CVSS: -EPSS: 0%CPEs: 8EXPL: 0CVE-2022-49035 – media: s5p_cec: limit msg.len to CEC_MAX_MSG_SIZE
https://notcve.org/view.php?id=CVE-2022-49035
02 Jan 2025 — In the Linux kernel, the following vulnerability has been resolved: media: s5p_cec: limit msg.len to CEC_MAX_MSG_SIZE I expect that the hardware will have limited this to 16, but just in case it hasn't, check for this corner case. • https://git.kernel.org/stable/c/7ccb40f26cbefa1c6dfd3418bea54c9518cdbd8a •
CVSS: -EPSS: 0%CPEs: 8EXPL: 0CVE-2024-56756 – nvme-pci: fix freeing of the HMB descriptor table
https://notcve.org/view.php?id=CVE-2024-56756
29 Dec 2024 — In the Linux kernel, the following vulnerability has been resolved: nvme-pci: fix freeing of the HMB descriptor table The HMB descriptor table is sized to the maximum number of descriptors that could be used for a given device, but __nvme_alloc_host_mem could break out of the loop earlier on memory allocation failure and end up using less descriptors than planned for, which leads to an incorrect size passed to dma_free_coherent. In practice this was not showing up because the number of descriptors tends ... • https://git.kernel.org/stable/c/87ad72a59a38d1df217cfd95bc222a2edfe5d399 •
CVSS: -EPSS: 0%CPEs: 5EXPL: 0CVE-2024-56755 – netfs/fscache: Add a memory barrier for FSCACHE_VOLUME_CREATING
https://notcve.org/view.php?id=CVE-2024-56755
29 Dec 2024 — In the Linux kernel, the following vulnerability has been resolved: netfs/fscache: Add a memory barrier for FSCACHE_VOLUME_CREATING In fscache_create_volume(), there is a missing memory barrier between the bit-clearing operation and the wake-up operation. This may cause a situation where, after a wake-up, the bit-clearing operation hasn't been detected yet, leading to an indefinite wait. The triggering process is as follows: [cookie1] [cookie2] [volume_work] fscache_perf... • https://git.kernel.org/stable/c/bfa22da3ed652aa15acd4246fa13a0de6dbe4a59 •
CVSS: -EPSS: 0%CPEs: 7EXPL: 0CVE-2024-56754 – crypto: caam - Fix the pointer passed to caam_qi_shutdown()
https://notcve.org/view.php?id=CVE-2024-56754
29 Dec 2024 — In the Linux kernel, the following vulnerability has been resolved: crypto: caam - Fix the pointer passed to caam_qi_shutdown() The type of the last parameter given to devm_add_action_or_reset() is "struct caam_drv_private *", but in caam_qi_shutdown(), it is casted to "struct device *". Pass the correct parameter to devm_add_action_or_reset() so that the resources are released as expected. • https://git.kernel.org/stable/c/f414de2e2fffd89c8a4e5b5e06b0eba5f9d8b1eb •
CVSS: -EPSS: 0%CPEs: 2EXPL: 0CVE-2024-56753 – drm/amdgpu/gfx9: Add Cleaner Shader Deinitialization in gfx_v9_0 Module
https://notcve.org/view.php?id=CVE-2024-56753
29 Dec 2024 — In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu/gfx9: Add Cleaner Shader Deinitialization in gfx_v9_0 Module This commit addresses an omission in the previous patch related to the cleaner shader support for GFX9 hardware. Specifically, it adds the necessary deinitialization code for the cleaner shader in the gfx_v9_0_sw_fini function. The added line amdgpu_gfx_cleaner_shader_sw_fini(adev); ensures that any allocated resources for the cleaner shader are freed correctly, avoi... • https://git.kernel.org/stable/c/c2e70d307f4491ff970208a41cce84c95771f340 •
