutwork is possible to use the freed priv after ravbremove was called like below: CPU0 CPU1 ravbtxtimeout ravbremov...
UBUNTU-CVE-2023-52509
In the Linux kernel, the following vulnerability has been resolved: ravb: Fix use-after-free issue in ravbtxtimeoutwork The ravbstop should call cancelworksync. Otherwise, ravbtxtimeoutwork is possible to use the freed priv after ravbremove was called like below: CPU0 CPU1 ravbtxtimeout ravbremov...
UBUNTU-CVE-2023-52513
In the Linux kernel, the following vulnerability has been resolved: RDMA/siw: Fix connection failure handling In case immediate MPA request processing fails, the newly created endpoint unlinks the listening endpoint and is ready to be dropped. This special case was not handled correctly by the co...
CVE-2023-52513 RDMA/siw: Fix connection failure handling
In the Linux kernel, the following vulnerability has been resolved: RDMA/siw: Fix connection failure handling In case immediate MPA request processing fails, the newly created endpoint unlinks the listening endpoint and is ready to be dropped. This special case was not handled correctly by the co...
CVE-2023-52491 media: mtk-jpeg: Fix use after free bug due to error path handling in mtk_jpeg_dec_device_run
In the Linux kernel, the following vulnerability has been resolved: media: mtk-jpeg: Fix use after free bug due to error path handling in mtkjpegdecdevicerun In mtkjpegprobe, &jpeg-jobtimeoutwork is bound with mtkjpegjobtimeoutwork. In mtkjpegdecdevicerun, if error happens in mtkjpegsetdecdst, it...
SUSE CVE-2021-46931
In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: Wrap the tx reporter dump callback to extract the sq Function mlx5etxreporterdumpsq casts its void argument to struct mlx5etxqsq , but in TX-timeout-recovery flow the argument is actually of type struct mlx5etxtimeoutc...
SUSE CVE-2024-22201
Jetty is a Java based web server and servlet engine. An HTTP/2 SSL connection that is established and TCP congested will be leaked when it times out. An attacker can cause many connections to end up in this state, and the server may run out of file descriptors, eventually causing the server to st...
UBUNTU-CVE-2021-46952
In the Linux kernel, the following vulnerability has been resolved: NFS: fscontext: validate UDP retrans to prevent shift out-of-bounds Fix shift out-of-bounds in xprtcalcmajortimeo. This is caused by a garbage timeout retrans mount option being passed to nfs mount, in this case from syzkaller. I...
CVE-2021-46931
A flaw was found in the Linux kernel, specifically affecting the net/mlx5e module that is the NVIDIA MLX5 common driver. The issue arises from an error in casting the arguments of a transmission reporter function. This mismatch leads to a stack overflow and kernel pani Mitigation There is no know...
DEBIAN-CVE-2021-46931
In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: Wrap the tx reporter dump callback to extract the sq Function mlx5etxreporterdumpsq casts its void argument to struct mlx5etxqsq , but in TX-timeout-recovery flow the argument is actually of type struct mlx5etxtimeoutc...
CVE-2021-46931
In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: Wrap the tx reporter dump callback to extract the sq Function mlx5etxreporterdumpsq casts its void argument to struct mlx5etxqsq , but in TX-timeout-recovery flow the argument is actually of type struct mlx5etxtimeoutc...
CVE-2021-46931
In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: Wrap the tx reporter dump callback to extract the sq Function mlx5etxreporterdumpsq casts its void argument to struct mlx5etxqsq , but in TX-timeout-recovery flow the argument is actually of type struct mlx5etxtimeoutc...
CVE-2021-46931
In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: Wrap the tx reporter dump callback to extract the sq Function mlx5etxreporterdumpsq casts its void argument to struct mlx5etxqsq , but in TX-timeout-recovery flow the argument is actually of type struct mlx5etxtimeoutc...
UBUNTU-CVE-2021-46931
In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: Wrap the tx reporter dump callback to extract the sq Function mlx5etxreporterdumpsq casts its void argument to struct mlx5etxqsq , but in TX-timeout-recovery flow the argument is actually of type struct mlx5etxtimeoutc...
CVE-2021-46931
In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: Wrap the tx reporter dump callback to extract the sq Function mlx5etxreporterdumpsq casts its void argument to struct mlx5etxqsq , but in TX-timeout-recovery flow the argument is actually of type struct mlx5etxtimeoutc...
Stack overflow
In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: Wrap the tx reporter dump callback to extract the sq Function mlx5etxreporterdumpsq casts its void argument to struct mlx5etxqsq , but in TX-timeout-recovery flow the argument is actually of type struct mlx5etxtimeoutc...
CVE-2021-46931 net/mlx5e: Wrap the tx reporter dump callback to extract the sq
In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: Wrap the tx reporter dump callback to extract the sq Function mlx5etxreporterdumpsq casts its void argument to struct mlx5etxqsq , but in TX-timeout-recovery flow the argument is actually of type struct mlx5etxtimeoutc...
CVE-2021-46931 net/mlx5e: Wrap the tx reporter dump callback to extract the sq
In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: Wrap the tx reporter dump callback to extract the sq Function mlx5etxreporterdumpsq casts its void argument to struct mlx5etxqsq , but in TX-timeout-recovery flow the argument is actually of type struct mlx5etxtimeoutc...
CVE-2021-46931
In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: Wrap the tx reporter dump callback to extract the sq Function mlx5etxreporterdumpsq casts its void argument to struct mlx5etxqsq , but in TX-timeout-recovery flow the argument is actually of type struct mlx5etxtimeoutc...
Linux kernel security vulnerabilities
The Linux kernel is the kernel used by the Linux Foundation's open source operating system Linux. The Linux kernel suffers from a security vulnerability that stems from the fact that the function mlx5etxreporterdumpsq converts its void argument to struct mlx5etxqsq , but in the TX-timeout-recover...