CVSS: 5.5EPSS: 0%CPEs: 8EXPL: 0CVE-2024-47669 – nilfs2: fix state management in error path of log writing function
https://notcve.org/view.php?id=CVE-2024-47669
09 Oct 2024 — In the Linux kernel, the following vulnerability has been resolved: nilfs2: fix state management in error path of log writing function After commit a694291a6211 ("nilfs2: separate wait function from nilfs_segctor_write") was applied, the log writing function nilfs_segctor_do_construct() was able to issue I/O requests continuously even if user data blocks were split into multiple logs across segments, but two potential flaws were introduced in its error handling. In the Linux kernel, the follow... • https://git.kernel.org/stable/c/a694291a6211537189c6080f77f63cdabfc9b63e •
CVSS: 5.5EPSS: 0%CPEs: 7EXPL: 0CVE-2024-47668 – lib/generic-radix-tree.c: Fix rare race in __genradix_ptr_alloc()
https://notcve.org/view.php?id=CVE-2024-47668
09 Oct 2024 — In the Linux kernel, the following vulnerability has been resolved: lib/generic-radix-tree.c: Fix rare race in __genradix_ptr_alloc() If we need to increase the tree depth, allocate a new node, and then race with another thread that increased the tree depth before us, we'll still have a preallocated node that might be used later. In the Linux kernel, the following vulnerability has been resolved: lib/generic-radix-tree.c: Fix rare race in __genradix_ptr_alloc() If we need to increase the tree ... • https://git.kernel.org/stable/c/0f27f4f445390cb7f73d4209cb2bf32834dc53da • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •
CVSS: 5.5EPSS: 0%CPEs: 7EXPL: 0CVE-2024-47667 – PCI: keystone: Add workaround for Errata #i2037 (AM65x SR 1.0)
https://notcve.org/view.php?id=CVE-2024-47667
09 Oct 2024 — In the Linux kernel, the following vulnerability has been resolved: PCI: keystone: Add workaround for Errata #i2037 (AM65x SR 1.0) Errata #i2037 in AM65x/DRA80xM Processors Silicon Revision 1.0 (SPRZ452D_July 2018_Revised December 2019 [1]) mentions when an inbound PCIe TLP spans more than two internal AXI 128-byte bursts, the bus may corrupt the packet payload and the corrupt data may cause associated applications or the processor to hang. ... • https://git.kernel.org/stable/c/cfb006e185f64edbbdf7869eac352442bc76b8f6 •
CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 0CVE-2024-47666 – scsi: pm80xx: Set phy->enable_completion only when we wait for it
https://notcve.org/view.php?id=CVE-2024-47666
09 Oct 2024 — In the Linux kernel, the following vulnerability has been resolved: scsi: pm80xx: Set phy->enable_completion only when we wait for it pm8001_phy_control() populates the enable_completion pointer with a stack address, sends a PHY_LINK_RESET / PHY_HARD_RESET, waits 300 ms, and returns. In the Linux kernel, the following vulnerability has been resolved: scsi: pm80xx: Set phy->enable_completion only when we wait for it pm8001_phy_control() populates the enable_completion pointer with a stack addre... • https://git.kernel.org/stable/c/7b1d779647afaea9185fa2f150b1721e7c1aae89 •
CVSS: 5.6EPSS: 0%CPEs: 5EXPL: 0CVE-2024-47665 – i3c: mipi-i3c-hci: Error out instead on BUG_ON() in IBI DMA setup
https://notcve.org/view.php?id=CVE-2024-47665
09 Oct 2024 — In the Linux kernel, the following vulnerability has been resolved: i3c: mipi-i3c-hci: Error out instead on BUG_ON() in IBI DMA setup Definitely condition dma_get_cache_alignment * defined value > 256 during driver initialization is not reason to BUG_ON(). In the Linux kernel, the following vulnerability has been resolved: i3c: mipi-i3c-hci: Error out instead on BUG_ON() in IBI DMA setup Definitely condition dma_get_cache_alignment * defined value > 256 during driver initialization is not reas... • https://git.kernel.org/stable/c/3a379bbcea0af6280e1ca0d1edfcf4e68cde6ee0 •
CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 0CVE-2024-47664 – spi: hisi-kunpeng: Add verification for the max_frequency provided by the firmware
https://notcve.org/view.php?id=CVE-2024-47664
09 Oct 2024 — In the Linux kernel, the following vulnerability has been resolved: spi: hisi-kunpeng: Add verification for the max_frequency provided by the firmware If the value of max_speed_hz is 0, it may cause a division by zero error in hisi_calc_effective_speed(). In the Linux kernel, the following vulnerability has been resolved: spi: hisi-kunpeng: Add verification for the max_frequency provided by the firmware If the value of max_speed_hz is 0, it may cause a division by zero error in hisi_calc_effec... • https://git.kernel.org/stable/c/c770d8631e1810d8f1ce21b18ad5dd67eeb39e5c •
CVSS: 7.1EPSS: 0%CPEs: 8EXPL: 0CVE-2024-47663 – staging: iio: frequency: ad9834: Validate frequency parameter value
https://notcve.org/view.php?id=CVE-2024-47663
09 Oct 2024 — In the Linux kernel, the following vulnerability has been resolved: staging: iio: frequency: ad9834: Validate frequency parameter value In ad9834_write_frequency() clk_get_rate() can return 0. In the Linux kernel, the following vulnerability has been resolved: staging: iio: frequency: ad9834: Validate frequency parameter value In ad9834_write_frequency() clk_get_rate() can return 0. ... Found by Linux Verification Center (linuxtesting.org) with SVACE. Found by Linux Verification ... • https://git.kernel.org/stable/c/12b9d5bf76bfa20d3207ef24fca9c8254a586a58 •
CVSS: 2.1EPSS: 0%CPEs: 2EXPL: 0CVE-2024-47662 – drm/amd/display: Remove register from DCN35 DMCUB diagnostic collection
https://notcve.org/view.php?id=CVE-2024-47662
09 Oct 2024 — In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Remove register from DCN35 DMCUB diagnostic collection [Why] These registers should not be read from driver and triggering the security violation when DMCUB work times out and diagnostics are collected blocks Z8 entry. In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Remove register from DCN35 DMCUB diagnostic collection [Why] These registers should not be read from driver a... • https://git.kernel.org/stable/c/eba4b2a38ccdf074a053834509545703d6df1d57 •
CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 0CVE-2024-47661 – drm/amd/display: Avoid overflow from uint32_t to uint8_t
https://notcve.org/view.php?id=CVE-2024-47661
09 Oct 2024 — In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Avoid overflow from uint32_t to uint8_t [WHAT & HOW] dmub_rb_cmd's ramping_boundary has size of uint8_t and it is assigned 0xFFFF. In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Avoid overflow from uint32_t to uint8_t [WHAT & HOW] dmub_rb_cmd's ramping_boundary has size of uint8_t and it is assigned 0xFFFF. ... • https://git.kernel.org/stable/c/30d1b783b6eeaf49d311a072c70d618d993d01ec •
CVSS: 5.5EPSS: 0%CPEs: 6EXPL: 0CVE-2024-47660 – fsnotify: clear PARENT_WATCHED flags lazily
https://notcve.org/view.php?id=CVE-2024-47660
09 Oct 2024 — In the Linux kernel, the following vulnerability has been resolved: fsnotify: clear PARENT_WATCHED flags lazily In some setups directories can have many (usually negative) dentries. In the Linux kernel, the following vulnerability has been resolved: fsnotify: clear PARENT_WATCHED flags lazily In some setups directories can have many (usually negative) dentries. Hence __fsnotify_update_child_dentry_flags() function can take a significant amount of time. ... • https://git.kernel.org/stable/c/3f3ef1d9f66b93913ce2171120d9226b55acd41d •