CVSS: -EPSS: 0%CPEs: 3EXPL: 0CVE-2024-42251 – mm: page_ref: remove folio_try_get_rcu()
https://notcve.org/view.php?id=CVE-2024-42251
In the Linux kernel, the following vulnerability has been resolved: mm: page_ref: remove folio_try_get_rcu() The below bug was reported on a non-SMP kernel: [ 275.267158][ T4335] ------------[ cut here ]------------ [ 275.267949][ T4335] kernel BUG at include/linux/page_ref.h:275! [ 275.268526][ T4335] invalid opcode: 0000 [#1] KASAN PTI [ 275.269001][ T4335] CPU: 0 PID: 4335 Comm: trinity-c3 Not tainted 6.7.0-rc4-00061-gefa7df3e3bb5 #1 [ 275.269787][ T4335] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.16.2-debian-1.16.2-1 04/01/2014 [ 275.270679][ T4335] RIP: 0010:try_get_folio (include/linux/page_ref.h:275 (discriminator 3) mm/gup.c:79 (discriminator 3)) [ 275.272813][ T4335] RSP: 0018:ffffc90005dcf650 EFLAGS: 00010202 [ 275.273346][ T4335] RAX: 0000000000000246 RBX: ffffea00066e0000 RCX: 0000000000000000 [ 275.274032][ T4335] RDX: fffff94000cdc007 RSI: 0000000000000004 RDI: ffffea00066e0034 [ 275.274719][ T4335] RBP: ffffea00066e0000 R08: 0000000000000000 R09: fffff94000cdc006 [ 275.275404][ T4335] R10: ffffea00066e0037 R11: 0000000000000000 R12: 0000000000000136 [ 275.276106][ T4335] R13: ffffea00066e0034 R14: dffffc0000000000 R15: ffffea00066e0008 [ 275.276790][ T4335] FS: 00007fa2f9b61740(0000) GS:ffffffff89d0d000(0000) knlGS:0000000000000000 [ 275.277570][ T4335] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 275.278143][ T4335] CR2: 00007fa2f6c00000 CR3: 0000000134b04000 CR4: 00000000000406f0 [ 275.278833][ T4335] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 275.279521][ T4335] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 275.280201][ T4335] Call Trace: [ 275.280499][ T4335] <TASK> [ 275.280751][ T4335] ? die (arch/x86/kernel/dumpstack.c:421 arch/x86/kernel/dumpstack.c:434 arch/x86/kernel/dumpstack.c:447) [ 275.281087][ T4335] ? do_trap (arch/x86/kernel/traps.c:112 arch/x86/kernel/traps.c:153) [ 275.281463][ T4335] ? try_get_folio (include/linux/page_ref.h:275 (discriminator 3) mm/gup.c:79 (discriminator 3)) [ 275.281884][ T4335] ? • https://git.kernel.org/stable/c/57edfcfd3419b4799353d8cbd6ce49da075cfdbd https://git.kernel.org/stable/c/16380f52b72166d6a33b508cc2509716f436253f https://git.kernel.org/stable/c/e7db2762ea3e69f215b3ec4db666006deccc37b4 https://git.kernel.org/stable/c/fa2690af573dfefb47ba6eef888797a64b6b5f3c •
CVSS: -EPSS: 0%CPEs: 2EXPL: 0CVE-2024-42250 – cachefiles: add missing lock protection when polling
https://notcve.org/view.php?id=CVE-2024-42250
In the Linux kernel, the following vulnerability has been resolved: cachefiles: add missing lock protection when polling Add missing lock protection in poll routine when iterating xarray, otherwise: Even with RCU read lock held, only the slot of the radix tree is ensured to be pinned there, while the data structure (e.g. struct cachefiles_req) stored in the slot has no such guarantee. The poll routine will iterate the radix tree and dereference cachefiles_req accordingly. Thus RCU read lock is not adequate in this case and spinlock is needed here. • https://git.kernel.org/stable/c/b817e22b2e91257ace32a6768c3c003faeaa1c5c https://git.kernel.org/stable/c/8eadcab7f3dd809edbe5ae20533ff843dfea3a07 https://git.kernel.org/stable/c/cf5bb09e742a9cf6349127e868329a8f69b7a014 https://git.kernel.org/stable/c/97cfd5e20ddc2e33e16ce369626ce76c9a475fd7 https://git.kernel.org/stable/c/6bb6bd3dd6f382dfd36220d4b210a0c77c066651 •
