1534 matches found
[SECURITY] [DLA 3930-1] libsepol security update
Debian LTS Advisory DLA-3930-1 [email protected] https://www.debian.org/lts/security/ Sean Whitton October 22, 2024 https://wiki.debian.org/LTS Package : libsepol Version : 3.1-1+deb11u1 CVE ID : CVE-2021-36084 CVE-2021-36085 CVE-2021-36086 CVE-2021-36087 Debian Bug : 990526 Multiple...
CVE-2024-49984
In the Linux kernel, the following vulnerability has been resolved: drm/v3d: Prevent out of bounds access in performance query extensions Check that the number of perfmons userspace is passing in the copy and reset extensions is not greater than the internal kernel storage where the ids will be...
CVE-2022-48987
In the Linux kernel, the following vulnerability has been resolved: media: v4l2-dv-timings.c: fix too strict blanking sanity checks Sanity checks were added to verify the v4l2bttimings blanking fields in order to avoid integer overflows when userspace passes weird values. But that assumed that...
UBUNTU-CVE-2022-48987
In the Linux kernel, the following vulnerability has been resolved: media: v4l2-dv-timings.c: fix too strict blanking sanity checks Sanity checks were added to verify the v4l2bttimings blanking fields in order to avoid integer overflows when userspace passes weird values. But that assumed that...
CVE-2022-48987 media: v4l2-dv-timings.c: fix too strict blanking sanity checks
In the Linux kernel, the following vulnerability has been resolved: media: v4l2-dv-timings.c: fix too strict blanking sanity checks Sanity checks were added to verify the v4l2bttimings blanking fields in order to avoid integer overflows when userspace passes weird values. But that assumed that...
CVE-2022-48987
CVE-2022-48987 affects the Linux kernel in media: v4l2-dv-timings.c. The issue was a misapplied blanking sanity check: when userspace supplies only a total blanking value, the total could be assigned to front porch, backporch, or sync fields, causing an overflow check to fail. The fix adds maximu...
CVE-2022-48987 media: v4l2-dv-timings.c: fix too strict blanking sanity checks
In the Linux kernel, the following vulnerability has been resolved: media: v4l2-dv-timings.c: fix too strict blanking sanity checks Sanity checks were added to verify the v4l2bttimings blanking fields in order to avoid integer overflows when userspace passes weird values. But that assumed that...
DEBIAN-CVE-2024-49975
In the Linux kernel, the following vulnerability has been resolved: uprobes: fix kernel info leak via "uprobes" vma xoladdvma maps the uninitialized page allocated by createxolarea into userspace. On some architectures x86 this memory is readable even without VMREAD, VMEXEC results in the same...
UBUNTU-CVE-2024-49975
In the Linux kernel, the following vulnerability has been resolved: uprobes: fix kernel info leak via "uprobes" vma xoladdvma maps the uninitialized page allocated by createxolarea into userspace. On some architectures x86 this memory is readable even without VMREAD, VMEXEC results in the same...
CVE-2024-49984 drm/v3d: Prevent out of bounds access in performance query extensions
In the Linux kernel, the following vulnerability has been resolved: drm/v3d: Prevent out of bounds access in performance query extensions Check that the number of perfmons userspace is passing in the copy and reset extensions is not greater than the internal kernel storage where the ids will be...
SUSE CVE-2024-47727
In the Linux kernel, the following vulnerability has been resolved: x86/tdx: Fix "in-kernel MMIO" check TDX only supports kernel-initiated MMIO operations. The handlemmio function checks if the VE exception occurred in the kernel and rejects the operation if it did not. However, userspace can...
CVE-2024-47727
A flaw was found in the Linux kernel. Userspace can deceive the kernel into performing MMIO Memory-Mapped IO operations in TDX Trust Domain Extensions on its behalf, allowing a VE Virtualization Exception to be incorrectly handled as a in-kernel MMIO operation. Mitigation Mitigation for this issu...
CVE-2024-47742
In the Linux kernel, the following vulnerability has been resolved: firmwareloader: Block path traversal Most firmware names are hardcoded strings, or are constructed from fairly constrained format strings where the dynamic parts are just some hex numbers or such. However, there are a couple...
CVE-2024-47742
In the Linux kernel, the following vulnerability has been resolved: firmwareloader: Block path traversal Most firmware names are hardcoded strings, or are constructed from fairly constrained format strings where the dynamic parts are just some hex numbers or such. However, there are a couple...
CVE-2024-47727
In the Linux kernel, the following vulnerability has been resolved: x86/tdx: Fix "in-kernel MMIO" check TDX only supports kernel-initiated MMIO operations. The handlemmio function checks if the VE exception occurred in the kernel and rejects the operation if it did not. However, userspace can...
DEBIAN-CVE-2024-47719
In the Linux kernel, the following vulnerability has been resolved: iommufd: Protect against overflow of ALIGN during iova allocation Userspace can supply an iova and uptr such that the target iova alignment becomes really big and ALIGN overflows which corrupts the selected area range during...
CVE-2024-47716
In the Linux kernel, the following vulnerability has been resolved: ARM: 9410/1: vfp: Use asm volatile in fmrx/fmxr macros Floating point instructions in userspace can crash some arm kernels built with clang/LLD 17.0.6: BUG: unsupported FP instruction in kernel mode FPEXC == 0xc0000780 Internal...
CVE-2024-47742
CVE-2024-47742 : Linux kernel firmware_loader path traversal vulnerability. Several code paths construct firmware filenames from device or userspace data (e.g., lpfc_sli4_request_firmware_update, nfp_net_fw_find, module_flash_fw_schedule). The issue arises when dynamic firmware names can include ...
CVE-2024-47727 x86/tdx: Fix "in-kernel MMIO" check
In the Linux kernel, the following vulnerability has been resolved: x86/tdx: Fix "in-kernel MMIO" check TDX only supports kernel-initiated MMIO operations. The handlemmio function checks if the VE exception occurred in the kernel and rejects the operation if it did not. However, userspace can...
CVE-2024-47727
CVE-2024-47727 is a Linux kernel issue (x86/tdx) where userspace could trick the kernel into performing MMIO via #VE by pointing a syscall at an MMIO address. The root cause was the in-kernel MMIO check in handle_mmio() not guaranteeing the target MMIO address was within the kernel before decodin...