Page 5 of 5313 results (0.009 seconds)

CVSS: -EPSS: 0%CPEs: 7EXPL: 0

In the Linux kernel, the following vulnerability has been resolved: mm: revert "mm: shmem: fix data-race in shmem_getattr()" Revert d949d1d14fa2 ("mm: shmem: fix data-race in shmem_getattr()") as suggested by Chuck [1]. It is causing deadlocks when accessing tmpfs over NFS. As Hugh commented, "added just to silence a syzbot sanitizer splat: added where there has never been any practical problem". En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: mm: revert "mm: shmem: fix data-race in shmem_getattr()" Revert d949d1d14fa2 ("mm: shmem: fix data-race in shmem_getattr()") como lo sugirió Chuck [1]. Está causando bloqueos al acceder a tmpfs a través de NFS. Como comentó Hugh, "agregado solo para silenciar un splat de sanitizador de syzbot: agregado donde nunca ha habido ningún problema práctico". • https://git.kernel.org/stable/c/9fb9703cd43ee20a6de8ccdef991677b7274cec0 https://git.kernel.org/stable/c/7cc30ada84323be19395094d567579536e0d187e https://git.kernel.org/stable/c/bda1a99a0dd644f31a87d636ac624eeb975cb65a https://git.kernel.org/stable/c/3d9528484480e8f4979b3a347930ed383be99f89 https://git.kernel.org/stable/c/82cae1e30bd940253593c2d4f16d88343d1358f4 https://git.kernel.org/stable/c/edd1f905050686fdc4cfe233d818469fdf7d5ff8 https://git.kernel.org/stable/c/ffd56612566bc23877c8f45def2801f3324a222a https://git.kernel.org/stable/c/36b537e8f302f670c7cf35d88a3a29444 •

CVSS: -EPSS: 0%CPEs: 7EXPL: 0

In the Linux kernel, the following vulnerability has been resolved: KVM: VMX: Bury Intel PT virtualization (guest/host mode) behind CONFIG_BROKEN Hide KVM's pt_mode module param behind CONFIG_BROKEN, i.e. disable support for virtualizing Intel PT via guest/host mode unless BROKEN=y. There are myriad bugs in the implementation, some of which are fatal to the guest, and others which put the stability and health of the host at risk. For guest fatalities, the most glaring issue is that KVM fails to ensure tracing is disabled, and *stays* disabled prior to VM-Enter, which is necessary as hardware disallows loading (the guest's) RTIT_CTL if tracing is enabled (enforced via a VMX consistency check). Per the SDM: If the logical processor is operating with Intel PT enabled (if IA32_RTIT_CTL.TraceEn = 1) at the time of VM entry, the "load IA32_RTIT_CTL" VM-entry control must be 0. On the host side, KVM doesn't validate the guest CPUID configuration provided by userspace, and even worse, uses the guest configuration to decide what MSRs to save/load at VM-Enter and VM-Exit. E.g. configuring guest CPUID to enumerate more address ranges than are supported in hardware will result in KVM trying to passthrough, save, and load non-existent MSRs, which generates a variety of WARNs, ToPA ERRORs in the host, a potential deadlock, etc. En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: KVM: VMX: oculta la virtualización de Intel PT (modo invitado/host) detrás de CONFIG_BROKEN Oculta el parámetro del módulo pt_mode de KVM detrás de CONFIG_BROKEN, es decir, deshabilita la compatibilidad con la virtualización de Intel PT a través del modo invitado/host a menos que BROKEN=y. • https://git.kernel.org/stable/c/f99e3daf94ff35dd4a878d32ff66e1fd35223ad6 https://git.kernel.org/stable/c/c3742319d021f5aa3a0a8c828485fee14753f6de https://git.kernel.org/stable/c/d4b42f926adcce4e5ec193c714afd9d37bba8e5b https://git.kernel.org/stable/c/b8a1d572478b6f239061ee9578b2451bf2f021c2 https://git.kernel.org/stable/c/e6716f4230a8784957273ddd27326264b27b9313 https://git.kernel.org/stable/c/d28b059ee4779b5102c5da6e929762520510e406 https://git.kernel.org/stable/c/b91bb0ce5cd7005b376eac690ec664c1b56372ec https://git.kernel.org/stable/c/aa0d42cacf093a6fcca872edc954f6f81 •

