CVSS: 7.2EPSS: 0%CPEs: 4EXPL: 0CVE-2024-56769 – media: dvb-frontends: dib3000mb: fix uninit-value in dib3000_write_reg
https://notcve.org/view.php?id=CVE-2024-56769
06 Jan 2025 — In the Linux kernel, the following vulnerability has been resolved: media: dvb-frontends: dib3000mb: fix uninit-value in dib3000_write_reg Syzbot reports [1] an uninitialized value issue found by KMSAN in dib3000_read_reg(). Local u8 rb[2] is used in i2c_transfer() as a read buffer; in case that call fails, the buffer may end up with some undefined values. Since no elaborate error handling is expected in dib3000_write_reg(), simply zero out rb buffer to mitigate the problem. [1] Syzkaller report dvb-usb: bu... • https://git.kernel.org/stable/c/74340b0a8bc60b400c7e5fe4950303aa6f914d16 •
CVSS: 5.5EPSS: 0%CPEs: 4EXPL: 0CVE-2024-56767 – dmaengine: at_xdmac: avoid null_prt_deref in at_xdmac_prep_dma_memset
https://notcve.org/view.php?id=CVE-2024-56767
06 Jan 2025 — In the Linux kernel, the following vulnerability has been resolved: dmaengine: at_xdmac: avoid null_prt_deref in at_xdmac_prep_dma_memset The at_xdmac_memset_create_desc may return NULL, which will lead to a null pointer dereference. For example, the len input is error, or the atchan->free_descs_list is empty and memory is exhausted. Therefore, add check to avoid this. En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: dmaengine: at_xdmac: evitar null_prt_deref en at_xdmac_prep_dma_memset El... • https://git.kernel.org/stable/c/b206d9a23ac71cb905f5fb6e0cd813406f89b678 •
CVSS: 5.5EPSS: 0%CPEs: 4EXPL: 0CVE-2024-56763 – tracing: Prevent bad count for tracing_cpumask_write
https://notcve.org/view.php?id=CVE-2024-56763
06 Jan 2025 — In the Linux kernel, the following vulnerability has been resolved: tracing: Prevent bad count for tracing_cpumask_write If a large count is provided, it will trigger a warning in bitmap_parse_user. Also check zero for it. En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: tracing: Evitar recuento incorrecto para tracing_cpumask_write Si se proporciona un recuento alto, se activará una advertencia en bitmap_parse_user. También verifique que esté a cero. In the Linux kernel, the following vul... • https://git.kernel.org/stable/c/9e01c1b74c9531e301c900edaa92a99fcb7738f2 •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2024-56759 – btrfs: fix use-after-free when COWing tree bock and tracing is enabled
https://notcve.org/view.php?id=CVE-2024-56759
06 Jan 2025 — In the Linux kernel, the following vulnerability has been resolved: btrfs: fix use-after-free when COWing tree bock and tracing is enabled When a COWing a tree block, at btrfs_cow_block(), and we have the tracepoint trace_btrfs_cow_block() enabled and preemption is also enabled (CONFIG_PREEMPT=y), we can trigger a use-after-free in the COWed extent buffer while inside the tracepoint code. This is because in some paths that call btrfs_cow_block(), such as btrfs_search_slot(), we are holding the last referenc... • https://git.kernel.org/stable/c/c3a403d8ce36f5a809a492581de5ad17843e4701 •
CVSS: 4.9EPSS: 0%CPEs: 2EXPL: 0CVE-2024-56757 – Bluetooth: btusb: mediatek: add intf release flow when usb disconnect
https://notcve.org/view.php?id=CVE-2024-56757
06 Jan 2025 — In the Linux kernel, the following vulnerability has been resolved: Bluetooth: btusb: mediatek: add intf release flow when usb disconnect MediaTek claim an special usb intr interface for ISO data transmission. The interface need to be released before unregistering hci device when usb disconnect. Removing BT usb dongle without properly releasing the interface may cause Kernel panic while unregister hci device. En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: Bluetooth: btusb: mediatek: agre... • https://git.kernel.org/stable/c/cc569d791ab2a0de74f76e470515d25d24c9b84b •
