In the Linux kernel, the following vulnerability has been resolved:
ublk: santizize the arguments from userspace when adding a device
Sanity check the values for queue depth and number of queues
we
In the Linux kernel, the following vulnerability has been resolved:
drm/amdgpu/userq: Do not allow userspace to trivially triger kernel warnings
Userspace can either deliberately pass in the too sma
In the Linux kernel, the following vulnerability has been resolved:
block: ublk: make sure that block size is set correctly
block size is one very key setting for block layer, and bad block size
cou
In the Linux kernel, the following vulnerability has been resolved:
block: ublk: extending queue_size to fix overflow
When validating drafted SPDK ublk target, in a case that
assigning large queue d
In the Linux kernel, the following vulnerability has been resolved:
selinux: Add boundary check in put_entry()
Just like next_entry(), boundary check is necessary to prevent memory
out-of-bound acce
In the Linux kernel, the following vulnerability has been resolved:
scsi: smartpqi: Correct device removal for multi-actuator devices
Correct device count for multi-actuator drives which can cause k
In the Linux kernel, the following vulnerability has been resolved:
ublk: don't allow user copy for unprivileged device
UBLK_F_USER_COPY requires userspace to call write() on ublk char
device for fi
In the Linux kernel, the following vulnerability has been resolved:
mISDN: fix misuse of put_device() in mISDN_register_device()
We should not release reference by put_device() before calling device
In the Linux kernel, the following vulnerability has been resolved:
x86/sgx: Add overflow check in sgx_validate_offset_length()
sgx_validate_offset_length() function verifies "offset" and "length"
a
In the Linux kernel, the following vulnerability has been resolved:
ksmbd: fix possible memory leak in smb2_lock()
argv needs to be free when setup_async_work fails or when the current
process is wo
In the Linux kernel, the following vulnerability has been resolved:
ublk: fail to recover device if queue setup is interrupted
In ublk_ctrl_end_recovery(), if wait_for_completion_interruptible() is
In the Linux kernel, the following vulnerability has been resolved:
scsi: ses: Fix possible addl_desc_ptr out-of-bounds accesses
Sanitize possible addl_desc_ptr out-of-bounds accesses in
ses_enclosu
In the Linux kernel, the following vulnerability has been resolved:
ksmbd: add bounds check for create lease context
Add missing bounds check for create lease context.
In the Linux kernel, the following vulnerability has been resolved:
nsfs: tighten permission checks for ns iteration ioctls
Even privileged services should not necessarily be able to see other
privi
In the Linux kernel, the following vulnerability has been resolved:
io_uring: check for overflows in io_pin_pages
WARNING: CPU: 0 PID: 5834 at io_uring/memmap.c:144 io_pin_pages+0x149/0x180 io_uring
In the Linux kernel, the following vulnerability has been resolved:
spi: topcliff-pch: fix use-after-free on unbind
Give the driver a chance to flush its queue before releasing the DMA
buffers on dr
In the Linux kernel, the following vulnerability has been resolved:
IB/mthca: Add missed mthca_unmap_user_db() for mthca_create_srq()
Fix a user triggerable leak on the system call failure path.
In the Linux kernel, the following vulnerability has been resolved:
ublk: use READ_ONCE() to read struct ublksrv_ctrl_cmd
struct ublksrv_ctrl_cmd is part of the io_uring_sqe, which may lie in
usersp
In the Linux kernel, the following vulnerability has been resolved:
net: netconsole: fix wrong warning
A warning is triggered when there is insufficient space in the buffer
for userdata. However, th
In the Linux kernel, the following vulnerability has been resolved:
crypto: qat - add param check for DH
Reject requests with a source buffer that is bigger than the size of the
key. This is to prev
Page 1+ Next →