126 matches found
CVE-2024-35952 drm/ast: Fix soft lockup
In the Linux kernel, the following vulnerability has been resolved: drm/ast: Fix soft lockup There is a while-loop in astdpsetonoff that could lead to infinite-loop. This is because the register, VGACRI-Dx, checked in this API is a scratch register actually controlled by a MCU, named DPMCU, in BM...
UBUNTU-CVE-2024-26959
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: btnxpuart: Fix btnxpuartclose Fix scheduling while atomic BUG in btnxpuartclose, properly purge the transmit queue and free the receive skb. 10.973809 BUG: scheduling while atomic: kworker/u9:0/80/0x00000002...
CVE-2024-26959 Bluetooth: btnxpuart: Fix btnxpuart_close
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: btnxpuart: Fix btnxpuartclose Fix scheduling while atomic BUG in btnxpuartclose, properly purge the transmit queue and free the receive skb. 10.973809 BUG: scheduling while atomic: kworker/u9:0/80/0x00000002...
CVE-2024-26959 Bluetooth: btnxpuart: Fix btnxpuart_close
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: btnxpuart: Fix btnxpuartclose Fix scheduling while atomic BUG in btnxpuartclose, properly purge the transmit queue and free the receive skb. 10.973809 BUG: scheduling while atomic: kworker/u9:0/80/0x00000002...
CVE-2024-26959
CVE-2024-26959 affects the Linux kernel Bluetooth subsystem (btnxpuart). The issue is a scheduling while atomic BUG in btnxpuart_close that could leave the transmit queue unpurged and skb release unsafe. The fixed path is in btnxpuart_close, with related call chain through tty/serdev/uart during ...
CVE-2024-26959 Bluetooth: btnxpuart: Fix btnxpuart_close
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: btnxpuart: Fix btnxpuartclose Fix scheduling while atomic BUG in btnxpuartclose, properly purge the transmit queue and free the receive skb. 10.973809 BUG: scheduling while atomic: kworker/u9:0/80/0x00000002...
DEBIAN-CVE-2022-48653
In the Linux kernel, the following vulnerability has been resolved: ice: Don't double unplug aux on peer initiated reset In the IDC callback that is accessed when the aux drivers request a reset, the function to unplug the aux devices is called. This function is also called in the...
CVE-2022-48653
In the Linux kernel, the following vulnerability has been resolved: ice: Don't double unplug aux on peer initiated reset In the IDC callback that is accessed when the aux drivers request a reset, the function to unplug the aux devices is called. This function is also called in the...
CVE-2022-48653
In the Linux kernel, the following vulnerability has been resolved: ice: Don't double unplug aux on peer initiated reset In the IDC callback that is accessed when the aux drivers request a reset, the function to unplug the aux devices is called. This function is also called in the...
UBUNTU-CVE-2022-48653
In the Linux kernel, the following vulnerability has been resolved: ice: Don't double unplug aux on peer initiated reset In the IDC callback that is accessed when the aux drivers request a reset, the function to unplug the aux devices is called. This function is also called in the...
CVE-2022-48653 ice: Don't double unplug aux on peer initiated reset
In the Linux kernel, the following vulnerability has been resolved: ice: Don't double unplug aux on peer initiated reset In the IDC callback that is accessed when the aux drivers request a reset, the function to unplug the aux devices is called. This function is also called in the...
CVE-2022-48653
In the Linux kernel, the following vulnerability has been resolved: ice: Don't double unplug aux on peer initiated reset In the IDC callback that is accessed when the aux drivers request a reset, the function to unplug the aux devices is called. This function is also called in the...
CVE-2022-48653 ice: Don't double unplug aux on peer initiated reset
In the Linux kernel, the following vulnerability has been resolved: ice: Don't double unplug aux on peer initiated reset In the IDC callback that is accessed when the aux drivers request a reset, the function to unplug the aux devices is called. This function is also called in the...
CVE-2022-48653 ice: Don't double unplug aux on peer initiated reset
In the Linux kernel, the following vulnerability has been resolved: ice: Don't double unplug aux on peer initiated reset In the IDC callback that is accessed when the aux drivers request a reset, the function to unplug the aux devices is called. This function is also called in the...
CVE-2024-26780 af_unix: Fix task hung while purging oob_skb in GC.
In the Linux kernel, the following vulnerability has been resolved: afunix: Fix task hung while purging oobskb in GC. syzbot reported a task hung; at the same time, GC was looping infinitely in listforeachentrysafe for OOB skb. 0 syzbot demonstrated that the listforeachentrysafe was not actually...
The while loop used in all the accrueXXXPositionTimeWeightedLiquidity function could make a call reach the block gas limit
Lines of code Vulnerability details Proof of Concept If a user neither modifies his position nor claims rewards for a very long time, it might become impossible for him to do any action involving the internal functions accrueAmbientPositionTimeWeightedLiquidity or...
Slackware Linux 14.0 / 14.1 / 14.2 / 15.0 / current ntp Multiple Vulnerabilities (SSA:2023-153-02)
The version of ntp installed on the remote host is prior to 4.2.8p16. It is, therefore, affected by multiple vulnerabilities as referenced in the SSA:2023-153-02 advisory. - mstolfp in libntp/mstolfp.c in NTP 4.2.8p15 has an out-of-bounds write in the cpcpdec while loop. An adversary may be able ...
CVE-2023-26551
mstolfp in libntp/mstolfp.c in NTP 4.2.8p15 has an out-of-bounds write in the cpcpdec while loop. An adversary may be able to attack a client ntpq process, but cannot attack ntpd...
SUSE CVE-2021-29591
TensorFlow is an end-to-end open source platform for machine learning. TFlite graphs must not have loops between nodes. However, this condition was not checked and an attacker could craft models that would result in infinite loop during evaluation. In certain cases, the infinite loop would be...
kernel: scsi: qla2xxx: Fix scheduling while atomic
In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Fix scheduling while atomic The driver makes a call into midlayer fcremoteportdelete which can put the thread to sleep. The thread that originates the call is in interrupt context. The combination of the two trigge...