Showing 1 - 2 of 2

CVE-2024-38583

Status Candidate

Overview

In the Linux kernel, the following vulnerability has been resolved: nilfs2: fix use-after-free of timer for log writer thread Patch series "nilfs2: fix log writer related issues". This bug fix series covers three nilfs2 log writer-related issues, including a timer use-after-free issue and potential deadlock issue on unmount, and a potential freeze issue in event synchronization found during their analysis. Details are described in each commit log. This patch (of 3): A use-after-free issue has been reported regarding the timer sc_timer on the nilfs_sc_info structure. The problem is that even though it is used to wake up a sleeping log writer thread, sc_timer is not shut down until the nilfs_sc_info structure is about to be freed, and is used regardless of the thread's lifetime. Fix this issue by limiting the use of sc_timer only while the log writer thread is alive.

Related Files

Ubuntu Security Notice USN-7028-2: Posted Oct 18, 2024; Authored by Ubuntu | Site security.ubuntu.com; Ubuntu Security Notice 7028-2 - It was discovered that the JFS file system contained an out-of-bounds read vulnerability when printing xattr debug information. A local attacker could use this to cause a denial of service. Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system.; tags | advisory, denial of service, kernel, local; systems | linux, ubuntu; advisories | CVE-2021-47188, CVE-2022-48863, CVE-2023-52809, CVE-2024-26651, CVE-2024-26677, CVE-2024-26851, CVE-2024-27437, CVE-2024-38570, CVE-2024-38583, CVE-2024-39480, CVE-2024-39495, CVE-2024-42224; SHA-256 | 98691b52dc361923ae789d46853b1631bac1471d52e1e8f5c5bf3183938d9021; Download | Favorite | View

Ubuntu Security Notice USN-7028-1: Posted Sep 23, 2024; Authored by Ubuntu | Site security.ubuntu.com; Ubuntu Security Notice 7028-1 - It was discovered that the JFS file system contained an out-of-bounds read vulnerability when printing xattr debug information. A local attacker could use this to cause a denial of service. Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system.; tags | advisory, denial of service, kernel, local; systems | linux, ubuntu; advisories | CVE-2021-47188, CVE-2022-48863, CVE-2023-52809, CVE-2024-26651, CVE-2024-26677, CVE-2024-26851, CVE-2024-27437, CVE-2024-38570, CVE-2024-38583, CVE-2024-39480, CVE-2024-39495, CVE-2024-42224; SHA-256 | 7de5ce15aa6cad3ce493ec92fd8b9feaa278435231abe1f16c95487428745116; Download | Favorite | View

Page 1 of 1 Back 1 Next

Top Authors In Last 30 Days

Red Hat 272 files
Ubuntu 60 files
Debian 19 files
Gentoo 8 files
Apple 5 files
Google Security Research 4 files
Jann Horn 3 files
Spencer McIntyre 3 files
LiquidWorm 3 files
Pierre Kim 2 files

File Archives

Systems

AIX (430)
Apple (2,132)
BSD (378)
CentOS (61)
Cisco (1,954)
Debian (7,172)
Fedora (1,693)
FreeBSD (1,247)
Gentoo (4,607)
HPUX (881)
iOS (395)
iPhone (108)
IRIX (220)
Juniper (71)
Linux (52,112)
Mac OS X (696)
Mandriva (3,105)
NetBSD (256)
OpenBSD (490)
RedHat (17,459)
Slackware (941)
Solaris (1,615)
SUSE (1,444)
Ubuntu (10,018)
UNIX (9,482)
UnixWare (188)
Windows (6,785)
Other

CVE-2024-38583

Overview

Related Files

File Archive:

November 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems