1536 matches found
UBUNTU-CVE-2022-48976
In the Linux kernel, the following vulnerability has been resolved: netfilter: flowtableoffload: fix using thiscpuadd in preemptible flowoffloadqueuework can be called in workqueue without bh disabled, like the call trace showed in my actct testing, calling NFFLOWTABLESTATINC there would cause a...
UBUNTU-CVE-2022-49027
In the Linux kernel, the following vulnerability has been resolved: iavf: Fix error handling in iavfinitmodule The iavfinitmodule won't destroy workqueue when pciregisterdriver failed. Call destroyworkqueue when pciregisterdriver failed to prevent the resource leak. Similar to the handling of...
CVE-2022-49028 ixgbevf: Fix resource leak in ixgbevf_init_module()
In the Linux kernel, the following vulnerability has been resolved: ixgbevf: Fix resource leak in ixgbevfinitmodule ixgbevfinitmodule won't destroy the workqueue created by createsinglethreadworkqueue when pciregisterdriver failed. Add destroyworkqueue in fail path to prevent the resource leak...
CVE-2022-49003 nvme: fix SRCU protection of nvme_ns_head list
In the Linux kernel, the following vulnerability has been resolved: nvme: fix SRCU protection of nvmenshead list Walking the nvmenshead siblings list is protected by the head's srcu in nvmensheadsubmitbio but not nvmempathrevalidatepaths. Removing namespaces from the list also fails to synchroniz...
CVE-2022-48980
CVE-2022-48980: In the Linux kernel, a bound-check bug in sja1105_init_l2_policing() can cause an out-of-bounds write to the L2 policing table when handling multicast policers on SJA1105. The code computes the multicast policer index as 99 + SRCPORT and compares it to max_entry_count, but for por...
CVE-2022-48976 netfilter: flowtable_offload: fix using __this_cpu_add in preemptible
In the Linux kernel, the following vulnerability has been resolved: netfilter: flowtableoffload: fix using thiscpuadd in preemptible flowoffloadqueuework can be called in workqueue without bh disabled, like the call trace showed in my actct testing, calling NFFLOWTABLESTATINC there would cause a...
CVE-2022-48976
The CVE-2022-48976 case concerns Linux kernel netfilter flowtable_offload. A preemptible path used __this_cpu_add in flow_offload_queue_work(), which could trigger a BUG when called from a workqueue without bh disabled. The fix replaces __this_cpu_add with NF_FLOW_TABLE_STAT_INC_ATOMIC() in flow_...
CVE-2022-48976 netfilter: flowtable_offload: fix using __this_cpu_add in preemptible
In the Linux kernel, the following vulnerability has been resolved: netfilter: flowtableoffload: fix using thiscpuadd in preemptible flowoffloadqueuework can be called in workqueue without bh disabled, like the call trace showed in my actct testing, calling NFFLOWTABLESTATINC there would cause a...
CVE-2024-50019 kthread: unpark only parked kthread
In the Linux kernel, the following vulnerability has been resolved: kthread: unpark only parked kthread Calling into kthread unparking unconditionally is mostly harmless when the kthread is already unparked. The wake up is then simply ignored because the target is not in TASKPARKED state. However...
DEBIAN-CVE-2024-49956
In the Linux kernel, the following vulnerability has been resolved: gfs2: fix double destroyworkqueue error When gfs2fillsuper fails, destroyworkqueue is called within gfs2glhashclear, and the subsequent code path calls destroyworkqueue on the same work queue again. This issue can be fixed by...
AZL-51270 CVE-2024-49879 affecting package kernel for versions less than 6.6.56.1-5
In the Linux kernel, the following vulnerability has been resolved: drm: omapdrm: Add missing check for allocorderedworkqueue As it may return NULL pointer and cause NULL pointer dereference. Add check for the return value of allocorderedworkqueue...
DEBIAN-CVE-2024-49879
In the Linux kernel, the following vulnerability has been resolved: drm: omapdrm: Add missing check for allocorderedworkqueue As it may return NULL pointer and cause NULL pointer dereference. Add check for the return value of allocorderedworkqueue...
AZL-51216 CVE-2024-49879 affecting package kernel for versions less than 5.15.173.1-1
In the Linux kernel, the following vulnerability has been resolved: drm: omapdrm: Add missing check for allocorderedworkqueue As it may return NULL pointer and cause NULL pointer dereference. Add check for the return value of allocorderedworkqueue...
UBUNTU-CVE-2024-49956
In the Linux kernel, the following vulnerability has been resolved: gfs2: fix double destroyworkqueue error When gfs2fillsuper fails, destroyworkqueue is called within gfs2glhashclear, and the subsequent code path calls destroyworkqueue on the same work queue again. This issue can be fixed by...
UBUNTU-CVE-2024-49879
In the Linux kernel, the following vulnerability has been resolved: drm: omapdrm: Add missing check for allocorderedworkqueue As it may return NULL pointer and cause NULL pointer dereference. Add check for the return value of allocorderedworkqueue...
CVE-2024-49953 net/mlx5e: Fix crash caused by calling __xfrm_state_delete() twice
In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: Fix crash caused by calling xfrmstatedelete twice The km.state is not checked in driver's delayed work. When xfrmstatecheckexpire is called, the state can be reset to XFRMSTATEEXPIRED, even if it is XFRMSTATEDEAD...
CVE-2024-49953 net/mlx5e: Fix crash caused by calling __xfrm_state_delete() twice
In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: Fix crash caused by calling xfrmstatedelete twice The km.state is not checked in driver's delayed work. When xfrmstatecheckexpire is called, the state can be reset to XFRMSTATEEXPIRED, even if it is XFRMSTATEDEAD...
CVE-2024-49876 drm/xe: fix UAF around queue destruction
In the Linux kernel, the following vulnerability has been resolved: drm/xe: fix UAF around queue destruction We currently do stuff like queuing the final destruction step on a random system wq, which will outlive the driver instance. With bad timing we can teardown the driver with one or more wor...
CVE-2024-49867 btrfs: wait for fixup workers before stopping cleaner kthread during umount
In the Linux kernel, the following vulnerability has been resolved: btrfs: wait for fixup workers before stopping cleaner kthread during umount During unmount, at closectree, we have the following steps in this order: 1 Park the cleaner kthread - this doesn't destroy the kthread, it basically hal...
SUSE CVE-2024-47696
In the Linux kernel, the following vulnerability has been resolved: RDMA/iwcm: Fix WARNING:atkernel/workqueue.c:checkflushdependency In the commit aee2424246f9 "RDMA/iwcm: Fix a use-after-free related to destroying CM IDs", the function flushworkqueue is invoked to flush the work queue iwcmwq. Bu...