ISHACK AI BOT

Debian: CVE-2021-47041: linux -- security update Severity 5 CVSS (AV:L/AC:L/Au:S/C:N/I:N/A:C) Published 02/28/2024 Created 07/31/2024 Added 07/30/2024 Modified 01/28/2025 Description In the Linux kernel, the following vulnerability has been resolved: nvmet-tcp: fix incorrect locking in state_change sk callback We are not changing anything in the TCP connection state so we should not take a write_lock but rather a read lock. This caused a deadlock when running nvmet-tcp and nvme-tcp on the same system, where state_change callbacks on the host and on the controller side have causal relationship and made lockdep report on this with blktests: ================================ WARNING: inconsistent lock state 5.12.0-rc3 #1 Tainted: GI -------------------------------- inconsistent {IN-SOFTIRQ-W} -> {SOFTIRQ-ON-R} usage. nvme/1324 [HC0[0]:SC0[0]:HE1:SE1] takes: ffff888363151000 (clock-AF_INET){++-?}-{2:2}, at: nvme_tcp_state_change+0x21/0x150 [nvme_tcp] {IN-SOFTIRQ-W} state was registered at: __lock_acquire+0x79b/0x18d0 lock_acquire+0x1ca/0x480 _raw_write_lock_bh+0x39/0x80 nvmet_tcp_state_change+0x21/0x170 [nvmet_tcp] tcp_fin+0x2a8/0x780 tcp_data_queue+0xf94/0x1f20 tcp_rcv_established+0x6ba/0x1f00 tcp_v4_do_rcv+0x502/0x760 tcp_v4_rcv+0x257e/0x3430 ip_protocol_deliver_rcu+0x69/0x6a0 ip_local_deliver_finish+0x1e2/0x2f0 ip_local_deliver+0x1a2/0x420 ip_rcv+0x4fb/0x6b0 __netif_receive_skb_one_core+0x162/0x1b0 process_backlog+0x1ff/0x770 __napi_poll.constprop.0+0xa9/0x5c0 net_rx_action+0x7b3/0xb30 __do_softirq+0x1f0/0x940 do_softirq+0xa1/0xd0 __local_bh_enable_ip+0xd8/0x100 ip_finish_output2+0x6b7/0x18a0 __ip_queue_xmit+0x706/0x1aa0 __tcp_transmit_skb+0x2068/0x2e20 tcp_write_xmit+0xc9e/0x2bb0 __tcp_push_pending_frames+0x92/0x310 inet_shutdown+0x158/0x300 __nvme_tcp_stop_queue+0x36/0x270 [nvme_tcp] nvme_tcp_stop_queue+0x87/0xb0 [nvme_tcp] nvme_tcp_teardown_admin_queue+0x69/0xe0 [nvme_tcp] nvme_do_delete_ctrl+0x100/0x10c [nvme_core] nvme_sysfs_delete.cold+0x8/0xd [nvme_core] kernfs_fop_write_iter+0x2c7/0x460 new_sync_write+0x36c/0x610 vfs_write+0x5c0/0x870 ksys_write+0xf9/0x1d0 do_syscall_64+0x33/0x40 entry_SYSCALL_64_after_hwframe+0x44/0xae irq event stamp: 10687 hardirqs lastenabled at (10687): [<ffffffff9ec376bd>] _raw_spin_unlock_irqrestore+0x2d/0x40 hardirqs last disabled at (10686): [<ffffffff9ec374d8>] _raw_spin_lock_irqsave+0x68/0x90 softirqs lastenabled at (10684): [<ffffffff9f000608>] __do_softirq+0x608/0x940 softirqs last disabled at (10649): [<ffffffff9cdedd31>] do_softirq+0xa1/0xd0 other info that might help us debug this: Possible unsafe locking scenario: CPU0 ---- lock(clock-AF_INET); <Interrupt> lock(clock-AF_INET); *** DEADLOCK *** 5 locks held by nvme/1324: #0: ffff8884a01fe470 (sb_writers#4){.+.+}-{0:0}, at: ksys_write+0xf9/0x1d0 #1: ffff8886e435c090 (&of->mutex){+.+.}-{3:3}, at: kernfs_fop_write_iter+0x216/0x460 #2: ffff888104d90c38 (kn->active#255){++++}-{0:0}, at: kernfs_remove_self+0x22d/0x330 #3: ffff8884634538d0 (&queue->queue_lock){+.+.}-{3:3}, at: nvme_tcp_stop_queue+0x52/0xb0 [nvme_tcp] #4: ffff888363150d30 (sk_lock-AF_INET){+.+.}-{0:0}, at: inet_shutdown+0x59/0x300 stack backtrace: CPU: 26 PID: 1324 Comm: nvme Tainted: GI 5.12.0-rc3 #1 Hardware name: Dell Inc. PowerEdge R640/06NR82, BIOS 2.10.0 11/12/2020 Call Trace: dump_stack+0x93/0xc2 mark_lock_irq.cold+0x2c/0xb3 ? verify_lock_unused+0x390/0x390 ? stack_trace_consume_entry+0x160/0x160 ? lock_downgrade+0x100/0x100 ? save_trace+0x88/0x5e0 ? _raw_spin_unlock_irqrestore+0x2d/0x40 mark_lock+0x530/0x1470 ? mark_lock_irq+0x1d10/0x1d10 ? enqueue_timer+0x660/0x660 mark_usage+0x215/0x2a0 __lock_acquire+0x79b/0x18d0 ? tcp_schedule_loss_probe.part.0+0x38c/0x520 lock_acquire+0x1ca/0x480 ? nvme_tcp_state_change+0x21/0x150 [nvme_tcp] ? rcu_read_unlock+0x40/0x40 ? tcp_mtu_probe+0x1ae0/0x1ae0 ? kmalloc_reserve+0xa0/0xa0 ? sysfs_file_ops+0x170/0x170 _raw_read_lock+0x3d/0xa0 ? nvme_tcp_state_change+0x21/0x150 [nvme_tcp] nvme_tcp_state_change+0x21/0x150 [nvme_tcp] ? sysfs_file_ops ---truncated--- Solution(s) debian-upgrade-linux References https://attackerkb.com/topics/cve-2021-47041 CVE - 2021-47041

Ubuntu: USN-6731-1 (CVE-2024-27285): YARD vulnerabilities Severity 4 CVSS (AV:L/AC:M/Au:N/C:P/I:P/A:P) Published 02/28/2024 Created 04/16/2024 Added 04/16/2024 Modified 11/15/2024 Description YARD is a Ruby Documentation tool. The "frames.html" file within the Yard Doc's generated documentation is vulnerable to Cross-Site Scripting (XSS) attacks due to inadequate sanitization of user input within the JavaScript segment of the "frames.erb" template file.This vulnerability is fixed in 0.9.36. Solution(s) ubuntu-pro-upgrade-yard References https://attackerkb.com/topics/cve-2024-27285 CVE - 2024-27285 USN-6731-1

