CVE-2024-26696

In the Linux kernel, the following vulnerability has been resolved: nilfs2: fix hang in nilfslookupdirtydatabuffers Syzbot reported a hang issue in migratepagesbatch called by mbind and nilfslookupdirtydatabuffers called in the log writer of nilfs2. While migratepagesbatch locks a folio and waits...

kernel: use-after-free in amdgpu_cs_wait_all_fences in drivers/gpu/drm/amd/amdgpu/amdgpu_cs.c

A use-after-free flaw was found in the Linux kernel's AMD GPU driver which may allow access to members of a synchronization structure after the structure is freed. This issue could allow a local user to crash the system or to access confidential system memory...

AZL-58798 CVE-2024-26671 affecting package kernel for versions less than 6.6.82.1-1

In the Linux kernel, the following vulnerability has been resolved: blk-mq: fix IO hang from sbitmap wakeup race In blkmqmarktagwait, addwaitqueue may be re-ordered with the following blkmqgetdrivertag in case of getting driver tag failure. Then in sbitmapqueuewakeup, waitqueueactive may not...

DEBIAN-CVE-2024-26671

In the Linux kernel, the following vulnerability has been resolved: blk-mq: fix IO hang from sbitmap wakeup race In blkmqmarktagwait, addwaitqueue may be re-ordered with the following blkmqgetdrivertag in case of getting driver tag failure. Then in sbitmapqueuewakeup, waitqueueactive may not...

UBUNTU-CVE-2024-26657

In the Linux kernel, the following vulnerability has been resolved: drm/sched: fix null-ptr-deref in init entity The bug can be triggered by sending an amdgpucswaitioctl to the AMDGPU DRM driver on any ASICs with valid context. The bug was reported by Joonkyo Jung . For example the following code...

PT-2024-26767 · Linux +3 · Linux Kernel +3

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: The issue is related to a null pointer dereference in the aio complete function. Specifically, list del init careful needs to be the last access to the wait queue entry, as it...

CLSA-2024-1709840060 Update of nss

Update to CKBI 2.64 from NSS 3.95 - Removed: - Certificate "E-Tugra Certification Authority" - Certificate "Hongkong Post Root CA 1" - Certificate "Symantec Class 1 Public Primary Certification Authority - G6" - Certificate "Symantec Class 2 Public Primary Certification Authority - G6" -...

SUSE CVE-2021-47069

In the Linux kernel, the following vulnerability has been resolved: ipc/mqueue, msg, sem: avoid relying on a stack reference past its expiry domqtimedreceive calls wqsleep with a stack local address. The sender domqtimedsend uses this address to later call pipelinedsend. This leads to a very hard...

DEBIAN-CVE-2023-52528

In the Linux kernel, the following vulnerability has been resolved: net: usb: smsc75xx: Fix uninit-value access in smsc75xxreadreg syzbot reported the following uninit-value access issue: ===================================================== BUG: KMSAN: uninit-value in smsc75xxwaitready...

DEBIAN-CVE-2021-47069

In the Linux kernel, the following vulnerability has been resolved: ipc/mqueue, msg, sem: avoid relying on a stack reference past its expiry domqtimedreceive calls wqsleep with a stack local address. The sender domqtimedsend uses this address to later call pipelinedsend. This leads to a very hard...

kernel: use-after-free in amdgpu_cs_wait_all_fences in drivers/gpu/drm/amd/amdgpu/amdgpu_cs.c

A use-after-free flaw was found in the Linux kernel's AMD GPU driver which may allow access to members of a synchronization structure after the structure is freed. This issue could allow a local user to crash the system or to access confidential system memory...

SUSE CVE-2024-26606

In the Linux kernel, the following vulnerability has been resolved: binder: signal epoll threads of self-work In epoll mode, threads often depend on I/O events to determine when data is ready for consumption. Within binder, a thread may initiate a command via BINDERWRITEREAD without a read buffer...

DEBIAN-CVE-2021-46936

In the Linux kernel, the following vulnerability has been resolved: net: fix use-after-free in twtimerhandler A real world panic issue was found as follow in Linux 5.4. BUG: unable to handle page fault for address: ffffde49a863de28 PGD 7e6fe62067 P4D 7e6fe62067 PUD 7e6fe63067 PMD f51e064067 PTE 0...

Linux kernel security vulnerabilities

Linux kernel is the kernel used by the Linux Foundation's open source operating system Linux. A security vulnerability exists in the Linux kernel, which stems from the fact that although this code is executed while holding a waitlock, the reader can acquire a lock without holding a waitlock...

UBUNTU-CVE-2023-52456

In the Linux kernel, the following vulnerability has been resolved: serial: imx: fix tx statemachine deadlock When using the serial port as RS485 port, the tx statemachine is used to control the RTS pin to drive the RS485 transceiver TXEN pin. When the TTY port is closed in the middle of a...

UBUNTU-CVE-2024-26584

In the Linux kernel, the following vulnerability has been resolved: net: tls: handle backlogging of crypto requests Since we're setting the CRYPTOTFMREQMAYBACKLOG flag on our requests to the crypto API, cryptoaeadencrypt,decrypt can return -EBUSY instead of -EINPROGRESS in valid situations. For...

kernel: use-after-free in amdgpu_cs_wait_all_fences in drivers/gpu/drm/amd/amdgpu/amdgpu_cs.c

A use-after-free flaw was found in the Linux kernel's AMD GPU driver which may allow access to members of a synchronization structure after the structure is freed. This issue could allow a local user to crash the system or to access confidential system memory...

kernel: sctp: check send stream number after wait_for_sndbuf

In the Linux kernel, the following vulnerability has been resolved: sctp: check send stream number after waitforsndbuf This patch fixes a corner case where the asoc out stream count may change after waitforsndbuf. When the main thread in the client starts a connection, if its out stream count is...

In the Linux kernel before 6.4.12 amdgpu_cs_wait_all_fences in drivers/gpu/drm/amd/amdgpu/amdgpu_cs.c has a fence use-after-free.

...

UBUNTU-CVE-2023-51042

In the Linux kernel before 6.4.12, amdgpucswaitallfences in drivers/gpu/drm/amd/amdgpu/amdgpucs.c has a fence use-after-free...