Page 216 of 2770 results (0.022 seconds)

CVSS: -EPSS: 0%CPEs: 2EXPL: 0

In the Linux kernel, the following vulnerability has been resolved: RDMA: Verify port when creating flow rule Validate port value provided by the user and with that remove no longer needed validation by the driver. The missing check in the mlx5_ib driver could cause to the below oops. Call trace: _create_flow_rule+0x2d4/0xf28 [mlx5_ib] mlx5_ib_create_flow+0x2d0/0x5b0 [mlx5_ib] ib_uverbs_ex_create_flow+0x4cc/0x624 [ib_uverbs] ib_uverbs_handler_UVERBS_METHOD_INVOKE_WRITE+0xd4/0x150 [ib_uverbs] ib_uverbs_cmd_verbs.isra.7+0xb28/0xc50 [ib_uverbs] ib_uverbs_ioctl+0x158/0x1d0 [ib_uverbs] do_vfs_ioctl+0xd0/0xaf0 ksys_ioctl+0x84/0xb4 __arm64_sys_ioctl+0x28/0xc4 el0_svc_common.constprop.3+0xa4/0x254 el0_svc_handler+0x84/0xa0 el0_svc+0x10/0x26c Code: b9401260 f9615681 51000400 8b001c20 (f9403c1a) En el kernel de Linux se ha resuelto la siguiente vulnerabilidad: RDMA: Verificar puerto al crear regla de flujo. Validar valor de puerto proporcionado por el usuario y con ello eliminar la validación que ya no necesita el controlador. La verificación que falta en el controlador mlx5_ib podría provocar los siguientes errores. Seguimiento de llamadas: _create_flow_rule+0x2d4/0xf28 [mlx5_ib] mlx5_ib_create_flow+0x2d0/0x5b0 [mlx5_ib] ib_uverbs_ex_create_flow+0x4cc/0x624 [ib_uverbs_handler_UVERBS_METHOD_INVOKE_WRITE+0xd4/0x1 50 [ib_uverbs] ib_uverbs_cmd_verbs.isra.7+0xb28/0xc50 [ib_uverbs] ib_uverbs_ioctl+0x158 /0x1d0 [ib_uverbs] do_vfs_ioctl+0xd0/0xaf0 ksys_ioctl+0x84/0xb4 __arm64_sys_ioctl+0x28/0xc4 el0_svc_common.constprop.3+0xa4/0x254 el0_svc_handler+0x84/0xa0 0x10/0x26c Código: b9401260 f9615681 51000400 8b001c20 (f9403c1a) • https://git.kernel.org/stable/c/436f2ad05a0b65b1467ddf51bc68171c381bf844 https://git.kernel.org/stable/c/8dc1b0e0ca204596c50bcd159ee069ae0f998176 https://git.kernel.org/stable/c/2adcb4c5a52a2623cd2b43efa7041e74d19f3a5e •

CVSS: -EPSS: 0%CPEs: 8EXPL: 0

In the Linux kernel, the following vulnerability has been resolved: NFS: Fix a potential NULL dereference in nfs_get_client() None of the callers are expecting NULL returns from nfs_get_client() so this code will lead to an Oops. It's better to return an error pointer. I expect that this is dead code so hopefully no one is affected. En el kernel de Linux, se resolvió la siguiente vulnerabilidad: NFS: corrija una posible desreferencia NULL en nfs_get_client() Ninguna de las personas que llaman espera retornos NULL de nfs_get_client(), por lo que este código generará un error ¡Oops! Es mejor devolver un puntero de error. • https://git.kernel.org/stable/c/31434f496abb9f3410b10f541462fe58613dd3ad https://git.kernel.org/stable/c/fab8bfdfb4aac9e4e8363666333adfdf21e89106 https://git.kernel.org/stable/c/a979e601000982a3ca693171a6d4dffc47f8ad00 https://git.kernel.org/stable/c/634f17ff1d59905eb3b4bbbc00805961d08beaee https://git.kernel.org/stable/c/4b380a7d84ef2ce3f4f5bec5d8706ed937ac6502 https://git.kernel.org/stable/c/0057ecef9f324007c0ba5fcca4ddd131178ce78b https://git.kernel.org/stable/c/279ad78a00f8b9c5ff24171a59297187a3bd44b7 https://git.kernel.org/stable/c/58ddf61f10b8f9b7b1341644bfee2f1c6 •

