1059 matches found
kernel: usb: dwc3: Wait unconditionally after issuing EndXfer command
In the Linux kernel, the following vulnerability has been resolved: usb: dwc3: Wait unconditionally after issuing EndXfer command Currently all controller IP/revisions except DWC3usb3 = 310a wait 1ms unconditionally for ENDXFER completion when IOC is not set. This is because DWCusb3 controller...
kernel: net: hns3: fix kernel crash problem in concurrent scenario
In the Linux kernel, the following vulnerability has been resolved: net: hns3: fix kernel crash problem in concurrent scenario When link status change, the nic driver need to notify the roce driver to handle this event, but at this time, the roce driver may uninit, then cause kernel crash. To fix...
kernel: dm-raid456, md/raid456: fix a deadlock for dm-raid456 while io concurrent with reshape
In the Linux kernel, the following vulnerability has been resolved: dm-raid456, md/raid456: fix a deadlock for dm-raid456 while io concurrent with reshape For raid456, if reshape is still in progress, then IO across reshape position will wait for reshape to make progress. However, for dm-raid, in...
kernel: tcp: defer shutdown(SEND_SHUTDOWN) for TCP_SYN_RECV sockets
In the Linux kernel, the following vulnerability has been resolved: tcp: defer shutdownSENDSHUTDOWN for TCPSYNRECV sockets TCPSYNRECV state is really special, it is only used by cross-syn connections, mostly used by fuzzers. In the following crash 1, syzbot managed to trigger a divide by zero in...
PT-2025-40700
Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 5.19.0-00428-g9de1f9c8ca51 Description The Linux kernel contained a flaw where pr info was called with the rtp-cbs gbl lock spin lock locked. This could lead to a BUG like invalid wait context, as pr info calls...
CVE-2024-49959
...
SUSE CVE-2024-50212
In the Linux kernel, the following vulnerability has been resolved: lib: alloctagmoduleunload must wait for pending kfreercu calls Ben Greear reports following splat: ------------ cut here ------------ net/netfilter/nfnatcore.c:1114 module nfnat func:nfnatregisterfn has 256 allocated at module...
SUSE CVE-2024-50249
In the Linux kernel, the following vulnerability has been resolved: ACPI: CPPC: Make rmwlock a rawspinlock The following BUG was triggered: ============================= BUG: Invalid wait context 6.12.0-rc2-XXX 406 Not tainted ----------------------------- kworker/1:1/62 is trying to lock:...
UBUNTU-CVE-2024-50249
In the Linux kernel, the following vulnerability has been resolved: ACPI: CPPC: Make rmwlock a rawspinlock The following BUG was triggered: ============================= BUG: Invalid wait context 6.12.0-rc2-XXX 406 Not tainted ----------------------------- kworker/1:1/62 is trying to lock:...
CVE-2024-50249
Mode C: Concrete details found. The CVE-2024-50249 issue in the Linux kernel arises from a lock-ordering problem in the CPPC/ACPI code: sugov_update_shared acquires a raw_spinlock while cpc_write holds a regular spinlock on cpc_ptr->rmw_lock, potentially causing a deadlock. The remediation is ...
CVE-2024-50249 ACPI: CPPC: Make rmw_lock a raw_spin_lock
In the Linux kernel, the following vulnerability has been resolved: ACPI: CPPC: Make rmwlock a rawspinlock The following BUG was triggered: ============================= BUG: Invalid wait context 6.12.0-rc2-XXX 406 Not tainted ----------------------------- kworker/1:1/62 is trying to lock:...
SUSE CVE-2024-50183
In the Linux kernel, the following vulnerability has been resolved: scsi: lpfc: Ensure DAID handling completion before deleting an NPIV instance Deleting an NPIV instance requires all fabric ndlps to be released before an NPIV's resources can be torn down. Failure to release fabric ndlps beforeha...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from the presence of a kfreercu call-wait problem when alloctagmoduleunload exists...
DEBIAN-CVE-2024-50183
In the Linux kernel, the following vulnerability has been resolved: scsi: lpfc: Ensure DAID handling completion before deleting an NPIV instance Deleting an NPIV instance requires all fabric ndlps to be released before an NPIV's resources can be torn down. Failure to release fabric ndlps beforeha...
AZL-54074 CVE-2024-50183 affecting package kernel 5.15.200.1-1
In the Linux kernel, the following vulnerability has been resolved: scsi: lpfc: Ensure DAID handling completion before deleting an NPIV instance Deleting an NPIV instance requires all fabric ndlps to be released before an NPIV's resources can be torn down. Failure to release fabric ndlps beforeha...
UBUNTU-CVE-2024-50183
In the Linux kernel, the following vulnerability has been resolved: scsi: lpfc: Ensure DAID handling completion before deleting an NPIV instance Deleting an NPIV instance requires all fabric ndlps to be released before an NPIV's resources can be torn down. Failure to release fabric ndlps beforeha...
CVE-2024-50183 scsi: lpfc: Ensure DA_ID handling completion before deleting an NPIV instance
In the Linux kernel, the following vulnerability has been resolved: scsi: lpfc: Ensure DAID handling completion before deleting an NPIV instance Deleting an NPIV instance requires all fabric ndlps to be released before an NPIV's resources can be torn down. Failure to release fabric ndlps beforeha...
SUSE CVE-2024-50098
In the Linux kernel, the following vulnerability has been resolved: scsi: ufs: core: Set SDEVOFFLINE when UFS is shut down There is a history of deadlock if reboot is performed at the beginning of booting. SDEVQUIESCE was set for all LU's scsidevices by UFS shutdown, and at that time the audio...
SUSE CVE-2024-50079
In the Linux kernel, the following vulnerability has been resolved: iouring/sqpoll: ensure task state is TASKRUNNING when running taskwork When the sqpoll is exiting and cancels pending work items, it may need to run taskwork. If this happens from within iouringcancelgeneric, then it may be under...
AZL-51954 CVE-2024-50082 affecting package kernel for versions less than 5.15.173.1-1
In the Linux kernel, the following vulnerability has been resolved: blk-rq-qos: fix crash on rqqoswait vs. rqqoswakefunction race We're seeing crashes from rqqoswakefunction that look like this: BUG: unable to handle page fault for address: ffffafe180a40084 PF: supervisor write access in kernel...