CVSS: -EPSS: %CPEs: 5EXPL: 0CVE-2024-56787 – soc: imx8m: Probe the SoC driver as platform driver
https://notcve.org/view.php?id=CVE-2024-56787
08 Jan 2025 — In the Linux kernel, the following vulnerability has been resolved: soc: imx8m: Probe the SoC driver as platform driver With driver_async_probe=* on kernel command line, the following trace is produced because on i.MX8M Plus hardware because the soc-imx8m.c driver calls of_clk_get_by_name() which returns -EPROBE_DEFER because the clock driver is not yet probed. This was not detected during regular testing without driver_async_probe. Convert the SoC code to platform driver and instantiate a platform device i... • https://git.kernel.org/stable/c/e497edb8f31ec2c2b6f4ce930e175aa2da8be334 •
CVSS: -EPSS: %CPEs: 3EXPL: 0CVE-2024-56786 – bpf: put bpf_link's program when link is safe to be deallocated
https://notcve.org/view.php?id=CVE-2024-56786
08 Jan 2025 — In the Linux kernel, the following vulnerability has been resolved: bpf: put bpf_link's program when link is safe to be deallocated In general, BPF link's underlying BPF program should be considered to be reachable through attach hook -> link -> prog chain, and, pessimistically, we have to assume that as long as link's memory is not safe to free, attach hook's code might hold a pointer to BPF program and use it. As such, it's not (generally) correct to put link's program early before waiting for RCU GPs to ... • https://git.kernel.org/stable/c/5fe23c57abadfd46a7a66e81f3536e4757252a0b •
CVSS: -EPSS: %CPEs: 6EXPL: 0CVE-2024-56785 – MIPS: Loongson64: DTS: Really fix PCIe port nodes for ls7a
https://notcve.org/view.php?id=CVE-2024-56785
08 Jan 2025 — In the Linux kernel, the following vulnerability has been resolved: MIPS: Loongson64: DTS: Really fix PCIe port nodes for ls7a Fix the dtc warnings: arch/mips/boot/dts/loongson/ls7a-pch.dtsi:68.16-416.5: Warning (interrupt_provider): /bus@10000000/pci@1a000000: '#interrupt-cells' found, but node is not an interrupt provider arch/mips/boot/dts/loongson/ls7a-pch.dtsi:68.16-416.5: Warning (interrupt_provider): /bus@10000000/pci@1a000000: '#interrupt-cells' found, but node is not an interrupt provider arch/mips... • https://git.kernel.org/stable/c/5a2eaa3ad2b803c7ea442c6db7379466ee73c024 •
CVSS: -EPSS: %CPEs: 2EXPL: 0CVE-2024-56784 – drm/amd/display: Adding array index check to prevent memory corruption
https://notcve.org/view.php?id=CVE-2024-56784
08 Jan 2025 — In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Adding array index check to prevent memory corruption [Why & How] Array indices out of bound caused memory corruption. Adding checks to ensure that array index stays in bound. • https://git.kernel.org/stable/c/dff526dc3e27f5484f5ba11471b9fbbe681467f2 •
CVSS: -EPSS: %CPEs: 2EXPL: 0CVE-2024-56782 – ACPI: x86: Add adev NULL check to acpi_quirk_skip_serdev_enumeration()
https://notcve.org/view.php?id=CVE-2024-56782
08 Jan 2025 — In the Linux kernel, the following vulnerability has been resolved: ACPI: x86: Add adev NULL check to acpi_quirk_skip_serdev_enumeration() acpi_dev_hid_match() does not check for adev == NULL, dereferencing it unconditional. Add a check for adev being NULL before calling acpi_dev_hid_match(). At the moment acpi_quirk_skip_serdev_enumeration() is never called with a controller_parent without an ACPI companion, but better safe than sorry. • https://git.kernel.org/stable/c/e173bce05f7032a8b4964cfef82a4b7668f5f3af •
CVSS: -EPSS: %CPEs: 7EXPL: 0CVE-2024-56781 – powerpc/prom_init: Fixup missing powermac #size-cells
https://notcve.org/view.php?id=CVE-2024-56781
08 Jan 2025 — In the Linux kernel, the following vulnerability has been resolved: powerpc/prom_init: Fixup missing powermac #size-cells On some powermacs `escc` nodes are missing `#size-cells` properties, which is deprecated and now triggers a warning at boot since commit 045b14ca5c36 ("of: WARN on deprecated #address-cells/#size-cells handling"). For example: Missing '#size-cells' in /pci@f2000000/mac-io@c/escc@13000 WARNING: CPU: 0 PID: 0 at drivers/of/base.c:133 of_bus_n_size_cells+0x98/0x108 Hardware name: PowerMac3,... • https://git.kernel.org/stable/c/0b94d838018fb0a824e0cd3149034928c99fb1b7 •
CVSS: -EPSS: %CPEs: 7EXPL: 0CVE-2024-56779 – nfsd: fix nfs4_openowner leak when concurrent nfsd4_open occur
https://notcve.org/view.php?id=CVE-2024-56779
08 Jan 2025 — In the Linux kernel, the following vulnerability has been resolved: nfsd: fix nfs4_openowner leak when concurrent nfsd4_open occur The action force umount(umount -f) will attempt to kill all rpc_task even umount operation may ultimately fail if some files remain open. Consequently, if an action attempts to open a file, it can potentially send two rpc_task to nfs server. NFS CLIENT thread1 thread2 open("file") ... nfs4_do_open _nfs4_do_open _nfs4_open_and_get_state _nfs4_proc_open nfs4_run_open_task /* rpc_t... • https://git.kernel.org/stable/c/a85364f0d30dee01c5d5b4afa55a9629a8f36d8e •
CVSS: -EPSS: %CPEs: 5EXPL: 0CVE-2024-56778 – drm/sti: avoid potential dereference of error pointers in sti_hqvdp_atomic_check
https://notcve.org/view.php?id=CVE-2024-56778
08 Jan 2025 — In the Linux kernel, the following vulnerability has been resolved: drm/sti: avoid potential dereference of error pointers in sti_hqvdp_atomic_check The return value of drm_atomic_get_crtc_state() needs to be checked. To avoid use of error pointer 'crtc_state' in case of the failure. • https://git.kernel.org/stable/c/dd86dc2f9ae1102f46115be1f1422265c15540f1 •
CVSS: -EPSS: %CPEs: 5EXPL: 0CVE-2024-56777 – drm/sti: avoid potential dereference of error pointers in sti_gdp_atomic_check
https://notcve.org/view.php?id=CVE-2024-56777
08 Jan 2025 — In the Linux kernel, the following vulnerability has been resolved: drm/sti: avoid potential dereference of error pointers in sti_gdp_atomic_check The return value of drm_atomic_get_crtc_state() needs to be checked. To avoid use of error pointer 'crtc_state' in case of the failure. • https://git.kernel.org/stable/c/dd86dc2f9ae1102f46115be1f1422265c15540f1 •
CVSS: -EPSS: %CPEs: 5EXPL: 0CVE-2024-56776 – drm/sti: avoid potential dereference of error pointers
https://notcve.org/view.php?id=CVE-2024-56776
08 Jan 2025 — In the Linux kernel, the following vulnerability has been resolved: drm/sti: avoid potential dereference of error pointers The return value of drm_atomic_get_crtc_state() needs to be checked. To avoid use of error pointer 'crtc_state' in case of the failure. • https://git.kernel.org/stable/c/dd86dc2f9ae1102f46115be1f1422265c15540f1 •