CVSS: 5.5EPSS: 0%CPEs: 5EXPL: 0CVE-2024-47750 – RDMA/hns: Fix Use-After-Free of rsv_qp on HIP08
https://notcve.org/view.php?id=CVE-2024-47750
21 Oct 2024 — In the Linux kernel, the following vulnerability has been resolved: RDMA/hns: Fix Use-After-Free of rsv_qp on HIP08 Currently rsv_qp is freed before ib_unregister_device() is called on HIP08. ... In the Linux kernel, the following vulnerability has been resolved: RDMA/hns: Fix Use-After-Free of rsv_qp on HIP08 Currently rsv_qp is freed before ib_unregister_device() is called on HIP08. • https://git.kernel.org/stable/c/70f92521584f1d1e8268311ee84413307b0fdea8 •
CVSS: 5.5EPSS: 0%CPEs: 9EXPL: 0CVE-2024-47749 – RDMA/cxgb4: Added NULL check for lookup_atid
https://notcve.org/view.php?id=CVE-2024-47749
21 Oct 2024 — Found by Linux Verification Center (linuxtesting.org) with SVACE. Found by Linux Verification Center (linuxtesting.org) with SVACE. In the Linux kernel, the following vulnerability has been resolved: RDMA/cxgb4: Added NULL check for lookup_atid The lookup_atid() function can return NULL if the ATID is invalid or does not exist in the identifier table, which could lead to dereferencing a null pointer without a check in the `act_establish()` and `act_open_rpl()` functions. ... • https://git.kernel.org/stable/c/cfdda9d764362ab77b11a410bb928400e6520d57 •
CVSS: 7.5EPSS: 0%CPEs: 7EXPL: 0CVE-2024-47748 – vhost_vdpa: assign irq bypass producer token correctly
https://notcve.org/view.php?id=CVE-2024-47748
21 Oct 2024 — In the Linux kernel, the following vulnerability has been resolved: vhost_vdpa: assign irq bypass producer token correctly We used to call irq_bypass_unregister_producer() in vhost_vdpa_setup_vq_irq() which is problematic as we don't know if the token pointer is still valid or not. In the Linux kernel, the following vulnerability has been resolved: vhost_vdpa: assign irq bypass producer token correctly We used to call irq_bypass_unregister_producer() in vhost_vdpa_setup_vq_irq() which is probl... • https://git.kernel.org/stable/c/2cf1ba9a4d15cb78b96ea97f727b93382c3f9a60 •
CVSS: 7.0EPSS: 0%CPEs: 9EXPL: 0CVE-2024-47747 – net: seeq: Fix use after free vulnerability in ether3 Driver Due to Race Condition
https://notcve.org/view.php?id=CVE-2024-47747
21 Oct 2024 — In the Linux kernel, the following vulnerability has been resolved: net: seeq: Fix use after free vulnerability in ether3 Driver Due to Race Condition In the ether3_probe function, a timer is initialized with a callback function ether3_ledoff, bound to &prev(dev)->timer. In the Linux kernel, the following vulnerability has been resolved: net: seeq: Fix use after free vulnerability in ether3 Driver Due to Race Condition In the ether3_probe function, a timer is initialized with a callback functi... • https://git.kernel.org/stable/c/6fd9c53f71862a4797b7ed8a5de80e2c64829f56 •
CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 0CVE-2024-47746 – fuse: use exclusive lock when FUSE_I_CACHE_IO_MODE is set
https://notcve.org/view.php?id=CVE-2024-47746
21 Oct 2024 — In the Linux kernel, the following vulnerability has been resolved: fuse: use exclusive lock when FUSE_I_CACHE_IO_MODE is set This may be a typo. ... In the Linux kernel, the following vulnerability has been resolved: fuse: use exclusive lock when FUSE_I_CACHE_IO_MODE is set This may be a typo. • https://git.kernel.org/stable/c/205c1d8026835746d8597e1aa70c370e014e83fa •
