CVSS: 4.1EPSS: 0%CPEs: 2EXPL: 0CVE-2024-42158 – s390/pkey: Use kfree_sensitive() to fix Coccinelle warnings
https://notcve.org/view.php?id=CVE-2024-42158
30 Jul 2024 — In the Linux kernel, the following vulnerability has been resolved: s390/pkey: Use kfree_sensitive() to fix Coccinelle warnings Replace memzero_explicit() and kfree() with kfree_sensitive() to fix warnings reported by Coccinelle: WARNING opportunity for kfree_sensitive/kvfree_sensitive (line 1506) WARNING opportunity for kfree_sensitive/kvfree_sensitive (line 1643) WARNING opportunity for kfree_sensitive/kvfree_sensitive (line 1770) In the Linux kernel, the following vulnerability has been resolved: s390/pk... • https://git.kernel.org/stable/c/e80d4af0a320972aac58e2004d0ba4e44ef4c5c7 •
CVSS: 4.1EPSS: 0%CPEs: 8EXPL: 0CVE-2024-42157 – s390/pkey: Wipe sensitive data on failure
https://notcve.org/view.php?id=CVE-2024-42157
30 Jul 2024 — In the Linux kernel, the following vulnerability has been resolved: s390/pkey: Wipe sensitive data on failure Wipe sensitive data from stack also if the copy_to_user() fails. • https://git.kernel.org/stable/c/e80d4af0a320972aac58e2004d0ba4e44ef4c5c7 •
CVSS: 4.1EPSS: 0%CPEs: 3EXPL: 0CVE-2024-42156 – s390/pkey: Wipe copies of clear-key structures on failure
https://notcve.org/view.php?id=CVE-2024-42156
30 Jul 2024 — In the Linux kernel, the following vulnerability has been resolved: s390/pkey: Wipe copies of clear-key structures on failure Wipe all sensitive data from stack for all IOCTLs, which convert a clear-key into a protected- or secure-key. In the Linux kernel, the following vulnerability has been resolved: s390/pkey: Wipe copies of clear-key structures on failure Wipe all sensitive data from stack for all IOCTLs, which convert a clear-key into a protected- or secure-key. Ziming Zhang discovered that the VMware ... • https://git.kernel.org/stable/c/e80d4af0a320972aac58e2004d0ba4e44ef4c5c7 •
CVSS: 1.9EPSS: 0%CPEs: 2EXPL: 0CVE-2024-42155 – s390/pkey: Wipe copies of protected- and secure-keys
https://notcve.org/view.php?id=CVE-2024-42155
30 Jul 2024 — In the Linux kernel, the following vulnerability has been resolved: s390/pkey: Wipe copies of protected- and secure-keys Although the clear-key of neither protected- nor secure-keys is accessible, this key material should only be visible to the calling process. So wipe all copies of protected- or secure-keys from stack, even in case of an error. In the Linux kernel, the following vulnerability has been resolved: s390/pkey: Wipe copies of protected- and secure-keys Although the clear-key of neither protected... • https://git.kernel.org/stable/c/e80d4af0a320972aac58e2004d0ba4e44ef4c5c7 •
CVSS: 4.4EPSS: 0%CPEs: 8EXPL: 0CVE-2024-42154 – tcp_metrics: validate source addr length
https://notcve.org/view.php?id=CVE-2024-42154
30 Jul 2024 — In the Linux kernel, the following vulnerability has been resolved: tcp_metrics: validate source addr length I don't see anything checking that TCP_METRICS_ATTR_SADDR_IPV4 is at least 4 bytes long, and the policy doesn't have an entry for this attribute at all (neither does it for IPv6 but v6 is manually validated). A vulnerability was found in the Linux kernel's tcp_metrics.c, where insufficient validation of the length of the source address for TCP metrics could lead to incorrect memory read (out of bound... • https://git.kernel.org/stable/c/3e7013ddf55af7bc191792b8aea0c2b94fb0fef5 • CWE-130: Improper Handling of Length Parameter Inconsistency •
CVSS: 5.5EPSS: 0%CPEs: 8EXPL: 0CVE-2024-42153 – i2c: pnx: Fix potential deadlock warning from del_timer_sync() call in isr
https://notcve.org/view.php?id=CVE-2024-42153