Oracle Linux: CVE-2024-26462: ELSA-2024-9331:krb5 security update (MODERATE) (Multiple Advisories) Severity 8 CVSS (AV:N/AC:L/Au:N/C:N/I:N/A:C) Published 02/28/2024 Created 11/23/2024 Added 11/21/2024 Modified 11/22/2024 Description Kerberos 5 (aka krb5) 1.21.2 contains a memory leak vulnerability in /krb5/src/kdc/ndr.c. A memory leak flaw was found in krb5 in /krb5/src/kdc/ndr.c. This issue can lead to a denial of service through memory exhaustion. Solution(s) oracle-linux-upgrade-krb5-devel oracle-linux-upgrade-krb5-libs oracle-linux-upgrade-krb5-pkinit oracle-linux-upgrade-krb5-server oracle-linux-upgrade-krb5-server-ldap oracle-linux-upgrade-krb5-workstation oracle-linux-upgrade-libkadm5 References https://attackerkb.com/topics/cve-2024-26462 CVE - 2024-26462 ELSA-2024-9331

VMware Photon OS: CVE-2024-23807 Severity 10 CVSS (AV:N/AC:L/Au:N/C:C/I:C/A:C) Published 02/28/2024 Created 01/21/2025 Added 01/20/2025 Modified 02/04/2025 Description The Apache Xerces C++ XML parser on versions 3.0.0 before 3.2.5 contains a use-after-free error triggered during the scanning of external DTDs. Users are recommended to upgrade to version 3.2.5 which fixes the issue, or mitigate the issue by disabling DTD processing. This can be accomplished via the DOM using a standard parser feature, or via SAX using the XERCES_DISABLE_DTD environment variable. This issue has been disclosed before as CVE-2018-1311, but unfortunately that advisory incorrectly stated the issue would be fixed in version 3.2.3 or 3.2.4. Solution(s) vmware-photon_os_update_tdnf References https://attackerkb.com/topics/cve-2024-23807 CVE - 2024-23807

Huawei EulerOS: CVE-2024-21885: xorg-x11-server security update Severity 4 CVSS (AV:L/AC:M/Au:N/C:P/I:P/A:P) Published 02/28/2024 Created 10/09/2024 Added 10/08/2024 Modified 10/08/2024 Description A flaw was found in X.Org server. In the XISendDeviceHierarchyEvent function, it is possible to exceed the allocated array length when certain new device IDs are added to the xXIHierarchyInfo struct. This can trigger a heap buffer overflow condition, which may lead to an application crash or remote code execution in SSH X11 forwarding environments. Solution(s) huawei-euleros-2_0_sp5-upgrade-xorg-x11-server-common huawei-euleros-2_0_sp5-upgrade-xorg-x11-server-xephyr huawei-euleros-2_0_sp5-upgrade-xorg-x11-server-xorg huawei-euleros-2_0_sp5-upgrade-xorg-x11-server-xvfb References https://attackerkb.com/topics/cve-2024-21885 CVE - 2024-21885 EulerOS-SA-2024-2079

Amazon Linux AMI 2: CVE-2021-47015: Security patch for kernel (Multiple Advisories) Severity 5 CVSS (AV:L/AC:L/Au:S/C:N/I:N/A:C) Published 02/28/2024 Created 05/28/2024 Added 05/28/2024 Modified 01/28/2025 Description In the Linux kernel, the following vulnerability has been resolved: bnxt_en: Fix RX consumer index logic in the error path. In bnxt_rx_pkt(), the RX buffers are expected to complete in order. If the RX consumer index indicates an out of order buffer completion, it means we are hitting a hardware bug and the driver will abort all remaining RX packets and reset the RX ring.The RX consumer index that we pass to bnxt_discard_rx() is not correct.We should be passing the current index (tmp_raw_cons) instead of the old index (raw_cons).This bug can cause us to be at the wrong index when trying to abort the next RX packet.It can crash like this: #0 [ffff9bbcdf5c39a8] machine_kexec at ffffffff9b05e007 #1 [ffff9bbcdf5c3a00] __crash_kexec at ffffffff9b111232 #2 [ffff9bbcdf5c3ad0] panic at ffffffff9b07d61e #3 [ffff9bbcdf5c3b50] oops_end at ffffffff9b030978 #4 [ffff9bbcdf5c3b78] no_context at ffffffff9b06aaf0 #5 [ffff9bbcdf5c3bd8] __bad_area_nosemaphore at ffffffff9b06ae2e #6 [ffff9bbcdf5c3c28] bad_area_nosemaphore at ffffffff9b06af24 #7 [ffff9bbcdf5c3c38] __do_page_fault at ffffffff9b06b67e #8 [ffff9bbcdf5c3cb0] do_page_fault at ffffffff9b06bb12 #9 [ffff9bbcdf5c3ce0] page_fault at ffffffff9bc015c5 [exception RIP: bnxt_rx_pkt+237] RIP: ffffffffc0259cddRSP: ffff9bbcdf5c3d98RFLAGS: 00010213 RAX: 000000005dd8097fRBX: ffff9ba4cb11b7e0RCX: ffffa923cf6e9000 RDX: 0000000000000fffRSI: 0000000000000627RDI: 0000000000001000 RBP: ffff9bbcdf5c3e60 R8: 0000000000420003 R9: 000000000000020d R10: ffffa923cf6ec138R11: ffff9bbcdf5c3e83R12: ffff9ba4d6f928c0 R13: ffff9ba4cac28080R14: ffff9ba4cb11b7f0R15: ffff9ba4d5a30000 ORIG_RAX: ffffffffffffffffCS: 0010SS: 0018 Solution(s) amazon-linux-ami-2-upgrade-bpftool amazon-linux-ami-2-upgrade-bpftool-debuginfo amazon-linux-ami-2-upgrade-kernel amazon-linux-ami-2-upgrade-kernel-debuginfo amazon-linux-ami-2-upgrade-kernel-debuginfo-common-aarch64 amazon-linux-ami-2-upgrade-kernel-debuginfo-common-x86_64 amazon-linux-ami-2-upgrade-kernel-devel amazon-linux-ami-2-upgrade-kernel-headers amazon-linux-ami-2-upgrade-kernel-tools amazon-linux-ami-2-upgrade-kernel-tools-debuginfo amazon-linux-ami-2-upgrade-kernel-tools-devel amazon-linux-ami-2-upgrade-perf amazon-linux-ami-2-upgrade-perf-debuginfo amazon-linux-ami-2-upgrade-python-perf amazon-linux-ami-2-upgrade-python-perf-debuginfo References https://attackerkb.com/topics/cve-2021-47015 AL2/ALASKERNEL-5.10-2022-002 AL2/ALASKERNEL-5.4-2022-004 CVE - 2021-47015

