CVSS: 5.5EPSS: 0%CPEs: 6EXPL: 0CVE-2024-42126 – powerpc: Avoid nmi_enter/nmi_exit in real mode interrupt.
https://notcve.org/view.php?id=CVE-2024-42126
30 Jul 2024 — In the Linux kernel, the following vulnerability has been resolved: powerpc: Avoid nmi_enter/nmi_exit in real mode interrupt. nmi_enter()/nmi_exit() touches per cpu variables which can lead to kernel crash when invoked during real mode interrupt handling (e.g. early HMI/MCE interrupt handler) if percpu allocation comes from vmalloc area. Early HMI/MCE handlers are called through DEFINE_INTERRUPT_HANDLER_NMI() wrapper which invokes nmi_enter/nmi_exit calls. We don't see any issue when percpu allocation is fr... • https://git.kernel.org/stable/c/fb6675db04c4b79883373edc578d5df7bbc84848 •
CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 0CVE-2024-42125 – wifi: rtw89: fw: scan offload prohibit all 6 GHz channel if no 6 GHz sband
https://notcve.org/view.php?id=CVE-2024-42125
30 Jul 2024 — In the Linux kernel, the following vulnerability has been resolved: wifi: rtw89: fw: scan offload prohibit all 6 GHz channel if no 6 GHz sband We have some policy via BIOS to block uses of 6 GHz. In this case, 6 GHz sband will be NULL even if it is WiFi 7 chip. So, add NULL handling here to avoid crash. In the Linux kernel, the following vulnerability has been resolved: wifi: rtw89: fw: scan offload prohibit all 6 GHz channel if no 6 GHz sband We have some policy via BIOS to block uses of 6 GHz. In this cas... • https://git.kernel.org/stable/c/e3ec7017f6a20d12ddd9fe23d345ebb7b8c104dd • CWE-476: NULL Pointer Dereference •
CVSS: 5.5EPSS: 0%CPEs: 7EXPL: 0CVE-2024-42124 – scsi: qedf: Make qedf_execute_tmf() non-preemptible
https://notcve.org/view.php?id=CVE-2024-42124
30 Jul 2024 — In the Linux kernel, the following vulnerability has been resolved: scsi: qedf: Make qedf_execute_tmf() non-preemptible Stop calling smp_processor_id() from preemptible code in qedf_execute_tmf90. This results in BUG_ON() when running an RT kernel. [ 659.343280] BUG: using smp_processor_id() in preemptible [00000000] code: sg_reset/3646 [ 659.343282] caller is qedf_execute_tmf+0x8b/0x360 [qedf] In the Linux kernel, the following vulnerability has been resolved: scsi: qedf: Make qedf_execute_tmf() non-preemp... • https://git.kernel.org/stable/c/4f314aadeed8cdf42c8cf30769425b5e44702748 • CWE-372: Incomplete Internal State Distinction •
CVSS: 4.4EPSS: 0%CPEs: 2EXPL: 0CVE-2024-42123 – drm/amdgpu: fix double free err_addr pointer warnings
https://notcve.org/view.php?id=CVE-2024-42123
30 Jul 2024 — In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: fix double free err_addr pointer warnings In amdgpu_umc_bad_page_polling_timeout, the amdgpu_umc_handle_bad_pages will be run many times so that double free err_addr in some special case. So set the err_addr to NULL to avoid the warnings. A vulnerability was found in the amdgpu_umc_handle_bad_pages() function in the Linux kernel's amdgpu driver. If the function is called multiple times in quick succession, a double free error ca... • https://git.kernel.org/stable/c/8e24beb3c2b08a4763f920399a9cc577ed440a1a • CWE-415: Double Free •
CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 0CVE-2024-42122 – drm/amd/display: Add NULL pointer check for kzalloc
https://notcve.org/view.php?id=CVE-2024-42122
30 Jul 2024 — In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Add NULL pointer check for kzalloc [Why & How] Check return pointer of kzalloc before using it. In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Add NULL pointer check for kzalloc [Why & How] Check return pointer of kzalloc before using it. • https://git.kernel.org/stable/c/cd1e565a5b7fa60c349ca8a16db1e61715fe8230 •
