15 matches found
CVE-2024-50019 kthread: unpark only parked kthread
In the Linux kernel, the following vulnerability has been resolved: kthread: unpark only parked kthread Calling into kthread unparking unconditionally is mostly harmless when the kthread is already unparked. The wake up is then simply ignored because the target is not in TASKPARKED state. However...
CVE-2024-50019
In CVE-2024-50019 the IBM bulletin documents a Linux kernel issue where kthread unparked-per-CPU threads could be woken up during stop. Root cause: calling kthread_unpark unconditionally before ensuring the thread is inactive can cause a wakeup on a per-CPU kthread that has been bound via kthread...
CVE-2024-45017 net/mlx5: Fix IPsec RoCE MPV trace call
In the Linux kernel, the following vulnerability has been resolved: net/mlx5: Fix IPsec RoCE MPV trace call Prevent the call trace below from happening, by not allowing IPsec creation over a slave, if master device doesn't support IPsec. WARNING: CPU: 44 PID: 16136 at kernel/locking/rwsem.c:240...
CVE-2022-48924
CVE-2022-48924 relates to the Linux kernel, describing a memory-leak in the int340x thermal driver during int3400_notify() on Tiger Lake, leading to unreferenced objects and potential memory pressure. The provided documents consistently show the root cause as a leak in the int3400_notify path and...
CVE-2023-52903 io_uring: lock overflowing for IOPOLL
In the Linux kernel, the following vulnerability has been resolved: iouring: lock overflowing for IOPOLL syzbot reports an issue with overflow filling for IOPOLL: WARNING: CPU: 0 PID: 28 at iouring/iouring.c:734 iocqringeventoverflow+0x1c0/0x230 iouring/iouring.c:734 CPU: 0 PID: 28 Comm:...
CVE-2022-48746
In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: Fix handling of wrong devices during bond netevent Current implementation of bond netevent handler only check if the handled netdev is VF representor and it missing a check if the VF representor is on the same phys...
CVE-2021-47497 nvmem: Fix shift-out-of-bound (UBSAN) with byte size cells
In the Linux kernel, the following vulnerability has been resolved: nvmem: Fix shift-out-of-bound UBSAN with byte size cells If a cell has 'nbits' equal to a multiple of BITSPERBYTE the logic p &= GENMASKcell-nbits%BITSPERBYTE - 1, 0; will become undefined behavior because nbits modulo BITSPERBYT...
CVE-2023-52842
In the Linux kernel, the following vulnerability has been resolved: virtio/vsock: Fix uninit-value in virtiotransportrecvpkt KMSAN reported the following uninit-value access issue: ===================================================== BUG: KMSAN: uninit-value in virtiotransportrecvpkt+0x1dfb/0x26...
CVE-2023-52782
The CVE-2023-52782 entry pertains to the Linux kernel net/mlx5e driver: it fixes a race in tracking xmit metadata for PTP WQ where the skb may not be present in the mapping when the metadata index is tracked, risking a null pointer dereference. The fix ensures skb is in metadata mapping before tr...
CVE-2024-36007
CVE-2024-36007 involves a Linux kernel flaw in the Mellanox mlxsw spectrum ACL TCAM rehash machinery. The issue stemmed from markers (chunk/entry) used to resume a delayed rehash when credits run out. On error, only the chunk marker was reset, leaving entry markers relative to the chunk, which co...
CVE-2024-35870
In the Linux kernel, the following vulnerability has been resolved: smb: client: fix UAF in smb2reconnectserver The UAF bug is due to smb2reconnectserver accessing a session that is already being teared down by another thread that is executing cifsputsmbses. This can happen when a the client has...
CVE-2024-26958 nfs: fix UAF in direct writes
In the Linux kernel, the following vulnerability has been resolved: nfs: fix UAF in direct writes In production we have been hitting the following warning consistently ------------ cut here ------------ refcountt: underflow; use-after-free. WARNING: CPU: 17 PID: 1800359 at lib/refcount.c:28...
CVE-2024-26958 nfs: fix UAF in direct writes
In the Linux kernel, the following vulnerability has been resolved: nfs: fix UAF in direct writes In production we have been hitting the following warning consistently ------------ cut here ------------ refcountt: underflow; use-after-free. WARNING: CPU: 17 PID: 1800359 at lib/refcount.c:28...
CVE-2024-26890
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: btrtl: fix out of bounds memory access The problem is detected by KASAN. btrtl driver uses private hci data to store 'struct btrealtekdata'. If btrtl driver is used with btusb, then memory for private hci data is...
CVE-2021-47065
In the Linux kernel, the following vulnerability has been resolved: rtw88: Fix array overrun in rtwgettxpowerparams Using a kernel with the Undefined Behaviour Sanity Checker UBSAN enabled, the following array overrun is logged:...