1534 matches found
CVE-2022-49559
In the Linux kernel, the following vulnerability has been resolved: KVM: x86: Drop WARNs that assert a triple fault never "escapes" from L2 Remove WARNs that sanity check that KVM never lets a triple fault for L2 escape and incorrectly end up in L1. In normal operation, the sanity check is...
DEBIAN-CVE-2022-49293
In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: initialize registers in nftdochain Initialize registers to avoid stack leak into userspace...
DEBIAN-CVE-2022-49236
In the Linux kernel, the following vulnerability has been resolved: bpf: Fix UAF due to race between btftrygetmodule and loadmodule While working on code to populate kfunc BTF ID sets for module BTF from its initcall, I noticed that by the time the initcall is invoked, the module BTF can already ...
UBUNTU-CVE-2022-49335
In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu/cs: make commands with 0 chunks illegal behaviour. Submitting a cs with 0 chunks, causes an oops later, found trying to execute the wrong userspace driver. MESALOADERDRIVEROVERRIDE=v3d glxinfo 172536.665184 BUG: kernel...
UBUNTU-CVE-2022-49293
In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: initialize registers in nftdochain Initialize registers to avoid stack leak into userspace...
CVE-2022-49164
In the Linux kernel, the following vulnerability has been resolved: powerpc/tm: Fix more userspace r13 corruption Commit cf13435b730a "powerpc/tm: Fix userspace r13 corruption" fixes a problem in treclaim where a SLB miss can occur on the threadstruct-ckptregs while SCRATCH0 is live with the save...
UBUNTU-CVE-2022-49122
In the Linux kernel, the following vulnerability has been resolved: dm ioctl: prevent potential spectre v1 gadget It appears like cmd could be a Spectre v1 gadget as it's supplied by a user and used as an array index. Prevent the contents of kernel memory from being leaked to userspace via...
CVE-2022-49559
In the Linux kernel, the following vulnerability has been resolved: KVM: x86: Drop WARNs that assert a triple fault never "escapes" from L2 Remove WARNs that sanity check that KVM never lets a triple fault for L2 escape and incorrectly end up in L1. In normal operation, the sanity check is...
CVE-2022-49559 KVM: x86: Drop WARNs that assert a triple fault never "escapes" from L2
In the Linux kernel, the following vulnerability has been resolved: KVM: x86: Drop WARNs that assert a triple fault never "escapes" from L2 Remove WARNs that sanity check that KVM never lets a triple fault for L2 escape and incorrectly end up in L1. In normal operation, the sanity check is...
CVE-2022-49559
CVE-2022-49559 (Linux kernel, KVM/x86) is resolved. The issue involved dropping WARNs that incorrectly assumed KVM cannot let a triple fault (KVM_REQ_TRIPLE_FAULT) escape from L2 to L1. The vulnerability could be triggered when userspace injects a machine check while L2 is active with CR4.MCE=0, ...
CVE-2022-49264 exec: Force single empty string when argv is empty
In the Linux kernel, the following vulnerability has been resolved: exec: Force single empty string when argv is empty Quoting1 Ariadne Conill: "In several other operating systems, it is a hard requirement that the second argument to execve2 be the name of a program, thus prohibiting a scenario...
CVE-2022-49164 powerpc/tm: Fix more userspace r13 corruption
In the Linux kernel, the following vulnerability has been resolved: powerpc/tm: Fix more userspace r13 corruption Commit cf13435b730a "powerpc/tm: Fix userspace r13 corruption" fixes a problem in treclaim where a SLB miss can occur on the threadstruct-ckptregs while SCRATCH0 is live with the save...
CVE-2022-49164
CVE-2022-49164 describes a Linux kernel vulnerability on PowerPC with TM (transaction memory) that could corrupt the user r13 register due to a SLB miss during treclaim/trechkpt handling. The issue occurs when SCRATCH0 is live with the saved user r13 value, which can be clobbered by the kernel r1...
CVE-2022-49164 powerpc/tm: Fix more userspace r13 corruption
In the Linux kernel, the following vulnerability has been resolved: powerpc/tm: Fix more userspace r13 corruption Commit cf13435b730a "powerpc/tm: Fix userspace r13 corruption" fixes a problem in treclaim where a SLB miss can occur on the threadstruct-ckptregs while SCRATCH0 is live with the save...
USN-7289-3 linux-ibm vulnerabilities
Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - x86 architecture; - Block layer subsystem; - ACPI drivers; - GPU drivers; - HID subsystem; -...
CVE-2024-45584
Memory corruption can occur when a compat IOCTL call is followed by a normal IOCTL call from userspace...
CVE-2024-21455
Memory corruption when a compat IOCTL call is followed by another IOCTL call from userspace to a driver...
CVE-2024-45584
Memory corruption can occur when a compat IOCTL call is followed by a normal IOCTL call from userspace...
PT-2025-2716 · Qualcomm · Snapdragon +108
Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided descriptions. Description: Memory corruption can occur when a compat IOCTL call is followed by a normal IOCTL call from userspace. This issue arises due to the sequence of these...
CVE-2025-21672
In the Linux kernel, the following vulnerability has been resolved: afs: Fix merge preference rule failure condition syzbot reported a lock held when returning to userspace1. This is because if argc is less than 0 and the function returns directly, the held inode lock is not released. Fix this by...