Page 378 of 5945 results (0.096 seconds)

CVSS: 5.3EPSS: 0%CPEs: 2EXPL: 0

In the Linux kernel, the following vulnerability has been resolved: kunit: fix reference count leak in kfree_at_end The reference counting issue happens in the normal path of kfree_at_end(). When kunit_alloc_and_get_resource() is invoked, the function forgets to handle the returned resource object, whose refcount increased inside, causing a refcount leak. Fix this issue by calling kunit_alloc_resource() instead of kunit_alloc_and_get_resource(). Fixed the following when applying: Shuah Khan <skhan@linuxfoundation.org> CHECK: Alignment should match open parenthesis + kunit_alloc_resource(test, NULL, kfree_res_free, GFP_KERNEL, (void *)to_free); En el kernel de Linux, se resolvió la siguiente vulnerabilidad: kunit: corrige la fuga del recuento de referencias en kfree_at_end El problema del recuento de referencias ocurre en la ruta normal de kfree_at_end(). Cuando se invoca kunit_alloc_and_get_resource(), la función se olvida de manejar el objeto de recurso devuelto, cuyo recuento aumentó en el interior, lo que provoca una fuga de recuento. Solucione este problema llamando a kunit_alloc_resource() en lugar de kunit_alloc_and_get_resource(). Se corrigió lo siguiente al aplicar: Shuah Khan VERIFICAR: La alineación debe coincidir con el paréntesis abierto + kunit_alloc_resource(test, NULL, kfree_res_free, GFP_KERNEL, (void *)to_free); • https://git.kernel.org/stable/c/bbdd158b40b66a9403391a517f24ef6613573446 https://git.kernel.org/stable/c/f62314b1ced25c58b86e044fc951cd6a1ea234cf •

CVSS: 7.1EPSS: 0%CPEs: 4EXPL: 0

In the Linux kernel, the following vulnerability has been resolved: mm, slub: fix potential memoryleak in kmem_cache_open() In error path, the random_seq of slub cache might be leaked. Fix this by using __kmem_cache_release() to release all the relevant resources. En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: mm, slub: corrige una posible pérdida de memoria en kmem_cache_open() En la ruta del error, es posible que se haya filtrado el random_seq del caché slub. Solucione este problema usando __kmem_cache_release() para liberar todos los recursos relevantes. • https://git.kernel.org/stable/c/210e7a43fa905bccafa9bb5966fba1d71f33eb8b https://git.kernel.org/stable/c/4f5d1c29cfab5cb0ab885059818751bdef32e2bb https://git.kernel.org/stable/c/568f906340b43120abd6fcc67c37396482f85930 https://git.kernel.org/stable/c/42b81946e3ac9ea0372ba16e05160dc11e02694f https://git.kernel.org/stable/c/9037c57681d25e4dcc442d940d6dbe24dd31f461 https://access.redhat.com/security/cve/CVE-2021-47466 https://bugzilla.redhat.com/show_bug.cgi?id=2282890 • CWE-402: Transmission of Private Resources into a New Sphere ('Resource Leak') •

CVSS: 7.1EPSS: 0%CPEs: 4EXPL: 0

In the Linux kernel, the following vulnerability has been resolved: KVM: PPC: Book3S HV: Fix stack handling in idle_kvm_start_guest() In commit 10d91611f426 ("powerpc/64s: Reimplement book3s idle code in C") kvm_start_guest() became idle_kvm_start_guest(). The old code allocated a stack frame on the emergency stack, but didn't use the frame to store anything, and also didn't store anything in its caller's frame. idle_kvm_start_guest() on the other hand is written more like a normal C function, it creates a frame on entry, and also stores CR/LR into its callers frame (per the ABI). The problem is that there is no caller frame on the emergency stack. The emergency stack for a given CPU is allocated with: paca_ptrs[i]->emergency_sp = alloc_stack(limit, i) + THREAD_SIZE; So emergency_sp actually points to the first address above the emergency stack allocation for a given CPU, we must not store above it without first decrementing it to create a frame. This is different to the regular kernel stack, paca->kstack, which is initialised to point at an initial frame that is ready to use. idle_kvm_start_guest() stores the backchain, CR and LR all of which write outside the allocation for the emergency stack. It then creates a stack frame and saves the non-volatile registers. • https://git.kernel.org/stable/c/10d91611f426d4bafd2a83d966c36da811b2f7ad https://git.kernel.org/stable/c/80bbb0bc3a0288442f7fe6fc514f4ee1cb06ccb7 https://git.kernel.org/stable/c/fbd724c49bead048ae9fc1a5b7bff2fb3e54f855 https://git.kernel.org/stable/c/6d077c37c4643394b1bae9682da48164fc147ea8 https://git.kernel.org/stable/c/9b4416c5095c20e110c82ae602c254099b83b72f •

