UBUNTU-CVE-2022-49555

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hciqca: Use deltimersync before freeing While looking at a crash report on a timer list being corrupted, which usually happens when a timer is freed while still active. This is commonly triggered by code calling deltim...

CVE-2022-49371 driver core: fix deadlock in __device_attach

In the Linux kernel, the following vulnerability has been resolved: driver core: fix deadlock in deviceattach In deviceattach function, The lock holding logic is as follows: ... deviceattach devicelockdev // get lock dev asyncscheduledevdeviceattachasynchelper, dev; // func asyncschedulenode...

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: SHAMPO, Fix invalid WQ linked list unlink When all the strides in a WQE have been consumed, the WQE is unlinked from the WQ linked list mlx5wqllpop. For SHAMPO, it is possible to receive CQEs with 0 consumed strides fo...

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerabilities have been resolved: net/mlx5: Fixed the error path in multi-packet WQE transmit. Removed the erroneous unmap if no DMA mapping was established. The multi-packet WQE transmit code attempts to obtain a DMA mapping for the skb. This may fail, for...

CVE-2021-35562

Vulnerability in the Oracle Universal Work Queue product of Oracle E-Business Suite component: Work Provider Site Level Administration. Supported versions that are affected are 12.1.1-12.1.3 and 12.2.3-12.2.10. Easily exploitable vulnerability allows low privileged attacker with network access vi...

CVE-2020-14855

Vulnerability in the Oracle Universal Work Queue product of Oracle E-Business Suite component: Work Provider Administration. The supported version that is affected is 12.1.3. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Univers...

CVE-2020-14862

Vulnerability in the Oracle Universal Work Queue product of Oracle E-Business Suite component: Internal Operations. Supported versions that are affected are 12.2.3 - 12.2.9. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Universal...

CVE-2020-2818

Vulnerability in the Oracle Universal Work Queue product of Oracle E-Business Suite component: Work Provider Administration. Supported versions that are affected are 12.1.1-12.1.3. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle...

DEBIAN-CVE-2024-57936

In the Linux kernel, the following vulnerability has been resolved: RDMA/bnxtre: Fix max SGEs for the Work Request Gen P7 supports up to 13 SGEs for now. WQE software structure can hold only 6 now. Since the max send sge is reported as 13, the stack can give requests up to 13 SGEs. This is causin...

UBUNTU-CVE-2024-57936

In the Linux kernel, the following vulnerability has been resolved: RDMA/bnxtre: Fix max SGEs for the Work Request Gen P7 supports up to 13 SGEs for now. WQE software structure can hold only 6 now. Since the max send sge is reported as 13, the stack can give requests up to 13 SGEs. This is causin...

DEBIAN-CVE-2024-57888

In the Linux kernel, the following vulnerability has been resolved: workqueue: Do not warn when cancelling WQMEMRECLAIM work from !WQMEMRECLAIM worker After commit 746ae46c1113 "drm/sched: Mark scheduler work queues with WQMEMRECLAIM" amdgpu started seeing the following warning: workqueue:...

PT-2025-36300

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A kernel NULL pointer dereference issue was resolved in the drm/amdkfd subsystem. The problem occurred when the KFD debugfs was destroyed before the KFD work queue, leading to a crash wh...

AZL-68550 CVE-2024-56709 affecting package kernel 5.15.200.1-1

In the Linux kernel, the following vulnerability has been resolved: iouring: check if iowq is killed before queuing task work can be executed after the task has gone through iouring termination, whether it's the final taskwork run or the fallback path. In this case, task work will find -iowq bein...

SUSE CVE-2024-53176

In the Linux kernel, the following vulnerability has been resolved: smb: During unmount, ensure all cached dir instances drop their dentry The unmount process cifskillsb calling closeallcacheddirs can race with various cached directory operations, which ultimately results in dentries not being...

SUSE CVE-2024-53229

In the Linux kernel, the following vulnerability has been resolved: RDMA/rxe: Fix the qp flush warnings in req When the qp is in error state, the status of WQEs in the queue should be set to error. Or else the following will appear. 920.617269 WARNING: CPU: 1 PID: 21 at...

UBUNTU-CVE-2024-53229

In the Linux kernel, the following vulnerability has been resolved: RDMA/rxe: Fix the qp flush warnings in req When the qp is in error state, the status of WQEs in the queue should be set to error. Or else the following will appear. 920.617269 WARNING: CPU: 1 PID: 21 at...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel, which originates from the media:mtk-jpeg module where the work queue is not destroyed during uninstallation of the module...

CVE-2024-53160 rcu/kvfree: Fix data-race in __mod_timer / kvfree_call_rcu

In the Linux kernel, the following vulnerability has been resolved: rcu/kvfree: Fix data-race in modtimer / kvfreecallrcu KCSAN reports a data race when access the krcp-monitorwork.timer.expires variable in the scheduledelayedmonitorwork function: BUG: KCSAN: data-race in modtimer / kvfreecallrcu...

PT-2025-3613

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The issue concerns a false positive warning in the Linux kernel when cancelling WQ MEM RECLAIM work from a !WQ MEM RECLAIM worker. This warning occurs after a specific commit and is...

PT-2025-3661 · Linux +2 · Linux Kernel +2

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: The issue concerns the RDMA/bnxt re component in the Linux kernel, where the maximum number of SGEs Scatter-Gather Elements for a Work Request is not properly handled. Specifically, Ge...