PT-2024-33724

Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 6.11.0+ Description: The issue is related to an off-by-one error in the alloc flex gd function in the ext4 filesystem. This error can cause the flex gd-resize bg to be bigger than flexbg size when adjusting resi...

UBUNTU-CVE-2024-46829

In the Linux kernel, the following vulnerability has been resolved: rtmutex: Drop rtmutex::waitlock before scheduling rtmutexhandledeadlock is called with rtmutex::waitlock held. In the good case it returns with the lock held and in the deadlock case it emits a warning and goes into an endless...

kernel: wifi: iwlwifi: read txq->read_ptr under lock

In the Linux kernel, the following vulnerability has been resolved: wifi: iwlwifi: read txq-readptr under lock If we read txq-readptr without lock, we can read the same value twice, then obtain the lock, and reclaim from there to two different places, but crucially reclaim the same entry twice,...

CVE-2024-46735 ublk_drv: fix NULL pointer dereference in ublk_ctrl_start_recovery()

In the Linux kernel, the following vulnerability has been resolved: ublkdrv: fix NULL pointer dereference in ublkctrlstartrecovery When two UBLKCMDSTARTUSERRECOVERY commands are submitted, the first one sets 'ubq-ubqdaemon' to NULL, and the second one triggers WARN in ublkqueuereinit and...

kernel: mm/filemap: make MAX_PAGECACHE_ORDER acceptable to xarray

In the Linux kernel, the following vulnerability has been resolved: mm/filemap: make MAXPAGECACHEORDER acceptable to xarray Patch series "mm/filemap: Limit page cache size to that supported by xarray", v2. Currently, xarray can't support arbitrary page cache size. More details can be found from t...

SUSE CVE-2024-46681

In the Linux kernel, the following vulnerability has been resolved: pktgen: use cpusreadlock in pgnetinit I have seen the WARNONsmpprocessorid != cpu firing in pktgenthreadworker during tests. We must use cpusreadlock/cpusreadunlock around the foreachonlinecpucpu loop. While we are at it use...

AZL-49341 CVE-2024-46681 affecting package kernel 5.15.200.1-1

In the Linux kernel, the following vulnerability has been resolved: pktgen: use cpusreadlock in pgnetinit I have seen the WARNONsmpprocessorid != cpu firing in pktgenthreadworker during tests. We must use cpusreadlock/cpusreadunlock around the foreachonlinecpucpu loop. While we are at it use...

AZL-49328 CVE-2024-46681 affecting package kernel 6.6.126.1-1

In the Linux kernel, the following vulnerability has been resolved: pktgen: use cpusreadlock in pgnetinit I have seen the WARNONsmpprocessorid != cpu firing in pktgenthreadworker during tests. We must use cpusreadlock/cpusreadunlock around the foreachonlinecpucpu loop. While we are at it use...

UBUNTU-CVE-2024-46681

In the Linux kernel, the following vulnerability has been resolved: pktgen: use cpusreadlock in pgnetinit I have seen the WARNONsmpprocessorid != cpu firing in pktgenthreadworker during tests. We must use cpusreadlock/cpusreadunlock around the foreachonlinecpucpu loop. While we are at it use...

CVE-2024-46681 pktgen: use cpus_read_lock() in pg_net_init()

In the Linux kernel, the following vulnerability has been resolved: pktgen: use cpusreadlock in pgnetinit I have seen the WARNONsmpprocessorid != cpu firing in pktgenthreadworker during tests. We must use cpusreadlock/cpusreadunlock around the foreachonlinecpucpu loop. While we are at it use...

OESA-2024-2076 kernel security update

The Linux Kernel, the operating system core itself. Security Fixes: In the Linux kernel, the following vulnerability has been resolved: ipvlan: Dont Use skb-sk in ipvlanprocessv4,6outbound Raw packet from PFPACKET socket ontop of an IPv6-backed ipvlan device will hit WARNONONCE in skmcloop throug...

DEBIAN-CVE-2024-44940

In the Linux kernel, the following vulnerability has been resolved: fou: remove warn in guegroreceive on unsupported protocol Drop the WARNONONCE inn guegroreceive if the encapsulated type is not known or does not have a GRO handler. Such a packet is easily constructed. Syzbot generates them and...

AZL-49140 CVE-2024-44940 affecting package kernel for versions less than 5.15.176.3-1

In the Linux kernel, the following vulnerability has been resolved: fou: remove warn in guegroreceive on unsupported protocol Drop the WARNONONCE inn guegroreceive if the encapsulated type is not known or does not have a GRO handler. Such a packet is easily constructed. Syzbot generates them and...

UBUNTU-CVE-2024-44940

In the Linux kernel, the following vulnerability has been resolved: fou: remove warn in guegroreceive on unsupported protocol Drop the WARNONONCE inn guegroreceive if the encapsulated type is not known or does not have a GRO handler. Such a packet is easily constructed. Syzbot generates them and...

AZL-48617 CVE-2024-43914 affecting package kernel for versions less than 5.15.167.1-1

In the Linux kernel, the following vulnerability has been resolved: md/raid5: avoid BUGON while continue reshape after reassembling Currently, mdadm support --revert-reshape to abort the reshape while reassembling, as the test 07revert-grow. However, following BUGON can be triggerred by the test:...

DEBIAN-CVE-2024-43914

In the Linux kernel, the following vulnerability has been resolved: md/raid5: avoid BUGON while continue reshape after reassembling Currently, mdadm support --revert-reshape to abort the reshape while reassembling, as the test 07revert-grow. However, following BUGON can be triggerred by the test:...

UBUNTU-CVE-2024-43914

In the Linux kernel, the following vulnerability has been resolved: md/raid5: avoid BUGON while continue reshape after reassembling Currently, mdadm support --revert-reshape to abort the reshape while reassembling, as the test 07revert-grow. However, following BUGON can be triggerred by the test:...

OESA-2024-2028 kernel security update

The Linux Kernel, the operating system core itself. Security Fixes: In the Linux kernel, the following vulnerability has been resolved: ipvlan: Dont Use skb-sk in ipvlanprocessv4,6outbound Raw packet from PFPACKET socket ontop of an IPv6-backed ipvlan device will hit WARNONONCE in skmcloop throug...

SUSE CVE-2022-48902

In the Linux kernel, the following vulnerability has been resolved: btrfs: do not WARNON if we have PageError set Whenever we do any extent buffer operations we call assertebpageuptodate to complain loudly if we're operating on an non-uptodate page. Our overnight tests caught this warning earlier...

CVE-2024-43876

In the Linux kernel, the following vulnerability has been resolved: PCI: rcar: Demote WARN to devwarnratelimited in rcarpciewakeup Avoid large backtrace, it is sufficient to warn the user that there has been a link problem. Either the link has failed and the system is in need of maintenance, or t...