241 matches found
CVE-2024-42272 sched: act_ct: take care of padding in struct zones_ht_key
In the Linux kernel, the following vulnerability has been resolved: sched: actct: take care of padding in struct zoneshtkey Blamed commit increased lookup key size from 2 bytes to 16 bytes, because zoneshtkey got a struct net pointer. Make sure rhashtablelookup is not using the padding bytes whic...
CVE-2024-42272
In the Linux kernel, the following vulnerability has been resolved: sched: actct: take care of padding in struct zoneshtkey Blamed commit increased lookup key size from 2 bytes to 16 bytes, because zoneshtkey got a struct net pointer. Make sure rhashtablelookup is not using the padding bytes whic...
SUSE-SU-2024:2894-1 Security update for the Linux Kernel
The SUSE Linux Enterprise 15 SP5 RT kernel was updated to receive various security bugfixes. The following security bugs were fixed: - CVE-2021-47086: phonet/pep: refuse to enable an unbound pipe bsc1220952. - CVE-2021-47103: net: sock: preserve kabi for sock bsc1221010. - CVE-2021-47186: tipc:...
Unbreakable Enterprise kernel security update
4.14.35-2047.539.5 - Revert 'mm/writeback: fix possible divide-by-zero in wbdirtylimits, again' Jan Kara - net/mlx5e: drop shorter ethernet frames Manjunath Patil Orabug: 36879158 CVE-2024-41090 CVE-2024-41091 4.14.35-2047.539.4 - Fix parsing error in UEK5 kernel-uek-spec Yifei Liu Orabug: 368471...
kernel: tipc: Change nla_policy for bearer-related names to NLA_NUL_STRING
In the Linux kernel, the following vulnerability has been resolved: tipc: Change nlapolicy for bearer-related names to NLANULSTRING syzbot reported the following uninit-value access issue 1: ===================================================== BUG: KMSAN: uninit-value in strlen lib/string.c:418...
kernel: tipc: Change nla_policy for bearer-related names to NLA_NUL_STRING
In the Linux kernel, the following vulnerability has been resolved: tipc: Change nlapolicy for bearer-related names to NLANULSTRING syzbot reported the following uninit-value access issue 1: ===================================================== BUG: KMSAN: uninit-value in strlen lib/string.c:418...
CVE-2024-42106
In the Linux kernel, the following vulnerability has been resolved: inetdiag: Initialize pad field in struct inetdiagreqv2 KMSAN reported uninit-value access in rawlookup 1. Diag for raw sockets uses the pad field in struct inetdiagreqv2 for the underlying protocol. This field corresponds to the...
CVE-2024-42106
In the Linux kernel, the following vulnerability has been resolved: inetdiag: Initialize pad field in struct inetdiagreqv2 KMSAN reported uninit-value access in rawlookup 1. Diag for raw sockets uses the pad field in struct inetdiagreqv2 for the underlying protocol. This field corresponds to the...
CVE-2024-42106
In the Linux kernel, the following vulnerability has been resolved: inetdiag: Initialize pad field in struct inetdiagreqv2 KMSAN reported uninit-value access in rawlookup 1. Diag for raw sockets uses the pad field in struct inetdiagreqv2 for the underlying protocol. This field corresponds to the...
CVE-2024-42106 inet_diag: Initialize pad field in struct inet_diag_req_v2
In the Linux kernel, the following vulnerability has been resolved: inetdiag: Initialize pad field in struct inetdiagreqv2 KMSAN reported uninit-value access in rawlookup 1. Diag for raw sockets uses the pad field in struct inetdiagreqv2 for the underlying protocol. This field corresponds to the...
CVE-2024-42106 inet_diag: Initialize pad field in struct inet_diag_req_v2
In the Linux kernel, the following vulnerability has been resolved: inetdiag: Initialize pad field in struct inetdiagreqv2 KMSAN reported uninit-value access in rawlookup 1. Diag for raw sockets uses the pad field in struct inetdiagreqv2 for the underlying protocol. This field corresponds to the...
CVE-2024-42106 inet_diag: Initialize pad field in struct inet_diag_req_v2
In the Linux kernel, the following vulnerability has been resolved: inetdiag: Initialize pad field in struct inetdiagreqv2 KMSAN reported uninit-value access in rawlookup 1. Diag for raw sockets uses the pad field in struct inetdiagreqv2 for the underlying protocol. This field corresponds to the...
CVE-2024-42106
CVE-2024-42106 : In the Linux kernel, the inet_diag path for raw sockets could read an uninitialized pad field in inet_diag_req_v2 when converting inet_diag_req to v2, leading to uninitialized reads in raw_lookup(). The root cause is that inet_diag_get_exact_compat() and inet_diag_dump_compat() d...
CVE-2024-41059
In the Linux kernel, the following vulnerability has been resolved: hfsplus: fix uninit-value in copyname syzbot reported BUG: KMSAN: uninit-value in sizedstrscpy+0xc4/0x160 sizedstrscpy+0xc4/0x160 copyname+0x2af/0x320 fs/hfsplus/xattr.c:411 hfspluslistxattr+0x11e9/0x1a50 fs/hfsplus/xattr.c:750...
CVE-2024-41059 hfsplus: fix uninit-value in copy_name
In the Linux kernel, the following vulnerability has been resolved: hfsplus: fix uninit-value in copyname syzbot reported BUG: KMSAN: uninit-value in sizedstrscpy+0xc4/0x160 sizedstrscpy+0xc4/0x160 copyname+0x2af/0x320 fs/hfsplus/xattr.c:411 hfspluslistxattr+0x11e9/0x1a50 fs/hfsplus/xattr.c:750...
CVE-2024-41059
CVE-2024-41059 (Linux kernel) : A KMSAN-uninitialized value occurred in hfsplus when copying names during extended attributes operations (copy_name in fs/hfsplus/xattr.c). The issue traces to uninitialized memory used during sized_strscpy, leading to a potential information leak or instability wi...
CLSA-2024-1721659158 Fix of 66 CVEs
CVE-url: https://ubuntu.com/security/CVE-2024-26810 - vfio/pci: Lock external INTx masking ops CVE-url: https://ubuntu.com/security/CVE-2024-38587 - speakup: Fix sizeof vs ARRAYSIZE bug CVE-url: https://ubuntu.com/security/CVE-2024-39493 - crypto: qat - Fix ADFDEVRESETSYNC memory leak CVE-url:...
CVE-2024-39301
In the Linux kernel, the following vulnerability has been resolved: net/9p: fix uninit-value in p9clientrpc Syzbot with the help of KMSAN reported the following error: BUG: KMSAN: uninit-value in trace9pclientres include/trace/events/9p.h:146 inline BUG: KMSAN: uninit-value in...
CVE-2024-39301 net/9p: fix uninit-value in p9_client_rpc()
In the Linux kernel, the following vulnerability has been resolved: net/9p: fix uninit-value in p9clientrpc Syzbot with the help of KMSAN reported the following error: BUG: KMSAN: uninit-value in trace9pclientres include/trace/events/9p.h:146 inline BUG: KMSAN: uninit-value in...
CVE-2024-39301 net/9p: fix uninit-value in p9_client_rpc()
In the Linux kernel, the following vulnerability has been resolved: net/9p: fix uninit-value in p9clientrpc Syzbot with the help of KMSAN reported the following error: BUG: KMSAN: uninit-value in trace9pclientres include/trace/events/9p.h:146 inline BUG: KMSAN: uninit-value in...