Page 355 of 3839 results (0.019 seconds)

CVSS: -EPSS: 0%CPEs: 10EXPL: 0

In the Linux kernel, the following vulnerability has been resolved: KVM: Destroy I/O bus devices on unregister failure _after_ sync'ing SRCU If allocating a new instance of an I/O bus fails when unregistering a device, wait to destroy the device until after all readers are guaranteed to see the new null bus. Destroying devices before the bus is nullified could lead to use-after-free since readers expect the devices on their reference of the bus to remain valid. En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: KVM: Destruye los dispositivos del bus de E/S al cancelar el registro _después_ de sincronizar SRCU Si falla la asignación de una nueva instancia de un bus de E/S al cancelar el registro de un dispositivo, espere para destruir el dispositivo hasta que todos los lectores tengan la garantía de ver el nuevo bus nulo. Destruir dispositivos antes de que se anule el bus podría dar lugar a un uso posterior a la liberación, ya que los lectores esperan que los dispositivos en su referencia del bus sigan siendo válidos. • https://git.kernel.org/stable/c/f65886606c2d3b562716de030706dfe1bea4ed5e https://git.kernel.org/stable/c/f0dfffce3f4ffd5f822568a4a6fb34c010e939d1 https://git.kernel.org/stable/c/840e124f89a5127e7eb97ebf377f4b8ca745c070 https://git.kernel.org/stable/c/40a023f681befd9b2862a3c16fb306a38b359ae5 https://git.kernel.org/stable/c/19184bd06f488af62924ff1747614a8cb284ad63 https://git.kernel.org/stable/c/41b2ea7a6a11e2b1a7f2c29e1675a709a6b2b98d https://git.kernel.org/stable/c/68c125324b5e1d1d22805653735442923d896a1d https://git.kernel.org/stable/c/03c6cccedd3913006744faa252a4da514 •

CVSS: 6.0EPSS: 0%CPEs: 10EXPL: 0

In the Linux kernel, the following vulnerability has been resolved: KVM: Stop looking for coalesced MMIO zones if the bus is destroyed Abort the walk of coalesced MMIO zones if kvm_io_bus_unregister_dev() fails to allocate memory for the new instance of the bus. If it can't instantiate a new bus, unregister_dev() destroys all devices _except_ the target device. But, it doesn't tell the caller that it obliterated the bus and invoked the destructor for all devices that were on the bus. In the coalesced MMIO case, this can result in a deleted list entry dereference due to attempting to continue iterating on coalesced_zones after future entries (in the walk) have been deleted. Opportunistically add curly braces to the for-loop, which encompasses many lines but sneaks by without braces due to the guts being a single if statement. En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: KVM: deja de buscar zonas MMIO fusionadas si el bus se destruye. • https://git.kernel.org/stable/c/41b2ea7a6a11e2b1a7f2c29e1675a709a6b2b98d https://git.kernel.org/stable/c/f65886606c2d3b562716de030706dfe1bea4ed5e https://git.kernel.org/stable/c/f0dfffce3f4ffd5f822568a4a6fb34c010e939d1 https://git.kernel.org/stable/c/840e124f89a5127e7eb97ebf377f4b8ca745c070 https://git.kernel.org/stable/c/40a023f681befd9b2862a3c16fb306a38b359ae5 https://git.kernel.org/stable/c/19184bd06f488af62924ff1747614a8cb284ad63 https://git.kernel.org/stable/c/68c125324b5e1d1d22805653735442923d896a1d https://git.kernel.org/stable/c/7d1bc32d6477ff96a32695ea4be8144e4 •

CVSS: -EPSS: 0%CPEs: 6EXPL: 0

In the Linux kernel, the following vulnerability has been resolved: regmap: set debugfs_name to NULL after it is freed There is a upstream commit cffa4b2122f5("regmap:debugfs: Fix a memory leak when calling regmap_attach_dev") that adds a if condition when create name for debugfs_name. With below function invoking logical, debugfs_name is freed in regmap_debugfs_exit(), but it is not created again because of the if condition introduced by above commit. regmap_reinit_cache() regmap_debugfs_exit() ... regmap_debugfs_init() So, set debugfs_name to NULL after it is freed. En el kernel de Linux, se resolvió la siguiente vulnerabilidad: regmap: establece debugfs_name en NULL después de liberarlo. Hay una confirmación ascendente cffa4b2122f5("regmap:debugfs: corrige una pérdida de memoria al llamar a regmap_attach_dev") que agrega una condición if al crear nombre para debugfs_name. Con la siguiente función que invoca lógica, debugfs_name se libera en regmap_debugfs_exit(), pero no se vuelve a crear debido a la condición if introducida por la confirmación anterior. regmap_reinit_cache() regmap_debugfs_exit() ... regmap_debugfs_init() Entonces, establezca debugfs_name en NULL después de liberarlo. • https://git.kernel.org/stable/c/5b654b03007917f3f1015b2a5c288c1ea6ae8f65 https://git.kernel.org/stable/c/480c5e9c7e4c76c01d5f1f7b73832d7b77e6b427 https://git.kernel.org/stable/c/c9698380b01aed3281160d3ab25749b57d6913b8 https://git.kernel.org/stable/c/cffa4b2122f5f3e53cf3d529bbc74651f95856d5 https://git.kernel.org/stable/c/2dc1554d5f0fdaf47cc5bea442b84b9226fea867 https://git.kernel.org/stable/c/d8897f7b2283a500666c85ef06e820df38ed7b52 https://git.kernel.org/stable/c/eb949f891226c012138ffd9df90d1e509f428ae6 https://git.kernel.org/stable/c/c764e375ae647832de1ee73d43a4bb3ef •

