Page 233 of 2714 results (0.015 seconds)

CVSS: -EPSS: 0%CPEs: 4EXPL: 0

In the Linux kernel, the following vulnerability has been resolved: cifs: prevent NULL deref in cifs_compose_mount_options() The optional @ref parameter might contain an NULL node_name, so prevent dereferencing it in cifs_compose_mount_options(). Addresses-Coverity: 1476408 ("Explicit null dereferenced") En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: cifs: evita la eliminación de desreferencias NULL en cifs_compose_mount_options() El parámetro @ref opcional puede contener un nombre de nodo NULL, por lo que se debe evitar eliminar la referencia a él en cifs_compose_mount_options(). Direcciones-Cobertura: 1476408 ("Nulo explícito desreferenciado") • https://git.kernel.org/stable/c/f7d1fa65e74263d11f90ddd33b4d4cd905a93759 https://git.kernel.org/stable/c/e58c162789becede894d3e94c0ce6695a2ef5796 https://git.kernel.org/stable/c/ae3d181f4e912f51af7776ea165f199b16fc165d https://git.kernel.org/stable/c/03313d1c3a2f086bb60920607ab79ac8f8578306 •

CVSS: -EPSS: 0%CPEs: 6EXPL: 0

In the Linux kernel, the following vulnerability has been resolved: dma-buf/sync_file: Don't leak fences on merge failure Each add_fence() call does a dma_fence_get() on the relevant fence. In the error path, we weren't calling dma_fence_put() so all those fences got leaked. Also, in the krealloc_array failure case, we weren't freeing the fences array. Instead, ensure that i and fences are always zero-initialized and dma_fence_put() all the fences and kfree(fences) on every error path. En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: dma-buf/sync_file: no filtrar barreras en caso de falla de fusión. • https://git.kernel.org/stable/c/a02b9dc90d844cc7df7b63264e7920cc425052d9 https://git.kernel.org/stable/c/19f51c2529339280d2c8c6427cd3e21ddf1ac3f8 https://git.kernel.org/stable/c/e0355a0ad31a1d677b2a4514206de4902bd550e8 https://git.kernel.org/stable/c/41f45e91c92c8480242ea448d54e28c753b13902 https://git.kernel.org/stable/c/0d514185ae792d3a1903c8e1a83899aa996705ce https://git.kernel.org/stable/c/19edcd97727aae9362444a859a24d99a8730cb27 https://git.kernel.org/stable/c/ffe000217c5068c5da07ccb1c0f8cce7ad767435 •

CVSS: -EPSS: 0%CPEs: 6EXPL: 0

In the Linux kernel, the following vulnerability has been resolved: igb: Fix use-after-free error during reset Cleans the next descriptor to watch (next_to_watch) when cleaning the TX ring. Failure to do so can cause invalid memory accesses. If igb_poll() runs while the controller is reset this can lead to the driver try to free a skb that was already freed. (The crash is harder to reproduce with the igb driver, but the same potential problem exists as the code is identical to igc) En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: igb: corrige el error de use after free durante el reinicio. Limpia el siguiente descriptor a observar (next_to_watch) al limpiar el anillo TX. De lo contrario, se pueden producir accesos a la memoria no válidos. Si igb_poll() se ejecuta mientras se reinicia el controlador, esto puede hacer que el controlador intente liberar un skb que ya estaba liberado. • https://git.kernel.org/stable/c/7cc6fd4c60f267e17b0baef1580d7a6258c0a6f0 https://git.kernel.org/stable/c/d7367f781e5a9ca5df9082b15b272b55e76931f8 https://git.kernel.org/stable/c/d3ccb18ed5ac3283c7b31ecc685b499e580d5492 https://git.kernel.org/stable/c/88e0720133d42d34851c8721cf5f289a50a8710f https://git.kernel.org/stable/c/f153664d8e70c11d0371341613651e1130e20240 https://git.kernel.org/stable/c/8e24c12f2ff6d32fd9f057382f08e748ec97194c https://git.kernel.org/stable/c/7b292608db23ccbbfbfa50cdb155d01725d7a52e •