CVSS: 5.5EPSS: 0%CPEs: 6EXPL: 0CVE-2024-42121 – drm/amd/display: Check index msg_id before read or write
https://notcve.org/view.php?id=CVE-2024-42121
30 Jul 2024 — In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Check index msg_id before read or write [WHAT] msg_id is used as an array index and it cannot be a negative value, and therefore cannot be equal to MOD_HDCP_MESSAGE_ID_INVALID (-1). [HOW] Check whether msg_id is valid before reading and setting. This fixes 4 OVERRUN issues reported by Coverity. In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Check index msg_id before read or write [WHAT]... • https://git.kernel.org/stable/c/b5b8837d066cc182ff69fb5629ad32ade5484567 •
CVSS: 5.5EPSS: 0%CPEs: 6EXPL: 0CVE-2024-42120 – drm/amd/display: Check pipe offset before setting vblank
https://notcve.org/view.php?id=CVE-2024-42120
30 Jul 2024 — In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Check pipe offset before setting vblank pipe_ctx has a size of MAX_PIPES so checking its index before accessing the array. This fixes an OVERRUN issue reported by Coverity. In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Check pipe offset before setting vblank pipe_ctx has a size of MAX_PIPES so checking its index before accessing the array. This fixes an OVERRUN issue reported by Coveri... • https://git.kernel.org/stable/c/b2e9abc95583ac7bbb2c47da4d476a798146dfd6 •
CVSS: 5.5EPSS: 0%CPEs: 8EXPL: 0CVE-2024-42119 – drm/amd/display: Skip finding free audio for unknown engine_id
https://notcve.org/view.php?id=CVE-2024-42119
30 Jul 2024 — In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Skip finding free audio for unknown engine_id [WHY] ENGINE_ID_UNKNOWN = -1 and can not be used as an array index. Plus, it also means it is uninitialized and does not need free audio. [HOW] Skip and return NULL. This fixes 2 OVERRUN issues reported by Coverity. In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Skip finding free audio for unknown engine_id [WHY] ENGINE_ID_UNKNOWN = -1 and c... • https://git.kernel.org/stable/c/9eb4db08a808e3a3ba59193aeb84a57a6dc4d8c9 •
CVSS: -EPSS: 0%CPEs: 2EXPL: 0CVE-2024-42118 – drm/amd/display: Do not return negative stream id for array
https://notcve.org/view.php?id=CVE-2024-42118
30 Jul 2024 — In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Do not return negative stream id for array [WHY] resource_stream_to_stream_idx returns an array index and it return -1 when not found; however, -1 is not a valid array index number. [HOW] When this happens, call ASSERT(), and return a zero instead. This fixes an OVERRUN and an NEGATIVE_RETURNS issues reported by Coverity. In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Do not return nega... • https://git.kernel.org/stable/c/a76fa9c4f0fc0aa6f517da3fa7d7c23e8a32c7d0 •
CVSS: 3.3EPSS: 0%CPEs: 2EXPL: 0CVE-2024-42117 – drm/amd/display: ASSERT when failing to find index by plane/stream id
https://notcve.org/view.php?id=CVE-2024-42117
30 Jul 2024 — In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: ASSERT when failing to find index by plane/stream id [WHY] find_disp_cfg_idx_by_plane_id and find_disp_cfg_idx_by_stream_id returns an array index and they return -1 when not found; however, -1 is not a valid index number. [HOW] When this happens, call ASSERT(), and return a positive number (which is fewer than callers' array size) instead. This fixes 4 OVERRUN and 2 NEGATIVE_RETURNS issues reported by Coverity. In the Linu... • https://git.kernel.org/stable/c/a9c047a5cf3135b8b66bd28fbe2c698b9cace0b3 •