CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 0CVE-2022-48699 – sched/debug: fix dentry leak in update_sched_domain_debugfs
https://notcve.org/view.php?id=CVE-2022-48699
03 May 2024 — In the Linux kernel, the following vulnerability has been resolved: sched/debug: fix dentry leak in update_sched_domain_debugfs Kuyo reports that the pattern of using debugfs_remove(debugfs_lookup()) leaks a dentry and with a hotplug stress test, the machine eventually runs out of memory. Fix this up by using the newly created debugfs_lookup_and_remove() call instead which properly handles the dentry reference counting logic. En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: sched/debug: co... • https://git.kernel.org/stable/c/26e9a1ded8923510e5529fbb28390b22228700c2 •
CVSS: 5.3EPSS: 0%CPEs: 3EXPL: 0CVE-2022-48698 – drm/amd/display: fix memory leak when using debugfs_lookup()
https://notcve.org/view.php?id=CVE-2022-48698
03 May 2024 — In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: fix memory leak when using debugfs_lookup() When calling debugfs_lookup() the result must have dput() called on it, otherwise the memory will leak over time. Fix this up by properly calling dput(). En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: drm/amd/display: soluciona la pérdida de memoria al usar debugfs_lookup() Al llamar a debugfs_lookup(), el resultado debe tener llamado dput(); de lo contrario, l... • https://git.kernel.org/stable/c/58acd2ebae034db3bacf38708f508fbd12ae2e54 •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2022-48670 – peci: cpu: Fix use-after-free in adev_release()
https://notcve.org/view.php?id=CVE-2022-48670
03 May 2024 — In the Linux kernel, the following vulnerability has been resolved: peci: cpu: Fix use-after-free in adev_release() When auxiliary_device_add() returns an error, auxiliary_device_uninit() is called, which causes refcount for device to be decremented and .release callback will be triggered. Because adev_release() re-calls auxiliary_device_uninit(), it will cause use-after-free: [ 1269.455172] WARNING: CPU: 0 PID: 14267 at lib/refcount.c:28 refcount_warn_saturate+0x110/0x15 [ 1269.464007] refcount_t: underflo... • https://git.kernel.org/stable/c/c87f1f99e26ea4ae08cabe753ae98e5626bdba89 • CWE-416: Use After Free •
CVSS: 5.5EPSS: 0%CPEs: 9EXPL: 0CVE-2024-27388 – SUNRPC: fix some memleaks in gssx_dec_option_array
https://notcve.org/view.php?id=CVE-2024-27388
01 May 2024 — In the Linux kernel, the following vulnerability has been resolved: SUNRPC: fix some memleaks in gssx_dec_option_array The creds and oa->data need to be freed in the error-handling paths after their allocation. So this patch add these deallocations in the corresponding paths. En el kernel de Linux, se resolvió la siguiente vulnerabilidad: SUNRPC: corrige algunas fugas de mem en gssx_dec_option_array Los creds y oa->data deben liberarse en las rutas de manejo de errores después de su asignación. Entonces ... • https://git.kernel.org/stable/c/1d658336b05f8697d6445834f8867f8ad5e4f735 • CWE-401: Missing Release of Memory after Effective Lifetime •
CVSS: 5.5EPSS: 0%CPEs: 9EXPL: 0CVE-2024-27074 – media: go7007: fix a memleak in go7007_load_encoder
https://notcve.org/view.php?id=CVE-2024-27074
01 May 2024 — In the Linux kernel, the following vulnerability has been resolved: media: go7007: fix a memleak in go7007_load_encoder In go7007_load_encoder, bounce(i.e. go->boot_fw), is allocated without a deallocation thereafter. After the following call chain: saa7134_go7007_init |-> go7007_boot_encoder |-> go7007_load_encoder |-> kfree(go) go is freed and thus bounce is leaked. En el kernel de Linux, se resolvió la siguiente vulnerabilidad: medios: go7007: corrige una fuga de memoria en go7007_load_encoder En go7007_... • https://git.kernel.org/stable/c/95ef39403f890360a3e48fe550d8e8e5d088ad74 •
