CVSS: 4.7EPSS: 0%CPEs: 7EXPL: 0CVE-2024-45003 – vfs: Don't evict inode under the inode lru traversing context
https://notcve.org/view.php?id=CVE-2024-45003
04 Sep 2024 — In the Linux kernel, the following vulnerability has been resolved: vfs: Don't evict inode under the inode lru traversing context The inode reclaiming process(See function prune_icache_sb) collects all reclaimable inodes and mark them with I_FREEING flag at first, at that time, other processes will be stuck if they try getting these inodes (See function find_inode_fast), then the reclaiming process destroy the inodes by function dispose_list(). Some filesystems(eg. ext4 with ea_inode feature, ubifs with xat... • https://git.kernel.org/stable/c/e50e5129f384ae282adebfb561189cdb19b81cee •
CVSS: 5.5EPSS: 0%CPEs: 4EXPL: 0CVE-2024-45002 – rtla/osnoise: Prevent NULL dereference in error handling
https://notcve.org/view.php?id=CVE-2024-45002
04 Sep 2024 — In the Linux kernel, the following vulnerability has been resolved: rtla/osnoise: Prevent NULL dereference in error handling If the "tool->data" allocation fails then there is no need to call osnoise_free_top() and, in fact, doing so will lead to a NULL dereference. In the Linux kernel, the following vulnerability has been resolved: rtla/osnoise: Prevent NULL dereference in error handling If the "tool->data" allocation fails then there is no need to call osnoise_free_top() and, in fact, doing so will lead t... • https://git.kernel.org/stable/c/1eceb2fc2ca549a170d7ee7cd1fde2daeda646ac •
CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 0CVE-2024-45001 – net: mana: Fix RX buf alloc_size alignment and atomic op panic
https://notcve.org/view.php?id=CVE-2024-45001
04 Sep 2024 — In the Linux kernel, the following vulnerability has been resolved: net: mana: Fix RX buf alloc_size alignment and atomic op panic The MANA driver's RX buffer alloc_size is passed into napi_build_skb() to create SKB. skb_shinfo(skb) is located at the end of skb, and its alignment is affected by the alloc_size passed into napi_build_skb(). The size needs to be aligned properly for better performance and atomic operations. Otherwise, on ARM64 CPU, for certain MTU settings like 4000, atomic operations may pani... • https://git.kernel.org/stable/c/80f6215b450eb8e92d8b1f117abf5ecf867f963e •
CVSS: 5.5EPSS: 0%CPEs: 4EXPL: 0CVE-2024-45000 – fs/netfs/fscache_cookie: add missing "n_accesses" check
https://notcve.org/view.php?id=CVE-2024-45000
04 Sep 2024 — In the Linux kernel, the following vulnerability has been resolved: fs/netfs/fscache_cookie: add missing "n_accesses" check This fixes a NULL pointer dereference bug due to a data race which looks like this: BUG: kernel NULL pointer dereference, address: 0000000000000008 #PF: supervisor read access in kernel mode #PF: error_code(0x0000) - not-present page PGD 0 P4D 0 Oops: 0000 [#1] SMP PTI CPU: 33 PID: 16573 Comm: kworker/u97:799 Not tainted 6.8.7-cm4all1-hp+ #43 Hardware name: HP ProLiant DL380 Gen9/ProLi... • https://git.kernel.org/stable/c/12bb21a29c19aae50cfad4e2bb5c943108f34a7d •
CVSS: 7.1EPSS: 0%CPEs: 8EXPL: 0CVE-2024-44999 – gtp: pull network headers in gtp_dev_xmit()
https://notcve.org/view.php?id=CVE-2024-44999
04 Sep 2024 — In the Linux kernel, the following vulnerability has been resolved: gtp: pull network headers in gtp_dev_xmit() syzbot/KMSAN reported use of uninit-value in get_dev_xmit() [1] We must make sure the IPv4 or Ipv6 header is pulled in skb->head before accessing fields in them. Use pskb_inet_may_pull() to fix this issue. [1] BUG: KMSAN: uninit-value in ipv6_pdp_find drivers/net/gtp.c:220 [inline] BUG: KMSAN: uninit-value in gtp_build_skb_ip6 drivers/net/gtp.c:1229 [inline] BUG: KMSAN: uninit-value in gtp_dev_xmi... • https://git.kernel.org/stable/c/459aa660eb1d8ce67080da1983bb81d716aa5a69 •
CVSS: 7.8EPSS: 0%CPEs: 8EXPL: 0CVE-2024-44998 – atm: idt77252: prevent use after free in dequeue_rx()
