6 matches found
SUSE CVE-2024-50210
In the Linux kernel, the following vulnerability has been resolved: posix-clock: posix-clock: Fix unbalanced locking in pcclocksettime If getclockdesc succeeds, it calls fget for the clockid's fd, and get the clk-rwsem read lock, so the error path should release the lock to make the lock balance...
CVE-2024-50195
In the Linux kernel, the following vulnerability has been resolved: posix-clock: Fix missing timespec64 check in pcclocksettime As Andrew pointed out, it will make sense that the PTP core checked timespec64 struct's tvsec and tvnsec range before calling ptp-info-settime64. As the man manual of...
UBUNTU-CVE-2024-50210
In the Linux kernel, the following vulnerability has been resolved: posix-clock: posix-clock: Fix unbalanced locking in pcclocksettime If getclockdesc succeeds, it calls fget for the clockid's fd, and get the clk-rwsem read lock, so the error path should release the lock to make the lock balance...
CVE-2024-50195 posix-clock: Fix missing timespec64 check in pc_clock_settime()
In the Linux kernel, the following vulnerability has been resolved: posix-clock: Fix missing timespec64 check in pcclocksettime As Andrew pointed out, it will make sense that the PTP core checked timespec64 struct's tvsec and tvnsec range before calling ptp-info-settime64. As the man manual of...
CVE-2024-50195
The CVE-2024-50195 entry is supported by connected documents showing a Linux kernel fix for posix-clock: missing timespec64 range check in pc_clock_settime(). The root cause was that timespec64_valid() only validates the structure, not the value range, so pc_clock_settime() now performs a strict ...
CVE-2024-50195 posix-clock: Fix missing timespec64 check in pc_clock_settime()
In the Linux kernel, the following vulnerability has been resolved: posix-clock: Fix missing timespec64 check in pcclocksettime As Andrew pointed out, it will make sense that the PTP core checked timespec64 struct's tvsec and tvnsec range before calling ptp-info-settime64. As the man manual of...