CVSS: -EPSS: 0%CPEs: 3EXPL: 0

In the Linux kernel, the following vulnerability has been resolved: pmdomain: imx93-blk-ctrl: correct remove path The check condition should be 'i < bc->onecell_data.num_domains', not 'bc->onecell_data.num_domains' which will make the look never finish and cause kernel panic. Also disable runtime to address "imx93-blk-ctrl 4ac10000.system-controller: Unbalanced pm_runtime_enable!" En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: pmdomain: imx93-blk-ctrl: ruta de eliminación correcta La condición de comprobación debe ser 'i &lt; bc-&gt;onecell_data.num_domains', no 'bc-&gt;onecell_data.num_domains', que hará que la búsqueda nunca finalice y provoque un pánico del kernel. También deshabilite el tiempo de ejecución para solucionar "imx93-blk-ctrl 4ac10000.system-controller: Unbalanced pm_runtime_enable!" • https://git.kernel.org/stable/c/e9aa77d413c903ba4cf7da3fe0b419cae5b97a81 https://git.kernel.org/stable/c/8fc228ab5d38a026eae7183a5f74a4fac43d9b6a https://git.kernel.org/stable/c/201fb9e164a1e4c5937de2cf58bcb0327c08664f https://git.kernel.org/stable/c/f7c7c5aa556378a2c8da72c1f7f238b6648f95fb •

CVSS: -EPSS: 0%CPEs: 2EXPL: 0

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Handle dml allocation failure to avoid crash [Why] In the case where a dml allocation fails for any reason, the current state's dml contexts would no longer be valid. Then subsequent calls dc_state_copy_internal would shallow copy invalid memory and if the new state was released, a double free would occur. [How] Reset dml pointers in new_state to NULL and avoid invalid pointer (cherry picked from commit bcafdc61529a48f6f06355d78eb41b3aeda5296c) En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: drm/amd/display: Controlar el error de asignación de dml para evitar un bloqueo [Por qué] En el caso de que una asignación de dml falle por cualquier motivo, los contextos dml del estado actual ya no serían válidos. Luego, las llamadas posteriores a dc_state_copy_internal realizarían una copia superficial de la memoria no válida y, si se liberara el nuevo estado, se produciría una doble liberación. [Cómo] Restablecer los punteros dml en new_state a NULL y evitar un puntero no válido (seleccionado de el commit bcafdc61529a48f6f06355d78eb41b3aeda5296c) • https://git.kernel.org/stable/c/874ff59cde8fc525112dda26b501a1bac17dde9f https://git.kernel.org/stable/c/6825cb07b79ffeb1d90ffaa7a1227462cdca34ae •

CVSS: -EPSS: 0%CPEs: 8EXPL: 0

In the Linux kernel, the following vulnerability has been resolved: nilfs2: fix null-ptr-deref in block_touch_buffer tracepoint Patch series "nilfs2: fix null-ptr-deref bugs on block tracepoints". This series fixes null pointer dereference bugs that occur when using nilfs2 and two block-related tracepoints. This patch (of 2): It has been reported that when using "block:block_touch_buffer" tracepoint, touch_buffer() called from __nilfs_get_folio_block() causes a NULL pointer dereference, or a general protection fault when KASAN is enabled. This happens because since the tracepoint was added in touch_buffer(), it references the dev_t member bh->b_bdev->bd_dev regardless of whether the buffer head has a pointer to a block_device structure. In the current implementation, the block_device structure is set after the function returns to the caller. Here, touch_buffer() is used to mark the folio/page that owns the buffer head as accessed, but the common search helper for folio/page used by the caller function was optimized to mark the folio/page as accessed when it was reimplemented a long time ago, eliminating the need to call touch_buffer() here in the first place. So this solves the issue by eliminating the touch_buffer() call itself. En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: nilfs2: fix null-ptr-deref in block_touch_buffer tracepoint Serie de parches "nilfs2: fix null-ptr-deref bugs on block tracepoints". Esta serie corrige errores de desreferencia de puntero nulo que ocurren al usar nilfs2 y dos puntos de seguimiento relacionados con bloques. Este parche (de 2): Se ha informado que al usar el punto de seguimiento "block:block_touch_buffer", touch_buffer() llamado desde __nilfs_get_folio_block() causa una desreferencia de puntero NULL o un error de protección general cuando KASAN está habilitado. • https://git.kernel.org/stable/c/5305cb830834549b9203ad4d009ad5483c5e293f https://git.kernel.org/stable/c/085556bf8c70e2629e02e79268dac3016a08b8bf https://git.kernel.org/stable/c/6438f3f42cda825f6f59b4e45ac3a1da28a6f2c9 https://git.kernel.org/stable/c/b017697a517f8779ada4e8ce1c2c75dbf60a2636 https://git.kernel.org/stable/c/19c71cdd77973f99a9adc3190130bc3aa7ae5423 https://git.kernel.org/stable/c/3b2a4fd9bbee77afdd3ed5a05a0c02b6cde8d3b9 https://git.kernel.org/stable/c/59b49ca67cca7b007a5afd3de0283c8008157665 https://git.kernel.org/stable/c/77e47f89d32c2d72eb33d0becbce7abe1 •