Medium
CVSS: 5.5
Yayın: 2025-01-11 13:15:25
In the Linux kernel, the following vulnerability has been resolved:
ceph: give up on paths longer than PATH_MAX
If the full path to be built by ceph_mdsc_build_path() happens to be
longer than PATH_MAX, then this function will enter an endless (ret…
Medium
CVSS: 5.5
Yayın: 2025-01-11 13:15:25
In the Linux kernel, the following vulnerability has been resolved:
regulator: axp20x: AXP717: set ramp_delay
AXP717 datasheet says that regulator ramp delay is 15.625 us/step,
which is 10mV in our case.
Add a AXP_DESC_RANGES_DELAY macro and updat…
Medium
CVSS: 5.5
Yayın: 2025-01-11 13:15:25
In the Linux kernel, the following vulnerability has been resolved:
ipvs: fix UB due to uninitialized stack access in ip_vs_protocol_init()
Under certain kernel configurations when building with Clang/LLVM, the
compiler does not generate a return o…
High
CVSS: 7.1
Yayın: 2025-01-11 13:15:25
In the Linux kernel, the following vulnerability has been resolved:
igb: Fix potential invalid memory access in igb_init_module()
The pci_register_driver() can fail and when this happened, the dca_notifier
needs to be unregistered, otherwise the dc…
High
CVSS: 7.8
Yayın: 2025-01-11 13:15:24
In the Linux kernel, the following vulnerability has been resolved:
mm: use aligned address in clear_gigantic_page()
In current kernel, hugetlb_no_page() calls folio_zero_user() with the
fault address. Where the fault address may be not aligned wi…
High
CVSS: 7.8
Yayın: 2025-01-11 13:15:24
In the Linux kernel, the following vulnerability has been resolved:
mm: use aligned address in copy_user_gigantic_page()
In current kernel, hugetlb_wp() calls copy_user_large_folio() with the
fault address. Where the fault address may be not align…
High
CVSS: 7.8
Yayın: 2025-01-11 13:15:24
In the Linux kernel, the following vulnerability has been resolved:
spi: mpc52xx: Add cancel_work_sync before module remove
If we remove the module which will call mpc52xx_spi_remove
it will free 'ms' through spi_unregister_controller.
while the wo…
Medium
CVSS: 5.5
Yayın: 2025-01-11 13:15:24
In the Linux kernel, the following vulnerability has been resolved:
sched/fair: Fix NEXT_BUDDY
Adam reports that enabling NEXT_BUDDY insta triggers a WARN in
pick_next_entity().
Moving clear_buddies() up before the delayed dequeue bits ensures
no…
Medium
CVSS: 5.5
Yayın: 2025-01-11 13:15:24
In the Linux kernel, the following vulnerability has been resolved:
net/smc: check iparea_offset and ipv6_prefixes_cnt when receiving proposal msg
When receiving proposal msg in server, the field iparea_offset
and the field ipv6_prefixes_cnt in pro…
Medium
CVSS: 5.7
Yayın: 2025-01-11 13:15:23
In the Linux kernel, the following vulnerability has been resolved:
nvme-rdma: unquiesce admin_q before destroy it
Kernel will hang on destroy admin_q while we create ctrl failed, such
as following calltrace:
PID: 23644 TASK: ff2d52b40f439fc0…
Medium
CVSS: 5.5
Yayın: 2025-01-11 13:15:23
In the Linux kernel, the following vulnerability has been resolved:
net/smc: check v2_ext_offset/eid_cnt/ism_gid_cnt when receiving proposal msg
When receiving proposal msg in server, the fields v2_ext_offset/
eid_cnt/ism_gid_cnt in proposal msg ar…
Medium
CVSS: 5.5
Yayın: 2025-01-11 13:15:23
In the Linux kernel, the following vulnerability has been resolved:
bcache: revert replacing IS_ERR_OR_NULL with IS_ERR again
Commit 028ddcac477b ("bcache: Remove unnecessary NULL point check in
node allocations") leads a NULL pointer deference in…
Medium
CVSS: 5.5
Yayın: 2025-01-11 13:15:23
In the Linux kernel, the following vulnerability has been resolved:
stackdepot: fix stack_depot_save_flags() in NMI context
Per documentation, stack_depot_save_flags() was meant to be usable from
NMI context if STACK_DEPOT_FLAG_CAN_ALLOC is unset.…
Medium
CVSS: 5.5
Yayın: 2025-01-11 13:15:22
In the Linux kernel, the following vulnerability has been resolved:
btrfs: don't take dev_replace rwsem on task already holding it
Running fstests btrfs/011 with MKFS_OPTIONS="-O rst" to force the usage of
the RAID stripe-tree, we get the following…
Medium
CVSS: 5.5
Yayın: 2025-01-11 13:15:22
In the Linux kernel, the following vulnerability has been resolved:
wifi: rtw89: check return value of ieee80211_probereq_get() for RNR
The return value of ieee80211_probereq_get() might be NULL, so check it
before using to avoid NULL pointer acces…
Medium
CVSS: 5.5
Yayın: 2025-01-11 13:15:22
In the Linux kernel, the following vulnerability has been resolved:
dlm: fix possible lkb_resource null dereference
This patch fixes a possible null pointer dereference when this function is
called from request_lock() as lkb->lkb_resource is not as…
Medium
CVSS: 5.5
Yayın: 2025-01-11 13:15:22
In the Linux kernel, the following vulnerability has been resolved:
bpf: Prevent tailcall infinite loop caused by freplace
There is a potential infinite loop issue that can occur when using a
combination of tail calls and freplace.
In an upcoming…
Medium
CVSS: 5.5
Yayın: 2025-01-11 13:15:22
In the Linux kernel, the following vulnerability has been resolved:
net/smc: check smcd_v2_ext_offset when receiving proposal msg
When receiving proposal msg in server, the field smcd_v2_ext_offset in
proposal msg is from the remote client and can…
Medium
CVSS: 5.5
Yayın: 2025-01-11 13:15:22
In the Linux kernel, the following vulnerability has been resolved:
dma-debug: fix a possible deadlock on radix_lock
radix_lock() shouldn't be held while holding dma_hash_entry[idx].lock
otherwise, there's a possible deadlock scenario when
dma debu…
Medium
CVSS: 5.5
Yayın: 2025-01-11 13:15:21
In the Linux kernel, the following vulnerability has been resolved:
pinmux: Use sequential access to access desc->pinmux data
When two client of the same gpio call pinctrl_select_state() for the
same functionality, we are seeing NULL pointer issue…