Cisco NX-OS: CVE-2024-20321: Cisco NX-OS Software External Border Gateway Protocol Denial of Service Vulnerability Severity 8 CVSS (AV:N/AC:L/Au:N/C:N/I:N/A:C) Published 02/28/2024 Created 03/01/2024 Added 02/29/2024 Modified 11/13/2024 Description A vulnerability in the External Border Gateway Protocol (eBGP) implementation of Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability exists because eBGP traffic is mapped to a shared hardware rate-limiter queue. An attacker could exploit this vulnerability by sending large amounts of network traffic with certain characteristics through an affected device. A successful exploit could allow the attacker to cause eBGP neighbor sessions to be dropped, leading to a DoS condition in the network. Solution(s) cisco-nx-update-latest References https://attackerkb.com/topics/cve-2024-20321 CVE - 2024-20321 https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-nxos-ebgp-dos-L3QCwVJ cisco-sa-nxos-ebgp-dos-L3QCwVJ

SUSE: CVE-2021-46989: SUSE Linux Security Advisory Severity 4 CVSS (AV:L/AC:M/Au:N/C:P/I:P/A:P) Published 02/28/2024 Created 08/16/2024 Added 08/09/2024 Modified 08/09/2024 Description In the Linux kernel, the following vulnerability has been resolved: hfsplus: prevent corruption in shrinking truncate I believe there are some issues introduced by commit 31651c607151 ("hfsplus: avoid deadlock on file truncation") HFS+ has extent records which always contains 8 extents.In case the first extent record in catalog file gets full, new ones are allocated from extents overflow file. In case shrinking truncate happens to middle of an extent record which locates in extents overflow file, the logic in hfsplus_file_truncate() was changed so that call to hfs_brec_remove() is not guarded any more. Right action would be just freeing the extents that exceed the new size inside extent record by calling hfsplus_free_extents(), and then check if the whole extent record should be removed.However since the guard (blk_cnt > start) is now after the call to hfs_brec_remove(), this has unfortunate effect that the last matching extent record is removed unconditionally. To reproduce this issue, create a file which has at least 10 extents, and then perform shrinking truncate into middle of the last extent record, so that the number of remaining extents is not under or divisible by 8.This causes the last extent record (8 extents) to be removed totally instead of truncating into middle of it.Thus this causes corruption, and lost data. Fix for this is simply checking if the new truncated end is below the start of this extent record, making it safe to remove the full extent record.However call to hfs_brec_remove() can't be moved to it's previous place since we're dropping ->tree_lock and it can cause a race condition and the cached info being invalidated possibly corrupting the node data. Another issue is related to this one.When entering into the block (blk_cnt > start) we are not holding the ->tree_lock.We break out from the loop not holding the lock, but hfs_find_exit() does unlock it.Not sure if it's possible for someone else to take the lock under our feet, but it can cause hard to debug errors and premature unlocking.Even if there's no real risk of it, the locking should still always be kept in balance.Thus taking the lock now just before the check. Solution(s) suse-upgrade-kernel-64kb suse-upgrade-kernel-64kb-devel suse-upgrade-kernel-default suse-upgrade-kernel-default-base suse-upgrade-kernel-default-devel suse-upgrade-kernel-devel suse-upgrade-kernel-docs suse-upgrade-kernel-macros suse-upgrade-kernel-obs-build suse-upgrade-kernel-preempt suse-upgrade-kernel-preempt-devel suse-upgrade-kernel-source suse-upgrade-kernel-syms suse-upgrade-kernel-zfcpdump suse-upgrade-reiserfs-kmp-default References https://attackerkb.com/topics/cve-2021-46989 CVE - 2021-46989

