Page 162 of 2718 results (0.018 seconds)

CVSS: -EPSS: 0%CPEs: 2EXPL: 0

In the Linux kernel, the following vulnerability has been resolved: spi: don't unoptimize message in spi_async() Calling spi_maybe_unoptimize_message() in spi_async() is wrong because the message is likely to be in the queue and not transferred yet. This can corrupt the message while it is being used by the controller driver. spi_maybe_unoptimize_message() is already called in the correct place in spi_finalize_current_message() to balance the call to spi_maybe_optimize_message() in spi_async(). • https://git.kernel.org/stable/c/7b1d87af14d9ae902ed0c5dc5fabf4eea5abdf02 https://git.kernel.org/stable/c/8b9af6d67517ce4a0015928b3cf35bfd2b1bc1c2 https://git.kernel.org/stable/c/c86a918b1bdba78fb155184f8d88dfba1e63335d •

CVSS: -EPSS: 0%CPEs: 3EXPL: 0

In the Linux kernel, the following vulnerability has been resolved: tty: serial: ma35d1: Add a NULL check for of_node The pdev->dev.of_node can be NULL if the "serial" node is absent. Add a NULL check to return an error in such cases. • https://git.kernel.org/stable/c/930cbf92db0184e327293d5e7089be0b08d46371 https://git.kernel.org/stable/c/23efa74cfe6eb923abb5b9bc51b2a04879013c67 https://git.kernel.org/stable/c/0e0e15ab2d3a094a38525d23c03d78ec7d14a40e https://git.kernel.org/stable/c/acd09ac253b5de8fd79fc61a482ee19154914c7a •

CVSS: -EPSS: 0%CPEs: 6EXPL: 0

In the Linux kernel, the following vulnerability has been resolved: wireguard: allowedips: avoid unaligned 64-bit memory accesses On the parisc platform, the kernel issues kernel warnings because swap_endian() tries to load a 128-bit IPv6 address from an unaligned memory location: Kernel: unaligned access to 0x55f4688c in wg_allowedips_insert_v6+0x2c/0x80 [wireguard] (iir 0xf3010df) Kernel: unaligned access to 0x55f46884 in wg_allowedips_insert_v6+0x38/0x80 [wireguard] (iir 0xf2010dc) Avoid such unaligned memory accesses by instead using the get_unaligned_be64() helper macro. [Jason: replace src[8] in original patch with src+8] • https://git.kernel.org/stable/c/e7096c131e5161fa3b8e52a650d7719d2857adfd https://git.kernel.org/stable/c/ae630de24efb123d7199a43256396d7758f4cb75 https://git.kernel.org/stable/c/b4764f0ad3d68de8a0b847c05f427afb86dd54e6 https://git.kernel.org/stable/c/217978a29c6ceca76d3c640bf94bdf50c268d801 https://git.kernel.org/stable/c/6638a203abad35fa636d59ac47bdbc4bc100fd74 https://git.kernel.org/stable/c/2fb34bf76431e831f9863cd59adc0bd1f67b0fbf https://git.kernel.org/stable/c/948f991c62a4018fb81d85804eeab3029c6209f8 •

CVSS: 5.5EPSS: 0%CPEs: 8EXPL: 0

In the Linux kernel, the following vulnerability has been resolved: net, sunrpc: Remap EPERM in case of connection failure in xs_tcp_setup_socket When using a BPF program on kernel_connect(), the call can return -EPERM. This causes xs_tcp_setup_socket() to loop forever, filling up the syslog and causing the kernel to potentially freeze up. Neil suggested: This will propagate -EPERM up into other layers which might not be ready to handle it. It might be safer to map EPERM to an error we would be more likely to expect from the network system - such as ECONNREFUSED or ENETDOWN. ECONNREFUSED as error seems reasonable. For programs setting a different error can be out of reach (see handling in 4fbac77d2d09) in particular on kernels which do not have f10d05966196 ("bpf: Make BPF_PROG_RUN_ARRAY return -err instead of allow boolean"), thus given that it is better to simply remap for consistent behavior. UDP does handle EPERM in xs_udp_send_request(). • https://git.kernel.org/stable/c/4fbac77d2d092b475dda9eea66da674369665427 https://git.kernel.org/stable/c/bc790261218952635f846aaf90bcc0974f6f62c6 https://git.kernel.org/stable/c/934247ea65bc5eca8bdb7f8c0ddc15cef992a5d6 https://git.kernel.org/stable/c/02ee1976edb21a96ce8e3fd4ef563f14cc16d041 https://git.kernel.org/stable/c/5d8254e012996cee1a0f9cc920531cb7e4d9a011 https://git.kernel.org/stable/c/f2431e7db0fe0daccb2f06bb0d23740affcd2fa6 https://git.kernel.org/stable/c/d6c686c01c5f12ff8f7264e0ddf71df6cb0d4414 https://git.kernel.org/stable/c/f388cfd913a2b96c05339a335f365795d • CWE-835: Loop with Unreachable Exit Condition ('Infinite Loop') •

CVSS: -EPSS: 0%CPEs: 4EXPL: 0

In the Linux kernel, the following vulnerability has been resolved: Revert "sched/fair: Make sure to try to detach at least one movable task" This reverts commit b0defa7ae03ecf91b8bfd10ede430cff12fcbd06. b0defa7ae03ec changed the load balancing logic to ignore env.max_loop if all tasks examined to that point were pinned. The goal of the patch was to make it more likely to be able to detach a task buried in a long list of pinned tasks. However, this has the unfortunate side effect of creating an O(n) iteration in detach_tasks(), as we now must fully iterate every task on a cpu if all or most are pinned. Since this load balance code is done with rq lock held, and often in softirq context, it is very easy to trigger hard lockups. We observed such hard lockups with a user who affined O(10k) threads to a single cpu. When I discussed this with Vincent he initially suggested that we keep the limit on the number of tasks to detach, but increase the number of tasks we can search. • https://git.kernel.org/stable/c/b0defa7ae03ecf91b8bfd10ede430cff12fcbd06 https://git.kernel.org/stable/c/d467194018dd536fe6c65a2fd3aedfcdb1424903 https://git.kernel.org/stable/c/1e116c18e32b035a2d1bd460800072c8bf96bc44 https://git.kernel.org/stable/c/0fa6dcbfa2e2b97c1e6febbea561badf0931a38b https://git.kernel.org/stable/c/2feab2492deb2f14f9675dd6388e9e2bf669c27a •