CVSS: 5.5EPSS: 0%CPEs: 8EXPL: 0CVE-2024-27073 – media: ttpci: fix two memleaks in budget_av_attach
https://notcve.org/view.php?id=CVE-2024-27073
01 May 2024 — In the Linux kernel, the following vulnerability has been resolved: media: ttpci: fix two memleaks in budget_av_attach When saa7146_register_device and saa7146_vv_init fails, budget_av_attach should free the resources it allocates, like the error-handling of ttpci_budget_init does. Besides, there are two fixme comment refers to such deallocations. En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: medios: ttpci: corrige dos fugas de mem en Budget_av_attach Cuando fallan saa7146_register_devi... • https://git.kernel.org/stable/c/1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 •
CVSS: 5.5EPSS: 0%CPEs: 4EXPL: 0CVE-2023-52653 – SUNRPC: fix a memleak in gss_import_v2_context
https://notcve.org/view.php?id=CVE-2023-52653
01 May 2024 — In the Linux kernel, the following vulnerability has been resolved: SUNRPC: fix a memleak in gss_import_v2_context The ctx->mech_used.data allocated by kmemdup is not freed in neither gss_import_v2_context nor it only caller gss_krb5_import_sec_context, which frees ctx on error. Thus, this patch reform the last call of gss_import_v2_context to the gss_krb5_import_ctx_v2, preventing the memleak while keepping the return formation. En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: SUNRPC: cor... • https://git.kernel.org/stable/c/47d84807762966c3611c38adecec6ea703ddda7a •
CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 0CVE-2024-27062 – nouveau: lock the client object tree.
https://notcve.org/view.php?id=CVE-2024-27062
01 May 2024 — In the Linux kernel, the following vulnerability has been resolved: nouveau: lock the client object tree. It appears the client object tree has no locking unless I've missed something else. Fix races around adding/removing client objects, mostly vram bar mappings. 4562.099306] general protection fault, probably for non-canonical address 0x6677ed422bceb80c: 0000 [#1] PREEMPT SMP PTI [ 4562.099314] CPU: 2 PID: 23171 Comm: deqp-vk Not tainted 6.8.0-rc6+ #27 [ 4562.099324] Hardware name: Gigabyte Technology Co.... • https://git.kernel.org/stable/c/6887314f5356389fc219b8152e951ac084a10ef7 • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •
CVSS: 5.5EPSS: 0%CPEs: 8EXPL: 0CVE-2024-27059 – USB: usb-storage: Prevent divide-by-0 error in isd200_ata_command
https://notcve.org/view.php?id=CVE-2024-27059
01 May 2024 — In the Linux kernel, the following vulnerability has been resolved: USB: usb-storage: Prevent divide-by-0 error in isd200_ata_command The isd200 sub-driver in usb-storage uses the HEADS and SECTORS values in the ATA ID information to calculate cylinder and head values when creating a CDB for READ or WRITE commands. The calculation involves division and modulus operations, which will cause a crash if either of these values is 0. While this never happens with a genuine device, it could happen with a flawed or... • https://git.kernel.org/stable/c/1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 •
CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 0CVE-2024-27057 – ASoC: SOF: ipc4-pcm: Workaround for crashed firmware on system suspend
https://notcve.org/view.php?id=CVE-2024-27057
01 May 2024 — In the Linux kernel, the following vulnerability has been resolved: ASoC: SOF: ipc4-pcm: Workaround for crashed firmware on system suspend When the system is suspended while audio is active, the sof_ipc4_pcm_hw_free() is invoked to reset the pipelines since during suspend the DSP is turned off, streams will be re-started after resume. If the firmware crashes during while audio is running (or when we reset the stream before suspend) then the sof_ipc4_set_multi_pipeline_state() will fail with IPC error and th... • https://git.kernel.org/stable/c/3cac6eebea9b4bc5f041e157e45c76e212ad6759 •