CVSS: 7.8EPSS: 0%CPEs: 5EXPL: 0CVE-2024-47745 – mm: call the security_mmap_file() LSM hook in remap_file_pages()
https://notcve.org/view.php?id=CVE-2024-47745
21 Oct 2024 — In the Linux kernel, the following vulnerability has been resolved: mm: call the security_mmap_file() LSM hook in remap_file_pages() The remap_file_pages syscall handler calls do_mmap() directly, which doesn't contain the LSM security check. ... /test | grep rwx 7f1836c34000-7f1836c35000 rwxs 00002000 00:01 2050 /memfd:test (deleted) [PM: subject line tweaks] In the Linux kernel, the following vulnerability has been resolved: mm: call the security_mmap_file() LSM hook in remap_file_pages() The... • https://git.kernel.org/stable/c/0f910dbf2f2a4a7820ba4bac7b280f7108aa05b1 •
CVSS: 5.5EPSS: 0%CPEs: 4EXPL: 0CVE-2024-47744 – KVM: Use dedicated mutex to protect kvm_usage_count to avoid deadlock
https://notcve.org/view.php?id=CVE-2024-47744
21 Oct 2024 — In the Linux kernel, the following vulnerability has been resolved: KVM: Use dedicated mutex to protect kvm_usage_count to avoid deadlock Use a dedicated mutex to guard kvm_usage_count to fix a potential deadlock on x86 due to a chain of locks and SRCU synchronizations. ... • https://git.kernel.org/stable/c/0bf50497f03b3d892c470c7d1a10a3e9c3c95821 •
CVSS: 5.5EPSS: 0%CPEs: 5EXPL: 0CVE-2024-47743 – KEYS: prevent NULL pointer dereference in find_asymmetric_key()
https://notcve.org/view.php?id=CVE-2024-47743
21 Oct 2024 — In the Linux kernel, the following vulnerability has been resolved: KEYS: prevent NULL pointer dereference in find_asymmetric_key() In find_asymmetric_key(), if all NULLs are passed in the id_{0,1,2} arguments, the kernel will first emit WARN but then have an oops because id_2 gets dereferenced anyway. In the Linux kernel, the following vulnerability has been resolved: KEYS: prevent NULL pointer dereference in find_asymmetric_key() In find_asymmetric_key(), if all NULLs are passed in the id_{0... • https://git.kernel.org/stable/c/7d30198ee24f2ddcc4fefcd38a9b76bd8ab31360 •
CVSS: 7.8EPSS: 0%CPEs: 9EXPL: 0CVE-2024-47742 – firmware_loader: Block path traversal
https://notcve.org/view.php?id=CVE-2024-47742
21 Oct 2024 — In the Linux kernel, the following vulnerability has been resolved: firmware_loader: Block path traversal Most firmware names are hardcoded strings, or are constructed from fairly constrained format strings where the dynamic parts are just some hex numbers or such. In the Linux kernel, the following vulnerability has been resolved: firmware_loader: Block path traversal Most firmware names are hardcoded strings, or are constructed from fairly constrained format strings where the dynamic parts a... • https://git.kernel.org/stable/c/abb139e75c2cdbb955e840d6331cb5863e409d0e •
CVSS: 6.3EPSS: 0%CPEs: 4EXPL: 0CVE-2024-47741 – btrfs: fix race setting file private on concurrent lseek using same fd
https://notcve.org/view.php?id=CVE-2024-47741
21 Oct 2024 — In the Linux kernel, the following vulnerability has been resolved: btrfs: fix race setting file private on concurrent lseek using same fd When doing concurrent lseek(2) system calls against the same file descriptor, using multiple threads belonging to the same process, we have a short time window where a race happens and can result in a memory leak. In the Linux kernel, the following vulnerability has been resolved: btrfs: fix race setting file private on concurrent lseek using same fd When d... • https://git.kernel.org/stable/c/3c32c7212f1639471ec0197ff1179b8ef2e0f3d3 •