CVSS: -EPSS: 0%CPEs: 2EXPL: 0CVE-2024-42249 – spi: don't unoptimize message in spi_async()
https://notcve.org/view.php?id=CVE-2024-42249
In the Linux kernel, the following vulnerability has been resolved: spi: don't unoptimize message in spi_async() Calling spi_maybe_unoptimize_message() in spi_async() is wrong because the message is likely to be in the queue and not transferred yet. This can corrupt the message while it is being used by the controller driver. spi_maybe_unoptimize_message() is already called in the correct place in spi_finalize_current_message() to balance the call to spi_maybe_optimize_message() in spi_async(). • https://git.kernel.org/stable/c/7b1d87af14d9ae902ed0c5dc5fabf4eea5abdf02 https://git.kernel.org/stable/c/8b9af6d67517ce4a0015928b3cf35bfd2b1bc1c2 https://git.kernel.org/stable/c/c86a918b1bdba78fb155184f8d88dfba1e63335d •
CVSS: -EPSS: 0%CPEs: 3EXPL: 0CVE-2024-42248 – tty: serial: ma35d1: Add a NULL check for of_node
https://notcve.org/view.php?id=CVE-2024-42248
In the Linux kernel, the following vulnerability has been resolved: tty: serial: ma35d1: Add a NULL check for of_node The pdev->dev.of_node can be NULL if the "serial" node is absent. Add a NULL check to return an error in such cases. • https://git.kernel.org/stable/c/930cbf92db0184e327293d5e7089be0b08d46371 https://git.kernel.org/stable/c/23efa74cfe6eb923abb5b9bc51b2a04879013c67 https://git.kernel.org/stable/c/0e0e15ab2d3a094a38525d23c03d78ec7d14a40e https://git.kernel.org/stable/c/acd09ac253b5de8fd79fc61a482ee19154914c7a •
CVSS: -EPSS: 0%CPEs: 6EXPL: 0CVE-2024-42247 – wireguard: allowedips: avoid unaligned 64-bit memory accesses
https://notcve.org/view.php?id=CVE-2024-42247
In the Linux kernel, the following vulnerability has been resolved: wireguard: allowedips: avoid unaligned 64-bit memory accesses On the parisc platform, the kernel issues kernel warnings because swap_endian() tries to load a 128-bit IPv6 address from an unaligned memory location: Kernel: unaligned access to 0x55f4688c in wg_allowedips_insert_v6+0x2c/0x80 [wireguard] (iir 0xf3010df) Kernel: unaligned access to 0x55f46884 in wg_allowedips_insert_v6+0x38/0x80 [wireguard] (iir 0xf2010dc) Avoid such unaligned memory accesses by instead using the get_unaligned_be64() helper macro. [Jason: replace src[8] in original patch with src+8] • https://git.kernel.org/stable/c/e7096c131e5161fa3b8e52a650d7719d2857adfd https://git.kernel.org/stable/c/ae630de24efb123d7199a43256396d7758f4cb75 https://git.kernel.org/stable/c/b4764f0ad3d68de8a0b847c05f427afb86dd54e6 https://git.kernel.org/stable/c/217978a29c6ceca76d3c640bf94bdf50c268d801 https://git.kernel.org/stable/c/6638a203abad35fa636d59ac47bdbc4bc100fd74 https://git.kernel.org/stable/c/2fb34bf76431e831f9863cd59adc0bd1f67b0fbf https://git.kernel.org/stable/c/948f991c62a4018fb81d85804eeab3029c6209f8 •