AZL-54608 CVE-2024-53090 affecting package kernel 5.15.200.1-1

In the Linux kernel, the following vulnerability has been resolved: afs: Fix lock recursion afswakeupasynccall can incur lock recursion. The problem is that it is called from AFRXRPC whilst holding the -notifylock, but it tries to take a ref on the afscall struct in order to pass it to a work que...

UBUNTU-CVE-2024-53090

In the Linux kernel, the following vulnerability has been resolved: afs: Fix lock recursion afswakeupasynccall can incur lock recursion. The problem is that it is called from AFRXRPC whilst holding the -notifylock, but it tries to take a ref on the afscall struct in order to pass it to a work que...

CVE-2024-53090 afs: Fix lock recursion

In the Linux kernel, the following vulnerability has been resolved: afs: Fix lock recursion afswakeupasynccall can incur lock recursion. The problem is that it is called from AFRXRPC whilst holding the -notifylock, but it tries to take a ref on the afscall struct in order to pass it to a work que...

SUSE CVE-2024-53064

In the Linux kernel, the following vulnerability has been resolved: idpf: fix idpfvccoreinit error path In an event where the platform running the device control plane is rebooted, reset is detected on the driver. It releases all the resources and waits for the reset to complete. Once the reset i...

CVE-2024-53054

In the Linux kernel, the following vulnerability has been resolved: cgroup/bpf: use a dedicated workqueue for cgroup bpf destruction A hungtask problem shown below was found: INFO: task kworker/0:0:8 blocked for more than 327 seconds. "echo 0 /proc/sys/kernel/hungtasktimeoutsecs" disables this...

CVE-2024-53054

Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority...

UBUNTU-CVE-2024-53064

In the Linux kernel, the following vulnerability has been resolved: idpf: fix idpfvccoreinit error path In an event where the platform running the device control plane is rebooted, reset is detected on the driver. It releases all the resources and waits for the reset to complete. Once the reset i...

CVE-2024-53054

CVE-2024-53054 is documented in connected sources as a Linux kernel issue affecting the cgroup/bpf destruction path. The root cause described is a contention/deadlock risk from cgroup_bpf_release workers, due to mutexes and locks acquired across tasks, which could lead to a hung task scenario. Af...

CVE-2024-53054

...

PT-2024-35520 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A deadlock issue in the Linux kernel has been identified, which can be triggered by deleting a large number of cpuset cgroups and setting cpu on and off repeatedly. This issue is cause...

kernel: KVM: Always flush async #PF workqueue when vCPU is being destroyed

In the Linux kernel, the following vulnerability has been resolved: KVM: Always flush async PF workqueue when vCPU is being destroyed Always flush the per-vCPU async PF workqueue when a vCPU is clearing its completion queue, e.g. when a VM and all its vCPUs is being destroyed. KVM must ensure tha...

kernel: net: stmmac: fix possible memory leak in stmmac_dvr_probe()

A memory leak vulnerability was found in the stmmac network driver in the Linux kernel. When createsinglethreadworkqueue fails during probe, the previously allocated bitmap priv-afxdpzcqps is not freed. This can lead to memory resource exhaustion if the error condition is repeatedly triggered...

kernel: Bluetooth: hci_core: cancel all works upon hci_unregister_dev()

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hcicore: cancel all works upon hciunregisterdev syzbot is reporting that calling hcireleasedev from hcierrorreset due to hcidevput from hcierrorreset can cause deadlock at destroyworkqueue, for hcierrorreset is called...

kernel: usb: cdc-wdm: close race between read and workqueue

No description is available for this CVE...

kernel: dmaengine: idxd: Convert spinlock to mutex to lock evl workqueue

In the Linux kernel, the following vulnerability has been resolved: dmaengine: idxd: Convert spinlock to mutex to lock evl workqueue The Linux kernel CVE team has assigned CVE-2024-35991 to this issue. Upstream advisory:...

kernel: nouveau: offload fence uevents work to workqueue

In the Linux kernel, the following vulnerability has been resolved: nouveau: offload fence uevents work to workqueue This should break the deadlock between the fctx lock and the irq lock. This offloads the processing off the work from the irq into a workqueue...

kernel: nvme-fc: do not wait in vain when unloading module

In the Linux kernel, the following vulnerability has been resolved: nvme-fc: do not wait in vain when unloading module The module exit path has race between deleting all controllers and freeing 'left over IDs'. To prevent double free a synchronization between nvmedeletectrl and idadestroy has bee...

kernel: ACPI: EC: Fix oops when removing custom query handlers

A flaw was found in the Linux kernel's ACPI Embedded Controller EC subsystem. When removing custom query handlers, a kernel oops can occur if the handler is still being executed in the EC query workqueue while the module containing the callback function is being unloaded. The fix ensures the...

kernel: net/mlx5: Always drain health in shutdown callback

In the Linux kernel, the following vulnerability has been resolved: net/mlx5: Always drain health in shutdown callback There is no point in recovery during device shutdown. if health work started need to wait for it to avoid races and NULL pointer access. Hence, drain health WQ on shutdown callba...

Unbreakable Enterprise kernel security update

5.4.17-2136.337.5 - net/mlx5: disable the 'fast unload' feature on Exadata systems Qing Huang Orabug: 37093177 5.4.17-2136.337.4 - ocfs2: reserve space for inline xattr before attaching reflink tree Gautham Ananthakrishna Orabug: 37199020 - Revert 'ocfs2: ocfs2 crash due to invalid hnextleafblk...