Page 338 of 5942 results (0.011 seconds)

CVSS: 5.5EPSS: 0%CPEs: 4EXPL: 0

03 Apr 2024 — In the Linux kernel, the following vulnerability has been resolved: interconnect: qcom: sc8180x: Mark CO0 BCM keepalive The CO0 BCM needs to be up at all times, otherwise some hardware (like the UFS controller) loses its connection to the rest of the SoC, resulting in a hang of the platform, accompanied by a spectacular logspam. Mark it as keepalive to prevent such cases. En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: interconexión: qcom: sc8180x: Mark CO0 BCM keepalive El CO0 BCM debe e... • https://git.kernel.org/stable/c/9c8c6bac1ae86f6902baa938101902fb3a0a100b •

CVSS: 4.4EPSS: 0%CPEs: 7EXPL: 0

03 Apr 2024 — In the Linux kernel, the following vulnerability has been resolved: powerpc/kasan: Fix addr error caused by page alignment In kasan_init_region, when k_start is not page aligned, at the begin of for loop, k_cur = k_start & PAGE_MASK is less than k_start, and then `va = block + k_cur - k_start` is less than block, the addr va is invalid, because the memory address space from va to block is not alloced by memblock_alloc, which will not be reserved by memblock_reserve later, it will be used by other places. As... • https://git.kernel.org/stable/c/663c0c9496a69f80011205ba3194049bcafd681d • CWE-20: Improper Input Validation •

CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 0

03 Apr 2024 — In the Linux kernel, the following vulnerability has been resolved: iio: adc: ad4130: zero-initialize clock init data The clk_init_data struct does not have all its members initialized, causing issues when trying to expose the internal clock on the CLK pin. Fix this by zero-initializing the clk_init_data struct. En el kernel de Linux, se resolvió la siguiente vulnerabilidad: iio: adc: ad4130: datos de inicio de reloj con inicialización cero La estructura clk_init_data no tiene todos sus miembros inicializad... • https://git.kernel.org/stable/c/62094060cf3acaf52e277457d807ea753269b89e •

CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 0

03 Apr 2024 — In the Linux kernel, the following vulnerability has been resolved: powerpc/kasan: Limit KASAN thread size increase to 32KB KASAN is seen to increase stack usage, to the point that it was reported to lead to stack overflow on some 32-bit machines (see link). To avoid overflows the stack size was doubled for KASAN builds in commit 3e8635fb2e07 ("powerpc/kasan: Force thread size increase with KASAN"). However with a 32KB stack size to begin with, the doubling leads to a 64KB stack, which causes build errors: ... • https://git.kernel.org/stable/c/9ccf64e763aca088b0d25c1274af42b1a6a45135 •

CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 0

03 Apr 2024 — In the Linux kernel, the following vulnerability has been resolved: mptcp: really cope with fastopen race Fastopen and PM-trigger subflow shutdown can race, as reported by syzkaller. In my first attempt to close such race, I missed the fact that the subflow status can change again before the subflow_state_change callback is invoked. Address the issue additionally copying with all the states directly reachable from TCP_FIN_WAIT1. En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: mptcp: realm... • https://git.kernel.org/stable/c/1e777f39b4d75e599a3aac8e0f67d739474f198c • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •

CVSS: 7.8EPSS: 0%CPEs: 6EXPL: 0

03 Apr 2024 — In the Linux kernel, the following vulnerability has been resolved: net: hsr: remove WARN_ONCE() in send_hsr_supervision_frame() Syzkaller reported [1] hitting a warning after failing to allocate resources for skb in hsr_init_skb(). Since a WARN_ONCE() call will not help much in this case, it might be prudent to switch to netdev_warn_once(). At the very least it will suppress syzkaller reports such as [1]. Just in case, use netdev_warn_once() in send_prp_supervision_frame() for similar reasons. [1] HSR: Cou... • https://git.kernel.org/stable/c/121c33b07b3127f501b366bc23d2a590e2f2b8ef •

CVSS: 9.8EPSS: 0%CPEs: 4EXPL: 0

03 Apr 2024 — In the Linux kernel, the following vulnerability has been resolved: parisc: Fix random data corruption from exception handler The current exception handler implementation, which assists when accessing user space memory, may exhibit random data corruption if the compiler decides to use a different register than the specified register %r29 (defined in ASM_EXCEPTIONTABLE_REG) for the error code. If the compiler choose another register, the fault handler will nevertheless store -EFAULT into %r29 and thus trash ... • https://git.kernel.org/stable/c/23027309b099ffc4efca5477009a11dccbdae592 •

CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 0

03 Apr 2024 — In the Linux kernel, the following vulnerability has been resolved: parisc: BTLB: Fix crash when setting up BTLB at CPU bringup When using hotplug and bringing up a 32-bit CPU, ask the firmware about the BTLB information to set up the static (block) TLB entries. For that write access to the static btlb_info struct is needed, but since it is marked __ro_after_init the kernel segfaults with missing write permissions. Fix the crash by dropping the __ro_after_init annotation. En el kernel de Linux, se ha resuel... • https://git.kernel.org/stable/c/e5ef93d02d6c9cc3a14e7348481c9e41a528caa1 •

CVSS: 5.5EPSS: 0%CPEs: 8EXPL: 0

03 Apr 2024 — In the Linux kernel, the following vulnerability has been resolved: ext4: fix double-free of blocks due to wrong extents moved_len In ext4_move_extents(), moved_len is only updated when all moves are successfully executed, and only discards orig_inode and donor_inode preallocations when moved_len is not zero. When the loop fails to exit after successfully moving some extents, moved_len is not updated and remains at 0, so it does not discard the preallocations. If the moved extents overlap with the prealloca... • https://git.kernel.org/stable/c/fcf6b1b729bcd23f2b49a84fb33ffbb44712ee6a • CWE-415: Double Free •

CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 0

03 Apr 2024 — In the Linux kernel, the following vulnerability has been resolved: tracing/timerlat: Move hrtimer_init to timerlat_fd open() Currently, the timerlat's hrtimer is initialized at the first read of timerlat_fd, and destroyed at close(). It works, but it causes an error if the user program open() and close() the file without reading. Here's an example: # echo NO_OSNOISE_WORKLOAD > /sys/kernel/debug/tracing/osnoise/options # echo timerlat > /sys/kernel/debug/tracing/current_tracer # cat < ./timerlat_load.... • https://git.kernel.org/stable/c/e88ed227f639ebcb31ed4e5b88756b47d904584b •