CVE-2024-41045 bpf: Defer work in bpf_timer_cancel_and_free

In the Linux kernel, the following vulnerability has been resolved: bpf: Defer work in bpftimercancelandfree Currently, the same case as previous patch two timer callbacks trying to cancel each other can be invoked through bpfmapupdateelem as well, or more precisely, freeing map elements containi...

CVE-2022-48825

In the Linux kernel, the following vulnerability has been resolved: scsi: qedf: Add stagwork to all the vports Call trace seen when creating NPIV ports, only 32 out of 64 show online. stag work was not initialized for vport, hence initialize the stag work. WARNING: CPU: 8 PID: 645 at...

CVE-2022-48825 scsi: qedf: Add stag_work to all the vports

In the Linux kernel, the following vulnerability has been resolved: scsi: qedf: Add stagwork to all the vports Call trace seen when creating NPIV ports, only 32 out of 64 show online. stag work was not initialized for vport, hence initialize the stag work. WARNING: CPU: 8 PID: 645 at...

CVE-2024-40916

In the Linux kernel, the following vulnerability has been resolved: drm/exynos: hdmi: report safe 640x480 mode as a fallback when no EDID found When reading EDID fails and driver reports no modes available, the DRM core adds an artificial 1024x786 mode to the connector. Unfortunately some variant...

CVE-2024-40905

In the Linux kernel, the following vulnerability has been resolved: ipv6: fix possible race in fib6droppcpufrom syzbot found a race in fib6droppcpufrom 1 If compiler reads more than once ppcpurt, second read could read NULL, if another cpu clears the value in rt6getpcpuroute. Add a READONCE to...

CVE-2024-40959

In the Linux kernel, the following vulnerability has been resolved: xfrm6: check ip6dstidev return value in xfrm6getsaddr ip6dstidev can return NULL, xfrm6getsaddr must act accordingly. syzbot reported: Oops: general protection fault, probably for non-canonical address 0xdffffc0000000000: 0000 1...

PT-2024-30730

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The issue is related to the handling of CEQEs in the interrupt handler, which can cause the CPU core to stay in interrupt context too long and lead to soft lockup under heavy load. To...

PT-2024-29225

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The issue is related to the bpf timer cancel and free function in the Linux kernel, where two timer callbacks trying to cancel each other can lead to a deadlock situation. This can be...

kernel: i40e: Do not use WQ_MEM_RECLAIM flag for workqueue

In the Linux kernel, the following vulnerability has been resolved: i40e: Do not use WQMEMRECLAIM flag for workqueue Issue reported by customer during SRIOV testing, call trace: When both i40e and the i40iw driver are loaded, a warning in checkflushdependency is being triggered. This seems to be...

kernel: i40e: Do not use WQ_MEM_RECLAIM flag for workqueue

In the Linux kernel, the following vulnerability has been resolved: i40e: Do not use WQMEMRECLAIM flag for workqueue Issue reported by customer during SRIOV testing, call trace: When both i40e and the i40iw driver are loaded, a warning in checkflushdependency is being triggered. This seems to be...

wifi: wilc1000: do not realloc workqueue everytime an interface is added

...

OESA-2024-1765 kernel security update

The Linux Kernel, the operating system core itself. Security Fixes: In the Linux kernel, the following vulnerability has been resolved: spi: Fix deadlock when adding SPI controllers on SPI buses Currently we have a global spiaddlock which we take when adding new devices so that we can check that...

SUSE CVE-2024-38634

In the Linux kernel, the following vulnerability has been resolved: serial: max3100: Lock port-lock when calling uarthandlectschange uarthandlectschange has to be called with port lock taken, Since we run it in a separate work, the lock may not be taken at the time of running. Make sure that it's...

CVE-2024-38634

In the Linux kernel, the following vulnerability has been resolved: serial: max3100: Lock port-lock when calling uarthandlectschange uarthandlectschange has to be called with port lock taken, Since we run it in a separate work, the lock may not be taken at the time of running. Make sure that it's...

UBUNTU-CVE-2024-38634

In the Linux kernel, the following vulnerability has been resolved: serial: max3100: Lock port-lock when calling uarthandlectschange uarthandlectschange has to be called with port lock taken, Since we run it in a separate work, the lock may not be taken at the time of running. Make sure that it's...

CVE-2024-38634

In the Linux kernel, the following vulnerability has been resolved: serial: max3100: Lock port-lock when calling uarthandlectschange uarthandlectschange has to be called with port lock taken, Since we run it in a separate work, the lock may not be taken at the time of running. Make sure that it's...

SUSE CVE-2021-47590

In the Linux kernel, the following vulnerability has been resolved: mptcp: fix deadlock in mptcppushpending mptcppushpending may call mptcpflushjoinlist with subflow socket lock held. If such call hits mptcpsockoptsyncall then subsequently mptcpsockoptsync could try to lock the subflow socket for...

CVE-2022-48761 usb: xhci-plat: fix crash when suspend if remote wake enable

In the Linux kernel, the following vulnerability has been resolved: usb: xhci-plat: fix crash when suspend if remote wake enable Crashed at i.mx8qm platform when suspend if enable remote wakeup Internal error: synchronous external abort: 96000210 1 PREEMPT SMP Modules linked in: CPU: 2 PID: 244...

DEBIAN-CVE-2021-47590

In the Linux kernel, the following vulnerability has been resolved: mptcp: fix deadlock in mptcppushpending mptcppushpending may call mptcpflushjoinlist with subflow socket lock held. If such call hits mptcpsockoptsyncall then subsequently mptcpsockoptsync could try to lock the subflow socket for...

CVE-2021-47590

In the Linux kernel, the following vulnerability has been resolved: mptcp: fix deadlock in mptcppushpending mptcppushpending may call mptcpflushjoinlist with subflow socket lock held. If such call hits mptcpsockoptsyncall then subsequently mptcpsockoptsync could try to lock the subflow socket for...