Alma Linux: CVE-2023-6917: Moderate: pcp security update (ALSA-2024-2213) Severity 4 CVSS (AV:L/AC:M/Au:N/C:P/I:P/A:P) Published 02/28/2024 Created 05/08/2024 Added 05/08/2024 Modified 11/14/2024 Description A vulnerability has been identified in the Performance Co-Pilot (PCP) package, stemming from the mixed privilege levels utilized by systemd services associated with PCP. While certain services operate within the confines of limited PCP user/group privileges, others are granted full root privileges. This disparity in privilege levels poses a risk when privileged root processes interact with directories or directory trees owned by unprivileged PCP users. Specifically, this vulnerability may lead to the compromise of PCP user isolation and facilitate local PCP-to-root exploits, particularly through symlink attacks. These vulnerabilities underscore the importance of maintaining robust privilege separation mechanisms within PCP to mitigate the potential for unauthorized privilege escalation. Solution(s) alma-upgrade-pcp alma-upgrade-pcp-conf alma-upgrade-pcp-devel alma-upgrade-pcp-doc alma-upgrade-pcp-export-pcp2elasticsearch alma-upgrade-pcp-export-pcp2graphite alma-upgrade-pcp-export-pcp2influxdb alma-upgrade-pcp-export-pcp2json alma-upgrade-pcp-export-pcp2spark alma-upgrade-pcp-export-pcp2xml alma-upgrade-pcp-export-pcp2zabbix alma-upgrade-pcp-export-zabbix-agent alma-upgrade-pcp-geolocate alma-upgrade-pcp-gui alma-upgrade-pcp-import-collectl2pcp alma-upgrade-pcp-import-ganglia2pcp alma-upgrade-pcp-import-iostat2pcp alma-upgrade-pcp-import-mrtg2pcp alma-upgrade-pcp-import-sar2pcp alma-upgrade-pcp-libs alma-upgrade-pcp-libs-devel alma-upgrade-pcp-pmda-activemq alma-upgrade-pcp-pmda-apache alma-upgrade-pcp-pmda-bash alma-upgrade-pcp-pmda-bcc alma-upgrade-pcp-pmda-bind2 alma-upgrade-pcp-pmda-bonding alma-upgrade-pcp-pmda-bpf alma-upgrade-pcp-pmda-bpftrace alma-upgrade-pcp-pmda-cifs alma-upgrade-pcp-pmda-cisco alma-upgrade-pcp-pmda-dbping alma-upgrade-pcp-pmda-denki alma-upgrade-pcp-pmda-dm alma-upgrade-pcp-pmda-docker alma-upgrade-pcp-pmda-ds389 alma-upgrade-pcp-pmda-ds389log alma-upgrade-pcp-pmda-elasticsearch alma-upgrade-pcp-pmda-farm alma-upgrade-pcp-pmda-gfs2 alma-upgrade-pcp-pmda-gluster alma-upgrade-pcp-pmda-gpfs alma-upgrade-pcp-pmda-gpsd alma-upgrade-pcp-pmda-hacluster alma-upgrade-pcp-pmda-haproxy alma-upgrade-pcp-pmda-infiniband alma-upgrade-pcp-pmda-json alma-upgrade-pcp-pmda-libvirt alma-upgrade-pcp-pmda-lio alma-upgrade-pcp-pmda-lmsensors alma-upgrade-pcp-pmda-logger alma-upgrade-pcp-pmda-lustre alma-upgrade-pcp-pmda-lustrecomm alma-upgrade-pcp-pmda-mailq alma-upgrade-pcp-pmda-memcache alma-upgrade-pcp-pmda-mic alma-upgrade-pcp-pmda-mongodb alma-upgrade-pcp-pmda-mounts alma-upgrade-pcp-pmda-mssql alma-upgrade-pcp-pmda-mysql alma-upgrade-pcp-pmda-named alma-upgrade-pcp-pmda-netcheck alma-upgrade-pcp-pmda-netfilter alma-upgrade-pcp-pmda-news alma-upgrade-pcp-pmda-nfsclient alma-upgrade-pcp-pmda-nginx alma-upgrade-pcp-pmda-nvidia-gpu alma-upgrade-pcp-pmda-openmetrics alma-upgrade-pcp-pmda-openvswitch alma-upgrade-pcp-pmda-oracle alma-upgrade-pcp-pmda-pdns alma-upgrade-pcp-pmda-perfevent alma-upgrade-pcp-pmda-podman alma-upgrade-pcp-pmda-postfix alma-upgrade-pcp-pmda-postgresql alma-upgrade-pcp-pmda-rabbitmq alma-upgrade-pcp-pmda-redis alma-upgrade-pcp-pmda-resctrl alma-upgrade-pcp-pmda-roomtemp alma-upgrade-pcp-pmda-rsyslog alma-upgrade-pcp-pmda-samba alma-upgrade-pcp-pmda-sendmail alma-upgrade-pcp-pmda-shping alma-upgrade-pcp-pmda-slurm alma-upgrade-pcp-pmda-smart alma-upgrade-pcp-pmda-snmp alma-upgrade-pcp-pmda-sockets alma-upgrade-pcp-pmda-statsd alma-upgrade-pcp-pmda-summary alma-upgrade-pcp-pmda-systemd alma-upgrade-pcp-pmda-trace alma-upgrade-pcp-pmda-unbound alma-upgrade-pcp-pmda-weblog alma-upgrade-pcp-pmda-zimbra alma-upgrade-pcp-pmda-zswap alma-upgrade-pcp-selinux alma-upgrade-pcp-system-tools alma-upgrade-pcp-testsuite alma-upgrade-pcp-zeroconf alma-upgrade-perl-pcp-logimport alma-upgrade-perl-pcp-logsummary alma-upgrade-perl-pcp-mmv alma-upgrade-perl-pcp-pmda alma-upgrade-python3-pcp References https://attackerkb.com/topics/cve-2023-6917 CVE - 2023-6917 https://errata.almalinux.org/9/ALSA-2024-2213.html

SUSE: CVE-2020-36783: SUSE Linux Security Advisory Severity 5 CVSS (AV:L/AC:L/Au:S/C:N/I:N/A:C) Published 02/28/2024 Created 08/16/2024 Added 08/09/2024 Modified 01/28/2025 Description In the Linux kernel, the following vulnerability has been resolved: i2c: img-scb: fix reference leak when pm_runtime_get_sync fails The PM reference count is not expected to be incremented on return in functions img_i2c_xfer and img_i2c_init. However, pm_runtime_get_sync will increment the PM reference count even failed. Forgetting to putting operation will result in a reference leak here. Replace it with pm_runtime_resume_and_get to keep usage counter balanced. Solution(s) suse-upgrade-kernel-64kb suse-upgrade-kernel-64kb-devel suse-upgrade-kernel-default suse-upgrade-kernel-default-base suse-upgrade-kernel-default-devel suse-upgrade-kernel-devel suse-upgrade-kernel-docs suse-upgrade-kernel-macros suse-upgrade-kernel-obs-build suse-upgrade-kernel-preempt suse-upgrade-kernel-preempt-devel suse-upgrade-kernel-source suse-upgrade-kernel-syms suse-upgrade-kernel-zfcpdump suse-upgrade-reiserfs-kmp-default References https://attackerkb.com/topics/cve-2020-36783 CVE - 2020-36783

