Page 415 of 3168 results (0.019 seconds)

CVSS: 5.5EPSS: 0%CPEs: 4EXPL: 0

In the Linux kernel, the following vulnerability has been resolved: smb: client: fix potential UAF in cifs_signal_cifsd_for_reconnect() Skip sessions that are being teared down (status == SES_EXITING) to avoid UAF. En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: smb: cliente: corrige UAF potencial en cifs_signal_cifsd_for_reconnect() Omita las sesiones que se están eliminando (estado == SES_EXITING) para evitar UAF. • https://git.kernel.org/stable/c/7e8360ac8774e19b0b25f44fff84a105bb2417e4 https://git.kernel.org/stable/c/2cfff21732132e363b4cc275d63ea98f1af726c1 https://git.kernel.org/stable/c/f9a96a7ad1e8d25dc6662bc7552e0752de74a20d https://git.kernel.org/stable/c/e0e50401cc3921c9eaf1b0e667db174519ea939f https://access.redhat.com/security/cve/CVE-2024-35861 https://bugzilla.redhat.com/show_bug.cgi?id=2281786 •

CVSS: -EPSS: 0%CPEs: 3EXPL: 0

In the Linux kernel, the following vulnerability has been resolved: bpf: support deferring bpf_link dealloc to after RCU grace period BPF link for some program types is passed as a "context" which can be used by those BPF programs to look up additional information. E.g., for multi-kprobes and multi-uprobes, link is used to fetch BPF cookie values. Because of this runtime dependency, when bpf_link refcnt drops to zero there could still be active BPF programs running accessing link data. This patch adds generic support to defer bpf_link dealloc callback to after RCU GP, if requested. This is done by exposing two different deallocation callbacks, one synchronous and one deferred. If deferred one is provided, bpf_link_free() will schedule dealloc_deferred() callback to happen after RCU GP. BPF is using two flavors of RCU: "classic" non-sleepable one and RCU tasks trace one. The latter is used when sleepable BPF programs are used. bpf_link_free() accommodates that by checking underlying BPF program's sleepable flag, and goes either through normal RCU GP only for non-sleepable, or through RCU tasks trace GP *and* then normal RCU GP (taking into account rcu_trace_implies_rcu_gp() optimization), if BPF program is sleepable. We use this for multi-kprobe and multi-uprobe links, which dereference link during program run. • https://git.kernel.org/stable/c/0dcac272540613d41c05e89679e4ddb978b612f1 https://git.kernel.org/stable/c/876941f533e7b47fc69977fc4551c02f2d18af97 https://git.kernel.org/stable/c/5d8d447777564b35f67000e7838e7ccb64d525c8 https://git.kernel.org/stable/c/1a80dbcb2dbaf6e4c216e62e30fa7d3daa8001ce •

CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 0

In the Linux kernel, the following vulnerability has been resolved: block: fix module reference leakage from bdev_open_by_dev error path At the time bdev_may_open() is called, module reference is grabbed already, hence module reference should be released if bdev_may_open() failed. This problem is found by code review. En el kernel de Linux, se resolvió la siguiente vulnerabilidad: bloquear: reparar la fuga de referencia del módulo de la ruta de error bdev_open_by_dev. En el momento en que se llama a bdev_may_open(), la referencia del módulo ya está tomada, por lo tanto, la referencia del módulo debe liberarse si bdev_may_open() fallo. Este problema se encuentra mediante la revisión del código. • https://git.kernel.org/stable/c/ed5cc702d311c14b653323d76062b0294effa66e https://git.kernel.org/stable/c/0e9327c67410b129bf85e5c3a5aaea518328636f https://git.kernel.org/stable/c/9617cd6f24b294552a817f80f5225431ef67b540 https://access.redhat.com/security/cve/CVE-2024-35859 https://bugzilla.redhat.com/show_bug.cgi?id=2281243 •

CVSS: -EPSS: 0%CPEs: 3EXPL: 0

In the Linux kernel, the following vulnerability has been resolved: net: bcmasp: fix memory leak when bringing down interface When bringing down the TX rings we flush the rings but forget to reclaimed the flushed packets. This leads to a memory leak since we do not free the dma mapped buffers. This also leads to tx control block corruption when bringing down the interface for power management. En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: net: bcmasp: corrige la pérdida de memoria al desactivar la interfaz. Al desactivar los anillos TX, los limpiamos pero nos olvidamos de recuperar los paquetes eliminados. • https://git.kernel.org/stable/c/490cb412007de593e07c1d3e2b1ec4233886707c https://git.kernel.org/stable/c/09040baf8779ad880e0e0d0ea10e57aa929ef3ab https://git.kernel.org/stable/c/2389ad1990163d29cba5480d693b4c2e31cc545c https://git.kernel.org/stable/c/9f898fc2c31fbf0ac5ecd289f528a716464cb005 •

CVSS: 5.5EPSS: 0%CPEs: 5EXPL: 0

In the Linux kernel, the following vulnerability has been resolved: icmp: prevent possible NULL dereferences from icmp_build_probe() First problem is a double call to __in_dev_get_rcu(), because the second one could return NULL. if (__in_dev_get_rcu(dev) && __in_dev_get_rcu(dev)->ifa_list) Second problem is a read from dev->ip6_ptr with no NULL check: if (!list_empty(&rcu_dereference(dev->ip6_ptr)->addr_list)) Use the correct RCU API to fix these. v2: add missing include <net/addrconf.h> En el kernel de Linux se ha resuelto la siguiente vulnerabilidad: icmp: evita posibles desreferencias a NULL por parte de icmp_build_probe(). El primer problema es una doble llamada a __in_dev_get_rcu(), porque la segunda podría devolver NULL. if (__in_dev_get_rcu(dev) &amp;&amp; __in_dev_get_rcu(dev)-&gt;ifa_list) El segundo problema es una lectura de dev-&gt;ip6_ptr sin verificación NULL: if (!list_empty(&amp;rcu_dereference(dev-&gt;ip6_ptr)-&gt;addr_list)) Use el correcto API de RCU para solucionarlos. v2: agregar falta incluir • https://git.kernel.org/stable/c/d329ea5bd8845f0b196bf41b18b6173340d6e0e4 https://git.kernel.org/stable/c/23b7ee4a8d559bf38eac7ce5bb2f6ebf76f9c401 https://git.kernel.org/stable/c/599c9ad5e1d43f5c12d869f5fd406ba5d8c55270 https://git.kernel.org/stable/c/d68dc711d84fdcf698e5d45308c3ddeede586350 https://git.kernel.org/stable/c/3e2979bf080c40da4f7c93aff8575ab8bc62b767 https://git.kernel.org/stable/c/c58e88d49097bd12dfcfef4f075b43f5d5830941 https://access.redhat.com/security/cve/CVE-2024-35857 https://bugzilla.redhat.com/show_bug.cgi?id=2281247 • CWE-476: NULL Pointer Dereference •