CVSS: -EPSS: 0%CPEs: 7EXPL: 0

In the Linux kernel, the following vulnerability has been resolved: scsi: core: Fix error handling of scsi_host_alloc() After device is initialized via device_initialize(), or its name is set via dev_set_name(), the device has to be freed via put_device(). Otherwise device name will be leaked because it is allocated dynamically in dev_set_name(). Fix the leak by replacing kfree() with put_device(). Since scsi_host_dev_release() properly handles IDA and kthread removal, remove special-casing these from the error handling as well. En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: scsi: core: corrige el manejo de errores de scsi_host_alloc(). Después de que el dispositivo se inicializa mediante device_initialize(), o su nombre se establece mediante dev_set_name(), el dispositivo debe liberarse mediante put_device (). • https://git.kernel.org/stable/c/8958181c1663e24a13434448e7d6b96b5d04900a https://git.kernel.org/stable/c/db08ce595dd64ea9859f7d088b51cbfc8e685c66 https://git.kernel.org/stable/c/2dc85045ae65b9302a1d2e2ddd7ce4c030153a6a https://git.kernel.org/stable/c/79296e292d67fa7b5fb8d8c27343683e823872c8 https://git.kernel.org/stable/c/7a696ce1d5d16a33a6cd6400bbcc0339b2460e11 https://git.kernel.org/stable/c/45d83db4728127944b237c0c8248987df9d478e7 https://git.kernel.org/stable/c/66a834d092930cf41d809c0e989b13cd6f9ca006 •

CVSS: 5.5EPSS: 0%CPEs: 7EXPL: 0

In the Linux kernel, the following vulnerability has been resolved: net: ieee802154: fix null deref in parse dev addr Fix a logic error that could result in a null deref if the user sets the mode incorrectly for the given addr type. En el kernel de Linux, se resolvió la siguiente vulnerabilidad: net: ieee802154: corrige el deref null en analizar dev addr. Se corrige un error lógico que podría resultar en un deref null si el usuario configura el modo incorrectamente para el tipo de dirección dado. • https://git.kernel.org/stable/c/1f95741981c899c4724647291fec5faa3c777185 https://git.kernel.org/stable/c/c6998ccfefa652bac3f9b236821e392af43efa1e https://git.kernel.org/stable/c/5f728ec65485625e30f46e5b4917ff023ad29ea0 https://git.kernel.org/stable/c/d0f47648b87b6d5f204cb7f3cbce6d36dab85a67 https://git.kernel.org/stable/c/c7836de2cadd88bc2f20f2c5a3d4ef4c73aef627 https://git.kernel.org/stable/c/fdd51e34f45311ab6e48d2147cbc2904731b9993 https://git.kernel.org/stable/c/9fdd04918a452980631ecc499317881c1d120b70 https://access.redhat.com/security/cve/CVE-2021-47257 • CWE-476: NULL Pointer Dereference •

CVSS: -EPSS: 0%CPEs: 6EXPL: 0

In the Linux kernel, the following vulnerability has been resolved: mm/memory-failure: make sure wait for page writeback in memory_failure Our syzkaller trigger the "BUG_ON(!list_empty(&inode->i_wb_list))" in clear_inode: kernel BUG at fs/inode.c:519! Internal error: Oops - BUG: 0 [#1] SMP Modules linked in: Process syz-executor.0 (pid: 249, stack limit = 0x00000000a12409d7) CPU: 1 PID: 249 Comm: syz-executor.0 Not tainted 4.19.95 Hardware name: linux,dummy-virt (DT) pstate: 80000005 (Nzcv daif -PAN -UAO) pc : clear_inode+0x280/0x2a8 lr : clear_inode+0x280/0x2a8 Call trace: clear_inode+0x280/0x2a8 ext4_clear_inode+0x38/0xe8 ext4_free_inode+0x130/0xc68 ext4_evict_inode+0xb20/0xcb8 evict+0x1a8/0x3c0 iput+0x344/0x460 do_unlinkat+0x260/0x410 __arm64_sys_unlinkat+0x6c/0xc0 el0_svc_common+0xdc/0x3b0 el0_svc_handler+0xf8/0x160 el0_svc+0x10/0x218 Kernel panic - not syncing: Fatal exception A crash dump of this problem show that someone called __munlock_pagevec to clear page LRU without lock_page: do_mmap -> mmap_region -> do_munmap -> munlock_vma_pages_range -> __munlock_pagevec. As a result memory_failure will call identify_page_state without wait_on_page_writeback. And after truncate_error_page clear the mapping of this page. end_page_writeback won't call sb_clear_inode_writeback to clear inode->i_wb_list. • https://git.kernel.org/stable/c/0bc1f8b0682caa39f45ce1e0228ebf43acb46111 https://git.kernel.org/stable/c/d05267fd27a5c4f54e06daefa3035995d765ca0c https://git.kernel.org/stable/c/6d210d547adc2218ef8b5bcf23518c5f2f1fd872 https://git.kernel.org/stable/c/566345aaabac853aa866f53a219c4b02a6beb527 https://git.kernel.org/stable/c/9e379da727a7a031be9b877cde7b9c34a0fb8306 https://git.kernel.org/stable/c/28788dc5c70597395b6b451dae4549bbaa8e2c56 https://git.kernel.org/stable/c/e8675d291ac007e1c636870db880f837a9ea112a •