Ubuntu: (CVE-2021-46992): linux vulnerability Severity 6 CVSS (AV:L/AC:L/Au:S/C:C/I:N/A:C) Published 02/28/2024 Created 11/21/2024 Added 11/19/2024 Modified 02/11/2025 Description In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: avoid overflows in nft_hash_buckets() Number of buckets being stored in 32bit variables, we have to ensure that no overflows occur in nft_hash_buckets() syzbot injected a size == 0x40000000 and reported: UBSAN: shift-out-of-bounds in ./include/linux/log2.h:57:13 shift exponent 64 is too large for 64-bit type 'long unsigned int' CPU: 1 PID: 29539 Comm: syz-executor.4 Not tainted 5.12.0-rc7-syzkaller #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 Call Trace: __dump_stack lib/dump_stack.c:79 [inline] dump_stack+0x141/0x1d7 lib/dump_stack.c:120 ubsan_epilogue+0xb/0x5a lib/ubsan.c:148 __ubsan_handle_shift_out_of_bounds.cold+0xb1/0x181 lib/ubsan.c:327 __roundup_pow_of_two include/linux/log2.h:57 [inline] nft_hash_buckets net/netfilter/nft_set_hash.c:411 [inline] nft_hash_estimate.cold+0x19/0x1e net/netfilter/nft_set_hash.c:652 nft_select_set_ops net/netfilter/nf_tables_api.c:3586 [inline] nf_tables_newset+0xe62/0x3110 net/netfilter/nf_tables_api.c:4322 nfnetlink_rcv_batch+0xa09/0x24b0 net/netfilter/nfnetlink.c:488 nfnetlink_rcv_skb_batch net/netfilter/nfnetlink.c:612 [inline] nfnetlink_rcv+0x3af/0x420 net/netfilter/nfnetlink.c:630 netlink_unicast_kernel net/netlink/af_netlink.c:1312 [inline] netlink_unicast+0x533/0x7d0 net/netlink/af_netlink.c:1338 netlink_sendmsg+0x856/0xd90 net/netlink/af_netlink.c:1927 sock_sendmsg_nosec net/socket.c:654 [inline] sock_sendmsg+0xcf/0x120 net/socket.c:674 ____sys_sendmsg+0x6e8/0x810 net/socket.c:2350 ___sys_sendmsg+0xf3/0x170 net/socket.c:2404 __sys_sendmsg+0xe5/0x1b0 net/socket.c:2433 do_syscall_64+0x2d/0x70 arch/x86/entry/common.c:46 Solution(s) ubuntu-upgrade-linux ubuntu-upgrade-linux-aws ubuntu-upgrade-linux-aws-5-4 ubuntu-upgrade-linux-aws-fips ubuntu-upgrade-linux-aws-hwe ubuntu-upgrade-linux-azure ubuntu-upgrade-linux-azure-4-15 ubuntu-upgrade-linux-azure-5-4 ubuntu-upgrade-linux-azure-fips ubuntu-upgrade-linux-bluefield ubuntu-upgrade-linux-fips ubuntu-upgrade-linux-gcp ubuntu-upgrade-linux-gcp-4-15 ubuntu-upgrade-linux-gcp-5-4 ubuntu-upgrade-linux-gcp-fips ubuntu-upgrade-linux-gkeop ubuntu-upgrade-linux-hwe ubuntu-upgrade-linux-hwe-5-4 ubuntu-upgrade-linux-kvm ubuntu-upgrade-linux-oracle ubuntu-upgrade-linux-oracle-5-4 ubuntu-upgrade-linux-raspi ubuntu-upgrade-linux-raspi-5-4 References https://attackerkb.com/topics/cve-2021-46992 CVE - 2021-46992 https://git.kernel.org/linus/a54754ec9891830ba548e2010c889e3c8146e449 https://git.kernel.org/stable/c/1e8ab479cfbe5751efccedb95afb9b112a5ba475 https://git.kernel.org/stable/c/2824cafc6a93792d9ad85939c499161214d84c4b https://git.kernel.org/stable/c/72b49dd116ca00a46a11d5a4d8d7987f05ed9cd7 https://git.kernel.org/stable/c/a388d10961ff8578b1a6691945d406c0f33aa71b https://git.kernel.org/stable/c/a54754ec9891830ba548e2010c889e3c8146e449 https://git.kernel.org/stable/c/c77e2ef18167ad334e27610ced9a7f6af5ec1787 https://git.kernel.org/stable/c/efcd730ddd6f25578bd31bfe703e593e2421d708 https://www.cve.org/CVERecord?id=CVE-2021-46992 View more

Huawei EulerOS: CVE-2021-47010: kernel security update Severity 4 CVSS (AV:L/AC:M/Au:N/C:P/I:P/A:P) Published 02/28/2024 Created 07/23/2024 Added 07/23/2024 Modified 10/08/2024 Description In the Linux kernel, the following vulnerability has been resolved: net: Only allow init netns to set default tcp cong to a restricted algo tcp_set_default_congestion_control() is netns-safe in that it writes to &net->ipv4.tcp_congestion_control, but it also sets ca->flags |= TCP_CONG_NON_RESTRICTED which is not namespaced. This has the unintended side-effect of changing the global net.ipv4.tcp_allowed_congestion_control sysctl, despite the fact that it is read-only: 97684f0970f6 ("net: Make tcp_allowed_congestion_control readonly in non-init netns") Resolve this netns "leak" by only allowing the init netns to set the default algorithm to one that is restricted. This restriction could be removed if tcp_allowed_congestion_control were namespace-ified in the future. This bug was uncovered with https://github.com/JonathonReinhart/linux-netns-sysctl-verify Solution(s) huawei-euleros-2_0_sp8-upgrade-bpftool huawei-euleros-2_0_sp8-upgrade-kernel huawei-euleros-2_0_sp8-upgrade-kernel-devel huawei-euleros-2_0_sp8-upgrade-kernel-headers huawei-euleros-2_0_sp8-upgrade-kernel-tools huawei-euleros-2_0_sp8-upgrade-kernel-tools-libs huawei-euleros-2_0_sp8-upgrade-perf huawei-euleros-2_0_sp8-upgrade-python-perf huawei-euleros-2_0_sp8-upgrade-python3-perf References https://attackerkb.com/topics/cve-2021-47010 CVE - 2021-47010 EulerOS-SA-2024-2476

Huawei EulerOS: CVE-2021-47006: kernel security update Severity 4 CVSS (AV:L/AC:M/Au:N/C:P/I:P/A:P) Published 02/28/2024 Created 07/23/2024 Added 07/23/2024 Modified 10/08/2024 Description In the Linux kernel, the following vulnerability has been resolved: ARM: 9064/1: hw_breakpoint: Do not directly check the event's overflow_handler hook The commit 1879445dfa7b ("perf/core: Set event's default ::overflow_handler()") set a default event->overflow_handler in perf_event_alloc(), and replace the check event->overflow_handler with is_default_overflow_handler(), but one is missing. Currently, the bp->overflow_handler can not be NULL. As a result, enable_single_step() is always not invoked. Comments from Zhen Lei: https://patchwork.kernel.org/project/linux-arm-kernel/patch/[email protected]/ Solution(s) huawei-euleros-2_0_sp8-upgrade-bpftool huawei-euleros-2_0_sp8-upgrade-kernel huawei-euleros-2_0_sp8-upgrade-kernel-devel huawei-euleros-2_0_sp8-upgrade-kernel-headers huawei-euleros-2_0_sp8-upgrade-kernel-tools huawei-euleros-2_0_sp8-upgrade-kernel-tools-libs huawei-euleros-2_0_sp8-upgrade-perf huawei-euleros-2_0_sp8-upgrade-python-perf huawei-euleros-2_0_sp8-upgrade-python3-perf References https://attackerkb.com/topics/cve-2021-47006 CVE - 2021-47006 EulerOS-SA-2024-2476

Ubuntu: USN-6668-1 (CVE-2023-6110): python-openstackclient vulnerability Severity 6 CVSS (AV:N/AC:M/Au:S/C:P/I:P/A:P) Published 02/28/2024 Created 03/01/2024 Added 02/29/2024 Modified 01/30/2025 Description A flaw was found in OpenStack. When a user tries to delete a non-existing access rule in it's scope, it deletes other existing access rules which are not associated with any application credentials. Solution(s) ubuntu-upgrade-python3-openstackclient References https://attackerkb.com/topics/cve-2023-6110 CVE - 2023-6110 USN-6668-1

