Page 375 of 2827 results (0.008 seconds)

CVSS: 5.5EPSS: 0%CPEs: 7EXPL: 0

In the Linux kernel, the following vulnerability has been resolved: NFSv4: Fix a NULL pointer dereference in pnfs_mark_matching_lsegs_return() Commit de144ff4234f changes _pnfs_return_layout() to call pnfs_mark_matching_lsegs_return() passing NULL as the struct pnfs_layout_range argument. Unfortunately, pnfs_mark_matching_lsegs_return() doesn't check if we have a value here before dereferencing it, causing an oops. I'm able to hit this crash consistently when running connectathon basic tests on NFS v4.1/v4.2 against Ontap. En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: NFSv4: corrige una desreferencia de puntero NULL en pnfs_mark_matching_lsegs_return(). Confirme los cambios de144ff4234f _pnfs_return_layout() para llamar a pnfs_mark_matching_lsegs_return() pasando NULL como argumento de estructura pnfs_layout_range. Desafortunadamente, pnfs_mark_matching_lsegs_return() no verifica si tenemos un valor aquí antes de eliminar la referencia a él, lo que provoca un error. • https://git.kernel.org/stable/c/80e34f4957ec3010c85f9bb0b568a8d46acdf535 https://git.kernel.org/stable/c/7b7b9774643220e53eef58c15bb29bd4182fe053 https://git.kernel.org/stable/c/9ffa7967f9379a0a1b924e9ffeda709d72237da7 https://git.kernel.org/stable/c/6be0e4b59314e4a836495f6ffdc5d2c5b079deeb https://git.kernel.org/stable/c/2fafe7d5047f98791afd9a1d90d2afb70debc590 https://git.kernel.org/stable/c/7e65ea887d0c0997f3053acd91a027af45e71c5b https://git.kernel.org/stable/c/96260bde1ea8ae31a5402fe506abbb8951d5a42c https://git.kernel.org/stable/c/4e1ba532dbc1a0e19fc2458d74ab8d986 • CWE-476: NULL Pointer Dereference •

CVSS: -EPSS: 0%CPEs: 6EXPL: 0

In the Linux kernel, the following vulnerability has been resolved: iommu/vt-d: Fix sysfs leak in alloc_iommu() iommu_device_sysfs_add() is called before, so is has to be cleaned on subsequent errors. En el kernel de Linux, se resolvió la siguiente vulnerabilidad: iommu/vt-d: corrige la fuga de sysfs en alloc_iommu() iommu_device_sysfs_add() se llama antes, por lo que debe limpiarse en caso de errores posteriores. • https://git.kernel.org/stable/c/39ab9555c24110671f8dc671311a26e5c985b592 https://git.kernel.org/stable/c/22da9f4978381a99f1abaeaf6c9b83be6ab5ddd8 https://git.kernel.org/stable/c/2ec5e9bb6b0560c90d315559c28a99723c80b996 https://git.kernel.org/stable/c/044bbe8b92ab4e542de7f6c93c88ea65cccd8e29 https://git.kernel.org/stable/c/f01134321d04f47c718bb41b799bcdeda27873d2 https://git.kernel.org/stable/c/ca466561eef36d1ec657673e3944eb6340bddb5b https://git.kernel.org/stable/c/0ee74d5a48635c848c20f152d0d488bf84641304 •

CVSS: -EPSS: 0%CPEs: 4EXPL: 0

In the Linux kernel, the following vulnerability has been resolved: s390/dasd: add missing discipline function Fix crash with illegal operation exception in dasd_device_tasklet. Commit b72949328869 ("s390/dasd: Prepare for additional path event handling") renamed the verify_path function for ECKD but not for FBA and DIAG. This leads to a panic when the path verification function is called for a FBA or DIAG device. Fix by defining a wrapper function for dasd_generic_verify_path(). En el kernel de Linux, se resolvió la siguiente vulnerabilidad: s390/dasd: agregar función de disciplina faltante. Se corrigió falla con excepción de operación ilegal en dasd_device_tasklet. El commit b72949328869 ("s390/dasd: Prepárese para el manejo de eventos de ruta adicional") cambió el nombre de la función verificar_ruta para ECKD pero no para Logística de Amazon y DIAG. Esto provoca pánico cuando se llama a la función de verificación de ruta para un dispositivo FBA o DIAG. • https://git.kernel.org/stable/c/8bc5a76268fb334236296b4c185b8337e0d85473 https://git.kernel.org/stable/c/72aebdac390bf0dc04c0385d2db7ee522f4ffa3c https://git.kernel.org/stable/c/b72949328869dfd45f6452c2410647afd7db5f1a https://git.kernel.org/stable/c/6a16810068e70959bc1df686424aa35ce05578f1 https://git.kernel.org/stable/c/aa8579bc084673c651204f7cd0d6308a47dffc16 https://git.kernel.org/stable/c/a16be88a3d7e5efcb59a15edea87a8bd369630c6 https://git.kernel.org/stable/c/c0c8a8397fa8a74d04915f4d3d28cb4a5d401427 •

