CVSS: 7.1EPSS: 0%CPEs: 9EXPL: 0CVE-2024-47740 – f2fs: Require FMODE_WRITE for atomic write ioctls
https://notcve.org/view.php?id=CVE-2024-47740
21 Oct 2024 — In the Linux kernel, the following vulnerability has been resolved: f2fs: Require FMODE_WRITE for atomic write ioctls The F2FS ioctls for starting and committing atomic writes check for inode_owner_or_capable(), but this does not give LSMs like SELinux or Landlock an opportunity to deny the write access - if the caller's FSUID matches the inode's UID, inode_owner_or_capable() immediately returns true. In the Linux kernel, the following vulnerability has been resolved: f2fs: Require FMODE_WRITE... • https://git.kernel.org/stable/c/88b88a66797159949cec32eaab12b4968f6fae2d •
CVSS: 7.8EPSS: 0%CPEs: 7EXPL: 0CVE-2024-47739 – padata: use integer wrap around to prevent deadlock on seq_nr overflow
https://notcve.org/view.php?id=CVE-2024-47739
21 Oct 2024 — In the Linux kernel, the following vulnerability has been resolved: padata: use integer wrap around to prevent deadlock on seq_nr overflow When submitting more than 2^32 padata objects to padata_do_serial, the current sorting implementation incorrectly sorts padata objects with overflowed seq_nr, causing them to be placed before existing objects in the reorder list. In the Linux kernel, the following vulnerability has been resolved: padata: use integer wrap around to prevent deadlock on seq_nr... • https://git.kernel.org/stable/c/bfde23ce200e6d33291d29b9b8b60cc2f30f0805 •
CVSS: 5.5EPSS: 0%CPEs: 8EXPL: 0CVE-2024-47738 – wifi: mac80211: don't use rate mask for offchannel TX either
https://notcve.org/view.php?id=CVE-2024-47738
21 Oct 2024 — In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211: don't use rate mask for offchannel TX either Like the commit ab9177d83c04 ("wifi: mac80211: don't use rate mask for scanning"), ignore incorrect settings to avoid no supported rate warning reported by syzbot. ... As suggestions [1], follow the change of SCAN TX to consider this case of offchannel TX as well. [1] https://lore.kernel.org/linux-wireless/6ab2dc9c3afe753ca6fdcdd1421e7a1f47e87b84.camel@sipsolutions.n... • https://git.kernel.org/stable/c/9df66d5b9f45c39b3925d16e8947cc10009b186d •
CVSS: 5.5EPSS: 0%CPEs: 9EXPL: 0CVE-2024-47737 – nfsd: call cache_put if xdr_reserve_space returns NULL
https://notcve.org/view.php?id=CVE-2024-47737
21 Oct 2024 — In the Linux kernel, the following vulnerability has been resolved: nfsd: call cache_put if xdr_reserve_space returns NULL If not enough buffer space available, but idmap_lookup has triggered lookup_fn which calls cache_get and returns successfully. ... Reviwed-by: Jeff Layton
CVSS: 5.5EPSS: 0%CPEs: 4EXPL: 0CVE-2024-47736 – erofs: handle overlapped pclusters out of crafted images properly
https://notcve.org/view.php?id=CVE-2024-47736
21 Oct 2024 — In the Linux kernel, the following vulnerability has been resolved: erofs: handle overlapped pclusters out of crafted images properly syzbot reported a task hang issue due to a deadlock case where it is waiting for the folio lock of a cached folio that will be used for cache I/Os. In the Linux kernel, the following vulnerability has been resolved: erofs: handle overlapped pclusters out of crafted images properly syzbot reported a task hang issue due to a deadlock case where it is waiting for t... • https://git.kernel.org/stable/c/8e6c8fa9f2e95c88a642521a5da19a8e31748846 •
CVSS: 5.5EPSS: 0%CPEs: 7EXPL: 0CVE-2024-47735 – RDMA/hns: Fix spin_unlock_irqrestore() called with IRQs enabled
https://notcve.org/view.php?id=CVE-2024-47735