Ubuntu: (CVE-2021-46993): linux vulnerability Severity 6 CVSS (AV:L/AC:L/Au:S/C:C/I:N/A:C) Published 02/28/2024 Created 11/21/2024 Added 11/19/2024 Modified 02/11/2025 Description In the Linux kernel, the following vulnerability has been resolved: sched: Fix out-of-bound access in uclamp Util-clamp places tasks in different buckets based on their clamp values for performance reasons. However, the size of buckets is currently computed using a rounding division, which can lead to an off-by-one error in some configurations. For instance, with 20 buckets, the bucket size will be 1024/20=51. A task with a clamp of 1024 will be mapped to bucket id 1024/51=20. Sadly, correct indexes are in range [0,19], hence leading to an out of bound memory access. Clamp the bucket id to fix the issue. Solution(s) ubuntu-upgrade-linux ubuntu-upgrade-linux-aws ubuntu-upgrade-linux-aws-5-4 ubuntu-upgrade-linux-aws-fips ubuntu-upgrade-linux-azure ubuntu-upgrade-linux-azure-5-4 ubuntu-upgrade-linux-azure-fips ubuntu-upgrade-linux-bluefield ubuntu-upgrade-linux-fips ubuntu-upgrade-linux-gcp ubuntu-upgrade-linux-gcp-5-4 ubuntu-upgrade-linux-gcp-fips ubuntu-upgrade-linux-gkeop ubuntu-upgrade-linux-hwe-5-4 ubuntu-upgrade-linux-kvm ubuntu-upgrade-linux-oracle ubuntu-upgrade-linux-oracle-5-4 ubuntu-upgrade-linux-raspi ubuntu-upgrade-linux-raspi-5-4 References https://attackerkb.com/topics/cve-2021-46993 CVE - 2021-46993 https://git.kernel.org/linus/6d2f8909a5fabb73fe2a63918117943986c39b6c https://git.kernel.org/stable/c/3da3f804b82a0a382d523a21acf4cf3bb35f936d https://git.kernel.org/stable/c/42ee47c7e3569d9a0e2cb5053c496d97d380472f https://git.kernel.org/stable/c/687f523c134b7f0bd040ee1230f6d17990d54172 https://git.kernel.org/stable/c/6d2f8909a5fabb73fe2a63918117943986c39b6c https://git.kernel.org/stable/c/f7347c85490b92dd144fa1fba9e1eca501656ab3 https://www.cve.org/CVERecord?id=CVE-2021-46993 View more

Ubuntu: USN-6739-1 (CVE-2021-46990): Linux kernel vulnerabilities Severity 5 CVSS (AV:L/AC:L/Au:S/C:N/I:N/A:C) Published 02/28/2024 Created 04/22/2024 Added 04/22/2024 Modified 01/30/2025 Description In the Linux kernel, the following vulnerability has been resolved: powerpc/64s: Fix crashes when toggling entry flush barrier The entry flush mitigation can be enabled/disabled at runtime via a debugfs file (entry_flush), which causes the kernel to patch itself to enable/disable the relevant mitigations. However depending on which mitigation we're using, it may not be safe to do that patching while other CPUs are active. For example the following crash: sleeper[15639]: segfault (11) at c000000000004c20 nip c000000000004c20 lr c000000000004c20 Shows that we returned to userspace with a corrupted LR that points into the kernel, due to executing the partially patched call to the fallback entry flush (ie. we missed the LR restore). Fix it by doing the patching under stop machine. The CPUs that aren't doing the patching will be spinning in the core of the stop machine logic. That is currently sufficient for our purposes, because none of the patching we do is to that code or anywhere in the vicinity. Solution(s) ubuntu-upgrade-linux-image-4-4-0-1130-aws ubuntu-upgrade-linux-image-4-4-0-1131-kvm ubuntu-upgrade-linux-image-4-4-0-1168-aws ubuntu-upgrade-linux-image-4-4-0-253-generic ubuntu-upgrade-linux-image-4-4-0-253-lowlatency ubuntu-upgrade-linux-image-aws ubuntu-upgrade-linux-image-generic ubuntu-upgrade-linux-image-generic-lts-xenial ubuntu-upgrade-linux-image-kvm ubuntu-upgrade-linux-image-lowlatency ubuntu-upgrade-linux-image-lowlatency-lts-xenial ubuntu-upgrade-linux-image-virtual ubuntu-upgrade-linux-image-virtual-lts-xenial References https://attackerkb.com/topics/cve-2021-46990 CVE - 2021-46990 USN-6739-1

Ubuntu: (CVE-2021-46988): linux vulnerability Severity 5 CVSS (AV:L/AC:L/Au:S/C:N/I:N/A:C) Published 02/28/2024 Created 11/21/2024 Added 11/19/2024 Modified 02/11/2025 Description In the Linux kernel, the following vulnerability has been resolved: userfaultfd: release page in error path to avoid BUG_ON Consider the following sequence of events: 1. Userspace issues a UFFD ioctl, which ends up calling into shmem_mfill_atomic_pte(). We successfully account the blocks, we shmem_alloc_page(), but then the copy_from_user() fails. We return -ENOENT. We don't release the page we allocated. 2. Our caller detects this error code, tries the copy_from_user() after dropping the mmap_lock, and retries, calling back into shmem_mfill_atomic_pte(). 3. Meanwhile, let's say another process filled up the tmpfs being used. 4. So shmem_mfill_atomic_pte() fails to account blocks this time, and immediately returns - without releasing the page. This triggers a BUG_ON in our caller, which asserts that the page should always be consumed, unless -ENOENT is returned. To fix this, detect if we have such a "dangling" page when accounting fails, and if so, release it before returning. Solution(s) ubuntu-upgrade-linux ubuntu-upgrade-linux-aws ubuntu-upgrade-linux-aws-5-4 ubuntu-upgrade-linux-aws-fips ubuntu-upgrade-linux-aws-hwe ubuntu-upgrade-linux-azure ubuntu-upgrade-linux-azure-4-15 ubuntu-upgrade-linux-azure-5-4 ubuntu-upgrade-linux-azure-fips ubuntu-upgrade-linux-bluefield ubuntu-upgrade-linux-fips ubuntu-upgrade-linux-gcp ubuntu-upgrade-linux-gcp-4-15 ubuntu-upgrade-linux-gcp-5-4 ubuntu-upgrade-linux-gcp-fips ubuntu-upgrade-linux-gkeop ubuntu-upgrade-linux-hwe ubuntu-upgrade-linux-hwe-5-4 ubuntu-upgrade-linux-kvm ubuntu-upgrade-linux-oracle ubuntu-upgrade-linux-oracle-5-4 ubuntu-upgrade-linux-raspi ubuntu-upgrade-linux-raspi-5-4 References https://attackerkb.com/topics/cve-2021-46988 CVE - 2021-46988 https://git.kernel.org/linus/7ed9d238c7dbb1fdb63ad96a6184985151b0171c https://git.kernel.org/stable/c/07c9b834c97d0fa3402fb7f3f3b32df370a6ff1f https://git.kernel.org/stable/c/140cfd9980124aecb6c03ef2e69c72d0548744de https://git.kernel.org/stable/c/2d59a0ed8b26b8f3638d8afc31f839e27759f1f6 https://git.kernel.org/stable/c/319116227e52d49eee671f0aa278bac89b3c1b69 https://git.kernel.org/stable/c/7ed9d238c7dbb1fdb63ad96a6184985151b0171c https://git.kernel.org/stable/c/ad53127973034c63b5348715a1043d0e80ceb330 https://git.kernel.org/stable/c/b3f1731c6d7fbc1ebe3ed8eff6d6bec56d76ff43 https://www.cve.org/CVERecord?id=CVE-2021-46988 View more

