CVSS: -EPSS: 0%CPEs: 8EXPL: 0CVE-2024-44986 – ipv6: fix possible UAF in ip6_finish_output2()
https://notcve.org/view.php?id=CVE-2024-44986
In the Linux kernel, the following vulnerability has been resolved: ipv6: fix possible UAF in ip6_finish_output2() If skb_expand_head() returns NULL, skb has been freed and associated dst/idev could also have been freed. We need to hold rcu_read_lock() to make sure the dst and associated idev are alive. • https://git.kernel.org/stable/c/5796015fa968a3349027a27dcd04c71d95c53ba5 https://git.kernel.org/stable/c/ded37d03440d0ab346a8287cc2ba88b8dc90ceb0 https://git.kernel.org/stable/c/2323690eb05865a657709f4d28eb9538ea97bfc2 https://git.kernel.org/stable/c/b34c668a867ffdcf8bd8db4a36512572e82b4a15 https://git.kernel.org/stable/c/e891b36de161fcd96f12ff83667473e5067b9037 https://git.kernel.org/stable/c/3574d28caf9a09756ae87ad1ea096c6f47b6101e https://git.kernel.org/stable/c/6ab6bf731354a6fdbaa617d1ec194960db61cf3b https://git.kernel.org/stable/c/56efc253196751ece1fc535a5b582be12 •
CVSS: -EPSS: 0%CPEs: 5EXPL: 0CVE-2024-44985 – ipv6: prevent possible UAF in ip6_xmit()
https://notcve.org/view.php?id=CVE-2024-44985
In the Linux kernel, the following vulnerability has been resolved: ipv6: prevent possible UAF in ip6_xmit() If skb_expand_head() returns NULL, skb has been freed and the associated dst/idev could also have been freed. We must use rcu_read_lock() to prevent a possible UAF. • https://git.kernel.org/stable/c/0c9f227bee11910a49e1d159abe102d06e3745d5 https://git.kernel.org/stable/c/975f764e96f71616b530e300c1bb2ac0ce0c2596 https://git.kernel.org/stable/c/38a21c026ed2cc7232414cb166efc1923f34af17 https://git.kernel.org/stable/c/124b428fe28064c809e4237b0b38e97200a8a4a8 https://git.kernel.org/stable/c/fc88d6c1f2895a5775795d82ec581afdff7661d1 https://git.kernel.org/stable/c/2d5ff7e339d04622d8282661df36151906d0e1c7 •
CVSS: -EPSS: 0%CPEs: 3EXPL: 0CVE-2024-44984 – bnxt_en: Fix double DMA unmapping for XDP_REDIRECT
https://notcve.org/view.php?id=CVE-2024-44984
In the Linux kernel, the following vulnerability has been resolved: bnxt_en: Fix double DMA unmapping for XDP_REDIRECT Remove the dma_unmap_page_attrs() call in the driver's XDP_REDIRECT code path. • https://git.kernel.org/stable/c/578fcfd26e2a1d0e687b347057959228567e2af8 https://git.kernel.org/stable/c/fa4e6ae38574d0fc5596272bee64727d8ab7052b https://git.kernel.org/stable/c/95a305ba259b685780ed62ea2295aa2feb2d6c0c https://git.kernel.org/stable/c/8baeef7616d5194045c5a6b97fd1246b87c55b13 •
CVSS: -EPSS: 0%CPEs: 5EXPL: 0CVE-2024-44983 – netfilter: flowtable: validate vlan header
https://notcve.org/view.php?id=CVE-2024-44983
In the Linux kernel, the following vulnerability has been resolved: netfilter: flowtable: validate vlan header Ensure there is sufficient room to access the protocol field of the VLAN header, validate it once before the flowtable lookup. ===================================================== BUG: KMSAN: uninit-value in nf_flow_offload_inet_hook+0x45a/0x5f0 net/netfilter/nf_flow_table_inet.c:32 nf_flow_offload_inet_hook+0x45a/0x5f0 net/netfilter/nf_flow_table_inet.c:32 nf_hook_entry_hookfn include/linux/netfilter.h:154 [inline] nf_hook_slow+0xf4/0x400 net/netfilter/core.c:626 nf_hook_ingress include/linux/netfilter_netdev.h:34 [inline] nf_ingress net/core/dev.c:5440 [inline] • https://git.kernel.org/stable/c/4cd91f7c290f64fe430867ddbae10bff34657b6a https://git.kernel.org/stable/c/c05155cc455785916164aa5e1b4605a2ae946537 https://git.kernel.org/stable/c/d9384ae7aec46036d248d1c2c2757e471ab486c3 https://git.kernel.org/stable/c/0279c35d242d037abeb73d60d06a6d1bb7f672d9 https://git.kernel.org/stable/c/043a18bb6cf16adaa2f8642acfde6e8956a9caaa https://git.kernel.org/stable/c/6ea14ccb60c8ab829349979b22b58a941ec4a3ee •
CVSS: -EPSS: 0%CPEs: 5EXPL: 0CVE-2024-44982 – drm/msm/dpu: cleanup FB if dpu_format_populate_layout fails
https://notcve.org/view.php?id=CVE-2024-44982
In the Linux kernel, the following vulnerability has been resolved: drm/msm/dpu: cleanup FB if dpu_format_populate_layout fails If the dpu_format_populate_layout() fails, then FB is prepared, but not cleaned up. • https://git.kernel.org/stable/c/25fdd5933e4c0f5fe2ea5cd59994f8ac5fbe90ef https://git.kernel.org/stable/c/9b8b65211a880af8fe8330a101e1e239a2d4008f https://git.kernel.org/stable/c/7ecf85542169012765e4c2817cd3be6c2e009962 https://git.kernel.org/stable/c/a3c5815b07f4ee19d0b7e2ddf91ff9f03ecbf27d https://git.kernel.org/stable/c/02193c70723118889281f75b88722b26b58bf4ae https://git.kernel.org/stable/c/bfa1a6283be390947d3649c482e5167186a37016 •