Showing 1 - 5 of 5

CVE-2023-52566

Status Candidate

Overview

In the Linux kernel, the following vulnerability has been resolved: nilfs2: fix potential use after free in nilfs_gccache_submit_read_data() In nilfs_gccache_submit_read_data(), brelse(bh) is called to drop the reference count of bh when the call to nilfs_dat_translate() fails. If the reference count hits 0 and its owner page gets unlocked, bh may be freed. However, bh->b_page is dereferenced to put the page after that, which may result in a use-after-free bug. This patch moves the release operation after unlocking and putting the page. NOTE: The function in question is only called in GC, and in combination with current userland tools, address translation using DAT does not occur in that function, so the code path that causes this issue will not be executed. However, it is possible to run that code path by intentionally modifying the userland GC library or by calling the GC ioctl directly. [konishi.ryusuke@gmail.com: NOTE added to the commit log]

Related Files

Ubuntu Security Notice USN-6777-4: Posted May 23, 2024; Authored by Ubuntu | Site security.ubuntu.com; Ubuntu Security Notice 6777-4 - Zheng Wang discovered that the Broadcom FullMAC WLAN driver in the Linux kernel contained a race condition during device removal, leading to a use- after-free vulnerability. A physically proximate attacker could possibly use this to cause a denial of service. Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system.; tags | advisory, denial of service, kernel; systems | linux, ubuntu; advisories | CVE-2021-46981, CVE-2023-47233, CVE-2023-52530, CVE-2023-52566, CVE-2023-52602, CVE-2023-52604, CVE-2024-26635, CVE-2024-26735, CVE-2024-26805; SHA-256 | 1ddb7b19b0860afc6380f043e7df1dbadf439c03cab8f2cbfee5d3481b830488; Download | Favorite | View

Ubuntu Security Notice USN-6777-3: Posted May 22, 2024; Authored by Ubuntu | Site security.ubuntu.com; Ubuntu Security Notice 6777-3 - Zheng Wang discovered that the Broadcom FullMAC WLAN driver in the Linux kernel contained a race condition during device removal, leading to a use- after-free vulnerability. A physically proximate attacker could possibly use this to cause a denial of service. Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system.; tags | advisory, denial of service, kernel; systems | linux, ubuntu; advisories | CVE-2021-46981, CVE-2023-47233, CVE-2023-52530, CVE-2023-52566, CVE-2023-52602, CVE-2023-52604, CVE-2024-26635, CVE-2024-26735, CVE-2024-26805; SHA-256 | 0a4ec1b5cdab50af1d45a8024a5c8ea07e1e81310889905d0a681372aa96f76c; Download | Favorite | View

Ubuntu Security Notice USN-6777-2: Posted May 20, 2024; Authored by Ubuntu | Site security.ubuntu.com; Ubuntu Security Notice 6777-2 - Zheng Wang discovered that the Broadcom FullMAC WLAN driver in the Linux kernel contained a race condition during device removal, leading to a use- after-free vulnerability. A physically proximate attacker could possibly use this to cause a denial of service. Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system.; tags | advisory, denial of service, kernel; systems | linux, ubuntu; advisories | CVE-2021-46981, CVE-2023-47233, CVE-2023-52530, CVE-2023-52566, CVE-2023-52602, CVE-2023-52604, CVE-2024-26635, CVE-2024-26735, CVE-2024-26805; SHA-256 | 72271efbeb2c8c72f119354b488d9c7dc86b9ccf7e2897aab881ff2261d7b673; Download | Favorite | View

Ubuntu Security Notice USN-6778-1: Posted May 17, 2024; Authored by Ubuntu | Site security.ubuntu.com; Ubuntu Security Notice 6778-1 - Zheng Wang discovered that the Broadcom FullMAC WLAN driver in the Linux kernel contained a race condition during device removal, leading to a use- after-free vulnerability. A physically proximate attacker could possibly use this to cause a denial of service. Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system.; tags | advisory, denial of service, kernel; systems | linux, ubuntu; advisories | CVE-2021-46939, CVE-2023-47233, CVE-2023-52524, CVE-2023-52566, CVE-2023-52602, CVE-2024-26614, CVE-2024-26801; SHA-256 | 5a2b8f3e7c01bf9c18ee07e2832ea0ee3f8ecf967fad1e117b272bd91c9ddf00; Download | Favorite | View

Ubuntu Security Notice USN-6777-1: Posted May 17, 2024; Authored by Ubuntu | Site security.ubuntu.com; Ubuntu Security Notice 6777-1 - Zheng Wang discovered that the Broadcom FullMAC WLAN driver in the Linux kernel contained a race condition during device removal, leading to a use- after-free vulnerability. A physically proximate attacker could possibly use this to cause a denial of service. Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system.; tags | advisory, denial of service, kernel; systems | linux, ubuntu; advisories | CVE-2021-46981, CVE-2023-47233, CVE-2023-52530, CVE-2023-52566, CVE-2023-52602, CVE-2023-52604, CVE-2024-26635, CVE-2024-26735, CVE-2024-26805; SHA-256 | b8c50fe87a65aab78fee16a7a2e72919e82b274a3499976383ee5ba67e9b0de8; Download | Favorite | View

Page 1 of 1 Back 1 Next

Top Authors In Last 30 Days

Red Hat 190 files
Ubuntu 91 files
Gentoo 28 files
Debian 21 files
tmrswrr 9 files
Sina Kheirkhah 7 files
bRpsd 4 files
Amit Roy 4 files
nu11secur1ty 3 files
Aslam Anwar Mahimkar 3 files

File Archives

Systems

AIX (429)
Apple (2,090)
BSD (376)
CentOS (58)
Cisco (1,927)
Debian (7,075)
Fedora (1,693)
FreeBSD (1,246)
Gentoo (4,528)
HPUX (880)
iOS (376)
iPhone (108)
IRIX (220)
Juniper (69)
Linux (50,258)
Mac OS X (691)
Mandriva (3,105)
NetBSD (256)
OpenBSD (489)
RedHat (16,199)
Slackware (941)
Solaris (1,611)
SUSE (1,444)
Ubuntu (9,639)
UNIX (9,424)
UnixWare (187)
Windows (6,665)
Other

CVE-2023-52566

Overview

Related Files

File Archive:

July 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems