Page 454 of 2655 results (0.020 seconds)

CVSS: -EPSS: 0%CPEs: 8EXPL: 0

In the Linux kernel, the following vulnerability has been resolved: IB/hfi1: Fix a memleak in init_credit_return When dma_alloc_coherent fails to allocate dd->cr_base[i].va, init_credit_return should deallocate dd->cr_base and dd->cr_base[i] that allocated before. Or those resources would be never freed and a memleak is triggered. En el kernel de Linux, se resolvió la siguiente vulnerabilidad: IB/hfi1: corrige una fuga de mem en init_credit_return Cuando dma_alloc_coherent no puede asignar dd->cr_base[i].va, init_credit_return debería desasignar dd->cr_base y dd->cr_base[i]. ] el asignado antes. O esos recursos nunca se liberarían y se desencadenaría una fuga de memoria. • https://git.kernel.org/stable/c/7724105686e718ac476a6ad3304fea2fbcfcffde https://git.kernel.org/stable/c/2e4f9f20b32658ef3724aa46f7aef4908d2609e3 https://git.kernel.org/stable/c/cecfb90cf71d91e9efebd68b9e9b84661b277cc8 https://git.kernel.org/stable/c/3fa240bb6b2dbb3e7a3ee1440a4889cbb6207eb7 https://git.kernel.org/stable/c/52de5805c147137205662af89ed7e083d656ae25 https://git.kernel.org/stable/c/f0d857ce31a6bc7a82afcdbadb8f7417d482604b https://git.kernel.org/stable/c/b41d0ade0398007fb746213f09903d52a920e896 https://git.kernel.org/stable/c/8412c86e89cc78d8b513cb25cf2157a2a •

CVSS: 4.4EPSS: 0%CPEs: 5EXPL: 0

In the Linux kernel, the following vulnerability has been resolved: RDMA/irdma: Fix KASAN issue with tasklet KASAN testing revealed the following issue assocated with freeing an IRQ. [50006.466686] Call Trace: [50006.466691] <IRQ> [50006.489538] dump_stack+0x5c/0x80 [50006.493475] print_address_description.constprop.6+0x1a/0x150 [50006.499872] ? irdma_sc_process_ceq+0x483/0x790 [irdma] [50006.505742] ? irdma_sc_process_ceq+0x483/0x790 [irdma] [50006.511644] kasan_report.cold.11+0x7f/0x118 [50006.516572] ? irdma_sc_process_ceq+0x483/0x790 [irdma] [50006.522473] irdma_sc_process_ceq+0x483/0x790 [irdma] [50006.528232] irdma_process_ceq+0xb2/0x400 [irdma] [50006.533601] ? irdma_hw_flush_wqes_callback+0x370/0x370 [irdma] [50006.540298] irdma_ceq_dpc+0x44/0x100 [irdma] [50006.545306] tasklet_action_common.isra.14+0x148/0x2c0 [50006.551096] __do_softirq+0x1d0/0xaf8 [50006.555396] irq_exit_rcu+0x219/0x260 [50006.559670] irq_exit+0xa/0x20 [50006.563320] smp_apic_timer_interrupt+0x1bf/0x690 [50006.568645] apic_timer_interrupt+0xf/0x20 [50006.573341] </IRQ> The issue is that a tasklet could be pending on another core racing the delete of the irq. Fix by insuring any scheduled tasklet is killed after deleting the irq. • https://git.kernel.org/stable/c/44d9e52977a1b90b0db1c7f8b197c218e9226520 https://git.kernel.org/stable/c/635d79aa477f9912e602feb5498bdd51fb9cb824 https://git.kernel.org/stable/c/b2e4a5266e3d133b4c7f0e43bf40d13ce14fd1aa https://git.kernel.org/stable/c/c6f1ca235f68b22b3e691b2ea87ac285e5946848 https://git.kernel.org/stable/c/0ae8ad0013978f7471f22bcf45b027393e87f5dc https://git.kernel.org/stable/c/bd97cea7b18a0a553773af806dfbfac27a7c4acb https://access.redhat.com/security/cve/CVE-2024-26838 https://bugzilla.redhat.com/show_bug.cgi?id=2275578 • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •

CVSS: 5.5EPSS: 0%CPEs: 4EXPL: 0

In the Linux kernel, the following vulnerability has been resolved: net: bridge: switchdev: Skip MDB replays of deferred events on offload Before this change, generation of the list of MDB events to replay would race against the creation of new group memberships, either from the IGMP/MLD snooping logic or from user configuration. While new memberships are immediately visible to walkers of br->mdb_list, the notification of their existence to switchdev event subscribers is deferred until a later point in time. So if a replay list was generated during a time that overlapped with such a window, it would also contain a replay of the not-yet-delivered event. The driver would thus receive two copies of what the bridge internally considered to be one single event. On destruction of the bridge, only a single membership deletion event was therefore sent. As a consequence of this, drivers which reference count memberships (at least DSA), would be left with orphan groups in their hardware database when the bridge was destroyed. This is only an issue when replaying additions. While deletion events may still be pending on the deferred queue, they will already have been removed from br->mdb_list, so no duplicates can be generated in that scenario. To a user this meant that old group memberships, from a bridge in which a port was previously attached, could be reanimated (in hardware) when the port joined a new bridge, without the new bridge's knowledge. For example, on an mv88e6xxx system, create a snooping bridge and immediately add a port to it: root@infix-06-0b-00:~$ ip link add dev br0 up type bridge mcast_snooping 1 && \ > ip link set dev x3 up master br0 And then destroy the bridge: root@infix-06-0b-00:~$ ip link del dev br0 root@infix-06-0b-00:~$ mvls atu ADDRESS FID STATE Q F 0 1 2 3 4 5 6 7 8 9 a DEV:0 Marvell 88E6393X 33:33:00:00:00:6a 1 static - - 0 . . . . . . . . . . 33:33:ff:87:e4:3f 1 static - - 0 . . . . . . . . . . ff:ff:ff:ff:ff:ff 1 static - - 0 1 2 3 4 5 6 7 8 9 a root@infix-06-0b-00:~$ The two IPv6 groups remain in the hardware database because the port (x3) is notified of the host's membership twice: once via the original event and once via a replay. • https://git.kernel.org/stable/c/4f2673b3a2b6246729a1ff13b8945a040839dbd3 https://git.kernel.org/stable/c/2d5b4b3376fa146a23917b8577064906d643925f https://git.kernel.org/stable/c/603be95437e7fd85ba694e75918067fb9e7754db https://git.kernel.org/stable/c/e0b4c5b1d760008f1dd18c07c35af0442e54f9c8 https://git.kernel.org/stable/c/dc489f86257cab5056e747344f17a164f63bff4b https://access.redhat.com/security/cve/CVE-2024-26837 https://bugzilla.redhat.com/show_bug.cgi?id=2275580 • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •

CVSS: -EPSS: 0%CPEs: 3EXPL: 0

In the Linux kernel, the following vulnerability has been resolved: platform/x86: think-lmi: Fix password opcode ordering for workstations The Lenovo workstations require the password opcode to be run before the attribute value is changed (if Admin password is enabled). Tested on some Thinkpads to confirm they are OK with this order too. En el kernel de Linux, se resolvió la siguiente vulnerabilidad: plataforma/x86: think-lmi: corrige el orden del código de operación de contraseña para las estaciones de trabajo Las estaciones de trabajo Lenovo requieren que se ejecute el código de operación de la contraseña antes de cambiar el valor del atributo (si la contraseña de administrador está habilitada). Probado en algunos Thinkpads para confirmar que también están de acuerdo con este pedido. • https://git.kernel.org/stable/c/640a5fa50a42b99bfa2a0ec51b4ea9591d9bd055 https://git.kernel.org/stable/c/2deb10a99671afda30f834e95e5b992a805bba6a https://git.kernel.org/stable/c/2bfbe1e0aed00ba51d58573c79452fada3f62ed4 https://git.kernel.org/stable/c/6f7d0f5fd8e440c3446560100ac4ff9a55eec340 •

CVSS: 4.7EPSS: 0%CPEs: 7EXPL: 0

In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: set dormant flag on hook register failure We need to set the dormant flag again if we fail to register the hooks. During memory pressure hook registration can fail and we end up with a table marked as active but no registered hooks. On table/base chain deletion, nf_tables will attempt to unregister the hook again which yields a warn splat from the nftables core. En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: netfilter: nf_tables: establece el indicador inactivo en caso de error en el registro del enlace. Necesitamos configurar el indicador inactivo nuevamente si no logramos registrar los enlaces. Durante la presión de la memoria, el registro de ganchos puede fallar y terminamos con una tabla marcada como activa pero sin ganchos registrados. Al eliminar la tabla/cadena base, nf_tables intentará cancelar el registro del gancho nuevamente, lo que genera un símbolo de advertencia desde el núcleo de nftables. • https://git.kernel.org/stable/c/e10f661adc556c4969c70ddaddf238bffdaf1e87 https://git.kernel.org/stable/c/d9c4da8cb74e8ee6e58a064a3573aa37acf6c935 https://git.kernel.org/stable/c/179d9ba5559a756f4322583388b3213fe4e391b0 https://git.kernel.org/stable/c/ae4360cbd385f0d7a8a86d5723e50448cc6318f3 https://git.kernel.org/stable/c/31ea574aeca1aa488e18716459bde057217637af https://git.kernel.org/stable/c/664264a5c55bf97a9c571c557d477b75416199be https://git.kernel.org/stable/c/0c9302a6da262e6ab6a6c1d30f04a6130ed97376 https://git.kernel.org/stable/c/f2135bbf14949687e96cabb13d8a91ae3 • CWE-459: Incomplete Cleanup •