Page 247 of 3020 results (0.011 seconds)

CVSS: -EPSS: 0%CPEs: 5EXPL: 0

In the Linux kernel, the following vulnerability has been resolved: qibfs: fix dentry leak simple_recursive_removal() drops the pinning references to all positives in subtree. For the cases when its argument has been kept alive by the pinning alone that's exactly the right thing to do, but here the argument comes from dcache lookup, that needs to be balanced by explicit dput(). Fucked-up-by: Al Viro <viro@zeniv.linux.org.uk> En el kernel de Linux, se resolvió la siguiente vulnerabilidad: qibfs: arreglar la fuga de dentry simple_recursive_removal() elimina las referencias de fijación a todos los positivos en el subárbol. Para los casos en los que su argumento se ha mantenido vivo solo mediante la fijación, eso es exactamente lo correcto, pero aquí el argumento proviene de la búsqueda de dcache, que debe equilibrarse con dput() explícito. Jodido por: Al Viro • https://git.kernel.org/stable/c/e41d237818598c0b17458b4d0416b091a7959e55 https://git.kernel.org/stable/c/24dd9b08df718f20ccf2dd1519909fefd8c233ee https://git.kernel.org/stable/c/bd8f78c71defbcb7a9ed331e7f287507df972b00 https://git.kernel.org/stable/c/db71ca93259dd1078bcfea3afafde2143cfc2da7 https://git.kernel.org/stable/c/02ee394a5d899d9bd2f0759382e9481cab6166f8 https://git.kernel.org/stable/c/aa23317d0268b309bb3f0801ddd0d61813ff5afb •

CVSS: -EPSS: 0%CPEs: 8EXPL: 0

In the Linux kernel, the following vulnerability has been resolved: phonet: fix rtm_phonet_notify() skb allocation fill_route() stores three components in the skb: - struct rtmsg - RTA_DST (u8) - RTA_OIF (u32) Therefore, rtm_phonet_notify() should use NLMSG_ALIGN(sizeof(struct rtmsg)) + nla_total_size(1) + nla_total_size(4) En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: phonet: corrige la asignación de skb de rtm_phonet_notify() fill_route() almacena tres componentes en el skb: - struct rtmsg - RTA_DST (u8) - RTA_OIF (u32) Por lo tanto, rtm_phonet_notify() debería usar NLMSG_ALIGN(tamañode(struct rtmsg)) + nla_total_size(1) + nla_total_size(4) • https://git.kernel.org/stable/c/f062f41d06575744b9eaf725eef8a5d3b5f5b7ca https://git.kernel.org/stable/c/ec1f71c05caeba0f814df77e0f511d8b4618623a https://git.kernel.org/stable/c/dc6beac059f0331de97155a89d84058d4a9e49c7 https://git.kernel.org/stable/c/f085e02f0a32f6dfcfabc6535c9c4a1707cef86b https://git.kernel.org/stable/c/4ff334cade9dae50e4be387f71e94fae634aa9b4 https://git.kernel.org/stable/c/728a83160f98ee6b60df0d890141b9b7240182fe https://git.kernel.org/stable/c/ee9e39a6cb3ca2a3d35b4ae25547ee3526a44d00 https://git.kernel.org/stable/c/9a77226440008cf04ba68faf641a2d50f •