CVSS: -EPSS: 0%CPEs: 8EXPL: 0

In the Linux kernel, the following vulnerability has been resolved: net: fix uninit-value in caif_seqpkt_sendmsg When nr_segs equal to zero in iovec_from_user, the object msg->msg_iter.iov is uninit stack memory in caif_seqpkt_sendmsg which is defined in ___sys_sendmsg. So we cann't just judge msg->msg_iter.iov->base directlly. We can use nr_segs to judge msg in caif_seqpkt_sendmsg whether has data buffers. ===================================================== BUG: KMSAN: uninit-value in caif_seqpkt_sendmsg+0x693/0xf60 net/caif/caif_socket.c:542 Call Trace: __dump_stack lib/dump_stack.c:77 [inline] dump_stack+0x1c9/0x220 lib/dump_stack.c:118 kmsan_report+0xf7/0x1e0 mm/kmsan/kmsan_report.c:118 __msan_warning+0x58/0xa0 mm/kmsan/kmsan_instr.c:215 caif_seqpkt_sendmsg+0x693/0xf60 net/caif/caif_socket.c:542 sock_sendmsg_nosec net/socket.c:652 [inline] sock_sendmsg net/socket.c:672 [inline] ____sys_sendmsg+0x12b6/0x1350 net/socket.c:2343 ___sys_sendmsg net/socket.c:2397 [inline] __sys_sendmmsg+0x808/0xc90 net/socket.c:2480 __compat_sys_sendmmsg net/compat.c:656 [inline] En el kernel de Linux, se resolvió la siguiente vulnerabilidad: net: corrige el valor uninit en caif_seqpkt_sendmsg. Cuando nr_segs es igual a cero en iovec_from_user, el objeto msg->msg_iter.iov es la memoria de pila uninit en caif_seqpkt_sendmsg que está definida en ___sys_sendmsg. Entonces no podemos simplemente juzgar msg->msg_iter.iov->base directamente. • https://git.kernel.org/stable/c/bece7b2398d073d11b2e352405a3ecd3a1e39c60 https://git.kernel.org/stable/c/d9d646acad2c3590e189bb5d5c86ab8bd8a2dfc3 https://git.kernel.org/stable/c/5c6d8e2f7187b8e45a18c27acb7a3885f03ee3db https://git.kernel.org/stable/c/ffe31dd70b70a40cd6b21b78c1713a23e021843a https://git.kernel.org/stable/c/452c3ed7bf63721b07bc2238ed1261bb26027e85 https://git.kernel.org/stable/c/9413c0abb57f70a953b1116318d6aa478013c35d https://git.kernel.org/stable/c/1582a02fecffcee306663035a295e28e1c4aaaff https://git.kernel.org/stable/c/d4c7797ab1517515f0d08b3bc1c6b4888 •

CVSS: -EPSS: 0%CPEs: 5EXPL: 0

In the Linux kernel, the following vulnerability has been resolved: KVM: PPC: Fix kvm_arch_vcpu_ioctl vcpu_load leak vcpu_put is not called if the user copy fails. This can result in preempt notifier corruption and crashes, among other issues. En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: KVM: PPC: corrección de fuga de kvm_arch_vcpu_ioctl vcpu_load. No se llama a vcpu_put si falla la copia del usuario. Esto puede provocar daños y bloqueos del notificador preventivo, entre otros problemas. • https://git.kernel.org/stable/c/b3cebfe8c1cadf1817939dcc3688a2504a69c662 https://git.kernel.org/stable/c/9bafc34dc4ad0cef18727c557f21ed3c3304df50 https://git.kernel.org/stable/c/f38527f1890543cdfca8dfd06f75f9887cce6151 https://git.kernel.org/stable/c/e14ef1095387f764d95614d3ec9e4d07c82a3533 https://git.kernel.org/stable/c/a4a488915feaad38345cc01b80d52e8200ff5209 https://git.kernel.org/stable/c/bc4188a2f56e821ea057aca6bf444e138d06c252 •