Page 173 of 2672 results (0.007 seconds)

CVSS: -EPSS: 0%CPEs: 8EXPL: 0

In the Linux kernel, the following vulnerability has been resolved: IB/core: Implement a limit on UMAD receive List The existing behavior of ib_umad, which maintains received MAD packets in an unbounded list, poses a risk of uncontrolled growth. As user-space applications extract packets from this list, the rate of extraction may not match the rate of incoming packets, leading to potential list overflow. To address this, we introduce a limit to the size of the list. After considering typical scenarios, such as OpenSM processing, which can handle approximately 100k packets per second, and the 1-second retry timeout for most packets, we set the list size limit to 200k. Packets received beyond this limit are dropped, assuming they are likely timed out by the time they are handled by user-space. Notably, packets queued on the receive list due to reasons like timed-out sends are preserved even when the list is full. • https://git.kernel.org/stable/c/1288cf1cceb0e6df276e182f5412370fb4169bcb https://git.kernel.org/stable/c/b4913702419d064ec4c4bbf7270643c95cc89a1b https://git.kernel.org/stable/c/62349fbf86b5e13b02721bdadf98c29afd1e7b5f https://git.kernel.org/stable/c/d73cb8862e4d6760ccc94d3b57b9ef6271400607 https://git.kernel.org/stable/c/63d202d948bb6d3a28cd8e8b96b160fa53e18baa https://git.kernel.org/stable/c/b8c5f635997f49c625178d1a0cb32a80ed33abe6 https://git.kernel.org/stable/c/a6627fba793cc75b7365d9504a0095fb2902dda4 https://git.kernel.org/stable/c/ca0b44e20a6f3032224599f02e7c8fb49 •

CVSS: -EPSS: 0%CPEs: 3EXPL: 0

In the Linux kernel, the following vulnerability has been resolved: thermal/drivers/mediatek/lvts_thermal: Check NULL ptr on lvts_data Verify that lvts_data is not NULL before using it. • https://git.kernel.org/stable/c/79ef1a5593fdb8aa4dbccf6085c48f1739338bc9 https://git.kernel.org/stable/c/fd7ae1cabfedd727be5bee774c87acbc7b10b886 https://git.kernel.org/stable/c/a1191a77351e25ddf091bb1a231cae12ee598b5d •

CVSS: -EPSS: 0%CPEs: 4EXPL: 0

In the Linux kernel, the following vulnerability has been resolved: net/mlx5: E-switch, Create ingress ACL when needed Currently, ingress acl is used for three features. It is created only when vport metadata match and prio tag are enabled. But active-backup lag mode also uses it. It is independent of vport metadata match and prio tag. And vport metadata match can be disabled using the following devlink command: # devlink dev param set pci/0000:08:00.0 name esw_port_metadata \ value false cmode runtime If ingress acl is not created, will hit panic when creating drop rule for active-backup lag mode. • https://git.kernel.org/stable/c/1749c4c51c16e3e078faae0a876d01bafb187a74 https://git.kernel.org/stable/c/bc3ff8d3c05044de57865ebbb78cca8f7da3e595 https://git.kernel.org/stable/c/3e3551f8702978cd2221d2614ca6d6727e785324 https://git.kernel.org/stable/c/83bc1a129f7fd0d7d05036ceb7ee69102624e320 https://git.kernel.org/stable/c/b20c2fb45470d0c7a603613c9cfa5d45720e17f2 •

CVSS: -EPSS: 0%CPEs: 6EXPL: 0

In the Linux kernel, the following vulnerability has been resolved: riscv: kexec: Avoid deadlock in kexec crash path If the kexec crash code is called in the interrupt context, the machine_kexec_mask_interrupts() function will trigger a deadlock while trying to acquire the irqdesc spinlock and then deactivate irqchip in irq_set_irqchip_state() function. Unlike arm64, riscv only requires irq_eoi handler to complete EOI and keeping irq_set_irqchip_state() will only leave this possible deadlock without any use. So we simply remove it. • https://git.kernel.org/stable/c/12f237200c169a8667cf9dca7a40df8d7917b9fd https://git.kernel.org/stable/c/b17d19a5314a37f7197afd1a0200affd21a7227d https://git.kernel.org/stable/c/7594956fec8902dfc18150bf1dca0940cd4ad025 https://git.kernel.org/stable/c/bb80a7911218bbab2a69b5db7d2545643ab0073d https://git.kernel.org/stable/c/653deee48a4682ea17a05b96fb6842795ab5943c https://git.kernel.org/stable/c/7692c9b6baacdee378435f58f19baf0eb69e4155 https://git.kernel.org/stable/c/484dd545271d02d1571e1c6b62ea7df9dbe5e692 https://git.kernel.org/stable/c/c562ba719df570c986caf0941fea24491 •

CVSS: 4.4EPSS: 0%CPEs: 2EXPL: 0

In the Linux kernel, the following vulnerability has been resolved: ice: Fix improper extts handling Extts events are disabled and enabled by the application ts2phc. However, in case where the driver is removed when the application is running, a specific extts event remains enabled and can cause a kernel crash. As a side effect, when the driver is reloaded and application is started again, remaining extts event for the channel from a previous run will keep firing and the message "extts on unexpected channel" might be printed to the user. To avoid that, extts events shall be disabled when PTP is released. • https://git.kernel.org/stable/c/172db5f91d5f7b91670c68a7547798b0b5374158 https://git.kernel.org/stable/c/9f69b31ae9e25dec27ad31fbc64dd99af16ee3d3 https://git.kernel.org/stable/c/00d3b4f54582d4e4a02cda5886bb336eeab268cc https://access.redhat.com/security/cve/CVE-2024-42139 https://bugzilla.redhat.com/show_bug.cgi?id=2301504 • CWE-476: NULL Pointer Dereference •