kernel: timer tree corruption leads to missing wakeup and system freeze

A flaw was found in the Linux kernel. A corrupted timer tree caused the task wakeup to be missing in the timerqueueadd function in lib/timerqueue.c. This flaw allows a local attacker with special user privileges to cause a denial of service, slowing and eventually stopping the system while runnin...

Important: Red Hat Security Advisory: kernel-rt security and bug fix update

An update for kernel-rt is now available for Red Hat Enterprise Linux 8.4 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available f...

kernel: timer tree corruption leads to missing wakeup and system freeze

A flaw was found in the Linux kernel. A corrupted timer tree caused the task wakeup to be missing in the timerqueueadd function in lib/timerqueue.c. This flaw allows a local attacker with special user privileges to cause a denial of service, slowing and eventually stopping the system while runnin...

RLSA-2021:4647 Important: kernel security update

The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: Insufficient validation of user-supplied sizes for the MSGCRYPTO message type CVE-2021-43267 kernel: timer tree corruption leads to missing wakeup and system freeze CVE-2021-20317 For mor...

ALSA-2021:4647 Important: kernel security update

The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: Insufficient validation of user-supplied sizes for the MSGCRYPTO message type CVE-2021-43267 kernel: timer tree corruption leads to missing wakeup and system freeze CVE-2021-20317 For mor...

kernel security update

An update is available for kernel. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The kernel packages contain the Linux kernel, the core of any Linux operating...

Important: kernel security update

The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: Insufficient validation of user-supplied sizes for the MSGCRYPTO message type CVE-2021-43267 kernel: timer tree corruption leads to missing wakeup and system freeze CVE-2021-20317 For mor...

RLSA-2021:4646 Important: kernel-rt security and bug fix update

The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Security Fixes: kernel: Insufficient validation of user-supplied sizes for the MSGCRYPTO message type CVE-2021-43267 kernel: timer tree corruption leads t...

kernel-rt security and bug fix update

An update is available for kernel-rt. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The kernel-rt packages provide the Real Time Linux Kernel, which enables...

UVI-2021-1002039 netfilter: xt_IDLETIMER: fix panic that occurs when timer_type has garbage value

netfilter: xtIDLETIMER: fix panic that occurs when timertype has garbage value This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.10.76 by commi...

PT-2021-8180 · Linux +3 · Linux Kernel +3

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: The issue is related to a use-after-free error in the Linux kernel's sched/fair component. This error occurs when the unregister fair sched group function unlinks all cfs rqs from a...

Amazon Linux 2 : kernel (ALAS-2021-1719)

The version of kernel installed on the remote host is prior to 4.14.252-195.481. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2021-1719 advisory. A flaw was found in the Linux kernel. A corrupted timer tree caused the task wakeup to be missing in the...

Important: kernel

Issue Overview: A flaw was found in the Linux kernel. A corrupted timer tree caused the task wakeup to be missing in the timerqueueadd function in lib/timerqueue.c. This flaw allows a local attacker with special user privileges to cause a denial of service, slowing and eventually stopping the...

PolarSsl 安全特征问题漏洞

PolarSsl Mbed Tls is a portable, easy to use, readable and flexible Ssl library. A security signature issue vulnerability exists in PolarSSL due to the product's use of the HAVEGE algorithm to generate random numbers and the algorithm is based on timing information from the processor's...

[SECURITY] Fedora 34 Update: watchdog-5.16-2.fc34

The watchdog program can be used as a powerful software watchdog daemon or may be alternately used with a hardware watchdog device such as the IPMI hardware watchdog driver interface to a resident Baseboard Management Controller BMC. watchdog periodically writes to /dev/watchdog; the interval...

The vulnerability in the `timer_create` system call handling mechanism of Linux kernels allows a malicious actor to gain access to kernel memory from user space or cause a system crash.

The vulnerability of the timercreate function in Linux kernel-based system calls involves reading memory beyond its permitted limits. Exploiting this vulnerability can allow an attacker to gain access to kernel memory from user space or cause a system failure...

GSD-2021-1001692 net/sched: sch_taprio: properly cancel timer from taprio_destroy()

net/sched: schtaprio: properly cancel timer from tapriodestroy This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.14.12 by commit...

UVI-2021-1001692 net/sched: sch_taprio: properly cancel timer from taprio_destroy()

net/sched: schtaprio: properly cancel timer from tapriodestroy This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.14.12 by commit...

GSD-2021-1001627 net/sched: sch_taprio: properly cancel timer from taprio_destroy()

net/sched: schtaprio: properly cancel timer from tapriodestroy This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.10.73 by commit...

UVI-2021-1001627 net/sched: sch_taprio: properly cancel timer from taprio_destroy()

net/sched: schtaprio: properly cancel timer from tapriodestroy This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.10.73 by commit...