exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 11 of 11 RSS Feed

CVE-2024-26654

Status Candidate

Overview

In the Linux kernel, the following vulnerability has been resolved: ALSA: sh: aica: reorder cleanup operations to avoid UAF bugs The dreamcastcard->timer could schedule the spu_dma_work and the spu_dma_work could also arm the dreamcastcard->timer. When the snd_pcm_substream is closing, the aica_channel will be deallocated. But it could still be dereferenced in the worker thread. The reason is that del_timer() will return directly regardless of whether the timer handler is running or not and the worker could be rescheduled in the timer handler. As a result, the UAF bug will happen. The racy situation is shown below: (Thread 1) | (Thread 2) snd_aicapcm_pcm_close() | ... | run_spu_dma() //worker | mod_timer() flush_work() | del_timer() | aica_period_elapsed() //timer kfree(dreamcastcard->channel) | schedule_work() | run_spu_dma() //worker ... | dreamcastcard->channel-> //USE In order to mitigate this bug and other possible corner cases, call mod_timer() conditionally in run_spu_dma(), then implement PCM sync_stop op to cancel both the timer and worker. The sync_stop op will be called from PCM core appropriately when needed.

Related Files

Ubuntu Security Notice USN-6972-4
Posted Aug 29, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6972-4 - Yuxuan Hu discovered that the Bluetooth RFCOMM protocol driver in the Linux Kernel contained a race condition, leading to a NULL pointer dereference. An attacker could possibly use this to cause a denial of service. It was discovered that a race condition existed in the Bluetooth subsystem in the Linux kernel, leading to a null pointer dereference vulnerability. A privileged local attacker could use this to possibly cause a denial of service.

tags | advisory, denial of service, kernel, local, protocol
systems | linux, ubuntu
advisories | CVE-2023-52470, CVE-2023-52760, CVE-2023-52806, CVE-2024-22099, CVE-2024-24860, CVE-2024-26600, CVE-2024-26654, CVE-2024-35835, CVE-2024-36901, CVE-2024-36940, CVE-2024-39292
SHA-256 | d6b50c131f18f6b9b7c0f2300ad92a70f2206c0991d489417cdd16254ef44e85
Ubuntu Security Notice USN-6972-3
Posted Aug 26, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6972-3 - Yuxuan Hu discovered that the Bluetooth RFCOMM protocol driver in the Linux Kernel contained a race condition, leading to a NULL pointer dereference. An attacker could possibly use this to cause a denial of service. It was discovered that a race condition existed in the Bluetooth subsystem in the Linux kernel, leading to a null pointer dereference vulnerability. A privileged local attacker could use this to possibly cause a denial of service.

tags | advisory, denial of service, kernel, local, protocol
systems | linux, ubuntu
advisories | CVE-2023-52470, CVE-2023-52760, CVE-2023-52806, CVE-2024-22099, CVE-2024-24860, CVE-2024-26600, CVE-2024-26654, CVE-2024-35835, CVE-2024-36901, CVE-2024-36940, CVE-2024-39292
SHA-256 | 3851e01a35e3009f6057ef8b82450d14866f3831ab11b59ea760316705789735
Ubuntu Security Notice USN-6972-2
Posted Aug 22, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6972-2 - Yuxuan Hu discovered that the Bluetooth RFCOMM protocol driver in the Linux Kernel contained a race condition, leading to a NULL pointer dereference. An attacker could possibly use this to cause a denial of service. It was discovered that a race condition existed in the Bluetooth subsystem in the Linux kernel, leading to a null pointer dereference vulnerability. A privileged local attacker could use this to possibly cause a denial of service.

tags | advisory, denial of service, kernel, local, protocol
systems | linux, ubuntu
advisories | CVE-2023-52470, CVE-2023-52760, CVE-2023-52806, CVE-2024-22099, CVE-2024-24860, CVE-2024-26600, CVE-2024-26654, CVE-2024-35835, CVE-2024-36901, CVE-2024-36940, CVE-2024-39292
SHA-256 | acaa7aeb3c375a4913a07e5d0aa74402fb2d43b16512470a070fadc35ed53462
Ubuntu Security Notice USN-6976-1
Posted Aug 22, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6976-1 - Yuxuan Hu discovered that the Bluetooth RFCOMM protocol driver in the Linux Kernel contained a race condition, leading to a NULL pointer dereference. An attacker could possibly use this to cause a denial of service. It was discovered that a race condition existed in the Bluetooth subsystem in the Linux kernel, leading to a null pointer dereference vulnerability. A privileged local attacker could use this to possibly cause a denial of service.

tags | advisory, denial of service, kernel, local, protocol
systems | linux, ubuntu
advisories | CVE-2021-46904, CVE-2021-47171, CVE-2021-47173, CVE-2021-47518, CVE-2021-47571, CVE-2022-48659, CVE-2023-52470, CVE-2023-52644, CVE-2023-52760, CVE-2024-22099, CVE-2024-24860, CVE-2024-26654, CVE-2024-26687, CVE-2024-26903
SHA-256 | 05b1dd718bcd1e6c1a1d60a1aa46ca6c1f9381e6b519d89cafc379f7b4ae0c4a
Ubuntu Security Notice USN-6972-1
Posted Aug 22, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6972-1 - Yuxuan Hu discovered that the Bluetooth RFCOMM protocol driver in the Linux Kernel contained a race condition, leading to a NULL pointer dereference. An attacker could possibly use this to cause a denial of service. It was discovered that a race condition existed in the Bluetooth subsystem in the Linux kernel, leading to a null pointer dereference vulnerability. A privileged local attacker could use this to possibly cause a denial of service.

tags | advisory, denial of service, kernel, local, protocol
systems | linux, ubuntu
advisories | CVE-2023-52470, CVE-2023-52760, CVE-2023-52806, CVE-2024-22099, CVE-2024-24860, CVE-2024-26600, CVE-2024-26654, CVE-2024-35835, CVE-2024-36901, CVE-2024-36940, CVE-2024-39292
SHA-256 | 7044bddad2c32a2e95843e009e31f1f4c2072c24a8eedbaf8408e0060bfface0
Ubuntu Security Notice USN-6927-1
Posted Jul 30, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6927-1 - Ziming Zhang discovered that the DRM driver for VMware Virtual GPU did not properly handle certain error conditions, leading to a NULL pointer dereference. A local attacker could possibly trigger this vulnerability to cause a denial of service. Gui-Dong Han discovered that the software RAID driver in the Linux kernel contained a race condition, leading to an integer overflow vulnerability. A privileged attacker could possibly use this to cause a denial of service.

tags | advisory, denial of service, overflow, kernel, local
systems | linux, ubuntu
advisories | CVE-2022-38096, CVE-2023-52488, CVE-2023-52699, CVE-2023-52752, CVE-2024-23307, CVE-2024-24858, CVE-2024-24861, CVE-2024-25739, CVE-2024-25742, CVE-2024-26629, CVE-2024-26642, CVE-2024-26643, CVE-2024-26654, CVE-2024-26812
SHA-256 | 2b7f49f8df6cecee55ce10c9b9148f1a8b33c065e92cc3573f8b05797c10f13a
Ubuntu Security Notice USN-6917-1
Posted Jul 29, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6917-1 - Ziming Zhang discovered that the DRM driver for VMware Virtual GPU did not properly handle certain error conditions, leading to a NULL pointer dereference. A local attacker could possibly trigger this vulnerability to cause a denial of service. Gui-Dong Han discovered that the software RAID driver in the Linux kernel contained a race condition, leading to an integer overflow vulnerability. A privileged attacker could possibly use this to cause a denial of service.

tags | advisory, denial of service, overflow, kernel, local
systems | linux, ubuntu
advisories | CVE-2022-38096, CVE-2023-52488, CVE-2023-52699, CVE-2023-52880, CVE-2024-23307, CVE-2024-24859, CVE-2024-24861, CVE-2024-25739, CVE-2024-26629, CVE-2024-26642, CVE-2024-26654, CVE-2024-26687, CVE-2024-26810, CVE-2024-26811
SHA-256 | 251746e4365add72c09071f34c8d71ce2bf736d76955b282b86efbf8b71bd9f6
Ubuntu Security Notice USN-6898-4
Posted Jul 23, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6898-4 - Ziming Zhang discovered that the DRM driver for VMware Virtual GPU did not properly handle certain error conditions, leading to a NULL pointer dereference. A local attacker could possibly trigger this vulnerability to cause a denial of service. Gui-Dong Han discovered that the software RAID driver in the Linux kernel contained a race condition, leading to an integer overflow vulnerability. A privileged attacker could possibly use this to cause a denial of service.

tags | advisory, denial of service, overflow, kernel, local
systems | linux, ubuntu
advisories | CVE-2022-38096, CVE-2023-52880, CVE-2024-23307, CVE-2024-24861, CVE-2024-25739, CVE-2024-26629, CVE-2024-26654, CVE-2024-26687, CVE-2024-26811, CVE-2024-26812, CVE-2024-26814, CVE-2024-26828, CVE-2024-26922, CVE-2024-26925
SHA-256 | 8b053de7161b766a9cba5511fe20d03faf97b54bcfcc24fb43aa58677af61c15
Ubuntu Security Notice USN-6898-3
Posted Jul 19, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6898-3 - Ziming Zhang discovered that the DRM driver for VMware Virtual GPU did not properly handle certain error conditions, leading to a NULL pointer dereference. A local attacker could possibly trigger this vulnerability to cause a denial of service. Gui-Dong Han discovered that the software RAID driver in the Linux kernel contained a race condition, leading to an integer overflow vulnerability. A privileged attacker could possibly use this to cause a denial of service.

tags | advisory, denial of service, overflow, kernel, local
systems | linux, ubuntu
advisories | CVE-2022-38096, CVE-2023-52488, CVE-2023-52699, CVE-2023-52880, CVE-2024-23307, CVE-2024-24861, CVE-2024-25739, CVE-2024-26629, CVE-2024-26642, CVE-2024-26654, CVE-2024-26811, CVE-2024-26812, CVE-2024-26813, CVE-2024-26814
SHA-256 | 9d8578e4d65e6a905377c4eafbc6560f359e3400f28ae0a9eb49ebc1093b3b26
Ubuntu Security Notice USN-6898-2
Posted Jul 17, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6898-2 - Ziming Zhang discovered that the DRM driver for VMware Virtual GPU did not properly handle certain error conditions, leading to a NULL pointer dereference. A local attacker could possibly trigger this vulnerability to cause a denial of service. Gui-Dong Han discovered that the software RAID driver in the Linux kernel contained a race condition, leading to an integer overflow vulnerability. A privileged attacker could possibly use this to cause a denial of service.

tags | advisory, denial of service, overflow, kernel, local
systems | linux, ubuntu
advisories | CVE-2022-38096, CVE-2023-52880, CVE-2024-23307, CVE-2024-24861, CVE-2024-25739, CVE-2024-26629, CVE-2024-26642, CVE-2024-26654, CVE-2024-26687, CVE-2024-26812, CVE-2024-26813, CVE-2024-26817, CVE-2024-26828, CVE-2024-26926
SHA-256 | 0ab8434a912c1a37f7ce3d27489ffab441a7e52cdc71e41d0a0713946e958fbe
Ubuntu Security Notice USN-6898-1
Posted Jul 15, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6898-1 - Ziming Zhang discovered that the DRM driver for VMware Virtual GPU did not properly handle certain error conditions, leading to a NULL pointer dereference. A local attacker could possibly trigger this vulnerability to cause a denial of service. Gui-Dong Han discovered that the software RAID driver in the Linux kernel contained a race condition, leading to an integer overflow vulnerability. A privileged attacker could possibly use this to cause a denial of service.

tags | advisory, denial of service, overflow, kernel, local
systems | linux, ubuntu
advisories | CVE-2022-38096, CVE-2023-52880, CVE-2024-23307, CVE-2024-24861, CVE-2024-25739, CVE-2024-26642, CVE-2024-26654, CVE-2024-26687, CVE-2024-26812, CVE-2024-26813, CVE-2024-26828, CVE-2024-26923, CVE-2024-26926, CVE-2024-26934
SHA-256 | ee181d7c57544b38471cdfdd8a2ee4fb18baf1502aad94b568edad8babad667d
Page 1 of 1
Back1Next

File Archive:

November 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    30 Files
  • 2
    Nov 2nd
    0 Files
  • 3
    Nov 3rd
    0 Files
  • 4
    Nov 4th
    12 Files
  • 5
    Nov 5th
    44 Files
  • 6
    Nov 6th
    18 Files
  • 7
    Nov 7th
    9 Files
  • 8
    Nov 8th
    8 Files
  • 9
    Nov 9th
    3 Files
  • 10
    Nov 10th
    0 Files
  • 11
    Nov 11th
    14 Files
  • 12
    Nov 12th
    0 Files
  • 13
    Nov 13th
    0 Files
  • 14
    Nov 14th
    0 Files
  • 15
    Nov 15th
    0 Files
  • 16
    Nov 16th
    0 Files
  • 17
    Nov 17th
    0 Files
  • 18
    Nov 18th
    0 Files
  • 19
    Nov 19th
    0 Files
  • 20
    Nov 20th
    0 Files
  • 21
    Nov 21st
    0 Files
  • 22
    Nov 22nd
    0 Files
  • 23
    Nov 23rd
    0 Files
  • 24
    Nov 24th
    0 Files
  • 25
    Nov 25th
    0 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    0 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close