CVSS: -EPSS: 0%CPEs: 8EXPL: 0

In the Linux kernel, the following vulnerability has been resolved: crypto: qat - ADF_STATUS_PF_RUNNING should be set after adf_dev_init ADF_STATUS_PF_RUNNING is (only) used and checked by adf_vf2pf_shutdown() before calling adf_iov_putmsg()->mutex_lock(vf2pf_lock), however the vf2pf_lock is initialized in adf_dev_init(), which can fail and when it fail, the vf2pf_lock is either not initialized or destroyed, a subsequent use of vf2pf_lock will cause issue. To fix this issue, only set this flag if adf_dev_init() returns 0. [ 7.178404] BUG: KASAN: user-memory-access in __mutex_lock.isra.0+0x1ac/0x7c0 [ 7.180345] Call Trace: [ 7.182576] mutex_lock+0xc9/0xd0 [ 7.183257] adf_iov_putmsg+0x118/0x1a0 [intel_qat] [ 7.183541] adf_vf2pf_shutdown+0x4d/0x7b [intel_qat] [ 7.183834] adf_dev_shutdown+0x172/0x2b0 [intel_qat] [ 7.184127] adf_probe+0x5e9/0x600 [qat_dh895xccvf] En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: crypto: qat - ADF_STATUS_PF_RUNNING debe configurarse después de adf_dev_init ADF_STATUS_PF_RUNNING es (solo) usado y verificado por adf_vf2pf_shutdown() antes de llamar a adf_iov_putmsg()->mutex_lock(vf2pf_lock), sin embargo, vf2pf_lock es inicializado en adf_dev_init(), que puede fallar y cuando falla, vf2pf_lock no se inicializa o se destruye, un uso posterior de vf2pf_lock causará problemas. Para solucionar este problema, establezca este indicador solo si adf_dev_init() devuelve 0. [7.178404] ERROR: KASAN: acceso a memoria de usuario en __mutex_lock.isra.0+0x1ac/0x7c0 [7.180345] Seguimiento de llamadas: [7.182576] mutex_lock+0xc9 /0xd0 [ 7.183257] adf_iov_putmsg+0x118/0x1a0 [intel_qat] [ 7.183541] adf_vf2pf_shutdown+0x4d/0x7b [intel_qat] [ 7.183834] adf_dev_shutdown+0x172/0x2b0 [intel_qat] [7.184127] adf_probe+0x5e9/0x600 [qat_dh895xccvf] • https://git.kernel.org/stable/c/25c6ffb249f612c56a48ce48a3887adf57b8f4bd https://git.kernel.org/stable/c/f4c4e07140687f42bfa40e091bb4a55d7960ce4d https://git.kernel.org/stable/c/446045cf682af12d9294765f6c46084b374b5654 https://git.kernel.org/stable/c/09d16cee6285d37cc76311c29add6d97a7e4acda https://git.kernel.org/stable/c/05ec8192ee4bfdf2a8894a68350dac9f1a155fa6 https://git.kernel.org/stable/c/1f50392650ae794a1aea41c213c6a3e1c824413c https://git.kernel.org/stable/c/20fd40fc6f2c2b41dc6f637f88d494b14e9c21f1 https://git.kernel.org/stable/c/1ea500ce6f7c9106e4a561d28e69215f3 •

CVSS: 3.3EPSS: 0%CPEs: 11EXPL: 0

In the Linux kernel, the following vulnerability has been resolved: mtd: require write permissions for locking and badblock ioctls MEMLOCK, MEMUNLOCK and OTPLOCK modify protection bits. Thus require write permission. Depending on the hardware MEMLOCK might even be write-once, e.g. for SPI-NOR flashes with their WP# tied to GND. OTPLOCK is always write-once. MEMSETBADBLOCK modifies the bad block table. En el kernel de Linux se ha solucionado la siguiente vulnerabilidad: mtd: requiere permisos de escritura para bloqueo y badblock ioctls MEMLOCK, MEMUNLOCK y OTPLOCK modifican los bits de protección. • https://git.kernel.org/stable/c/1c9f9125892a43901438bf704ada6b7019e2a884 https://git.kernel.org/stable/c/583d42400532fbd6228b0254d7c732b771e4750d https://git.kernel.org/stable/c/389c74c218d3b182e9cd767e98cee0e0fd0dabaa https://git.kernel.org/stable/c/ab1a602a9cea98aa37b2e6851b168d2a2633a58d https://git.kernel.org/stable/c/9a53e8bd59d9f070505e51d3fd19606a270e6b93 https://git.kernel.org/stable/c/f7e6b19bc76471ba03725fe58e0c218a3d6266c3 https://git.kernel.org/stable/c/36a8b2f49235e63ab3f901fe12e1b6732f075c2e https://git.kernel.org/stable/c/eb3d82abc335624a5e8ecfb75aba0b684 •