https://notcve.org/view.php?id=CVE-2024-44998
04 Sep 2024 — In the Linux kernel, the following vulnerability has been resolved: atm: idt77252: prevent use after free in dequeue_rx() We can't dereference "skb" after calling vcc->push() because the skb is released. In the Linux kernel, the following vulnerability has been resolved: atm: idt77252: prevent use after free in dequeue_rx() We can't dereference "skb" after calling vcc->push() because the skb is released. Ubuntu Security Notice 7144-1 - Supraja Sridhara, Benedict Schlüter, Mark Kuhne, Andrin Bertschi, and Sh... • https://git.kernel.org/stable/c/1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 •
CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 0CVE-2024-44997 – net: ethernet: mtk_wed: fix use-after-free panic in mtk_wed_setup_tc_block_cb()
https://notcve.org/view.php?id=CVE-2024-44997
04 Sep 2024 — In the Linux kernel, the following vulnerability has been resolved: net: ethernet: mtk_wed: fix use-after-free panic in mtk_wed_setup_tc_block_cb() When there are multiple ap interfaces on one band and with WED on, turning the interface down will cause a kernel panic on MT798X. Previously, cb_priv was freed in mtk_wed_setup_tc_block() without marking NULL,and mtk_wed_setup_tc_block_cb() didn't check the value, too. Assign NULL after free cb_priv in mtk_wed_setup_tc_block() and check NULL in mtk_wed_setup_tc... • https://git.kernel.org/stable/c/799684448e3e1f57257a6155541e53510488f67b •
CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 0CVE-2024-44996 – vsock: fix recursive ->recvmsg calls
https://notcve.org/view.php?id=CVE-2024-44996
04 Sep 2024 — In the Linux kernel, the following vulnerability has been resolved: vsock: fix recursive ->recvmsg calls After a vsock socket has been added to a BPF sockmap, its prot->recvmsg has been replaced with vsock_bpf_recvmsg(). Thus the following recursiion could happen: vsock_bpf_recvmsg() -> __vsock_recvmsg() -> vsock_connectible_recvmsg() -> prot->recvmsg() -> vsock_bpf_recvmsg() again We need to fix it by calling the original ->recvmsg() without any BPF sockmap logic in __vsock_recvmsg(). In the Linux kernel, ... • https://git.kernel.org/stable/c/634f1a7110b439c65fd8a809171c1d2d28bcea6f •
CVSS: 5.5EPSS: 0%CPEs: 7EXPL: 0CVE-2024-44995 – net: hns3: fix a deadlock problem when config TC during resetting
https://notcve.org/view.php?id=CVE-2024-44995
04 Sep 2024 — In the Linux kernel, the following vulnerability has been resolved: net: hns3: fix a deadlock problem when config TC during resetting When config TC during the reset process, may cause a deadlock, the flow is as below: pf reset start │ ▼ ...... setup tc │ │ ▼ ▼ DOWN: napi_disable() napi_disable()(skip) │ │ │ ▼ ▼ ...... ...... │ │ ▼ │ napi_enable() │ ▼ UINIT: netif_napi_del() │ ▼ ...... │ ▼ INIT: netif_napi_add() │ ▼ ...... global reset start │ │ ▼ ▼ UP: napi_enable()(skip) ...... │ │ ▼ ▼ ...... napi_disable... • https://git.kernel.org/stable/c/bb6b94a896d4dd4dcdeccca87c3fd22521c652c0 •
CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 0CVE-2024-44994 – iommu: Restore lost return in iommu_report_device_fault()
https://notcve.org/view.php?id=CVE-2024-44994
04 Sep 2024 — In the Linux kernel, the following vulnerability has been resolved: iommu: Restore lost return in iommu_report_device_fault() When iommu_report_device_fault gets called with a partial fault it is supposed to collect the fault into the group and then return. Instead the return was accidently deleted which results in trying to process the fault and an eventual crash. Deleting the return was a typo, put it back. In the Linux kernel, the following vulnerability has been resolved: iommu: Restore lost return in i... • https://git.kernel.org/stable/c/3dfa64aecbafc288216b2790438d395add192c30 • CWE-703: Improper Check or Handling of Exceptional Conditions •