21 Oct 2024 — Call trace: warn_bogus_irq_restore+0x30/0x40 _raw_spin_unlock_irqrestore+0x84/0xc8 add_qp_to_list+0x11c/0x148 [hns_roce_hw_v2] hns_roce_create_qp_common.constprop.0+0x240/0x780 [hns_roce_hw_v2] hns_roce_create_qp+0x98/0x160 [hns_roce_hw_v2] create_qp+0x138/0x258 ib_create_qp_kernel+0x50/0xe8 create_mad_qp+0xa8/0x128 ib_mad_port_open+0x218/0x448 ib_mad_init_device+0x70/0x1f8 add_client_context+0xfc/0x220 enable_device_and_get+0xd0/0x140 ib_register_device.part.0+0xf4/0x1c8 ib_register_device+0x34/0x50 hns_ro... • https://git.kernel.org/stable/c/9a4435375cd151e07c0c38fa601b00115986091b •
CVSS: 8.5EPSS: 0%CPEs: 6EXPL: 0CVE-2024-47734 – bonding: Fix unnecessary warnings and logs from bond_xdp_get_xmit_slave()
https://notcve.org/view.php?id=CVE-2024-47734
21 Oct 2024 — [1] Steps to reproduce: # Needs tx_xdp with return XDP_TX; ip l add veth0 type veth peer veth1 ip l add veth3 type veth peer veth4 ip l add bond0 type bond mode 6 # BOND_MODE_ALB, unsupported by XDP ip l add bond1 type bond # BOND_MODE_ROUNDROBIN by default ip l set veth0 master bond1 ip l set bond1 up # Increases bpf_master_redirect_enabled_key ip l set dev bond1 xdpdrv object tx_xdp.o section xdp_tx ip l set veth3 master bond0 ip l set bond0 up ip l set veth4 up # Triggers WARN_ON_ONCE() from the xdp_mast... • https://git.kernel.org/stable/c/9e2ee5c7e7c35d195e2aa0692a7241d47a433d1e •
CVSS: 7.1EPSS: 0%CPEs: 3EXPL: 0CVE-2024-47733 – netfs: Delete subtree of 'fs/netfs' when netfs module exits
https://notcve.org/view.php?id=CVE-2024-47733
21 Oct 2024 — In the Linux kernel, the following vulnerability has been resolved: netfs: Delete subtree of 'fs/netfs' when netfs module exits In netfs_init() or fscache_proc_init(), we create dentry under 'fs/netfs', but in netfs_exit(), we only delete the proc entry of 'fs/netfs' without deleting its subtree. In the Linux kernel, the following vulnerability has been resolved: netfs: Delete subtree of 'fs/netfs' when netfs module exits In netfs_init() or fscache_proc_init(), we create dentry under 'fs/netfs... • https://git.kernel.org/stable/c/7eb5b3e3a0a55f2d166ca949ef47ca6e0c704aab •
CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 0CVE-2024-47732 – crypto: iaa - Fix potential use after free bug
https://notcve.org/view.php?id=CVE-2024-47732
21 Oct 2024 — In the Linux kernel, the following vulnerability has been resolved: crypto: iaa - Fix potential use after free bug The free_device_compression_mode(iaa_device, device_mode) function frees "device_mode" but it iss passed to iaa_compression_modes[i]->free() a few lines later resulting in a use after free. ... But, with this fix, when something does implement it, we'll be ready. :) In the Linux kernel, the following vulnerability has been resolved: crypto: iaa - Fix potential use after free bug T... • https://git.kernel.org/stable/c/b190447e0fa3ef7355480d641d078962e03768b4 •
CVSS: 5.5EPSS: 0%CPEs: 5EXPL: 0CVE-2024-47731 – drivers/perf: Fix ali_drw_pmu driver interrupt status clearing
https://notcve.org/view.php?id=CVE-2024-47731
21 Oct 2024 — In the Linux kernel, the following vulnerability has been resolved: drivers/perf: Fix ali_drw_pmu driver interrupt status clearing The alibaba_uncore_pmu driver forgot to clear all interrupt status in the interrupt processing function. ... In the Linux kernel, the following vulnerability has been resolved: drivers/perf: Fix ali_drw_pmu driver interrupt status clearing The alibaba_uncore_pmu driver forgot to clear all interrupt status in the interrupt processing function. • https://git.kernel.org/stable/c/cf7b61073e4526caa247616f6fbb174cbd2a5366 •