Debian: CVE-2024-27285: yard -- security update Severity 4 CVSS (AV:L/AC:M/Au:N/C:P/I:P/A:P) Published 02/28/2024 Created 03/07/2024 Added 03/06/2024 Modified 03/06/2024 Description YARD is a Ruby Documentation tool. The "frames.html" file within the Yard Doc's generated documentation is vulnerable to Cross-Site Scripting (XSS) attacks due to inadequate sanitization of user input within the JavaScript segment of the "frames.erb" template file.This vulnerability is fixed in 0.9.36. Solution(s) debian-upgrade-yard References https://attackerkb.com/topics/cve-2024-27285 CVE - 2024-27285 DSA-5635-1

Debian: CVE-2020-36779: linux -- security update Severity 5 CVSS (AV:L/AC:L/Au:S/C:N/I:N/A:C) Published 02/28/2024 Created 07/31/2024 Added 07/30/2024 Modified 01/28/2025 Description In the Linux kernel, the following vulnerability has been resolved: i2c: stm32f7: fix reference leak when pm_runtime_get_sync fails The PM reference count is not expected to be incremented on return in these stm32f7_i2c_xx serious functions. However, pm_runtime_get_sync will increment the PM reference count even failed. Forgetting to putting operation will result in a reference leak here. Replace it with pm_runtime_resume_and_get to keep usage counter balanced. Solution(s) debian-upgrade-linux References https://attackerkb.com/topics/cve-2020-36779 CVE - 2020-36779

Huawei EulerOS: CVE-2024-21886: xorg-x11-server security update Severity 4 CVSS (AV:L/AC:M/Au:N/C:P/I:P/A:P) Published 02/28/2024 Created 06/01/2024 Added 05/31/2024 Modified 05/31/2024 Description A heap buffer overflow flaw was found in the DisableDevice function in the X.Org server. This issue may lead to an application crash or, in some circumstances, remote code execution in SSH X11 forwarding environments. Solution(s) huawei-euleros-2_0_sp12-upgrade-xorg-x11-server-help References https://attackerkb.com/topics/cve-2024-21886 CVE - 2024-21886 EulerOS-SA-2024-1781

Huawei EulerOS: CVE-2021-47013: kernel security update Severity 7 CVSS (AV:L/AC:L/Au:S/C:C/I:C/A:C) Published 02/28/2024 Created 05/10/2024 Added 05/13/2024 Modified 01/30/2025 Description In the Linux kernel, the following vulnerability has been resolved: net:emac/emac-mac: Fix a use after free in emac_mac_tx_buf_send In emac_mac_tx_buf_send, it calls emac_tx_fill_tpd(..,skb,..). If some error happens in emac_tx_fill_tpd(), the skb will be freed via dev_kfree_skb(skb) in error branch of emac_tx_fill_tpd(). But the freed skb is still used via skb->len by netdev_sent_queue(,skb->len). As i observed that emac_tx_fill_tpd() haven't modified the value of skb->len, thus my patch assigns skb->len to 'len' before the possible free and use 'len' instead of skb->len later. Solution(s) huawei-euleros-2_0_sp10-upgrade-kernel huawei-euleros-2_0_sp10-upgrade-kernel-abi-stablelists huawei-euleros-2_0_sp10-upgrade-kernel-tools huawei-euleros-2_0_sp10-upgrade-kernel-tools-libs huawei-euleros-2_0_sp10-upgrade-python3-perf References https://attackerkb.com/topics/cve-2021-47013 CVE - 2021-47013 EulerOS-SA-2024-1570

Oracle Linux: CVE-2021-46984: ELSA-2024-7000:kernel security update (IMPORTANT) (Multiple Advisories) Severity 6 CVSS (AV:L/AC:L/Au:M/C:C/I:N/A:C) Published 02/28/2024 Created 10/18/2024 Added 10/16/2024 Modified 12/10/2024 Description In the Linux kernel, the following vulnerability has been resolved: kyber: fix out of bounds access when preempted __blk_mq_sched_bio_merge() gets the ctx and hctx for the current CPU and passes the hctx to -&gt;bio_merge(). kyber_bio_merge() then gets the ctx for the current CPU again and uses that to get the corresponding Kyber context in the passed hctx. However, the thread may be preempted between the two calls to blk_mq_get_ctx(), and the ctx returned the second time may no longer correspond to the passed hctx. This &quot;works&quot; accidentally most of the time, but it can cause us to read garbage if the second ctx came from an hctx with more ctx&apos;s than the first one (i.e., if ctx-&gt;index_hw[hctx-&gt;type] &gt; hctx-&gt;nr_ctx). This manifested as this UBSAN array index out of bounds error reported by Jakub: UBSAN: array-index-out-of-bounds in ../kernel/locking/qspinlock.c:130:9 index 13106 is out of range for type &apos;long unsigned int [128]&apos; Call Trace: dump_stack+0xa4/0xe5 ubsan_epilogue+0x5/0x40 __ubsan_handle_out_of_bounds.cold.13+0x2a/0x34 queued_spin_lock_slowpath+0x476/0x480 do_raw_spin_lock+0x1c2/0x1d0 kyber_bio_merge+0x112/0x180 blk_mq_submit_bio+0x1f5/0x1100 submit_bio_noacct+0x7b0/0x870 submit_bio+0xc2/0x3a0 btrfs_map_bio+0x4f0/0x9d0 btrfs_submit_data_bio+0x24e/0x310 submit_one_bio+0x7f/0xb0 submit_extent_page+0xc4/0x440 __extent_writepage_io+0x2b8/0x5e0 __extent_writepage+0x28d/0x6e0 extent_write_cache_pages+0x4d7/0x7a0 extent_writepages+0xa2/0x110 do_writepages+0x8f/0x180 __writeback_single_inode+0x99/0x7f0 writeback_sb_inodes+0x34e/0x790 __writeback_inodes_wb+0x9e/0x120 wb_writeback+0x4d2/0x660 wb_workfn+0x64d/0xa10 process_one_work+0x53a/0xa80 worker_thread+0x69/0x5b0 kthread+0x20b/0x240 ret_from_fork+0x1f/0x30 Only Kyber uses the hctx, so fix it by passing the request_queue to -&gt;bio_merge() instead. BFQ and mq-deadline just use that, and Kyber can map the queues itself to avoid the mismatch. Solution(s) oracle-linux-upgrade-kernel References https://attackerkb.com/topics/cve-2021-46984 CVE - 2021-46984 ELSA-2024-7000