30 Jul 2024 — In the Linux kernel, the following vulnerability has been resolved: i2c: pnx: Fix potential deadlock warning from del_timer_sync() call in isr When del_timer_sync() is called in an interrupt context it throws a warning because of potential deadlock. The timer is used only to exit from wait_for_completion() after a timeout so replacing the call with wait_for_completion_timeout() allows to remove the problematic timer and its related functions altogether. In the Linux kernel, the following vulnerability has b... • https://git.kernel.org/stable/c/41561f28e76a47dc6de0a954da85d0b5c42874eb •
CVSS: 4.7EPSS: 0%CPEs: 6EXPL: 0CVE-2024-42152 – nvmet: fix a possible leak when destroy a ctrl during qp establishment
https://notcve.org/view.php?id=CVE-2024-42152
30 Jul 2024 — In the Linux kernel, the following vulnerability has been resolved: nvmet: fix a possible leak when destroy a ctrl during qp establishment In nvmet_sq_destroy we capture sq->ctrl early and if it is non-NULL we know that a ctrl was allocated (in the admin connect request handler) and we need to release pending AERs, clear ctrl->sqs and sq->ctrl (for nvme-loop primarily), and drop the final reference on the ctrl. However, a small window is possible where nvmet_sq_destroy starts (as a result of the client givi... • https://git.kernel.org/stable/c/2f3c22b1d3d7e86712253244797a651998c141fa • CWE-404: Improper Resource Shutdown or Release •
CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 0CVE-2024-42151 – bpf: mark bpf_dummy_struct_ops.test_1 parameter as nullable
https://notcve.org/view.php?id=CVE-2024-42151
30 Jul 2024 — In the Linux kernel, the following vulnerability has been resolved: bpf: mark bpf_dummy_struct_ops.test_1 parameter as nullable Test case dummy_st_ops/dummy_init_ret_value passes NULL as the first parameter of the test_1() function. Mark this parameter as nullable to make verifier aware of such possibility. Otherwise, NULL check in the test_1() code: SEC("struct_ops/test_1") int BPF_PROG(test_1, struct bpf_dummy_ops_state *state) { if (!state) return ...; ... access state ... } Might be removed by verifier,... • https://git.kernel.org/stable/c/7f79097b0de97a486b137b750d7dd7b20b519d23 •
CVSS: 7.8EPSS: 0%CPEs: 8EXPL: 0CVE-2024-42148 – bnx2x: Fix multiple UBSAN array-index-out-of-bounds
https://notcve.org/view.php?id=CVE-2024-42148
30 Jul 2024 — In the Linux kernel, the following vulnerability has been resolved: bnx2x: Fix multiple UBSAN array-index-out-of-bounds Fix UBSAN warnings that occur when using a system with 32 physical cpu cores or more, or when the user defines a number of Ethernet queues greater than or equal to FP_SB_MAX_E1x using the num_queues module parameter. Currently there is a read/write out of bounds that occurs on the array "struct stats_query_entry query" present inside the "bnx2x_fw_stats_req" struct in "drivers/net/ethernet... • https://git.kernel.org/stable/c/50f0a562f8cc9ed9d9f7f7380434c3c8646172d5 •
CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 0CVE-2024-42147 – crypto: hisilicon/debugfs - Fix debugfs uninit process issue
https://notcve.org/view.php?id=CVE-2024-42147
30 Jul 2024 — In the Linux kernel, the following vulnerability has been resolved: crypto: hisilicon/debugfs - Fix debugfs uninit process issue During the zip probe process, the debugfs failure does not stop the probe. When debugfs initialization fails, jumping to the error branch will also release regs, in addition to its own rollback operation. As a result, it may be released repeatedly during the regs uninit process. Therefore, the null check needs to be added to the regs uninit process. In the Linux kernel, the follow... • https://git.kernel.org/stable/c/eda60520cfe3aba9f088c68ebd5bcbca9fc6ac3c •