kernel: Linux kernel: Denial of Service in mt7921e driver during module unload

A flaw was discovered in the mt76/mt7921e Wi-Fi driver in the Linux kernel where improper handling of driver data during module removal can lead to a crash. Under certain insmod/rmmod stress test conditions, the driver’s mt7921pciremove function is called while the associated mt76dev driver priva...

kernel: scsi: storvsc: Remove WQ_MEM_RECLAIM from storvsc_error_wq

In the Linux kernel, the following vulnerability has been resolved: scsi: storvsc: Remove WQMEMRECLAIM from storvscerrorwq storvscerrorwq workqueue should not be marked as WQMEMRECLAIM as it doesn't need to make forward progress under memory pressure. Marking this workqueue as WQMEMRECLAIM may...

kernel: NULL pointer dereference in traffic control subsystem

A NULL pointer dereference flaw was found in qdiscgraft in net/sched/schapi.c in the Linux kernel. This issue may allow a local unprivileged user to trigger a denial of service if the allocworkqueue function return is not validated in time of failure, resulting in a system crash or leaked interna...

kernel: Linux kernel: Denial of Service in mt7921e driver during module unload

A flaw was discovered in the mt76/mt7921e Wi-Fi driver in the Linux kernel where improper handling of driver data during module removal can lead to a crash. Under certain insmod/rmmod stress test conditions, the driver’s mt7921pciremove function is called while the associated mt76dev driver priva...

kernel: Bluetooth: When HCI work queue is drained, only queue chained work

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: When HCI work queue is drained, only queue chained work The HCI command, event, and data packet processing workqueue is drained to avoid deadlock in commit 76727c02c1e1 "Bluetooth: Call drainworkqueue before resetting...

kernel: sched/core: Do not requeue task on CPU excluded from cpus_mask

In the Linux kernel, the following vulnerability has been resolved: sched/core: Do not requeue task on CPU excluded from cpusmask The following warning was triggered on a large machine early in boot on a distribution kernel but the same problem should also affect mainline. WARNING: CPU: 439 PID: ...

kernel: NULL pointer dereference in traffic control subsystem

A NULL pointer dereference flaw was found in qdiscgraft in net/sched/schapi.c in the Linux kernel. This issue may allow a local unprivileged user to trigger a denial of service if the allocworkqueue function return is not validated in time of failure, resulting in a system crash or leaked interna...

kernel: xfrm: Reinject transport-mode packets through workqueue

In the Linux kernel, the following vulnerability has been resolved: xfrm: Reinject transport-mode packets through workqueue The following warning is displayed when the tcp6-multi-diffip11 stress test case of the LTP test suite is tested: watchdog: BUG: soft lockup - CPU0 stuck for 22s!...

kernel: Bluetooth: use hdev->workqueue when queuing hdev->{cmd,ncmd}_timer works

n the Linux kernel’s Bluetooth subsystem there is a flaw in the way Bluetooth HCI work items are queued. Under certain conditions, work associated with command timeouts hdev-cmd,ncmdtimer could be scheduled on the wrong workqueue while the intended workqueue is being drained. This occurs because...

kernel: HID: nintendo: fix rumble worker null pointer deref

In the Linux kernel, the following vulnerability has been resolved: HID: nintendo: fix rumble worker null pointer deref We can dereference a null pointer trying to queue work to a destroyed workqueue. If the device is disconnected, nintendohidremove is called, in which the rumblequeue is destroye...

kernel: RDMA/core: Fix null-ptr-deref in ib_core_cleanup()

In the Linux kernel, the following vulnerability has been resolved: RDMA/core: Fix null-ptr-deref in ibcorecleanup KASAN reported a null-ptr-deref error: KASAN: null-ptr-deref in range 0x0000000000000118-0x000000000000011f CPU: 1 PID: 379 Hardware name: QEMU Standard PC i440FX + PIIX, 1996 RIP:...

kernel: NULL pointer dereference in traffic control subsystem

A NULL pointer dereference flaw was found in qdiscgraft in net/sched/schapi.c in the Linux kernel. This issue may allow a local unprivileged user to trigger a denial of service if the allocworkqueue function return is not validated in time of failure, resulting in a system crash or leaked interna...

PT-2025-25912 · Linux +2 · Linux Kernel +2

Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 5.4.0-1086-azure 9118.04.1-Ubuntu Description: The issue is related to the storvsc error wq workqueue in the Linux kernel, which was incorrectly marked as WQ MEM RECLAIM. This marking may cause a deadlock while...

GSD-2023-1002406 ice: Do not use WQ_MEM_RECLAIM flag for workqueue

ice: Do not use WQMEMRECLAIM flag for workqueue This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.4.232 by commit...

GSD-2023-1002389 ice: Do not use WQ_MEM_RECLAIM flag for workqueue

ice: Do not use WQMEMRECLAIM flag for workqueue This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.10.168 by commit...

GSD-2023-1002335 ice: Do not use WQ_MEM_RECLAIM flag for workqueue

ice: Do not use WQMEMRECLAIM flag for workqueue This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v6.1.12 by commit...

PT-2023-35481 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v5.4.232 Description: The issue concerns the use of the WQ MEM RECLAIM flag for workqueue. The actual impact and attack plausibility have not yet been proven. Recommendations: For Linux Kernel versions prior to...

PT-2023-35410 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v6.1.12 Description: The issue concerns the use of the WQ MEM RECLAIM flag for workqueue. The actual impact and attack plausibility have not yet been proven. Recommendations: For Linux Kernel versions prior to...

SUSE CVE-2019-15924

An issue was discovered in the Linux kernel before 5.0.11. fm10kinitmodule in drivers/net/ethernet/intel/fm10k/fm10kmain.c has a NULL pointer dereference because there is no -ENOMEM upon an allocworkqueue failure...

SUSE CVE-2019-16231

drivers/net/fjes/fjesmain.c in the Linux kernel 5.2.14 does not check the allocworkqueue return value, leading to a NULL pointer dereference...