CVSS: -EPSS: 0%CPEs: 5EXPL: 0

In the Linux kernel, the following vulnerability has been resolved: Reapply "drm/qxl: simplify qxl_fence_wait" This reverts commit 07ed11afb68d94eadd4ffc082b97c2331307c5ea. Stephen Rostedt reports: "I went to run my tests on my VMs and the tests hung on boot up. Unfortunately, the most I ever got out was: [ 93.607888] Testing event system initcall: OK [ 93.667730] Running tests on all trace events: [ 93.669757] Testing all events: OK [ 95.631064] ------------[ cut here ]------------ Timed out after 60 seconds" and further debugging points to a possible circular locking dependency between the console_owner locking and the worker pool locking. Reverting the commit allows Steve's VM to boot to completion again. [ This may obviously result in the "[TTM] Buffer eviction failed" messages again, which was the reason for that original revert. But at this point this seems preferable to a non-booting system... ] En el kernel de Linux, se resolvió la siguiente vulnerabilidad: Vuelva a aplicar "drm/qxl: simplificar qxl_fence_wait" Esto revierte el commit 07ed11afb68d94eadd4ffc082b97c2331307c5ea. Stephen Rostedt informa: "Fui a ejecutar mis pruebas en mis máquinas virtuales y las pruebas se colgaron al arrancar. Desafortunadamente, lo máximo que obtuve fue: [ 93.607888] Probando evento de initcall del sistema: OK [ 93.667730] Ejecutando pruebas en todos los eventos de seguimiento : [93.669757] Probando todos los eventos: OK [95.631064] ------------[ cortar aquí ]------------ Se agotó el tiempo de espera después de 60 segundos" y más puntos de depuración a una posible dependencia de bloqueo circular entre el bloqueo del propietario de la consola y el bloqueo del grupo de trabajadores. Revertir el commit permite que la máquina virtual de Steve se inicie nuevamente. • https://git.kernel.org/stable/c/4a89ac4b0921c4ea21eb1b4cf3a469a91bacfcea https://git.kernel.org/stable/c/b548c53bc3ab83dc6fc86c8e840f013b2032267a https://git.kernel.org/stable/c/148ed8b4d64f94ab079c8f0d88c3f444db97ba97 https://git.kernel.org/stable/c/3dfe35d8683daf9ba69278643efbabe40000bbf6 https://git.kernel.org/stable/c/3628e0383dd349f02f882e612ab6184e4bb3dc10 •

CVSS: -EPSS: 0%CPEs: 5EXPL: 0

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: qca: fix firmware check error path A recent commit fixed the code that parses the firmware files before downloading them to the controller but introduced a memory leak in case the sanity checks ever fail. Make sure to free the firmware buffer before returning on errors. En el kernel de Linux, se resolvió la siguiente vulnerabilidad: Bluetooth: qca: corregir ruta de error de verificación de firmware Una confirmación reciente corrigió el código que analiza los archivos de firmware antes de descargarlos al controlador, pero introdujo una pérdida de memoria en caso de que las comprobaciones de cordura alguna vez fallaran. Asegúrese de liberar el búfer de firmware antes de regresar con errores. • https://git.kernel.org/stable/c/580bcd6bf24f9975f97d81d5ef1b64cca9240df9 https://git.kernel.org/stable/c/064688d70c33bb5b49dde6e972b9379a8b045d8a https://git.kernel.org/stable/c/7bcba557d5c37cd09ecd5abbe7d50deb86c36d3f https://git.kernel.org/stable/c/d1f768214320852766a60a815a0be8f14fba0cc3 https://git.kernel.org/stable/c/40d442f969fb1e871da6fca73d3f8aef1f888558 •

CVSS: 5.7EPSS: 0%CPEs: 8EXPL: 0

In the Linux kernel, the following vulnerability has been resolved: wifi: nl80211: don't free NULL coalescing rule If the parsing fails, we can dereference a NULL pointer here. En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: wifi: nl80211: no liberar la regla de fusión NULL Si el análisis falla, podemos desreferenciar un puntero NULL aquí. • https://git.kernel.org/stable/c/be29b99a9b51b0338eea3c66a58de53bbd01de24 https://git.kernel.org/stable/c/327382dc0f16b268950b96e0052595efd80f7b0a https://git.kernel.org/stable/c/97792d0611ae2e6fe3ccefb0a94a1d802317c457 https://git.kernel.org/stable/c/5a730a161ac2290d46d49be76b2b1aee8d2eb307 https://git.kernel.org/stable/c/ad12c74e953b68ad85c78adc6408ed8435c64af4 https://git.kernel.org/stable/c/b0db4caa10f2e4e811cf88744fbf0d074b67ec1f https://git.kernel.org/stable/c/244822c09b4f9aedfb5977f03c0deeb39da8ec7d https://git.kernel.org/stable/c/f92772a642485394db5c9a17bd0ee73fc • CWE-476: NULL Pointer Dereference •