CVE-2024-58085

In the Linux kernel, the following vulnerability has been resolved: tomoyo: don't emit warning in tomoyowritecontrol syzbot is reporting too large allocation warning at tomoyowritecontrol, for one can write a very very long line without new line character. To fix this warning, I use GFPNOWARN...

CVE-2024-58085

CVE-2024-58085 relates to the Linux kernel Tomoyo security module, specifically a warning emission in tomoyo_write_control(). The description notes a syzbot report about a “too large allocation” warning when a long single line is written without a newline. The fix changes memory allocation behavi...

CVE-2024-58085

In the Linux kernel, the following vulnerability has been resolved: tomoyo: don't emit warning in tomoyowritecontrol syzbot is reporting too large allocation warning at tomoyowritecontrol, for one can write a very very long line without new line character. To fix this warning, I use GFPNOWARN...

SUSE-SU-2024:3694-1 Security update for the Linux Kernel (Live Patch 10 for SLE 15 SP5)

This update for the Linux Kernel 5.14.21-1505005549 fixes several issues. The following security issues were fixed: - CVE-2024-35861: Fixed potential UAF in cifssignalcifsdforreconnect bsc1225312. - CVE-2024-36899: gpiolib: cdev: Fix use after free in lineinfochangednotify bsc1225739. -...

SUSE SLES15 Security Update : kernel RT (Live Patch 10 for SLE 15 SP5) (SUSE-SU-2024:3631-1)

The remote SUSE Linux SLES15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:3631-1 advisory. This update for the Linux Kernel 5.14.21-1505001335 fixes several issues. The following security issues were fixed: - CVE-2024-35861: Fixed...

SUSE-SU-2024:3631-1 Security update for the Linux Kernel RT (Live Patch 10 for SLE 15 SP5)

This update for the Linux Kernel 5.14.21-1505001335 fixes several issues. The following security issues were fixed: - CVE-2024-35861: Fixed potential UAF in cifssignalcifsdforreconnect bsc1225312. - CVE-2024-36899: gpiolib: cdev: Fix use after free in lineinfochangednotify bsc1225739. -...

CVE-2024-26622

In the Linux kernel, the following vulnerability has been resolved: tomoyo: fix UAF write bug in tomoyowritecontrol Since tomoyowritecontrol updates head-writebuf when write of long lines is requested, we need to fetch head-writebuf after head-iosem is held. Otherwise, concurrent write requests c...

CVE-2024-26622 tomoyo: fix UAF write bug in tomoyo_write_control()

In the Linux kernel, the following vulnerability has been resolved: tomoyo: fix UAF write bug in tomoyowritecontrol Since tomoyowritecontrol updates head-writebuf when write of long lines is requested, we need to fetch head-writebuf after head-iosem is held. Otherwise, concurrent write requests c...

CVE-2024-26622

CVE-2024-26622 affects the Linux kernel’s tomoyo subsystem. The issue is a use-after-free/write-after-free in tomoyo_write_control() when long lines are written. The root cause is that head->write_buf must be fetched after head->io_sem is held; otherwise concurrent write() calls can trigger...