CVE-2024-50032

...

CVE-2024-49960

In the Linux kernel, the following vulnerability has been resolved: ext4: fix timer use-after-free on failed mount Syzbot has found an ODEBUG bug in ext4fillsuper The deltimersync function cancels the serrreport timer, which reminds about filesystem errors daily. We should guarantee the timer is ...

AZL-51763 CVE-2024-49960 affecting package kernel for versions less than 5.15.182.1-1

In the Linux kernel, the following vulnerability has been resolved: ext4: fix timer use-after-free on failed mount Syzbot has found an ODEBUG bug in ext4fillsuper The deltimersync function cancels the serrreport timer, which reminds about filesystem errors daily. We should guarantee the timer is ...

DEBIAN-CVE-2024-49960

In the Linux kernel, the following vulnerability has been resolved: ext4: fix timer use-after-free on failed mount Syzbot has found an ODEBUG bug in ext4fillsuper The deltimersync function cancels the serrreport timer, which reminds about filesystem errors daily. We should guarantee the timer is ...

DEBIAN-CVE-2024-49927

In the Linux kernel, the following vulnerability has been resolved: x86/ioapic: Handle allocation failures gracefully Breno observed panics when using failslab under certain conditions during runtime: can not alloc irqpinlist -1,0,20 Kernel panic - not syncing: IO-APIC: failed to add irq-pin. Can...

AZL-52944 CVE-2024-49927 affecting package kernel for versions less than 5.15.173.1-1

In the Linux kernel, the following vulnerability has been resolved: x86/ioapic: Handle allocation failures gracefully Breno observed panics when using failslab under certain conditions during runtime: can not alloc irqpinlist -1,0,20 Kernel panic - not syncing: IO-APIC: failed to add irq-pin. Can...

AZL-53343 CVE-2024-49866 affecting package kernel for versions less than 5.15.173.1-1

In the Linux kernel, the following vulnerability has been resolved: tracing/timerlat: Fix a race during cpuhp processing There is another found exception that the "timerlat/1" thread was scheduled on CPU0, and lead to timer corruption finally: ODEBUG: init active active state 0 object:...

DEBIAN-CVE-2024-49866

In the Linux kernel, the following vulnerability has been resolved: tracing/timerlat: Fix a race during cpuhp processing There is another found exception that the "timerlat/1" thread was scheduled on CPU0, and lead to timer corruption finally: ODEBUG: init active active state 0 object:...

UBUNTU-CVE-2024-49866

In the Linux kernel, the following vulnerability has been resolved: tracing/timerlat: Fix a race during cpuhp processing There is another found exception that the "timerlat/1" thread was scheduled on CPU0, and lead to timer corruption finally: ODEBUG: init active active state 0 object:...

UBUNTU-CVE-2024-49927

In the Linux kernel, the following vulnerability has been resolved: x86/ioapic: Handle allocation failures gracefully Breno observed panics when using failslab under certain conditions during runtime: can not alloc irqpinlist -1,0,20 Kernel panic - not syncing: IO-APIC: failed to add irq-pin. Can...

UBUNTU-CVE-2024-49960

In the Linux kernel, the following vulnerability has been resolved: ext4: fix timer use-after-free on failed mount Syzbot has found an ODEBUG bug in ext4fillsuper The deltimersync function cancels the serrreport timer, which reminds about filesystem errors daily. We should guarantee the timer is ...

CVE-2024-49960 ext4: fix timer use-after-free on failed mount

In the Linux kernel, the following vulnerability has been resolved: ext4: fix timer use-after-free on failed mount Syzbot has found an ODEBUG bug in ext4fillsuper The deltimersync function cancels the serrreport timer, which reminds about filesystem errors daily. We should guarantee the timer is ...

CVE-2024-49960 ext4: fix timer use-after-free on failed mount

In the Linux kernel, the following vulnerability has been resolved: ext4: fix timer use-after-free on failed mount Syzbot has found an ODEBUG bug in ext4fillsuper The deltimersync function cancels the serrreport timer, which reminds about filesystem errors daily. We should guarantee the timer is ...

CVE-2024-49960 ext4: fix timer use-after-free on failed mount

In the Linux kernel, the following vulnerability has been resolved: ext4: fix timer use-after-free on failed mount Syzbot has found an ODEBUG bug in ext4fillsuper The deltimersync function cancels the serrreport timer, which reminds about filesystem errors daily. We should guarantee the timer is ...

CVE-2024-49960

CVE-2024-49960 concerns ext4 on the Linux kernel. The issue is a timer use-after-free during failed mounts: the s_err_report timer can remain active while sbi is freed, because ext4_handle_error re-arms the timer before kfree(sbi). The root cause is not canceling the s_err_report timer after ext4...

CVE-2024-49866 tracing/timerlat: Fix a race during cpuhp processing

In the Linux kernel, the following vulnerability has been resolved: tracing/timerlat: Fix a race during cpuhp processing There is another found exception that the "timerlat/1" thread was scheduled on CPU0, and lead to timer corruption finally: ODEBUG: init active active state 0 object:...

CVE-2024-49866

CVE-2024-49866 : Linux kernel race in timerlat cpuhp processing can lead to timer corruption when timerlat/1 migration occurs during thread creation. Root cause: CPU online/offline timing mismatch with asynchronous osnoise workers can schedule a thread onto an offline CPU. Fix implemented: skip o...

SUSE CVE-2024-47747

In the Linux kernel, the following vulnerability has been resolved: net: seeq: Fix use after free vulnerability in ether3 Driver Due to Race Condition In the ether3probe function, a timer is initialized with a callback function ether3ledoff, bound to &prevdev-timer. Once the timer is started, the...

AZL-50689 CVE-2024-47747 affecting package kernel for versions less than 5.15.173.1-1

In the Linux kernel, the following vulnerability has been resolved: net: seeq: Fix use after free vulnerability in ether3 Driver Due to Race Condition In the ether3probe function, a timer is initialized with a callback function ether3ledoff, bound to &prevdev-timer. Once the timer is started, the...

AZL-50679 CVE-2024-47747 affecting package kernel for versions less than 6.6.56.1-5

In the Linux kernel, the following vulnerability has been resolved: net: seeq: Fix use after free vulnerability in ether3 Driver Due to Race Condition In the ether3probe function, a timer is initialized with a callback function ether3ledoff, bound to &prevdev-timer. Once the timer is started, the...