CVSS: 8.5EPSS: 0%CPEs: 8EXPL: 0CVE-2024-47659 – smack: tcp: ipv4, fix incorrect labeling
https://notcve.org/view.php?id=CVE-2024-47659
09 Oct 2024 — In the Linux kernel, the following vulnerability has been resolved: smack: tcp: ipv4, fix incorrect labeling Currently, Smack mirrors the label of incoming tcp/ipv4 connections: when a label 'foo' connects to a label 'bar' with tcp/ipv4, 'foo' always gets 'foo' in returned ipv4 packets. In the Linux kernel, the following vulnerability has been resolved: smack: tcp: ipv4, fix incorrect labeling Currently, Smack mirrors the label of incoming tcp/ipv4 connections: when a label 'foo' connects to a... • https://git.kernel.org/stable/c/d3f56c653c65f170b172d3c23120bc64ada645d8 •
CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 0CVE-2024-47658 – crypto: stm32/cryp - call finalize with bh disabled
https://notcve.org/view.php?id=CVE-2024-47658
09 Oct 2024 — In the Linux kernel, the following vulnerability has been resolved: crypto: stm32/cryp - call finalize with bh disabled The finalize operation in interrupt mode produce a produces a spinlock recursion warning. ... In the Linux kernel, the following vulnerability has been resolved: crypto: stm32/cryp - call finalize with bh disabled The finalize operation in interrupt mode produce a produces a spinlock recursion warning. ... Several security issues were discovered in the Linux kernel. • https://git.kernel.org/stable/c/d93a2f86b0a998aa1f0870c85a2a60a0771ef89a •
CVSS: 7.8EPSS: 0%CPEs: 5EXPL: 0CVE-2024-46871 – drm/amd/display: Correct the defined value for AMDGPU_DMUB_NOTIFICATION_MAX
https://notcve.org/view.php?id=CVE-2024-46871
09 Oct 2024 — In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Correct the defined value for AMDGPU_DMUB_NOTIFICATION_MAX [Why & How] It actually exposes '6' types in enum dmub_notification_type. In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Correct the defined value for AMDGPU_DMUB_NOTIFICATION_MAX [Why & How] It actually exposes '6' types in enum dmub_notification_type. ... • https://git.kernel.org/stable/c/e1896f381d27466c26cb44b4450eae05cd59dfd0 •
CVSS: 5.4EPSS: 0%CPEs: 2EXPL: 0CVE-2024-46870 – drm/amd/display: Disable DMCUB timeout for DCN35
https://notcve.org/view.php?id=CVE-2024-46870
09 Oct 2024 — In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Disable DMCUB timeout for DCN35 [Why] DMCUB can intermittently take longer than expected to process commands. ... In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Disable DMCUB timeout for DCN35 [Why] DMCUB can intermittently take longer than expected to process commands. ... Several security issues were discovered in the Linux kernel. • https://git.kernel.org/stable/c/31c254c9cd4b122a10db297124f867107a696d83 •
CVSS: 7.1EPSS: 0%CPEs: 3EXPL: 0CVE-2024-46869 – Bluetooth: btintel_pcie: Allocate memory for driver private data
https://notcve.org/view.php?id=CVE-2024-46869
30 Sep 2024 — In the Linux kernel, the following vulnerability has been resolved: Bluetooth: btintel_pcie: Allocate memory for driver private data Fix driver not allocating memory for struct btintel_data which is used to store internal data. In the Linux kernel, the following vulnerability has been resolved: Bluetooth: btintel_pcie: Allocate memory for driver private data Fix driver not allocating memory for struct btintel_data which is used to store internal data. • https://git.kernel.org/stable/c/6e65a09f927566f257322358d429b267548473eb •
CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 0CVE-2024-46868 – firmware: qcom: uefisecapp: Fix deadlock in qcuefi_acquire()
https://notcve.org/view.php?id=CVE-2024-46868
27 Sep 2024 — In the Linux kernel, the following vulnerability has been resolved: firmware: qcom: uefisecapp: Fix deadlock in qcuefi_acquire() If the __qcuefi pointer is not set, then in the original code, we would hold onto the lock. In the Linux kernel, the following vulnerability has been resolved: firmware: qcom: uefisecapp: Fix deadlock in qcuefi_acquire() If the __qcuefi pointer is not set, then in the original code, we would hold onto the lock. ... • https://git.kernel.org/stable/c/759e7a2b62eb3ef3c93ffeb5cca788a09627d7d9 •
CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 0CVE-2024-46867 – drm/xe/client: fix deadlock in show_meminfo()
https://notcve.org/view.php?id=CVE-2024-46867
27 Sep 2024 — In the Linux kernel, the following vulnerability has been resolved: drm/xe/client: fix deadlock in show_meminfo() There is a real deadlock as well as sleeping in atomic() bug in here, if the bo put happens to be the last ref, since bo destruction wants to grab the same spinlock and sleeping locks. ... (cherry picked from commit 0083b8e6f11d7662283a267d4ce7c966812ffd8a) In the Linux kernel, the following vulnerability has been resolved: drm/xe/client: fix deadlock in show_meminfo() There is a r... • https://git.kernel.org/stable/c/0845233388f8a26d00acf9bf230cfd4f36aa4c30 •
CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 0CVE-2024-46866 – drm/xe/client: add missing bo locking in show_meminfo()
https://notcve.org/view.php?id=CVE-2024-46866
27 Sep 2024 — In the Linux kernel, the following vulnerability has been resolved: drm/xe/client: add missing bo locking in show_meminfo() bo_meminfo() wants to inspect bo state like tt and the ttm resource, however this state can change at any point leading to stuff like NPD and UAF, if the bo lock is not held. ... In the case of object_idr we now also need to hold a ref. v2 (MattB) - Also add xe_bo_assert_held() (cherry picked from commit 4f63d712fa104c3ebefcb289d1e733e86d8698c7) In the Linux kernel, the f... • https://git.kernel.org/stable/c/0845233388f8a26d00acf9bf230cfd4f36aa4c30 •
CVSS: 7.1EPSS: 0%CPEs: 5EXPL: 0CVE-2024-46865 – fou: fix initialization of grc
https://notcve.org/view.php?id=CVE-2024-46865
27 Sep 2024 — In the Linux kernel, the following vulnerability has been resolved: fou: fix initialization of grc The grc must be initialize first. In the Linux kernel, the following vulnerability has been resolved: fou: fix initialization of grc The grc must be initialize first. ... In the Linux kernel, the following vulnerability has been resolved: fou: fix initialization of grc The grc must be initialize first. ... Andy Nguyen discovered that the Bluetooth L2CAP implementation in the Linux k... • https://git.kernel.org/stable/c/231c235d2f7a66f018f172e26ffd47c363f244ef •
CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 0CVE-2024-46864 – x86/hyperv: fix kexec crash due to VP assist page corruption
https://notcve.org/view.php?id=CVE-2024-46864
27 Sep 2024 — In the Linux kernel, the following vulnerability has been resolved: x86/hyperv: fix kexec crash due to VP assist page corruption commit 9636be85cc5b ("x86/hyperv: Fix hyperv_pcpu_input_arg handling when CPUs go online/offline") introduces a new cpuhp state for hyperv initialization. In the Linux kernel, the following vulnerability has been resolved: x86/hyperv: fix kexec crash due to VP assist page corruption commit 9636be85cc5b ("x86/hyperv: Fix hyperv_pcpu_input_arg handling when CPUs go onl... • https://git.kernel.org/stable/c/9636be85cc5bdd8b7a7f6a53405cbcc52161c93c •