CVSS: -EPSS: 0%CPEs: 8EXPL: 0CVE-2022-49035 – media: s5p_cec: limit msg.len to CEC_MAX_MSG_SIZE
https://notcve.org/view.php?id=CVE-2022-49035
02 Jan 2025 — In the Linux kernel, the following vulnerability has been resolved: media: s5p_cec: limit msg.len to CEC_MAX_MSG_SIZE I expect that the hardware will have limited this to 16, but just in case it hasn't, check for this corner case. In the Linux kernel, the following vulnerability has been resolved: media: s5p_cec: limit msg.len to CEC_MAX_MSG_SIZE I expect that the hardware will have limited this to 16, but just in case it hasn't, check for this corner case. • https://git.kernel.org/stable/c/7ccb40f26cbefa1c6dfd3418bea54c9518cdbd8a •
CVSS: 5.5EPSS: 0%CPEs: 9EXPL: 0CVE-2024-56746 – fbdev: sh7760fb: Fix a possible memory leak in sh7760fb_alloc_mem()
https://notcve.org/view.php?id=CVE-2024-56746
29 Dec 2024 — In the Linux kernel, the following vulnerability has been resolved: fbdev: sh7760fb: Fix a possible memory leak in sh7760fb_alloc_mem() When information such as info->screen_base is not ready, calling sh7760fb_free_mem() does not release memory correctly. Call dma_free_coherent() instead. In the Linux kernel, the following vulnerability has been resolved: fbdev: sh7760fb: Fix a possible memory leak in sh7760fb_alloc_mem() When information such as info->screen_base is not ready, calling sh7760fb_free_mem() d... • https://git.kernel.org/stable/c/4a25e41831ee851c1365d8b41decc22493b18e6d •
CVSS: 7.1EPSS: 0%CPEs: 9EXPL: 0CVE-2024-56739 – rtc: check if __rtc_read_time was successful in rtc_timer_do_work()
https://notcve.org/view.php?id=CVE-2024-56739
29 Dec 2024 — In the Linux kernel, the following vulnerability has been resolved: rtc: check if __rtc_read_time was successful in rtc_timer_do_work() If the __rtc_read_time call fails,, the struct rtc_time tm; may contain uninitialized data, or an illegal date/time read from the RTC hardware. When calling rtc_tm_to_ktime later, the result may be a very large value (possibly KTIME_MAX). If there are periodic timers in rtc->timerqueue, they will continually expire, may causing kernel softlockup. In the Linux kernel, the fo... • https://git.kernel.org/stable/c/6610e0893b8bc6f59b14fed7f089c5997f035f88 •
CVSS: 5.5EPSS: 0%CPEs: 5EXPL: 0CVE-2024-56722 – RDMA/hns: Fix cpu stuck caused by printings during reset
https://notcve.org/view.php?id=CVE-2024-56722
29 Dec 2024 — In the Linux kernel, the following vulnerability has been resolved: RDMA/hns: Fix cpu stuck caused by printings during reset During reset, cmd to destroy resources such as qp, cq, and mr may fail, and error logs will be printed. When a large number of resources are destroyed, there will be lots of printings, and it may lead to a cpu stuck. Delete some unnecessary printings and replace other printing functions in these paths with the ratelimited version. In the Linux kernel, the following vulnerability has b... • https://git.kernel.org/stable/c/9a4435375cd151e07c0c38fa601b00115986091b •
CVSS: 5.5EPSS: 0%CPEs: 9EXPL: 0CVE-2024-56700 – media: wl128x: Fix atomicity violation in fmc_send_cmd()
https://notcve.org/view.php?id=CVE-2024-56700
28 Dec 2024 — In the Linux kernel, the following vulnerability has been resolved: media: wl128x: Fix atomicity violation in fmc_send_cmd() Atomicity violation occurs when the fmc_send_cmd() function is executed simultaneously with the modification of the fmdev->resp_skb value. Consider a scenario where, after passing the validity check within the function, a non-null fmdev->resp_skb variable is assigned a null value. This results in an invalid fmdev->resp_skb variable passing the validity check. As seen in the later part... • https://git.kernel.org/stable/c/e8454ff7b9a4d56f02c095bff12d3c92ef4c7fa6 •