CVSS: -EPSS: 0%CPEs: 4EXPL: 0CVE-2024-56752 – drm/nouveau/gr/gf100: Fix missing unlock in gf100_gr_chan_new()
https://notcve.org/view.php?id=CVE-2024-56752
29 Dec 2024 — In the Linux kernel, the following vulnerability has been resolved: drm/nouveau/gr/gf100: Fix missing unlock in gf100_gr_chan_new() When the call to gf100_grctx_generate() fails, unlock gr->fecs.mutex before returning the error. Fixes smatch warning: drivers/gpu/drm/nouveau/nvkm/engine/gr/gf100.c:480 gf100_gr_chan_new() warn: inconsistent returns '&gr->fecs.mutex'. • https://git.kernel.org/stable/c/ca081fff6ecc63c86a99918230cc9b947bebae8a •
CVSS: -EPSS: 0%CPEs: 5EXPL: 0CVE-2024-56751 – ipv6: release nexthop on device removal
https://notcve.org/view.php?id=CVE-2024-56751
29 Dec 2024 — In the Linux kernel, the following vulnerability has been resolved: ipv6: release nexthop on device removal The CI is hitting some aperiodic hangup at device removal time in the pmtu.sh self-test: unregister_netdevice: waiting for veth_A-R1 to become free. Usage count = 6 ref_tracker: veth_A-R1@ffff888013df15d8 has 1/5 users at dst_init+0x84/0x4a0 dst_alloc+0x97/0x150 ip6_dst_alloc+0x23/0x90 ip6_rt_pcpu_alloc+0x1e6/0x520 ip6_pol_route+0x56f/0x840 fib6_rule_lookup+0x334/0x630 ip6_route_output_flags... • https://git.kernel.org/stable/c/f88d8ea67fbdbac7a64bfa6ed9a2ba27bb822f74 •
CVSS: -EPSS: 0%CPEs: 2EXPL: 0CVE-2024-56750 – erofs: fix blksize < PAGE_SIZE for file-backed mounts
https://notcve.org/view.php?id=CVE-2024-56750
29 Dec 2024 — In the Linux kernel, the following vulnerability has been resolved: erofs: fix blksize < PAGE_SIZE for file-backed mounts Adjust sb->s_blocksize{,_bits} directly for file-backed mounts when the fs block size is smaller than PAGE_SIZE. Previously, EROFS used sb_set_blocksize(), which caused a panic if bdev-backed mounts is not used. • https://git.kernel.org/stable/c/fb176750266a3d7f42ebdcf28e8ba40350b27847 •
CVSS: -EPSS: 0%CPEs: 3EXPL: 0CVE-2024-56749 – dlm: fix dlm_recover_members refcount on error
https://notcve.org/view.php?id=CVE-2024-56749
29 Dec 2024 — In the Linux kernel, the following vulnerability has been resolved: dlm: fix dlm_recover_members refcount on error If dlm_recover_members() fails we don't drop the references of the previous created root_list that holds and keep all rsbs alive during the recovery. It might be not an unlikely event because ping_members() could run into an -EINTR if another recovery progress was triggered again. • https://git.kernel.org/stable/c/3a747f4a2ee85d51b905e2df940de4a924f8060a •
CVSS: -EPSS: 0%CPEs: 8EXPL: 0CVE-2024-56748 – scsi: qedf: Fix a possible memory leak in qedf_alloc_and_init_sb()
https://notcve.org/view.php?id=CVE-2024-56748
29 Dec 2024 — In the Linux kernel, the following vulnerability has been resolved: scsi: qedf: Fix a possible memory leak in qedf_alloc_and_init_sb() Hook "qed_ops->common->sb_init = qed_sb_init" does not release the DMA memory sb_virt when it fails. Add dma_free_coherent() to free it. This is the same way as qedr_alloc_mem_sb() and qede_alloc_mem_sb(). • https://git.kernel.org/stable/c/61d8658b4a435eac729966cc94cdda077a8df5cd •