Spoofing

In the Linux kernel, the following vulnerability has been resolved: mm: cachestat: fix folio read-after-free in cache walk In cachestat, we access the folio from the page cache's xarray to compute its page offset, and check for its dirty and writeback flags. However, we do not hold a reference to...

CVE-2024-26630 mm: cachestat: fix folio read-after-free in cache walk

In the Linux kernel, the following vulnerability has been resolved: mm: cachestat: fix folio read-after-free in cache walk In cachestat, we access the folio from the page cache's xarray to compute its page offset, and check for its dirty and writeback flags. However, we do not hold a reference to...

CVE-2024-26630 mm: cachestat: fix folio read-after-free in cache walk

In the Linux kernel, the following vulnerability has been resolved: mm: cachestat: fix folio read-after-free in cache walk In cachestat, we access the folio from the page cache's xarray to compute its page offset, and check for its dirty and writeback flags. However, we do not hold a reference to...

CVE-2024-26630

In the Linux kernel, the following vulnerability has been resolved: mm: cachestat: fix folio read-after-free in cache walk In cachestat, we access the folio from the page cache's xarray to compute its page offset, and check for its dirty and writeback flags. However, we do not hold a reference to...

SUSE CVE-2021-46920

In the Linux kernel, the following vulnerability has been resolved: dmaengine: idxd: Fix clobbering of SWERR overflow bit on writeback Current code blindly writes over the SWERR and the OVERFLOW bits. Write back the bits actually read instead so the driver avoids clobbering the OVERFLOW bit that...

DEBIAN-CVE-2021-46920

In the Linux kernel, the following vulnerability has been resolved: dmaengine: idxd: Fix clobbering of SWERR overflow bit on writeback Current code blindly writes over the SWERR and the OVERFLOW bits. Write back the bits actually read instead so the driver avoids clobbering the OVERFLOW bit that...

CVE-2021-46920

In the Linux kernel, the following vulnerability has been resolved: dmaengine: idxd: Fix clobbering of SWERR overflow bit on writeback Current code blindly writes over the SWERR and the OVERFLOW bits. Write back the bits actually read instead so the driver avoids clobbering the OVERFLOW bit that...

CVE-2021-46920

In the Linux kernel, the following vulnerability has been resolved: dmaengine: idxd: Fix clobbering of SWERR overflow bit on writeback Current code blindly writes over the SWERR and the OVERFLOW bits. Write back the bits actually read instead so the driver avoids clobbering the OVERFLOW bit that...

UBUNTU-CVE-2021-46920

In the Linux kernel, the following vulnerability has been resolved: dmaengine: idxd: Fix clobbering of SWERR overflow bit on writeback Current code blindly writes over the SWERR and the OVERFLOW bits. Write back the bits actually read instead so the driver avoids clobbering the OVERFLOW bit that...

CVE-2021-46920 dmaengine: idxd: Fix clobbering of SWERR overflow bit on writeback

In the Linux kernel, the following vulnerability has been resolved: dmaengine: idxd: Fix clobbering of SWERR overflow bit on writeback Current code blindly writes over the SWERR and the OVERFLOW bits. Write back the bits actually read instead so the driver avoids clobbering the OVERFLOW bit that...

CLSA-2024-1707478061 kernel: Fix of 11 CVEs

netfilter: nftables: reject QUEUE/DROP verdict parameters CVE-2024-1086 - RDMA/core: Refactor rdmabindaddr CVE-2023-2176 - RDMA/cma: Do not change route.addr.srcaddr outside state checks - RDMA/cma: Ensure rdmaaddrcancel happens before issuing more requests - drm/amdgpu: Fix potential fence...

kernel: NULL pointer dereference in udf_expand_file_adinicbdue() during writeback

A NULL pointer dereference was found in the Linux kernel’s UDF file system functionality in the way the user triggers the udffilewriteiter function for a malicious UDF image. This flaw allows a local user to crash the system...

kernel: writeback: avoid use-after-free after removing device

In the Linux kernel, the following vulnerability has been resolved: writeback: avoid use-after-free after removing device When a disk is removed, bdiunregister gets called to stop further writeback and wait for associated delayed work to complete. However, wbinodewritebackend may schedule bandwid...

kernel: use-after-free after removing device in wb_inode_writeback_end in mm/page-writeback.c

A use-after-free flaw was found in the Linux Kernel. When a disk is removed, bdiunregister is called to stop further write-back and waits for associated delayed work to complete. However, wbinodewritebackend may schedule bandwidth estimation work after this has completed, which can result in the...

PT-2024-7325

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: The issue is related to a possible divide-by-zero error in the wb dirty limits function. This error occurs because the thresh value, which is an unsigned long, is passed as a u32 divis...

Kernel: use-after-free after removing device in wb_inode_writeback_end in mm/page-writeback.c

...

AZL-33599 CVE-2024-0562 affecting package kernel for versions less than 5.15.153.1-1

A use-after-free flaw was found in the Linux Kernel. When a disk is removed, bdiunregister is called to stop further write-back and waits for associated delayed work to complete. However, wbinodewritebackend may schedule bandwidth estimation work after this has completed, which can result in the...

DEBIAN-CVE-2024-0562

A use-after-free flaw was found in the Linux Kernel. When a disk is removed, bdiunregister is called to stop further write-back and waits for associated delayed work to complete. However, wbinodewritebackend may schedule bandwidth estimation work after this has completed, which can result in the...

UBUNTU-CVE-2024-0562

A use-after-free flaw was found in the Linux Kernel. When a disk is removed, bdiunregister is called to stop further write-back and waits for associated delayed work to complete. However, wbinodewritebackend may schedule bandwidth estimation work after this has completed, which can result in the...

CVE-2024-0562 Kernel: use-after-free after removing device in wb_inode_writeback_end in mm/page-writeback.c

A use-after-free flaw was found in the Linux Kernel. When a disk is removed, bdiunregister is called to stop further write-back and waits for associated delayed work to complete. However, wbinodewritebackend may schedule bandwidth estimation work after this has completed, which can result in the...