CLSA-2024-1729518811 Fix of 15 CVEs

CVE-url: https://ubuntu.com/security/CVE-2024-38632 - vfio/pci: fix potential memory leak in vfiointxenable CVE-url: https://ubuntu.com/security/CVE-2024-46840 - btrfs: clean up our handling of refs == 0 in snapshot delete CVE-url: https://ubuntu.com/security/CVE-2024-44954 - ALSA: line6: Fix rac...

AZL-50818 CVE-2024-47696 affecting package kernel for versions less than 5.15.173.1-1

In the Linux kernel, the following vulnerability has been resolved: RDMA/iwcm: Fix WARNING:atkernel/workqueue.c:checkflushdependency In the commit aee2424246f9 "RDMA/iwcm: Fix a use-after-free related to destroying CM IDs", the function flushworkqueue is invoked to flush the work queue iwcmwq. Bu...

AZL-50949 CVE-2024-47696 affecting package kernel for versions less than 6.6.56.1-5

In the Linux kernel, the following vulnerability has been resolved: RDMA/iwcm: Fix WARNING:atkernel/workqueue.c:checkflushdependency In the commit aee2424246f9 "RDMA/iwcm: Fix a use-after-free related to destroying CM IDs", the function flushworkqueue is invoked to flush the work queue iwcmwq. Bu...

UBUNTU-CVE-2024-47696

In the Linux kernel, the following vulnerability has been resolved: RDMA/iwcm: Fix WARNING:atkernel/workqueue.c:checkflushdependency In the commit aee2424246f9 "RDMA/iwcm: Fix a use-after-free related to destroying CM IDs", the function flushworkqueue is invoked to flush the work queue iwcmwq. Bu...

CVE-2024-47696

In the Linux kernel, the following vulnerability has been resolved: RDMA/iwcm: Fix WARNING:atkernel/workqueue.c:checkflushdependency In the commit aee2424246f9 "RDMA/iwcm: Fix a use-after-free related to destroying CM IDs", the function flushworkqueue is invoked to flush the work queue iwcmwq. Bu...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a missing check for the return value of allocorderedworkqueue in the drm/omapdrm subsystem...

Linux kernel 资源管理错误漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a dependency checking issue in the RDMA/iwcm component during a flushworkqueue call...

firmware: qcom: scm: Mark get_wq_ctx() as atomic call

...

CVE-2024-46839

REJECTED CVE A performance issue in the Linux Kernel's workqueue subsystem can cause hard lockups on high-CPU systems during operations like CPU hotplugging. The issue arises from contention when multiple CPUs update the global wqwatchdogtouched variable, leading to degraded performance and locku...

CVE-2024-46839

Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority...

CVE-2024-46839

Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority...

AZL-49968 CVE-2024-46803 affecting package kernel 5.15.200.1-1

In the Linux kernel, the following vulnerability has been resolved: drm/amdkfd: Check debug trap enable before write dbgevfile In interrupt context, write dbgevfile will be run by work queue. It will cause write dbgevfile execution after debugtrapdisable, which will cause NULL pointer access. v2:...

CVE-2024-46839

...

CVE-2024-46839

CVE-2024-46839 is rejected/not used; this CVE entry does not represent an active vulnerability.

CVE-2024-46839

...

PT-2024-32238 · Linux +1 · Linux Kernel +1

Name of the Vulnerable Software and Affected Versions: Linux Kernel affected versions not specified Description: A problem in the Linux kernel's workqueue watchdog touch has been fixed, which previously caused hard lockups on large systems, such as a powerpc system with around 2000 CPUs. The issu...

kernel: nvme-fc: do not wait in vain when unloading module

In the Linux kernel, the following vulnerability has been resolved: nvme-fc: do not wait in vain when unloading module The module exit path has race between deleting all controllers and freeing 'left over IDs'. To prevent double free a synchronization between nvmedeletectrl and idadestroy has bee...

kernel: nvmet-fc: avoid deadlock on delete association path

In the Linux kernel, the following vulnerability has been resolved: nvmet-fc: avoid deadlock on delete association path When deleting an association the shutdown path is deadlocking because we try to flush the nvmetwq nested. Avoid this by deadlock by deferring the put work into its own work item...

kernel: null-ptr-deref in alloc_workqueue

A NULL pointer dereference flaw was found in allocworkqueue in the Linux Kernel. Check the allocworkqueue return value in radeoncrtcinit to avoid null-ptr-deref...

kernel: nvmet-fc: avoid deadlock on delete association path

In the Linux kernel, the following vulnerability has been resolved: nvmet-fc: avoid deadlock on delete association path When deleting an association the shutdown path is deadlocking because we try to flush the nvmetwq nested. Avoid this by deadlock by deferring the put work into its own work item...