CVSS: -EPSS: 0%CPEs: 4EXPL: 0CVE-2024-56628 – LoongArch: Add architecture specific huge_pte_clear()
https://notcve.org/view.php?id=CVE-2024-56628
27 Dec 2024 — In the Linux kernel, the following vulnerability has been resolved: LoongArch: Add architecture specific huge_pte_clear() When executing mm selftests run_vmtests.sh, there is such an error: BUG: Bad page state in process uffd-unit-tests pfn:00000 page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x0 flags: 0xffff0000002000(reserved|node=0|zone=0|lastcpupid=0xffff) raw: 00ffff0000002000 ffffbf0000000008 ffffbf0000000008 0000000000000000 raw: 0000000000000000 0000000000000000 0000000... • https://git.kernel.org/stable/c/09cfefb7fa70c3af011b0db0a513fd80b2f18abc •
CVSS: -EPSS: 0%CPEs: 4EXPL: 0CVE-2024-56627 – ksmbd: fix Out-of-Bounds Read in ksmbd_vfs_stream_read
https://notcve.org/view.php?id=CVE-2024-56627
27 Dec 2024 — In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix Out-of-Bounds Read in ksmbd_vfs_stream_read An offset from client could be a negative value, It could lead to an out-of-bounds read from the stream_buf. Note that this issue is coming when setting 'vfs objects = streams_xattr parameter' in ksmbd.conf. • https://git.kernel.org/stable/c/de4d790dcf53be41736239d7ee63849a16ff5d10 •
CVSS: -EPSS: 0%CPEs: 4EXPL: 0CVE-2024-56626 – ksmbd: fix Out-of-Bounds Write in ksmbd_vfs_stream_write
https://notcve.org/view.php?id=CVE-2024-56626
27 Dec 2024 — In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix Out-of-Bounds Write in ksmbd_vfs_stream_write An offset from client could be a negative value, It could allows to write data outside the bounds of the allocated buffer. Note that this issue is coming when setting 'vfs objects = streams_xattr parameter' in ksmbd.conf. • https://git.kernel.org/stable/c/8cd7490fc0f268883e86e840cda5311257af69ca •
CVSS: -EPSS: 0%CPEs: 5EXPL: 0CVE-2024-56625 – can: dev: can_set_termination(): allow sleeping GPIOs
https://notcve.org/view.php?id=CVE-2024-56625
27 Dec 2024 — In the Linux kernel, the following vulnerability has been resolved: can: dev: can_set_termination(): allow sleeping GPIOs In commit 6e86a1543c37 ("can: dev: provide optional GPIO based termination support") GPIO based termination support was added. For no particular reason that patch uses gpiod_set_value() to set the GPIO. This leads to the following warning, if the systems uses a sleeping GPIO, i.e. behind an I2C port expander: | WARNING: CPU: 0 PID: 379 at /drivers/gpio/gpiolib.c:3496 gpiod_set_value+... • https://git.kernel.org/stable/c/6e86a1543c378f2e8837ad88f361b7bf606c80f7 •
CVSS: -EPSS: 0%CPEs: 6EXPL: 0CVE-2024-56623 – scsi: qla2xxx: Fix use after free on unload
https://notcve.org/view.php?id=CVE-2024-56623
27 Dec 2024 — In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Fix use after free on unload System crash is observed with stack trace warning of use after free. There are 2 signals to tell dpc_thread to terminate (UNLOADING flag and kthread_stop). On setting the UNLOADING flag when dpc_thread happens to run at the time and sees the flag, this causes dpc_thread to exit and clean up itself. When kthread_stop is called for final cleanup, this causes use after free. Remove UNLOADING sign... • https://git.kernel.org/stable/c/12f04fc8580eafb0510f805749553eb6213f323e •
CVSS: -EPSS: 0%CPEs: 5EXPL: 0CVE-2024-56622 – scsi: ufs: core: sysfs: Prevent div by zero
https://notcve.org/view.php?id=CVE-2024-56622
27 Dec 2024 — In the Linux kernel, the following vulnerability has been resolved: scsi: ufs: core: sysfs: Prevent div by zero Prevent a division by 0 when monitoring is not enabled. • https://git.kernel.org/stable/c/1d8613a23f3c3b8f0101e453ff150e05a0d1cd4f •
CVSS: -EPSS: 0%CPEs: 2EXPL: 0CVE-2024-56620 – scsi: ufs: qcom: Only free platform MSIs when ESI is enabled
https://notcve.org/view.php?id=CVE-2024-56620
27 Dec 2024 — In the Linux kernel, the following vulnerability has been resolved: scsi: ufs: qcom: Only free platform MSIs when ESI is enabled Otherwise, it will result in a NULL pointer dereference as below: Unable to handle kernel NULL pointer dereference at virtual address 0000000000000008 Call trace: mutex_lock+0xc/0x54 platform_device_msi_free_irqs_all+0x14/0x20 ufs_qcom_remove+0x34/0x48 [ufs_qcom] platform_remove+0x28/0x44 device_remove+0x4c/0x80 device_release_driver_internal+0xd8/0x178 driver_detach+0x5... • https://git.kernel.org/stable/c/519b6274a7775f5fe00a086f189efb8f063467d1 •
CVSS: -EPSS: 0%CPEs: 7EXPL: 0CVE-2024-56619 – nilfs2: fix potential out-of-bounds memory access in nilfs_find_entry()
https://notcve.org/view.php?id=CVE-2024-56619
27 Dec 2024 — In the Linux kernel, the following vulnerability has been resolved: nilfs2: fix potential out-of-bounds memory access in nilfs_find_entry() Syzbot reported that when searching for records in a directory where the inode's i_size is corrupted and has a large value, memory access outside the folio/page range may occur, or a use-after-free bug may be detected if KASAN is enabled. This is because nilfs_last_byte(), which is called by nilfs_find_entry() and others to calculate the number of valid bytes of dire... • https://git.kernel.org/stable/c/2ba466d74ed74f073257f86e61519cb8f8f46184 •
CVSS: -EPSS: 0%CPEs: 3EXPL: 0CVE-2024-56617 – cacheinfo: Allocate memory during CPU hotplug if not done from the primary CPU
https://notcve.org/view.php?id=CVE-2024-56617
27 Dec 2024 — In the Linux kernel, the following vulnerability has been resolved: cacheinfo: Allocate memory during CPU hotplug if not done from the primary CPU Commit 5944ce092b97 ("arch_topology: Build cacheinfo from primary CPU") adds functionality that architectures can use to optionally allocate and build cacheinfo early during boot. Commit 6539cffa9495 ("cacheinfo: Add arch specific early level initializer") lets secondary CPUs correct (and reallocate memory) cacheinfo data if needed. If the early build ... • https://git.kernel.org/stable/c/6539cffa94957241c096099a57d05fa4d8c7db8a •
CVSS: -EPSS: 0%CPEs: 4EXPL: 0CVE-2024-56616 – drm/dp_mst: Fix MST sideband message body length check
https://notcve.org/view.php?id=CVE-2024-56616
27 Dec 2024 — In the Linux kernel, the following vulnerability has been resolved: drm/dp_mst: Fix MST sideband message body length check Fix the MST sideband message body length check, which must be at least 1 byte accounting for the message body CRC (aka message data CRC) at the end of the message. This fixes a case where an MST branch device returns a header with a correct header CRC (indicating a correctly received body length), with the body length being incorrectly set to 0. This will later lead to a memory corru... • https://git.kernel.org/stable/c/780fa184d4dc38ad6c4fded345ab8f9be7a63e96 •