Azure Linux 3.0 Security Update: hyperv-daemons (CVE-2024-26983)

The version of hyperv-daemons installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-26983 advisory. - In the Linux kernel, the following vulnerability has been resolved: bootconfig: use memblockfreelate...

CBL Mariner 2.0 Security Update: hyperv-daemons (CVE-2024-26983)

The version of hyperv-daemons installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-26983 advisory. - In the Linux kernel, the following vulnerability has been resolved: bootconfig: use memblockfreelate...

CVE-2021-47334

In the Linux kernel, the following vulnerability has been resolved: misc/libmasm/module: Fix two use after free in ibmasminitone In ibmasminitone, it calls ibmasminitremoteinputdev. Inside ibmasminitremoteinputdev, mousedev and keybddev are allocated by inputallocatedevice, and assigned to...

CVE-2021-47334

In the Linux kernel, the following vulnerability has been resolved: misc/libmasm/module: Fix two use after free in ibmasminitone In ibmasminitone, it calls ibmasminitremoteinputdev. Inside ibmasminitremoteinputdev, mousedev and keybddev are allocated by inputallocatedevice, and assigned to...

CVE-2021-47334 misc/libmasm/module: Fix two use after free in ibmasm_init_one

In the Linux kernel, the following vulnerability has been resolved: misc/libmasm/module: Fix two use after free in ibmasminitone In ibmasminitone, it calls ibmasminitremoteinputdev. Inside ibmasminitremoteinputdev, mousedev and keybddev are allocated by inputallocatedevice, and assigned to...

CVE-2021-47334 misc/libmasm/module: Fix two use after free in ibmasm_init_one

In the Linux kernel, the following vulnerability has been resolved: misc/libmasm/module: Fix two use after free in ibmasminitone In ibmasminitone, it calls ibmasminitremoteinputdev. Inside ibmasminitremoteinputdev, mousedev and keybddev are allocated by inputallocatedevice, and assigned to...

CVE-2024-26983

CVE-2024-26983 is a Linux kernel issue about freeing xbc memory in bootconfig. The root cause was memblock_free() being used during xbc_exit() when memory may have already been handed to the buddy allocator, causing use-after-free (UAF) on certain architectures (e.g., CONFIG_ARCH_KEEP_MEMBLOCK di...

CVE-2024-26654

A vulnerability was found in the ALSA sh driver of Linux Kernel, when the sndpcmsubstream closes and deallocates aicachannel, which can still be accessed by the spudmawork scheduled by dreamcastcard-timer and deltimer returns directly, allowing the worker thread to be rescheduled during timer...

CVE-2024-26654

Summary (CVE-2024-26654) : In the Linux kernel, the ALSA: sh: aica path could dereference a freed aica_channel due to a race between mod_timer/del_timer during PCM close, causing a use-after-free (UAF). Connected advisories confirm affected kernel families include Astra Linux advisories for Linux...

CVE-2024-26654 ALSA: sh: aica: reorder cleanup operations to avoid UAF bugs

In the Linux kernel, the following vulnerability has been resolved: ALSA: sh: aica: reorder cleanup operations to avoid UAF bugs The dreamcastcard-timer could schedule the spudmawork and the spudmawork could also arm the dreamcastcard-timer. When the sndpcmsubstream is closing, the aicachannel wi...

CVE-2024-26654

In the Linux kernel, the following vulnerability has been resolved: ALSA: sh: aica: reorder cleanup operations to avoid UAF bugs The dreamcastcard-timer could schedule the spudmawork and the spudmawork could also arm the dreamcastcard-timer. When the sndpcmsubstream is closing, the aicachannel wi...

GSD-2022-1001944 ax25: Fix UAF bugs in ax25 timers

ax25: Fix UAF bugs in ax25 timers This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.10.112 by commit 5c62d3bf14100a88d30888b925fcb61a8c11c012...

GSD-2022-1001639 ax25: Fix UAF bugs in ax25 timers

ax25: Fix UAF bugs in ax25 timers This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.15.35 by commit 85f25bb9a0051198af48ac2f3afc9f16f2277114. F...

GSD-2022-1000956 ax25: Fix UAF bugs in ax25 timers

ax25: Fix UAF bugs in ax25 timers This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.17.4 by commit 76ff66bb3b22f202c226ddbb0a811f8fb8aab2fa. Fo...