[Kernel-packages] [Bug 1991142] Re: UAF bug caused by rose_t0timer_expiry

** Changed in: linux (Ubuntu) Status: In Progress => Fix Released ** Changed in: linux (Ubuntu Xenial) Status: In Progress => Fix Released ** Changed in: linux (Ubuntu Focal) Status: In Progress => Fix Released ** Changed in: linux (Ubuntu Jammy) Status: In Progress =

[Kernel-packages] [Bug 2083312] Re: linux-libc-dev package has vulnerabilities

Since February 2024, Linux Kernel CVEs have been assigned and published by people at kernel.org. Their understanding of a CVE sadly differs from the commonly accepted CVE standards, especially regarding selection criteria, vulnerability descriptions, and severity evaluation. Due to this policy an

[Kernel-packages] [Bug 2080555] Re: ubunutu 20 has many vulnerability for the package linux-aws-5.15

Hello Varun, Thank you for your report. Since February 2024, Linux Kernel CVEs have been assigned and published by people at kernel.org. Their understanding of a CVE sadly differs from the commonly accepted CVE standards, especially regarding selection criteria, vulnerability descriptions, and s

[Kernel-packages] [Bug 2017013] Re: net: sched: Fix use after free in red_enqueue()

** Changed in: linux-oem-5.17 (Ubuntu) Status: In Progress => Fix Committed ** Changed in: linux-oem-5.17 (Ubuntu) Status: Fix Committed => Fix Released ** Changed in: linux (Ubuntu Xenial) Status: Fix Committed => Fix Released ** Changed in: linux (Ubuntu) Status: Fi

[Kernel-packages] [Bug 2017013] Re: net: sched: Fix use after free in red_enqueue()

** Changed in: linux (Ubuntu) Status: Incomplete => Fix Committed ** Changed in: linux (Ubuntu) Importance: Undecided => High ** Changed in: linux (Ubuntu) Assignee: (unassigned) => Cengiz Can (cengizcan) -- You received this bug notification because you are a member

[Kernel-packages] [Bug 2017013] Re: net: sched: Fix use after free in red_enqueue()

** Changed in: linux (Ubuntu Xenial) Status: In Progress => Fix Committed -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux in Ubuntu. https://bugs.launchpad.net/bugs/2017013 Title: net: sched: Fix use after free in red_enque

[Kernel-packages] [Bug 2017013] Re: net: sched: Fix use after free in red_enqueue()

ux-oem (Ubuntu) Assignee: (unassigned) => Cengiz Can (cengizcan) ** Package changed: linux-oem (Ubuntu) => linux-oem-5.17 (Ubuntu) ** Also affects: linux-oem-5.14 (Ubuntu) Importance: Undecided Status: New ** Changed in: linux-oem-5.14 (Ubuntu) Status: New => In Progress

[Kernel-packages] [Bug 2017013] Re: net: sched: Fix use after free in red_enqueue()

** Description changed: + [Impact] We can't use "skb" again after passing it to qdisc_enqueue(). This is basically identical to commit 2f09707 ("sch_sfb: Also store skb len before calling child enqueue"). Fixes: d7f4f33 ("sch_red: update backlog as well") + + [Fix] + Cherry picked fro

[Kernel-packages] [Bug 2017013] Re: net: sched: Fix use after free in red_enqueue()

** Changed in: linux (Ubuntu) Assignee: Cengiz Can (cengizcan) => (unassigned) ** CVE removed: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2022-3586 -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux in Ubuntu. ht

[Kernel-packages] [Bug 2017013] [NEW] net: sched: Fix use after free in red_enqueue()

cts: linux (Ubuntu) Importance: Undecided Status: Incomplete ** Affects: linux (Ubuntu Xenial) Importance: High Assignee: Cengiz Can (cengizcan) Status: In Progress ** Package changed: linux-azure (Ubuntu) => linux (Ubuntu) ** Also affects: linux (Ubuntu Xenial) Im

[Kernel-packages] [Bug 1991142] Re: UAF bug caused by rose_t0timer_expiry

This fix landed on upstream with 148ca04518070910739dfc4eeda765057856403d -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux in Ubuntu. https://bugs.launchpad.net/bugs/1991142 Title: UAF bug caused by rose_t0timer_expiry Status in l

[Kernel-packages] [Bug 1991142] [NEW] UAF bug caused by rose_t0timer_expiry

exit_to_user_mode_prepare+0x4e/0x80 syscall_exit_to_user_mode+0x20/0x40 do_syscall_64+0x4f/0x90 entry_SYSCALL_64_after_hwframe+0x46/0xb0 ** Affects: linux (Ubuntu) Importance: High Assignee: Cengiz Can (cengizcan) Status: In Progress ** Affects: linux (Ubuntu Xenial

[Kernel-packages] [Bug 1990690] Re: Users belonging to video group may trigger a deadlock WARN

** Description changed: [Impact] - One of the fixing commits for CVE-2021-33655, commit 159a96b199b4 + One of the fixing commits for CVE-2021-33655, commit 159a96b199b4 ("fbcon: Prevent that screen size is smaller than font size") introduced - a redundant lock_fb_info line into the ioctl flow

[Kernel-packages] [Bug 1990690] Re: Users belonging to video group may trigger a deadlock WARN

** Changed in: linux (Ubuntu Bionic) Assignee: (unassigned) => Cengiz Can (cengizcan) ** Changed in: linux (Ubuntu) Assignee: Cengiz Can (cengizcan) => (unassigned) -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to li

[Kernel-packages] [Bug 1990690] [NEW] Users belonging to video group may trigger a deadlock WARN

s] There are no new potential regressions. ** Affects: linux (Ubuntu) Importance: Undecided Status: Invalid ** Affects: linux (Ubuntu Bionic) Importance: Medium Assignee: Cengiz Can (cengizcan) Status: In Progress ** Changed in: linux (Ubuntu) Assignee: (unassig

[Kernel-packages] [Bug 1975804] Re: [SRU][OEM-5.14/OEM-5.17/J][PATCH 0/2] Fix system hangs after s2idle on AMD A+A GPU

** Description changed: [Impact] - Sytesm may hang after s2idle on AMD A+A GPU config due to the following + System may hang after s2idle on AMD A+A GPU config due to the following commits: 8b328c64c7082278c888927f00e526786eec2880 ("drm/amdgpu: don't use BACO for reset in S3") https://bugs