CVSS: 7.4EPSS: 0%CPEs: 4EXPL: 0

In the Linux kernel, the following vulnerability has been resolved: audit: fix possible null-pointer dereference in audit_filter_rules Fix possible null-pointer dereference in audit_filter_rules. audit_filter_rules() error: we previously assumed 'ctx' could be null En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: auditoría: corrige una posible desreferencia de puntero nulo en audit_filter_rules. Corrige una posible desreferencia de puntero nulo en audit_filter_rules. Error audit_filter_rules(): previamente asumimos que 'ctx' podría ser nulo • https://git.kernel.org/stable/c/bf361231c295d92a28ca283ea713f56e93e55796 https://git.kernel.org/stable/c/d6f451f1f60c58d73038c7c3177066f8f084e2a2 https://git.kernel.org/stable/c/16802fa4c33eb1a8efb23f1e93365190e4047d05 https://git.kernel.org/stable/c/4e9e46a700201b4c85081fd478c99c692a9aaa0d https://git.kernel.org/stable/c/6e3ee990c90494561921c756481d0e2125d8b895 • CWE-476: NULL Pointer Dereference •

CVSS: -EPSS: 0%CPEs: 2EXPL: 0

In the Linux kernel, the following vulnerability has been resolved: mm/secretmem: fix NULL page->mapping dereference in page_is_secretmem() Check for a NULL page->mapping before dereferencing the mapping in page_is_secretmem(), as the page's mapping can be nullified while gup() is running, e.g. by reclaim or truncation. BUG: kernel NULL pointer dereference, address: 0000000000000068 #PF: supervisor read access in kernel mode #PF: error_code(0x0000) - not-present page PGD 0 P4D 0 Oops: 0000 [#1] PREEMPT SMP NOPTI CPU: 6 PID: 4173897 Comm: CPU 3/KVM Tainted: G W RIP: 0010:internal_get_user_pages_fast+0x621/0x9d0 Code: <48> 81 7a 68 80 08 04 bc 0f 85 21 ff ff 8 89 c7 be RSP: 0018:ffffaa90087679b0 EFLAGS: 00010046 RAX: ffffe3f37905b900 RBX: 00007f2dd561e000 RCX: ffffe3f37905b934 RDX: 0000000000000000 RSI: 0000000000000000 RDI: ffffe3f37905b900 ... CR2: 0000000000000068 CR3: 00000004c5898003 CR4: 00000000001726e0 Call Trace: get_user_pages_fast_only+0x13/0x20 hva_to_pfn+0xa9/0x3e0 try_async_pf+0xa1/0x270 direct_page_fault+0x113/0xad0 kvm_mmu_page_fault+0x69/0x680 vmx_handle_exit+0xe1/0x5d0 kvm_arch_vcpu_ioctl_run+0xd81/0x1c70 kvm_vcpu_ioctl+0x267/0x670 __x64_sys_ioctl+0x83/0xa0 do_syscall_64+0x56/0x80 entry_SYSCALL_64_after_hwframe+0x44/0xae En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: mm/secretmem: corrige la página NULL-&gt;desreferencia de mapeo en page_is_secretmem() Verifique si hay una página NULL-&gt;mapping antes de desreferenciar el mapeo en page_is_secretmem(), ya que el mapeo de la página puede ser anulado mientras se ejecuta gup(), por ejemplo, mediante recuperación o truncamiento. ERROR: desreferencia del puntero NULL del kernel, dirección: 00000000000000068 #PF: acceso de lectura del supervisor en modo kernel #PF: código_error(0x0000) - página no presente PGD 0 P4D 0 Ups: 0000 [#1] PREEMPT SMP NOPTI CPU: 6 PID: 4173897 Comunicaciones: CPU 3/KVM contaminada: GW RIP: 0010:internal_get_user_pages_fast+0x621/0x9d0 Código: &lt;48&gt; 81 7a 68 80 08 04 bc 0f 85 21 ff ff 8 89 c7 be RSP: ffffaa90087679 b0 EFLAGS: 00010046 RAX: ffffe3f37905b900 RBX: 00007f2dd561e000 RCX: ffffe3f37905b934 RDX: 0000000000000000 RSI: 00000000000000000 RDI: ffffe3f37905b900 ... CR2: 0000068 CR3: 00000004c5898003 CR4: 00000000001726e0 Seguimiento de llamadas: get_user_pages_fast_only+0x13/0x20 hva_to_pfn+0xa9/0x3e0 try_async_pf+0xa1/0x270 direct_page_fault+0x113/ 0xad0 kvm_mmu_page_fault+0x69/0x680 vmx_handle_exit+0xe1/0x5d0 kvm_arch_vcpu_ioctl_run+0xd81/0x1c70 kvm_vcpu_ioctl+0x267/0x670 __x64_sys_ioctl+0x83/0xa0 scall_64+0x56/0x80 entrada_SYSCALL_64_after_hwframe+0x44/0xae • https://git.kernel.org/stable/c/1507f51255c9ff07d75909a84e7c0d7f3c4b2f49 https://git.kernel.org/stable/c/b77ba1e02345bafd703f0d407bdbd88c3be1f767 https://git.kernel.org/stable/c/79f9bc5843142b649575f887dccdf1c07ad75c20 •