103 matches found
SUSE CVE-2025-22016
In the Linux kernel, the following vulnerability has been resolved: dpll: fix xaalloccyclic error handling In case of returning 1 from xaalloccyclic wrapping ERRPTR1 will be returned, which will cause ISERR to be false. Which can lead to dereference not allocated pointer pin. Fix it by checking i...
SUSE CVE-2025-22017
In the Linux kernel, the following vulnerability has been resolved: devlink: fix xaalloccyclic error handling In case of returning 1 from xaalloccyclic wrapping ERRPTR1 will be returned, which will cause ISERR to be false. Which can lead to dereference not allocated pointer rel. Fix it by checkin...
DEBIAN-CVE-2025-22017
In the Linux kernel, the following vulnerability has been resolved: devlink: fix xaalloccyclic error handling In case of returning 1 from xaalloccyclic wrapping ERRPTR1 will be returned, which will cause ISERR to be false. Which can lead to dereference not allocated pointer rel. Fix it by checkin...
CVE-2023-52931 drm/i915: Avoid potential vm use-after-free
In the Linux kernel, the following vulnerability has been resolved: drm/i915: Avoid potential vm use-after-free Adding the vm to the vmxa table makes it visible to userspace, which could try to race with us to close the vm. So we need to take our extra reference before putting it in the table...
UBUNTU-CVE-2025-21857
In the Linux kernel, the following vulnerability has been resolved: net/sched: clsapi: fix error handling causing NULL dereference tcfextsmisscookiebasealloc calls xaalloccyclic which can return 1 if the allocation succeeded after wrapping. This was treated as an error, with value 1 returned to...
UBUNTU-CVE-2022-49206
In the Linux kernel, the following vulnerability has been resolved: RDMA/mlx5: Fix memory leak in error flow for subscribe event routine In case the second xainsert fails, the objevent is not released. Fix the error unwind flow to free that memory to avoid a memory leak...
Astra Linux – Vulnerability in Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: ocfs2: removing an entry instead of using null-ptr-dereference in ocfs2xaremove Syzkaller can trigger null-ptr-dereference in ocfs2xaremove: 57.319872 a.out,1161,7:ocfs2xaremove:2028 ERROR: status = -12 57.320420...
ksmbd: Fix the missing xa_store error check
...
PT-2025-30787
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A vulnerability exists in the Linux kernel related to RDMA/mlx5, specifically concerning the initialization of obj event-obj sub list before its insertion using xa insert. This can lead ...
CVE-2024-56584
In the Linux kernel, the following vulnerability has been resolved: iouring/tctx: work around xastore allocation error issue syzbot triggered the following WARNON: WARNING: CPU: 0 PID: 16 at iouring/tctx.c:51 iouringfree+0xfa/0x140 iouring/tctx.c:51 which is the WARNONONCE!xaempty&tctx-;xa; sanit...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel, which stems from an incorrect allocation of xastore memory in the iouring/tctx subsystem...
SUSE CVE-2024-53044
In the Linux kernel, the following vulnerability has been resolved: net/sched: schapi: fix xainsert error path in tcfblockgetext This command: $ tc qdisc replace dev eth0 ingressblock 1 egressblock 1 clsact Error: block dev insert failed: -EBUSY. fails because user space requests the same block...
UBUNTU-CVE-2024-53077
In the Linux kernel, the following vulnerability has been resolved: rpcrdma: Always release the rpcrdmadevice's xaarray Dai pointed out that the xainitflags in rpcrdmaaddone needs to have a matching xadestroy in rpcrdmaremoveone to release underlying memory that the xarray might have accrued duri...
AZL-53531 CVE-2024-50284 affecting package kernel for versions less than 6.6.64.2-1
In the Linux kernel, the following vulnerability has been resolved: ksmbd: Fix the missing xastore error check xastore can fail, it return xaerr-EINVAL if the entry cannot be stored in an XArray, or xaerr-ENOMEM if memory allocation failed, so check error for xastore to fix it...
DEBIAN-CVE-2024-50174
In the Linux kernel, the following vulnerability has been resolved: drm/panthor: Fix race when converting group handle to group object XArray provides it's own internal lock which protects the internal array when entries are being simultaneously added and removed. However there is still a race...
SUSE CVE-2024-49865
In the Linux kernel, the following vulnerability has been resolved: drm/xe/vm: move xaalloc to prevent UAF Evil user can guess the next id of the vm before the ioctl completes and then call vm destroy ioctl to trigger UAF since create ioctl is still referencing the same vm. Move the xaalloc all t...
UBUNTU-CVE-2024-49865
In the Linux kernel, the following vulnerability has been resolved: drm/xe/vm: move xaalloc to prevent UAF Evil user can guess the next id of the vm before the ioctl completes and then call vm destroy ioctl to trigger UAF since create ioctl is still referencing the same vm. Move the xaalloc all t...
UBUNTU-CVE-2024-49876
In the Linux kernel, the following vulnerability has been resolved: drm/xe: fix UAF around queue destruction We currently do stuff like queuing the final destruction step on a random system wq, which will outlive the driver instance. With bad timing we can teardown the driver with one or more wor...
CVE-2024-43834
In the Linux kernel, the following vulnerability has been resolved: xdp: fix invalid wait context of pagepooldestroy If the driver uses a page pool, it creates a page pool with pagepoolcreate. The reference count of page pool is 1 as default. A page pool will be destroyed only when a reference...
CVE-2024-43834
In the Linux kernel, the following vulnerability has been resolved: xdp: fix invalid wait context of pagepooldestroy If the driver uses a page pool, it creates a page pool with pagepoolcreate. The reference count of page pool is 1 as default. A page pool will be destroyed only when a reference...