Debian: CVE-2021-47032: linux -- security update Severity 5 CVSS (AV:L/AC:L/Au:S/C:N/I:N/A:C) Published 02/28/2024 Created 07/31/2024 Added 07/30/2024 Modified 01/28/2025 Description In the Linux kernel, the following vulnerability has been resolved: mt76: mt7915: fix tx skb dma unmap The first pointer in the txp needs to be unmapped as well, otherwise it will leak DMA mapping entries Solution(s) debian-upgrade-linux References https://attackerkb.com/topics/cve-2021-47032 CVE - 2021-47032

Ubuntu: (CVE-2021-46956): linux vulnerability Severity 5 CVSS (AV:L/AC:L/Au:S/C:N/I:N/A:C) Published 02/27/2024 Created 11/21/2024 Added 11/19/2024 Modified 02/11/2025 Description In the Linux kernel, the following vulnerability has been resolved: virtiofs: fix memory leak in virtio_fs_probe() When accidentally passing twice the same tag to qemu, kmemleak ended up reporting a memory leak in virtiofs.Also, looking at the log I saw the following error (that's when I realised the duplicated tag): virtiofs: probe of virtio5 failed with error -17 Here's the kmemleak log for reference: unreferenced object 0xffff888103d47800 (size 1024): comm "systemd-udevd", pid 118, jiffies 4294893780 (age 18.340s) hex dump (first 32 bytes): 00 00 00 00 ad 4e ad de ff ff ff ff 00 00 00 00.....N.......... ff ff ff ff ff ff ff ff 80 90 02 a0 ff ff ff ff................ backtrace: [<000000000ebb87c1>] virtio_fs_probe+0x171/0x7ae [virtiofs] [<00000000f8aca419>] virtio_dev_probe+0x15f/0x210 [<000000004d6baf3c>] really_probe+0xea/0x430 [<00000000a6ceeac8>] device_driver_attach+0xa8/0xb0 [<00000000196f47a7>] __driver_attach+0x98/0x140 [<000000000b20601d>] bus_for_each_dev+0x7b/0xc0 [<00000000399c7b7f>] bus_add_driver+0x11b/0x1f0 [<0000000032b09ba7>] driver_register+0x8f/0xe0 [<00000000cdd55998>] 0xffffffffa002c013 [<000000000ea196a2>] do_one_initcall+0x64/0x2e0 [<0000000008f727ce>] do_init_module+0x5c/0x260 [<000000003cdedab6>] __do_sys_finit_module+0xb5/0x120 [<00000000ad2f48c6>] do_syscall_64+0x33/0x40 [<00000000809526b5>] entry_SYSCALL_64_after_hwframe+0x44/0xae Solution(s) ubuntu-upgrade-linux ubuntu-upgrade-linux-aws ubuntu-upgrade-linux-aws-5-4 ubuntu-upgrade-linux-aws-fips ubuntu-upgrade-linux-azure ubuntu-upgrade-linux-azure-5-4 ubuntu-upgrade-linux-azure-fips ubuntu-upgrade-linux-bluefield ubuntu-upgrade-linux-fips ubuntu-upgrade-linux-gcp ubuntu-upgrade-linux-gcp-5-4 ubuntu-upgrade-linux-gcp-fips ubuntu-upgrade-linux-gkeop ubuntu-upgrade-linux-hwe-5-4 ubuntu-upgrade-linux-kvm ubuntu-upgrade-linux-oracle ubuntu-upgrade-linux-oracle-5-4 ubuntu-upgrade-linux-raspi ubuntu-upgrade-linux-raspi-5-4 References https://attackerkb.com/topics/cve-2021-46956 CVE - 2021-46956 https://git.kernel.org/linus/c79c5e0178922a9e092ec8fed026750f39dcaef4 https://git.kernel.org/stable/c/310efc95c72c13faf855c692d19cd4d054d827c8 https://git.kernel.org/stable/c/5116e79fc6e6725b8acdad8b7e928a83ab7b47e6 https://git.kernel.org/stable/c/9b9d60c0eb8ada99cce2a9ab5c15dffc523b01ae https://git.kernel.org/stable/c/c79c5e0178922a9e092ec8fed026750f39dcaef4 https://git.kernel.org/stable/c/d19555ff225d0896a33246a49279e6d578095f15 https://www.cve.org/CVERecord?id=CVE-2021-46956 View more

SUSE: CVE-2023-46809: SUSE Linux Security Advisory Severity 4 CVSS (AV:L/AC:M/Au:N/C:P/I:P/A:P) Published 02/28/2024 Created 03/01/2024 Added 02/29/2024 Modified 03/05/2024 Description This CVE is addressed in the SUSE advisories SUSE-SU-2024:0643-1, SUSE-SU-2024:0644-1, SUSE-SU-2024:0728-1, SUSE-SU-2024:0729-1, SUSE-SU-2024:0730-1, SUSE-SU-2024:0731-1, SUSE-SU-2024:0732-1, SUSE-SU-2024:0733-1, CVE-2023-46809. Solution(s) suse-upgrade-corepack18 suse-upgrade-corepack20 suse-upgrade-nodejs12 suse-upgrade-nodejs12-devel suse-upgrade-nodejs12-docs suse-upgrade-nodejs14 suse-upgrade-nodejs14-devel suse-upgrade-nodejs14-docs suse-upgrade-nodejs16 suse-upgrade-nodejs16-devel suse-upgrade-nodejs16-docs suse-upgrade-nodejs18 suse-upgrade-nodejs18-devel suse-upgrade-nodejs18-docs suse-upgrade-nodejs20 suse-upgrade-nodejs20-devel suse-upgrade-nodejs20-docs suse-upgrade-npm12 suse-upgrade-npm14 suse-upgrade-npm16 suse-upgrade-npm18 suse-upgrade-npm20 References https://attackerkb.com/topics/cve-2023-46809 CVE - 2023-46809 SUSE-SU-2024:0643-1 SUSE-SU-2024:0644-1 SUSE-SU-2024:0728-1 SUSE-SU-2024:0729-1 SUSE-SU-2024:0730-1 SUSE-SU-2024:0731-1 SUSE-SU-2024:0732-1 SUSE-SU-2024:0733-1 View more