CVE-2024-47743

In the Linux kernel, the following vulnerability has been resolved: KEYS: prevent NULL pointer dereference in findasymmetrickey In findasymmetrickey, if all NULLs are passed in the id0,1,2 arguments, the kernel will first emit WARN but then have an oops because id2 gets dereferenced anyway. Add t...

DEBIAN-CVE-2024-47734

In the Linux kernel, the following vulnerability has been resolved: bonding: Fix unnecessary warnings and logs from bondxdpgetxmitslave syzbot reported a WARNING in bondxdpgetxmitslave. To reproduce this1, one bond device bond1 has xdpdrv, which increases bpfmasterredirectenabledkey. Another bond...

CVE-2024-47743 KEYS: prevent NULL pointer dereference in find_asymmetric_key()

In the Linux kernel, the following vulnerability has been resolved: KEYS: prevent NULL pointer dereference in findasymmetrickey In findasymmetrickey, if all NULLs are passed in the id0,1,2 arguments, the kernel will first emit WARN but then have an oops because id2 gets dereferenced anyway. Add t...

CVE-2024-47693 IB/core: Fix ib_cache_setup_one error flow cleanup

In the Linux kernel, the following vulnerability has been resolved: IB/core: Fix ibcachesetupone error flow cleanup When ibcacheupdate return an error, we exit ibcachesetupone instantly with no proper cleanup, even though before this we had already successfully done gidtablesetupone, that results...

Malicious code in plugin-warn-if-update-available (npm)

--- -= Per source details. Do not edit below this line.=-...

MAL-2024-9773 Malicious code in plugin-warn-if-update-available (npm)

--- -= Per source details. Do not edit below this line.=-...

PT-2024-33724

Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 6.11.0+ Description: The issue is related to an off-by-one error in the alloc flex gd function in the ext4 filesystem. This error can cause the flex gd-resize bg to be bigger than flexbg size when adjusting resi...

UBUNTU-CVE-2024-46829

In the Linux kernel, the following vulnerability has been resolved: rtmutex: Drop rtmutex::waitlock before scheduling rtmutexhandledeadlock is called with rtmutex::waitlock held. In the good case it returns with the lock held and in the deadlock case it emits a warning and goes into an endless...

kernel: wifi: iwlwifi: read txq->read_ptr under lock

In the Linux kernel, the following vulnerability has been resolved: wifi: iwlwifi: read txq-readptr under lock If we read txq-readptr without lock, we can read the same value twice, then obtain the lock, and reclaim from there to two different places, but crucially reclaim the same entry twice,...

CVE-2024-46735 ublk_drv: fix NULL pointer dereference in ublk_ctrl_start_recovery()

In the Linux kernel, the following vulnerability has been resolved: ublkdrv: fix NULL pointer dereference in ublkctrlstartrecovery When two UBLKCMDSTARTUSERRECOVERY commands are submitted, the first one sets 'ubq-ubqdaemon' to NULL, and the second one triggers WARN in ublkqueuereinit and...

kernel: mm/filemap: make MAX_PAGECACHE_ORDER acceptable to xarray

In the Linux kernel, the following vulnerability has been resolved: mm/filemap: make MAXPAGECACHEORDER acceptable to xarray Patch series "mm/filemap: Limit page cache size to that supported by xarray", v2. Currently, xarray can't support arbitrary page cache size. More details can be found from t...

SUSE CVE-2024-46681

In the Linux kernel, the following vulnerability has been resolved: pktgen: use cpusreadlock in pgnetinit I have seen the WARNONsmpprocessorid != cpu firing in pktgenthreadworker during tests. We must use cpusreadlock/cpusreadunlock around the foreachonlinecpucpu loop. While we are at it use...

AZL-49328 CVE-2024-46681 affecting package kernel 6.6.126.1-1

In the Linux kernel, the following vulnerability has been resolved: pktgen: use cpusreadlock in pgnetinit I have seen the WARNONsmpprocessorid != cpu firing in pktgenthreadworker during tests. We must use cpusreadlock/cpusreadunlock around the foreachonlinecpucpu loop. While we are at it use...

AZL-49341 CVE-2024-46681 affecting package kernel 5.15.200.1-1

In the Linux kernel, the following vulnerability has been resolved: pktgen: use cpusreadlock in pgnetinit I have seen the WARNONsmpprocessorid != cpu firing in pktgenthreadworker during tests. We must use cpusreadlock/cpusreadunlock around the foreachonlinecpucpu loop. While we are at it use...

UBUNTU-CVE-2024-46681

In the Linux kernel, the following vulnerability has been resolved: pktgen: use cpusreadlock in pgnetinit I have seen the WARNONsmpprocessorid != cpu firing in pktgenthreadworker during tests. We must use cpusreadlock/cpusreadunlock around the foreachonlinecpucpu loop. While we are at it use...

CVE-2024-46681 pktgen: use cpus_read_lock() in pg_net_init()

In the Linux kernel, the following vulnerability has been resolved: pktgen: use cpusreadlock in pgnetinit I have seen the WARNONsmpprocessorid != cpu firing in pktgenthreadworker during tests. We must use cpusreadlock/cpusreadunlock around the foreachonlinecpucpu loop. While we are at it use...

OESA-2024-2076 kernel security update

The Linux Kernel, the operating system core itself. Security Fixes: In the Linux kernel, the following vulnerability has been resolved: ipvlan: Dont Use skb-sk in ipvlanprocessv4,6outbound Raw packet from PFPACKET socket ontop of an IPv6-backed ipvlan device will hit WARNONONCE in skmcloop throug...

DEBIAN-CVE-2024-44940

In the Linux kernel, the following vulnerability has been resolved: fou: remove warn in guegroreceive on unsupported protocol Drop the WARNONONCE inn guegroreceive if the encapsulated type is not known or does not have a GRO handler. Such a packet is easily constructed. Syzbot generates them and...

AZL-49140 CVE-2024-44940 affecting package kernel for versions less than 5.15.176.3-1

In the Linux kernel, the following vulnerability has been resolved: fou: remove warn in guegroreceive on unsupported protocol Drop the WARNONONCE inn guegroreceive if the encapsulated type is not known or does not have a GRO handler. Such a packet is easily constructed. Syzbot generates them and...

UBUNTU-CVE-2024-44940

In the Linux kernel, the following vulnerability has been resolved: fou: remove warn in guegroreceive on unsupported protocol Drop the WARNONONCE inn guegroreceive if the encapsulated type is not known or does not have a GRO handler. Such a packet is easily constructed. Syzbot generates them and...