CVSS: 5.5EPSS: 0%CPEs: 6EXPL: 0CVE-2024-50046 – NFSv4: Prevent NULL-pointer dereference in nfs42_complete_copies()
https://notcve.org/view.php?id=CVE-2024-50046
21 Oct 2024 — Accidentally, the nfs42_complete_copies() got a NULL-pointer dereference crash with the following syslog: [232064.838881] NFSv4: state recovery failed for open file nfs/pvc-12b5200d-cd0f-46a3-b9f0-af8f4fe0ef64.qcow2, error = -116 [232064.839360] NFSv4: state recovery failed for open file nfs/pvc-12b5200d-cd0f-46a3-b9f0-af8f4fe0ef64.qcow2, error = -116 [232066.588183] Unable to handle kernel NULL pointer dereference at virtual address 0000000000000058 [232066.588586] Mem abort info: [232066.588701] ESR = 0x0... • https://git.kernel.org/stable/c/0e65a32c8a569db363048e17a708b1a0913adbef •
CVSS: 5.5EPSS: 0%CPEs: 8EXPL: 0CVE-2024-50045 – netfilter: br_netfilter: fix panic with metadata_dst skb
https://notcve.org/view.php?id=CVE-2024-50045
21 Oct 2024 — [ 176.291791] Unable to handle kernel NULL pointer dereference at virtual address 0000000000000110 [ 176.292101] Mem abort info: [ 176.292184] ESR = 0x0000000096000004 [ 176.292322] EC = 0x25: DABT (current EL), IL = 32 bits [ 176.292530] SET = 0, FnV = 0 [ 176.292709] EA = 0, S1PTW = 0 [ 176.292862] FSC = 0x04: level 0 translation fault [ 176.293013] Data abort info: [ 176.293104] ISV = 0, ISS = 0x00000004, ISS2 = 0x00000000 [ 176.293488] CM = 0, WnR = 0, TnD = 0, TagAccess = 0 [ 176.293787] GCS = 0, Overl... • https://git.kernel.org/stable/c/11538d039ac6efcf4f1a6c536e1b87cd3668a9fd •
CVSS: 3.3EPSS: 0%CPEs: 8EXPL: 0CVE-2024-50044 – Bluetooth: RFCOMM: FIX possible deadlock in rfcomm_sk_state_change
https://notcve.org/view.php?id=CVE-2024-50044
21 Oct 2024 — In the Linux kernel, the following vulnerability has been resolved: Bluetooth: RFCOMM: FIX possible deadlock in rfcomm_sk_state_change rfcomm_sk_state_change attempts to use sock_lock so it must never be called with it locked but rfcomm_sock_ioctl always attempt to lock it causing the following trace: ====================================================== WARNING: possible circular locking dependency detected 6.8.0-syzkaller-08951-gfe46a7dd189e #0 Not tainted -----------------------------------------... • https://git.kernel.org/stable/c/3241ad820dbb172021e0268b5611031991431626 •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2024-50043 – nfsd: fix possible badness in FREE_STATEID
https://notcve.org/view.php?id=CVE-2024-50043
21 Oct 2024 — In the Linux kernel, the following vulnerability has been resolved: nfsd: fix possible badness in FREE_STATEID When multiple FREE_STATEIDs are sent for the same delegation stateid, it can lead to a possible either use-after-free or counter refcount underflow errors. In the Linux kernel, the following vulnerability has been resolved: nfsd: fix possible badness in FREE_STATEID When multiple FREE_STATEIDs are sent for the same delegation stateid, it can lead to a possible either use-after-free or... • https://git.kernel.org/stable/c/3f29cc82a84c23cfd12b903029dd26002ca825f5 •
CVSS: 7.1EPSS: 0%CPEs: 3EXPL: 0CVE-2024-50042 – ice: Fix increasing MSI-X on VF
https://notcve.org/view.php?id=CVE-2024-50042
21 Oct 2024 — In the Linux kernel, the following vulnerability has been resolved: ice: Fix increasing MSI-X on VF Increasing MSI-X value on a VF leads to invalid memory operations. ... In the Linux kernel, the following vulnerability has been resolved: ice: Fix increasing MSI-X on VF Increasing MSI-X value on a VF leads to invalid memory operations. • https://git.kernel.org/stable/c/2a2cb4c6c18130e9f14d2e39deb75590744d98ef •
CVSS: 5.5EPSS: 0%CPEs: 6EXPL: 0CVE-2024-50041 – i40e: Fix macvlan leak by synchronizing access to mac_filter_hash
https://notcve.org/view.php?id=CVE-2024-50041
21 Oct 2024 — In the Linux kernel, the following vulnerability has been resolved: i40e: Fix macvlan leak by synchronizing access to mac_filter_hash This patch addresses a macvlan leak issue in the i40e driver caused by concurrent access to vsi->mac_filter_hash. In the Linux kernel, the following vulnerability has been resolved: i40e: Fix macvlan leak by synchronizing access to mac_filter_hash This patch addresses a macvlan leak issue in the i40e driver caused by concurrent access to vsi->mac_filter_hash. • https://git.kernel.org/stable/c/ddec6cbbe22781d17965f1e6386e5a6363c058d2 •
CVSS: 5.5EPSS: 0%CPEs: 10EXPL: 0CVE-2024-50040 – igb: Do not bring the device up after non-fatal error
https://notcve.org/view.php?id=CVE-2024-50040
21 Oct 2024 — In the Linux kernel, the following vulnerability has been resolved: igb: Do not bring the device up after non-fatal error Commit 004d25060c78 ("igb: Fix igb_down hung on surprise removal") changed igb_io_error_detected() to ignore non-fatal pcie errors in order to avoid hung task that can happen when igb_down() is called multiple times. In the Linux kernel, the following vulnerability has been resolved: igb: Do not bring the device up after non-fatal error Commit 004d25060c78 ("igb: Fix igb_do... • https://git.kernel.org/stable/c/124e39a734cb90658b8f0dc110847bbfc6e33792 •
CVSS: 7.8EPSS: 0%CPEs: 7EXPL: 0CVE-2024-50039 – net/sched: accept TCA_STAB only for root qdisc
https://notcve.org/view.php?id=CVE-2024-50039
21 Oct 2024 — /include/linux/skbuff.h:2135 ./include/linux/skbuff.h:2441 ./include/linux/skbuff.h:3304 .... /include/linux/skbuff.h:2135 ./include/linux/skbuff.h:2441 . • https://git.kernel.org/stable/c/175f9c1bba9b825d22b142d183c9e175488b260c •
CVSS: 8.5EPSS: 0%CPEs: 5EXPL: 0CVE-2024-50038 – netfilter: xtables: avoid NFPROTO_UNSPEC where needed
https://notcve.org/view.php?id=CVE-2024-50038
21 Oct 2024 — In the Linux kernel, the following vulnerability has been resolved: netfilter: xtables: avoid NFPROTO_UNSPEC where needed syzbot managed to call xt_cluster match via ebtables: WARNING: CPU: 0 PID: 11 at net/netfilter/xt_cluster.c:72 xt_cluster_mt+0x196/0x780 [..] ebt_do_table+0x174b/0x2a40 Module registers to NFPROTO_UNSPEC, but it assumes ipv4/ipv6 packet processing. In the Linux kernel, the following vulnerability has been resolved: netfilter: xtables: avoid NFPROTO_UNSPEC where needed syzbo... • https://git.kernel.org/stable/c/0269ea4937343536ec7e85649932bc8c9686ea78 •
CVSS: 10.0EPSS: 0%CPEs: 2EXPL: 0CVE-2024-50037 – drm/fbdev-dma: Only cleanup deferred I/O if necessary
https://notcve.org/view.php?id=CVE-2024-50037
21 Oct 2024 — In the Linux kernel, the following vulnerability has been resolved: drm/fbdev-dma: Only cleanup deferred I/O if necessary Commit 5a498d4d06d6 ("drm/fbdev-dma: Only install deferred I/O if necessary") initializes deferred I/O only if it is used. drm_fbdev_dma_fb_destroy() however calls fb_deferred_io_cleanup() unconditionally with struct fb_info.fbdefio == NULL. • https://git.kernel.org/stable/c/5a498d4d06d6d9bad76d8a50a7f8fe01670ad46f •