Page 66 of 5423 results (0.005 seconds)

CVSS: -EPSS: 0%CPEs: 7EXPL: 0

In the Linux kernel, the following vulnerability has been resolved: RDMA/hns: Fix spin_unlock_irqrestore() called with IRQs enabled Fix missuse of spin_lock_irq()/spin_unlock_irq() when spin_lock_irqsave()/spin_lock_irqrestore() was hold. This was discovered through the lock debugging, and the corresponding log is as follows: raw_local_irq_restore() called with IRQs enabled WARNING: CPU: 96 PID: 2074 at kernel/locking/irqflag-debug.c:10 warn_bogus_irq_restore+0x30/0x40 ... Call trace: warn_bogus_irq_restore+0x30/0x40 _raw_spin_unlock_irqrestore+0x84/0xc8 add_qp_to_list+0x11c/0x148 [hns_roce_hw_v2] hns_roce_create_qp_common.constprop.0+0x240/0x780 [hns_roce_hw_v2] hns_roce_create_qp+0x98/0x160 [hns_roce_hw_v2] create_qp+0x138/0x258 ib_create_qp_kernel+0x50/0xe8 create_mad_qp+0xa8/0x128 ib_mad_port_open+0x218/0x448 ib_mad_init_device+0x70/0x1f8 add_client_context+0xfc/0x220 enable_device_and_get+0xd0/0x140 ib_register_device.part.0+0xf4/0x1c8 ib_register_device+0x34/0x50 hns_roce_register_device+0x174/0x3d0 [hns_roce_hw_v2] hns_roce_init+0xfc/0x2c0 [hns_roce_hw_v2] __hns_roce_hw_v2_init_instance+0x7c/0x1d0 [hns_roce_hw_v2] hns_roce_hw_v2_init_instance+0x9c/0x180 [hns_roce_hw_v2] • https://git.kernel.org/stable/c/9a4435375cd151e07c0c38fa601b00115986091b https://git.kernel.org/stable/c/07f0f643d7e570dbe8ef6f5c3367a43e3086a335 https://git.kernel.org/stable/c/29c0f546d3fd66238b42cf25bcd5f193bb1cf794 https://git.kernel.org/stable/c/425589d4af09c49574bd71ac31f811362a5126c3 https://git.kernel.org/stable/c/094a1821903f33fb91de4b71087773ee16aeb3a0 https://git.kernel.org/stable/c/2656336a84fcb6802f6e6c233f4661891deea24f https://git.kernel.org/stable/c/a1a3403bb1826c8ec787f0d60c3e7b54f419129e https://git.kernel.org/stable/c/74d315b5af180220d561684d158977301 •

CVSS: -EPSS: 0%CPEs: 5EXPL: 0

In the Linux kernel, the following vulnerability has been resolved: bpf: Zero former ARG_PTR_TO_{LONG,INT} args in case of error For all non-tracing helpers which formerly had ARG_PTR_TO_{LONG,INT} as input arguments, zero the value for the case of an error as otherwise it could leak memory. For tracing, it is not needed given CAP_PERFMON can already read all kernel memory anyway hence bpf_get_func_arg() and bpf_get_func_ret() is skipped in here. Also, the MTU helpers mtu_len pointer value is being written but also read. Technically, the MEM_UNINIT should not be there in order to always force init. Removing MEM_UNINIT needs more verifier rework though: MEM_UNINIT right now implies two things actually: i) write into memory, ii) memory does not have to be initialized. If we lift MEM_UNINIT, it then becomes: i) read into memory, ii) memory must be initialized. This means that for bpf_*_check_mtu() we're readding the issue we're trying to fix, that is, it would then be able to write back into things like .rodata BPF maps. Follow-up work will rework the MEM_UNINIT semantics such that the intent can be better expressed. • https://git.kernel.org/stable/c/d7a4cb9b6705a89937d12c8158a35a3145dc967a https://git.kernel.org/stable/c/8397bf78988f3ae9dbebb0200189a62a57264980 https://git.kernel.org/stable/c/a634fa8e480ac2423f86311a602f6295df2c8ed0 https://git.kernel.org/stable/c/599d15b6d03356a97bff7a76155c5604c42a2962 https://git.kernel.org/stable/c/594a9f5a8d2de2573a856e506f77ba7dd2cefc6a https://git.kernel.org/stable/c/4b3786a6c5397dc220b1483d8e2f4867743e966f •

CVSS: -EPSS: 0%CPEs: 2EXPL: 0

In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to wait dio completion It should wait all existing dio write IOs before block removal, otherwise, previous direct write IO may overwrite data in the block which may be reused by other inode. • https://git.kernel.org/stable/c/e3db757ff9b7101ae68650ac5f6dd5743b68164e https://git.kernel.org/stable/c/96cfeb0389530ae32ade8a48ae3ae1ac3b6c009d •

CVSS: -EPSS: 0%CPEs: 9EXPL: 0

In the Linux kernel, the following vulnerability has been resolved: jfs: fix out-of-bounds in dbNextAG() and diAlloc() In dbNextAG() , there is no check for the case where bmp->db_numag is greater or same than MAXAG due to a polluted image, which causes an out-of-bounds. Therefore, a bounds check should be added in dbMount(). And in dbNextAG(), a check for the case where agpref is greater than bmp->db_numag should be added, so an out-of-bounds exception should be prevented. Additionally, a check for the case where agno is greater or same than MAXAG should be added in diAlloc() to prevent out-of-bounds. • https://git.kernel.org/stable/c/1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 https://git.kernel.org/stable/c/d1017d2a0f3f16dc1db5120e7ddbe7c6680425b0 https://git.kernel.org/stable/c/5ad6284c8d433f8a213111c5c44ead4d9705b622 https://git.kernel.org/stable/c/0338e66cba272351ca9d7d03f3628e390e70963b https://git.kernel.org/stable/c/ead82533278502428883085a787d5a00f15e5eb9 https://git.kernel.org/stable/c/6ce8b6ab44a8b5918c0ee373d4ad19d19017931b https://git.kernel.org/stable/c/c1ba4b8ca799ff1d99d01f37d7ccb7d5ba5533d2 https://git.kernel.org/stable/c/128d5cfdcf844cb690c9295a3a1c1114c •

CVSS: -EPSS: 0%CPEs: 9EXPL: 0

In the Linux kernel, the following vulnerability has been resolved: ntb: intel: Fix the NULL vs IS_ERR() bug for debugfs_create_dir() The debugfs_create_dir() function returns error pointers. It never returns NULL. So use IS_ERR() to check it. • https://git.kernel.org/stable/c/e26a5843f7f5014ae4460030ca4de029a3ac35d3 https://git.kernel.org/stable/c/20cbc281033ef5324f67f2d54bc539968f937255 https://git.kernel.org/stable/c/4b2fbba4e44630a59b09d32627b63c4ffdf70f78 https://git.kernel.org/stable/c/ef7e34237e2612b116a84c9640628a6f7a0d693e https://git.kernel.org/stable/c/a429158f2e0a7a03eb67fd5e204e1f6735c725aa https://git.kernel.org/stable/c/7cbd6d7fb9ba2be03978809c848e2e50eaeead2c https://git.kernel.org/stable/c/16e5bed6c1883b19f9fcbdff996aa3381954d5f3 https://git.kernel.org/stable/c/b66bf833e72a1e23d7ccafc0f8f74e80f •