CVSS: 5.5EPSS: 0%CPEs: 8EXPL: 0

In the Linux kernel, the following vulnerability has been resolved: misc/uss720: fix memory leak in uss720_probe uss720_probe forgets to decrease the refcount of usbdev in uss720_probe. Fix this by decreasing the refcount of usbdev by usb_put_dev. BUG: memory leak unreferenced object 0xffff888101113800 (size 2048): comm "kworker/0:1", pid 7, jiffies 4294956777 (age 28.870s) hex dump (first 32 bytes): ff ff ff ff 31 00 00 00 00 00 00 00 00 00 00 00 ....1........... 00 00 00 00 00 00 00 00 00 00 00 00 03 00 00 00 ................ backtrace: [<ffffffff82b8e822>] kmalloc include/linux/slab.h:554 [inline] [<ffffffff82b8e822>] kzalloc include/linux/slab.h:684 [inline] [<ffffffff82b8e822>] usb_alloc_dev+0x32/0x450 drivers/usb/core/usb.c:582 [<ffffffff82b98441>] hub_port_connect drivers/usb/core/hub.c:5129 [inline] [<ffffffff82b98441>] hub_port_connect_change drivers/usb/core/hub.c:5363 [inline] [<ffffffff82b98441>] port_event drivers/usb/core/hub.c:5509 [inline] [<ffffffff82b98441>] hub_event+0x1171/0x20c0 drivers/usb/core/hub.c:5591 [<ffffffff81259229>] process_one_work+0x2c9/0x600 kernel/workqueue.c:2275 [<ffffffff81259b19>] worker_thread+0x59/0x5d0 kernel/workqueue.c:2421 [<ffffffff81261228>] kthread+0x178/0x1b0 kernel/kthread.c:292 [<ffffffff8100227f>] ret_from_fork+0x1f/0x30 arch/x86/entry/entry_64.S:294 En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: misc/uss720: corrige la pérdida de memoria en uss720_probe uss720_probe olvida disminuir el recuento de usbdev en uss720_probe. Solucione este problema disminuyendo el recuento de usbdev por usb_put_dev. ERROR: pérdida de memoria, objeto sin referencia 0xffff888101113800 (tamaño 2048): comunicación "kworker/0:1", pid 7, jiffies 4294956777 (edad 28,870 s) volcado hexadecimal (primeros 32 bytes): ff ff ff ff 31 00 00 00 00 00 00 00 00 00 00 00 ....1.......... 00 00 00 00 00 00 00 00 00 00 00 00 03 00 00 00 ................. ... seguimiento: [] kmalloc include/linux/slab.h:554 [en línea] [] kzalloc include/linux/slab.h:684 [en línea] [] usb_alloc_dev+0x32/ 0x450 controladores/usb/core/usb.c:582 [] hub_port_connect drivers/usb/core/hub.c:5129 [en línea] [] hub_port_connect_change drivers/usb/core/hub.c:5363 [ en línea] [] port_event drivers/usb/core/hub.c:5509 [en línea] [] hub_event+0x1171/0x20c0 drivers/usb/core/hub.c:5591 [] Process_one_work+ 0x2c9/0x600 kernel/workqueue.c:2275 [] trabajador_thread+0x59/0x5d0 kernel/workqueue.c:2421 [] kthread+0x178/0x1b0 kernel/kthread.c:292 [ ] ret_from_fork +0x1f/0x30 arco/x86/entrada/entrada_64.S:294 • https://git.kernel.org/stable/c/0f36163d3abefbda1b21a330b3fdf3c2dc076d94 https://git.kernel.org/stable/c/5f46b2410db2c8f26b8bb91b40deebf4ec184391 https://git.kernel.org/stable/c/7889c70e6173ef358f3cd7578db127a489035a42 https://git.kernel.org/stable/c/bcb30cc8f8befcbdbcf7a016e4dfd4747c54a364 https://git.kernel.org/stable/c/386918878ce4cd676e4607233866e03c9399a46a https://git.kernel.org/stable/c/36b5ff1db1a4ef4fdbc2bae364344279f033ad88 https://git.kernel.org/stable/c/5394ae9d8c7961dd93807fdf1b12a1dde96b0a55 https://git.kernel.org/stable/c/a3c3face38cb49932c62adcc1289914f1 • CWE-401: Missing Release of Memory after Effective Lifetime •

CVSS: 5.5EPSS: 0%CPEs: 4EXPL: 0

In the Linux kernel, the following vulnerability has been resolved: iio: adc: ad7124: Fix potential overflow due to non sequential channel numbers Channel numbering must start at 0 and then not have any holes, or it is possible to overflow the available storage. Note this bug was introduced as part of a fix to ensure we didn't rely on the ordering of child nodes. So we need to support arbitrary ordering but they all need to be there somewhere. Note I hit this when using qemu to test the rest of this series. Arguably this isn't the best fix, but it is probably the most minimal option for backporting etc. Alexandru's sign-off is here because he carried this patch in a larger set that Jonathan then applied. En el kernel de Linux se ha resuelto la siguiente vulnerabilidad: iio: adc: ad7124: Se corrige posible desbordamiento por números de canales no secuenciales. La numeración de canales debe comenzar en 0 y luego no tener huecos, o es posible que se desborde el almacenamiento disponible. • https://git.kernel.org/stable/c/5408cbc6337300d6f1a87c797273c535ed96305a https://git.kernel.org/stable/c/d7857e4ee1ba69732b16c73b2f2dde83ecd78ee4 https://git.kernel.org/stable/c/f49149964d2423fb618fb6b755bb1eaa431cca2c https://git.kernel.org/stable/c/f70122825076117787b91e7f219e21c09f11a5b9 https://git.kernel.org/stable/c/26da8040eccc6c6b0e415e9a3baf72fd39eb2fdc https://git.kernel.org/stable/c/f2a772c51206b0c3f262e4f6a3812c89a650191b • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •