Potential deadlock when lazytime-enabled mounted ploop is running on top of a fuse-based vStorage.
There is a possible deadlock if a lazytime-enabled mounted ploop is running on top of vStorage. This tweak provides the ability to disable default lazytime mount option for ext4 mounts. For technical reasons this tweak is united with the oom_dump_tasks sysctl. You should use this sysctl in the following way: "echo 0 > /proc/sys/vm/oom_dump_tasks" - disable lazytime default and oom tasks dumping; "echo 1 > /proc/sys/vm/oom_dump_tasks" - disable lazytime default, enable oom tasks dumping; "echo 2 > /proc/sys/vm/oom_dump_tasks" - enable lazytime default, disable oom tasks dumping; "echo 3 > /proc/sys/vm/oom_dump_tasks" - enable lazytime default and oom tasks dumping.
netfilter: nf_tables: NULL pointer access in chain filter.
NULL pointer accsess in nf_tables chain filter leads to node crash.
Reading data from partially written XFS file block.
A data leak flaw was found in XFS filesystem. An attacker could use this flaw to read deleted data.
Use after free for file descriptor table for vmwgfx
use-after-free flaw was found in the Linux kernel’s vmw_execbuf_copy_fence_user function in vmwgfx. This flaw allows a local attacker with user privileges to cause a privilege escalation problem.
Kernel buffers data leak or race in intel GPU driver.
Incorrect GPU cache flush may allow access to system memory and run malicious code on GPU.
Potential ARP DoS for containers in host-routed network mode.
nfs: Excess dput in __put_nfs_open_context leads to a crash.
There is double dput in nfs_prime_dcache(). Because of this excess dput we get a crash in __put_nfs_open_context().
Use-after-free in the netfilter subsystem.
The bug allows to initialize a non-stateful lookup expressions which points to a not properly detached set, which might lead to UAF. Potetntially it leads to privilege escalation.
CPU hotplug leads to a VM crash on AMD processors with PCID.
Potential privilege escalation when setting the release_agent.
Setting release_agent could potentially lead to privilege escalation from unprivileged users inside a container to the container root. It couldn't be exploited to escape containers.
Potential use-after-free in the 'recv' operation of UNIX domain sockets.
Race condition between the garbage collector and the 'recv' operation with MSG_PEEK flag was found in the implementation of UNIX domain sockets. It could result in use-after-free and could potentially allow a local attacker to escalate their privileges in the system.
Read-after-free in garbage collection for Unix domain socket file handlers.
Use-after-free in RDMA listen().
A hole in vstorage FUSE synchronization protocol leading to unsynchronized chunks.
ms/xfrm: fix crash in XFRM_MSG_GETSA netlink handler