Showing 1 - 5 of 5

CVE-2024-35847

Status Candidate

Overview

In the Linux kernel, the following vulnerability has been resolved: irqchip/gic-v3-its: Prevent double free on error The error handling path in its_vpe_irq_domain_alloc() causes a double free when its_vpe_init() fails after successfully allocating at least one interrupt. This happens because its_vpe_irq_domain_free() frees the interrupts along with the area bitmap and the vprop_page and its_vpe_irq_domain_alloc() subsequently frees the area bitmap and the vprop_page again. Fix this by unconditionally invoking its_vpe_irq_domain_free() which handles all cases correctly and by removing the bitmap/vprop_page freeing from its_vpe_irq_domain_alloc(). [ tglx: Massaged change log ]

Related Files

Ubuntu Security Notice USN-6949-2: Posted Aug 14, 2024; Authored by Ubuntu | Site security.ubuntu.com; Ubuntu Security Notice 6949-2 - Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system.; tags | advisory, kernel; systems | linux, ubuntu; advisories | CVE-2023-52882, CVE-2024-27394, CVE-2024-27395, CVE-2024-27398, CVE-2024-27401, CVE-2024-35846, CVE-2024-35847, CVE-2024-35850, CVE-2024-35852, CVE-2024-35854, CVE-2024-35856, CVE-2024-35858, CVE-2024-35859, CVE-2024-35949; SHA-256 | cd80fe22658722af52da15543cf446c4bb8a4031831b20aed105f0e174f6fe35; Download | Favorite | View

Ubuntu Security Notice USN-6952-2: Posted Aug 14, 2024; Authored by Ubuntu | Site security.ubuntu.com; Ubuntu Security Notice 6952-2 - Benedict Schlüter, Supraja Sridhara, Andrin Bertschi, and Shweta Shinde discovered that an untrusted hypervisor could inject malicious #VC interrupts and compromise the security guarantees of AMD SEV-SNP. This flaw is known as WeSee. A local attacker in control of the hypervisor could use this to expose sensitive information or possibly execute arbitrary code in the trusted execution environment. Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system.; tags | advisory, arbitrary, kernel, local; systems | linux, ubuntu; advisories | CVE-2023-52882, CVE-2024-25742, CVE-2024-27394, CVE-2024-27395, CVE-2024-27396, CVE-2024-27401, CVE-2024-35846, CVE-2024-35847, CVE-2024-35849, CVE-2024-35852, CVE-2024-35853, CVE-2024-35855, CVE-2024-35857, CVE-2024-35858; SHA-256 | 2ec5b9718d9b9c02dfbc17231e580ae35883ce5fe7b5f347d0827492d4006ee2; Download | Favorite | View

Ubuntu Security Notice USN-6955-1: Posted Aug 13, 2024; Authored by Ubuntu | Site security.ubuntu.com; Ubuntu Security Notice 6955-1 - Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system.; tags | advisory, kernel; systems | linux, ubuntu; advisories | CVE-2023-52882, CVE-2024-27396, CVE-2024-27398, CVE-2024-27399, CVE-2024-27401, CVE-2024-35846, CVE-2024-35847, CVE-2024-35850, CVE-2024-35852, CVE-2024-35854, CVE-2024-35858, CVE-2024-35947, CVE-2024-35949, CVE-2024-35983; SHA-256 | f52294c61eaa6af90fd8451686e8bc506a5d1b65dae9073f40211e6668f02be8; Download | Favorite | View

Ubuntu Security Notice USN-6952-1: Posted Aug 9, 2024; Authored by Ubuntu | Site security.ubuntu.com; Ubuntu Security Notice 6952-1 - Benedict Schlüter, Supraja Sridhara, Andrin Bertschi, and Shweta Shinde discovered that an untrusted hypervisor could inject malicious #VC interrupts and compromise the security guarantees of AMD SEV-SNP. This flaw is known as WeSee. A local attacker in control of the hypervisor could use this to expose sensitive information or possibly execute arbitrary code in the trusted execution environment. Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system.; tags | advisory, arbitrary, kernel, local; systems | linux, ubuntu; advisories | CVE-2023-52882, CVE-2024-25742, CVE-2024-27394, CVE-2024-27395, CVE-2024-27396, CVE-2024-27401, CVE-2024-35846, CVE-2024-35847, CVE-2024-35849, CVE-2024-35852, CVE-2024-35853, CVE-2024-35855, CVE-2024-35857, CVE-2024-35858; SHA-256 | 4096317c1a9bde967a3c305817802b1b430dad31a7749285f4b9eebbdce233f9; Download | Favorite | View

Ubuntu Security Notice USN-6949-1: Posted Aug 9, 2024; Authored by Ubuntu | Site security.ubuntu.com; Ubuntu Security Notice 6949-1 - Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system.; tags | advisory, kernel; systems | linux, ubuntu; advisories | CVE-2023-52882, CVE-2024-27394, CVE-2024-27395, CVE-2024-27398, CVE-2024-27401, CVE-2024-35846, CVE-2024-35847, CVE-2024-35850, CVE-2024-35852, CVE-2024-35854, CVE-2024-35856, CVE-2024-35858, CVE-2024-35859, CVE-2024-35949; SHA-256 | 321410c5b4251ead308a6d0e8e636928b98e29f0e76f8570af6ff7cec4a63b09; Download | Favorite | View

Page 1 of 1 Back 1 Next

Top Authors In Last 30 Days

Red Hat 227 files
indoushka 137 files
Ubuntu 73 files
Gentoo 33 files
Debian 28 files
Sebastian Hamann 8 files
Jann Horn 7 files
Moritz Abrell 6 files
Jaggar Henry 6 files
Google Security Research 6 files

File Archives

Systems

AIX (429)
Apple (2,099)
BSD (377)
CentOS (58)
Cisco (1,927)
Debian (7,112)
Fedora (1,693)
FreeBSD (1,246)
Gentoo (4,567)
HPUX (880)
iOS (378)
iPhone (108)
IRIX (220)
Juniper (69)
Linux (50,945)
Mac OS X (691)
Mandriva (3,105)
NetBSD (256)
OpenBSD (489)
RedHat (16,659)
Slackware (941)
Solaris (1,611)
SUSE (1,444)
Ubuntu (9,783)
UNIX (9,443)
UnixWare (187)
Windows (6,679)
Other

CVE-2024-35847

Overview

Related Files

File Archive:

August 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems