DEBIAN-CVE-2024-40992

In the Linux kernel, the following vulnerability has been resolved: RDMA/rxe: Fix responder length checking for UD request packets According to the IBA specification: If a UD request packet is detected with an invalid length, the request shall be an invalid request and it shall be silently droppe...

AZL-68111 CVE-2024-39508 affecting package kernel 5.15.200.1-1

In the Linux kernel, the following vulnerability has been resolved: iouring/io-wq: Use setbit and testbit at worker-flags Utilize setbit and testbit on worker-flags within iouring/io-wq to address potential data races. The structure ioworker-flags may be accessed through various data paths, leadi...

Astra Linux - уязвимость в linux-6.1

A use-after-free vulnerability was found in the cxgb4 driver in the Linux kernel. The bug occurs when the cxgb4 device is detaching due to a possible rearming of the flowerstatstimer from the work queue. This flaw allows a local user to crash the system, causing a denial of service condition...

SUSE CVE-2022-48758

In the Linux kernel, the following vulnerability has been resolved: scsi: bnx2fc: Flush destroywork queue before calling bnx2fcinterfaceput The bnx2fcdestroy functions are removing the interface before calling destroywork. This results multiple WARNings from sysfsremovegroup as the controller rpo...

DEBIAN-CVE-2022-48758

In the Linux kernel, the following vulnerability has been resolved: scsi: bnx2fc: Flush destroywork queue before calling bnx2fcinterfaceput The bnx2fcdestroy functions are removing the interface before calling destroywork. This results multiple WARNings from sysfsremovegroup as the controller rpo...

UBUNTU-CVE-2022-48758

In the Linux kernel, the following vulnerability has been resolved: scsi: bnx2fc: Flush destroywork queue before calling bnx2fcinterfaceput The bnx2fcdestroy functions are removing the interface before calling destroywork. This results multiple WARNings from sysfsremovegroup as the controller rpo...

Linux kernel security vulnerabilities

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from the scsi:bnx2fc module not flushing the destroywork queue before calling bnx2fcinterfaceput...

UBUNTU-CVE-2021-47577

In the Linux kernel, the following vulnerability has been resolved: io-wq: check for wq exit after adding new worker taskwork We check IOWQBITEXIT before attempting to create a new worker, and wq exit cancels pending work if we have any. But it's possible to have a race between the two, where...

Linux kernel security vulnerabilities

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that stems from incorrect use of the ptp work queue for the second part of the timestamp, which stops when the port is closed...

PT-2024-31337

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.6.50 Description The issue arises in the net/mlx5e component of the Linux kernel, specifically with the SHAMPO feature. When all strides in a Work Queue Element WQE are consumed, the WQE is unlinked from the Wo...

SUSE CVE-2021-47261

In the Linux kernel, the following vulnerability has been resolved: IB/mlx5: Fix initializing CQ fragments buffer The function initcqfragbuf can be called to initialize the current CQ fragments buffer cq-buf, or the temporary cq-resizebuf that is filled during CQ resize operation. However, the...

kernel: mptcp: fix UaF in listener shutdown

In the Linux kernel, the following vulnerability has been resolved: mptcp: fix UaF in listener shutdown As reported by Christoph after having refactored the passive socket initialization, the mptcp listener shutdown path is prone to an UaF issue. BUG: KASAN: use-after-free in...

kernel: cxgb4: use-after-free in ch_flower_stats_cb()

A use-after-free vulnerability was found in the cxgb4 driver in the Linux kernel. The bug occurs when the cxgb4 device is detaching due to a possible rearming of the flowerstatstimer from the work queue. This flaw allows a local user to crash the system, causing a denial of service condition...

UBUNTU-CVE-2023-52782

In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: Track xmit submission to PTP WQ after populating metadata map Ensure the skb is available in metadata mapping to skbs before tracking the metadata index for detecting undelivered CQEs. If the metadata index is put in t...

UBUNTU-CVE-2023-52831

In the Linux kernel, the following vulnerability has been resolved: cpu/hotplug: Don't offline the last non-isolated CPU If a system has isolated CPUs via the "isolcpus=" command line parameter, then an attempt to offline the last housekeeping CPU will result in a WARNON when rebuilding the...

CVE-2023-52831

CVE-2023-52831 (Linux kernel) : The issue resides in cpu/hotplug logic when CPUs are isolated with isolcpus=. Offline-ing the last non-isolated (housekeeping) CPU can cause a WARN_ON in build_sched_domains and a subsequent panic due to an empty CPU mask in partition_sched_domains_locked(), leadin...

CVE-2023-52831

In the Linux kernel, the following vulnerability has been resolved: cpu/hotplug: Don't offline the last non-isolated CPU If a system has isolated CPUs via the "isolcpus=" command line parameter, then an attempt to offline the last housekeeping CPU will result in a WARNON when rebuilding the...

SUSE CVE-2024-35968

In the Linux kernel, the following vulnerability has been resolved: pdscore: Fix pdsccheckpcihealth function to use work thread When the driver notices fwstatus == 0xff it tries to perform a PCI reset on itself via pciresetfunction in the context of the driver's health thread. However,...

SUSE CVE-2024-35991

In the Linux kernel, the following vulnerability has been resolved: dmaengine: idxd: Convert spinlock to mutex to lock evl workqueue drainworkqueue cannot be called safely in a spinlocked context due to possible task rescheduling. In the multi-task scenario, calling queuework while drainworkqueue...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux Kernel that originates from a call to INITDELAYEDWORK in cp2112gpioirqstartup in the cp2112 driver, which results in a duplicate...