Количество 21
Количество 21
CVE-2024-39501
[REJECTED CVE] In the Linux kernel, the following vulnerability has been resolved: drivers: core: synchronize really_probe() and dev_uevent()
CVE-2024-39501
Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.
GHSA-f269-fccg-h65r
In the Linux kernel, the following vulnerability has been resolved: drivers: core: synchronize really_probe() and dev_uevent() Synchronize the dev->driver usage in really_probe() and dev_uevent(). These can run in different threads, what can result in the following race condition for dev->driver uninitialization: Thread #1: ========== really_probe() { ... probe_failed: ... device_unbind_cleanup(dev) { ... dev->driver = NULL; // <= Failed probe sets dev->driver to NULL ... } ... } Thread #2: ========== dev_uevent() { ... if (dev->driver) // If dev->driver is NULLed from really_probe() from here on, // after above check, the system crashes add_uevent_var(env, "DRIVER=%s", dev->driver->name); ... } really_probe() holds the lock, already. So nothing needs to be done there. dev_uevent() is called with lock held, often, too. But not always. What implies that we can't add any locking in dev_uevent() itself. So fix this race by adding the lock to t...
BDU:2024-10919
Уязвимость компонента core ядра операционной системы Linux, позволяющая нарушителю вызвать отказ в обслуживании
ROS-20241205-02
Множественные уязвимости kernel-lt
ELSA-2024-12779
ELSA-2024-12779: Unbreakable Enterprise kernel security update (IMPORTANT)
ELSA-2024-12612
ELSA-2024-12612: Unbreakable Enterprise kernel-container security update (IMPORTANT)
ELSA-2024-12610
ELSA-2024-12610: Unbreakable Enterprise kernel security update (IMPORTANT)
SUSE-SU-2024:2892-1
Security update for the Linux Kernel
ELSA-2024-12618
ELSA-2024-12618: Unbreakable Enterprise kernel security update (IMPORTANT)
ELSA-2024-7000
ELSA-2024-7000: kernel security update (IMPORTANT)
RLSA-2024:7000
Important: kernel security update
SUSE-SU-2024:2940-1
Security update for the Linux Kernel
SUSE-SU-2024:2901-1
Security update for the Linux Kernel
SUSE-SU-2024:2947-1
Security update for the Linux Kernel
SUSE-SU-2024:2894-1
Security update for the Linux Kernel
SUSE-SU-2024:3195-1
Security update for the Linux Kernel
SUSE-SU-2024:3383-1
Security update for the Linux Kernel
SUSE-SU-2024:3194-1
Security update for the Linux Kernel
ELSA-2024-9315
ELSA-2024-9315: kernel security update (MODERATE)
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2024-39501 [REJECTED CVE] In the Linux kernel, the following vulnerability has been resolved: drivers: core: synchronize really_probe() and dev_uevent() | CVSS3: 4.7 | 11 месяцев назад | |
 | CVE-2024-39501 Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority. | 11 месяцев назад | ||
| GHSA-f269-fccg-h65r In the Linux kernel, the following vulnerability has been resolved: drivers: core: synchronize really_probe() and dev_uevent() Synchronize the dev->driver usage in really_probe() and dev_uevent(). These can run in different threads, what can result in the following race condition for dev->driver uninitialization: Thread #1: ========== really_probe() { ... probe_failed: ... device_unbind_cleanup(dev) { ... dev->driver = NULL; // <= Failed probe sets dev->driver to NULL ... } ... } Thread #2: ========== dev_uevent() { ... if (dev->driver) // If dev->driver is NULLed from really_probe() from here on, // after above check, the system crashes add_uevent_var(env, "DRIVER=%s", dev->driver->name); ... } really_probe() holds the lock, already. So nothing needs to be done there. dev_uevent() is called with lock held, often, too. But not always. What implies that we can't add any locking in dev_uevent() itself. So fix this race by adding the lock to t... | 11 месяцев назад | ||
 | BDU:2024-10919 Уязвимость компонента core ядра операционной системы Linux, позволяющая нарушителю вызвать отказ в обслуживании | CVSS3: 5.5 | около 1 года назад | |
 | ROS-20241205-02 Множественные уязвимости kernel-lt | CVSS3: 8.8 | 7 месяцев назад | |
| ELSA-2024-12779 ELSA-2024-12779: Unbreakable Enterprise kernel security update (IMPORTANT) | 8 месяцев назад | ||
| ELSA-2024-12612 ELSA-2024-12612: Unbreakable Enterprise kernel-container security update (IMPORTANT) | 9 месяцев назад | ||
| ELSA-2024-12610 ELSA-2024-12610: Unbreakable Enterprise kernel security update (IMPORTANT) | 9 месяцев назад | ||
 | SUSE-SU-2024:2892-1 Security update for the Linux Kernel | 10 месяцев назад | ||
| ELSA-2024-12618 ELSA-2024-12618: Unbreakable Enterprise kernel security update (IMPORTANT) | 9 месяцев назад | ||
| ELSA-2024-7000 ELSA-2024-7000: kernel security update (IMPORTANT) | 9 месяцев назад | ||
 | RLSA-2024:7000 Important: kernel security update | около 1 месяца назад | ||
| SUSE-SU-2024:2940-1 Security update for the Linux Kernel | 10 месяцев назад | ||
| SUSE-SU-2024:2901-1 Security update for the Linux Kernel | 10 месяцев назад | ||
| SUSE-SU-2024:2947-1 Security update for the Linux Kernel | 10 месяцев назад | ||
| SUSE-SU-2024:2894-1 Security update for the Linux Kernel | 10 месяцев назад | ||
| SUSE-SU-2024:3195-1 Security update for the Linux Kernel | 9 месяцев назад | ||
| SUSE-SU-2024:3383-1 Security update for the Linux Kernel | 9 месяцев назад | ||
| SUSE-SU-2024:3194-1 Security update for the Linux Kernel | 9 месяцев назад | ||
| ELSA-2024-9315 ELSA-2024-9315: kernel security update (MODERATE) | 7 месяцев назад |
Уязвимостей на страницу