CVE-2024-47726 f2fs: fix to wait dio completion

In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to wait dio completion It should wait all existing dio write IOs before block removal, otherwise, previous direct write IO may overwrite data in the block which may be reused by other inode...

CVE-2024-47726

In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to wait dio completion It should wait all existing dio write IOs before block removal, otherwise, previous direct write IO may overwrite data in the block which may be reused by other inode...

CVE-2024-47726 f2fs: fix to wait dio completion

In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to wait dio completion It should wait all existing dio write IOs before block removal, otherwise, previous direct write IO may overwrite data in the block which may be reused by other inode...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a problem with jbd2 stopping waiting for space when handling errors...

kernel: net/mlx5: Add a timeout to acquire the command queue semaphore

In the Linux kernel, the following vulnerability has been resolved: net/mlx5: Add a timeout to acquire the command queue semaphore Prevent forced completion handling on an entry that has not yet been assigned an index, causing an out of bounds access on idx = -22. Instead of waiting indefinitely...

AZL-49813 CVE-2024-46829 affecting package kernel for versions less than 5.15.167.1-1

In the Linux kernel, the following vulnerability has been resolved: rtmutex: Drop rtmutex::waitlock before scheduling rtmutexhandledeadlock is called with rtmutex::waitlock held. In the good case it returns with the lock held and in the deadlock case it emits a warning and goes into an endless...

OESA-2024-2181 kernel security update

The Linux Kernel, the operating system core itself. Security Fixes: In the Linux kernel, the following vulnerability has been resolved: tcp: Use refcountincnotzero in tcptwskunique. Anderson Nascimento reported a use-after-free splat in tcptwskunique with nice analysis. Since commit ec94c2696f0b...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that stems from a failure to release waitlock when dealing with deadlocks, resulting in a warning...

kernel: USB: core: Make do_proc_control() and do_proc_bulk() killable

In the Linux kernel, the following vulnerability has been resolved: USB: core: Make doproccontrol and doprocbulk killable The USBDEVFSCONTROL and USBDEVFSBULK ioctls invoke usbstartwaiturb, which contains an uninterruptible wait with a user-specified timeout value. If timeout value is very large...

OESA-2024-2124 kernel security update

The Linux Kernel, the operating system core itself. Security Fixes: In the Linux kernel, the following vulnerability has been resolved: bna: ensure the copied buf is NUL terminated Currently, we allocate a nbytes-sized kernel buffer and copy nbytes from userspace to that buffer. Later, we use...

编号撤回

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a failure to properly wait for memory space when writing mes packets, which could result in a ring buffer...

Vaultwarden 安全漏洞

Vaultwarden is an alternative implementation of the Bitwarden server API written in Rust by Daniel García Personal Developer. A security vulnerability exists in Vaultwarden version 1.30.3, which originated from allowing an attacker with emergency access privileges to elevate their privileges by...

PT-2024-34016

Name of the Vulnerable Software and Affected Versions: Linux Kernel affected versions not specified Description: A race condition issue has been resolved in the Linux kernel, specifically in the scsi: lpfc component. The problem occurred when deleting an NPIV instance, as it required all fabric...

The vulnerability of the iavf_shutdown() function in the iavf component of the Linux operating system allows a hacker to trigger a service failure.

The vulnerability of the iavfshutdown function in the iavf component of the Linux operating system is related to the addition of a waiting loop at the beginning of iavfremove. This loop is designed to ensure that port initialization is completed before the registration of the network device is...

CVE-2024-44934

In the Linux kernel, the following vulnerability has been resolved: net: bridge: mcast: wait for previous gc cycles when removing port syzbot hit a use-after-free1 which is caused because the bridge doesn't make sure that all previous garbage has been collected when removing a port. What happens...

CVE-2024-44934

CVE-2024-44934 — Linux kernel net: bridge: mcast: wait for previous gc cycles when removing port . Syzkaller triggered a use-after-free during port removal because old multicast garbage collection cycles may still be running when a port is freed. The fix is to ensure all prior garbage-collection ...

CVE-2024-44934 net: bridge: mcast: wait for previous gc cycles when removing port

In the Linux kernel, the following vulnerability has been resolved: net: bridge: mcast: wait for previous gc cycles when removing port syzbot hit a use-after-free1 which is caused because the bridge doesn't make sure that all previous garbage has been collected when removing a port. What happens...

CVE-2024-43862

In the Linux kernel, the following vulnerability has been resolved: net: wan: fslqmchdlc: Convert carrierlock spinlock to a mutex The carrierlock spinlock protects the carrier detection. While it is held, framergetstatus is called which in turn takes a mutex. This is not correct and can lead to a...

CVE-2024-43863 drm/vmwgfx: Fix a deadlock in dma buf fence polling

In the Linux kernel, the following vulnerability has been resolved: drm/vmwgfx: Fix a deadlock in dma buf fence polling Introduce a version of the fence ops that on release doesn't remove the fence from the pending list, and thus doesn't require a lock to fix poll-fence wait-fence unref deadlocks...

SUSE CVE-2024-43834

In the Linux kernel, the following vulnerability has been resolved: xdp: fix invalid wait context of pagepooldestroy If the driver uses a page pool, it creates a page pool with pagepoolcreate. The reference count of page pool is 1 as default. A page pool will be destroyed only when a reference...