exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 5 of 5 RSS Feed

CVE-2024-35852

Status Candidate

Overview

In the Linux kernel, the following vulnerability has been resolved: mlxsw: spectrum_acl_tcam: Fix memory leak when canceling rehash work The rehash delayed work is rescheduled with a delay if the number of credits at end of the work is not negative as supposedly it means that the migration ended. Otherwise, it is rescheduled immediately. After "mlxsw: spectrum_acl_tcam: Fix possible use-after-free during rehash" the above is no longer accurate as a non-negative number of credits is no longer indicative of the migration being done. It can also happen if the work encountered an error in which case the migration will resume the next time the work is scheduled. The significance of the above is that it is possible for the work to be pending and associated with hints that were allocated when the migration started. This leads to the hints being leaked [1] when the work is canceled while pending as part of ACL region dismantle. Fix by freeing the hints if hints are associated with a work that was canceled while pending. Blame the original commit since the reliance on not having a pending work associated with hints is fragile. [1] unreferenced object 0xffff88810e7c3000 (size 256): comm "kworker/0:16", pid 176, jiffies 4295460353 hex dump (first 32 bytes): 00 30 95 11 81 88 ff ff 61 00 00 00 00 00 00 80 .0......a....... 00 00 61 00 40 00 00 00 00 00 00 00 04 00 00 00 ..a.@........... backtrace (crc 2544ddb9): [<00000000cf8cfab3>] kmalloc_trace+0x23f/0x2a0 [<000000004d9a1ad9>] objagg_hints_get+0x42/0x390 [<000000000b143cf3>] mlxsw_sp_acl_erp_rehash_hints_get+0xca/0x400 [<0000000059bdb60a>] mlxsw_sp_acl_tcam_vregion_rehash_work+0x868/0x1160 [<00000000e81fd734>] process_one_work+0x59c/0xf20 [<00000000ceee9e81>] worker_thread+0x799/0x12c0 [<00000000bda6fe39>] kthread+0x246/0x300 [<0000000070056d23>] ret_from_fork+0x34/0x70 [<00000000dea2b93e>] ret_from_fork_asm+0x1a/0x30

Related Files

Ubuntu Security Notice USN-6949-2
Posted Aug 14, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6949-2 - Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system.

tags | advisory, kernel
systems | linux, ubuntu
advisories | CVE-2023-52882, CVE-2024-27394, CVE-2024-27395, CVE-2024-27398, CVE-2024-27401, CVE-2024-35846, CVE-2024-35847, CVE-2024-35850, CVE-2024-35852, CVE-2024-35854, CVE-2024-35856, CVE-2024-35858, CVE-2024-35859, CVE-2024-35949
SHA-256 | cd80fe22658722af52da15543cf446c4bb8a4031831b20aed105f0e174f6fe35
Ubuntu Security Notice USN-6952-2
Posted Aug 14, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6952-2 - Benedict Schlüter, Supraja Sridhara, Andrin Bertschi, and Shweta Shinde discovered that an untrusted hypervisor could inject malicious #VC interrupts and compromise the security guarantees of AMD SEV-SNP. This flaw is known as WeSee. A local attacker in control of the hypervisor could use this to expose sensitive information or possibly execute arbitrary code in the trusted execution environment. Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system.

tags | advisory, arbitrary, kernel, local
systems | linux, ubuntu
advisories | CVE-2023-52882, CVE-2024-25742, CVE-2024-27394, CVE-2024-27395, CVE-2024-27396, CVE-2024-27401, CVE-2024-35846, CVE-2024-35847, CVE-2024-35849, CVE-2024-35852, CVE-2024-35853, CVE-2024-35855, CVE-2024-35857, CVE-2024-35858
SHA-256 | 2ec5b9718d9b9c02dfbc17231e580ae35883ce5fe7b5f347d0827492d4006ee2
Ubuntu Security Notice USN-6955-1
Posted Aug 13, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6955-1 - Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system.

tags | advisory, kernel
systems | linux, ubuntu
advisories | CVE-2023-52882, CVE-2024-27396, CVE-2024-27398, CVE-2024-27399, CVE-2024-27401, CVE-2024-35846, CVE-2024-35847, CVE-2024-35850, CVE-2024-35852, CVE-2024-35854, CVE-2024-35858, CVE-2024-35947, CVE-2024-35949, CVE-2024-35983
SHA-256 | f52294c61eaa6af90fd8451686e8bc506a5d1b65dae9073f40211e6668f02be8
Ubuntu Security Notice USN-6952-1
Posted Aug 9, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6952-1 - Benedict Schlüter, Supraja Sridhara, Andrin Bertschi, and Shweta Shinde discovered that an untrusted hypervisor could inject malicious #VC interrupts and compromise the security guarantees of AMD SEV-SNP. This flaw is known as WeSee. A local attacker in control of the hypervisor could use this to expose sensitive information or possibly execute arbitrary code in the trusted execution environment. Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system.

tags | advisory, arbitrary, kernel, local
systems | linux, ubuntu
advisories | CVE-2023-52882, CVE-2024-25742, CVE-2024-27394, CVE-2024-27395, CVE-2024-27396, CVE-2024-27401, CVE-2024-35846, CVE-2024-35847, CVE-2024-35849, CVE-2024-35852, CVE-2024-35853, CVE-2024-35855, CVE-2024-35857, CVE-2024-35858
SHA-256 | 4096317c1a9bde967a3c305817802b1b430dad31a7749285f4b9eebbdce233f9
Ubuntu Security Notice USN-6949-1
Posted Aug 9, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6949-1 - Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system.

tags | advisory, kernel
systems | linux, ubuntu
advisories | CVE-2023-52882, CVE-2024-27394, CVE-2024-27395, CVE-2024-27398, CVE-2024-27401, CVE-2024-35846, CVE-2024-35847, CVE-2024-35850, CVE-2024-35852, CVE-2024-35854, CVE-2024-35856, CVE-2024-35858, CVE-2024-35859, CVE-2024-35949
SHA-256 | 321410c5b4251ead308a6d0e8e636928b98e29f0e76f8570af6ff7cec4a63b09
Page 1 of 1
Back1Next

File Archive:

October 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Oct 1st
    39 Files
  • 2
    Oct 2nd
    23 Files
  • 3
    Oct 3rd
    18 Files
  • 4
    Oct 4th
    20 Files
  • 5
    Oct 5th
    0 Files
  • 6
    Oct 6th
    0 Files
  • 7
    Oct 7th
    17 Files
  • 8
    Oct 8th
    0 Files
  • 9
    Oct 9th
    0 Files
  • 10
    Oct 10th
    0 Files
  • 11
    Oct 11th
    0 Files
  • 12
    Oct 12th
    0 Files
  • 13
    Oct 13th
    0 Files
  • 14
    Oct 14th
    0 Files
  • 15
    Oct 15th
    0 Files
  • 16
    Oct 16th
    0 Files
  • 17
    Oct 17th
    0 Files
  • 18
    Oct 18th
    0 Files
  • 19
    Oct 19th
    0 Files
  • 20
    Oct 20th
    0 Files
  • 21
    Oct 21st
    0 Files
  • 22
    Oct 22nd
    0 Files
  • 23
    Oct 23rd
    0 Files
  • 24
    Oct 24th
    0 Files
  • 25
    Oct 25th
    0 Files
  • 26
    Oct 26th
    0 Files
  • 27
    Oct 27th
    0 Files
  • 28
    Oct 28th
    0 Files
  • 29
    Oct 29th
    0 Files
  • 30
    Oct 30th
    0 Files
  • 31
    Oct 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close