CVSS: 5.5EPSS: 0%CPEs: 6EXPL: 0CVE-2024-27054 – s390/dasd: fix double module refcount decrement
https://notcve.org/view.php?id=CVE-2024-27054
01 May 2024 — In the Linux kernel, the following vulnerability has been resolved: s390/dasd: fix double module refcount decrement Once the discipline is associated with the device, deleting the device takes care of decrementing the module's refcount. Doing it manually on this error path causes refcount to artificially decrease on each error while it should just stay the same. En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: s390/dasd: corrige la disminución del doble recuento del módulo Una vez que la d... • https://git.kernel.org/stable/c/c020d722b110a44c613ef71e657e6dd4116e09d9 •
CVSS: 7.8EPSS: 0%CPEs: 9EXPL: 0CVE-2024-27043 – media: edia: dvbdev: fix a use-after-free
https://notcve.org/view.php?id=CVE-2024-27043
01 May 2024 — In the Linux kernel, the following vulnerability has been resolved: media: edia: dvbdev: fix a use-after-free In dvb_register_device, *pdvbdev is set equal to dvbdev, which is freed in several error-handling paths. However, *pdvbdev is not set to NULL after dvbdev's deallocation, causing use-after-frees in many places, for example, in the following call chain: budget_register |-> dvb_dmxdev_init |-> dvb_register_device |-> dvb_dmxdev_release |-> dvb_unregister_device |-> dvb_remove_device |-> dvb_device_put... • https://git.kernel.org/stable/c/b61901024776b25ce7b8edc31bb1757c7382a88e •
CVSS: 5.5EPSS: 0%CPEs: 6EXPL: 0CVE-2024-27037 – clk: zynq: Prevent null pointer dereference caused by kmalloc failure
https://notcve.org/view.php?id=CVE-2024-27037
01 May 2024 — In the Linux kernel, the following vulnerability has been resolved: clk: zynq: Prevent null pointer dereference caused by kmalloc failure The kmalloc() in zynq_clk_setup() will return null if the physical memory has run out. As a result, if we use snprintf() to write data to the null address, the null pointer dereference bug will happen. This patch uses a stack variable to replace the kmalloc(). En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: clk: zynq: evita la desreferencia del puntero ... • https://git.kernel.org/stable/c/0ee52b157b8ed88550ddd6291e54bb4bfabde364 • CWE-476: NULL Pointer Dereference •
CVSS: 5.5EPSS: 0%CPEs: 9EXPL: 0CVE-2023-52650 – drm/tegra: dsi: Add missing check for of_find_device_by_node
https://notcve.org/view.php?id=CVE-2023-52650
01 May 2024 — In the Linux kernel, the following vulnerability has been resolved: drm/tegra: dsi: Add missing check for of_find_device_by_node Add check for the return value of of_find_device_by_node() and return the error if it fails in order to avoid NULL pointer dereference. En el kernel de Linux, se resolvió la siguiente vulnerabilidad: drm/tegra: dsi: Agregar verificación faltante para of_find_device_by_node Agregue verificación para el valor de retorno de of_find_device_by_node() y devuelva el error si falla para e... • https://git.kernel.org/stable/c/e94236cde4d519cdecd45e2435defba33abdc99f •
CVSS: 4.3EPSS: 0%CPEs: 12EXPL: 0CVE-2024-27024 – net/rds: fix WARNING in rds_conn_connect_if_down
https://notcve.org/view.php?id=CVE-2024-27024
01 May 2024 — In the Linux kernel, the following vulnerability has been resolved: net/rds: fix WARNING in rds_conn_connect_if_down If connection isn't established yet, get_mr() will fail, trigger connection after get_mr(). En el kernel de Linux, se resolvió la siguiente vulnerabilidad: net/rds: solucione la ADVERTENCIA en rds_conn_connect_if_down Si la conexión aún no se ha establecido, get_mr() fallará, activará la conexión después de get_mr(). In the Linux kernel, the following vulnerability has been resolved: net/rds:... • https://git.kernel.org/stable/c/584a8279a44a800dea5a5c1e9d53a002e03016b4 •
CVSS: 7.0EPSS: 0%CPEs: 8EXPL: 0CVE-2024-27020 – netfilter: nf_tables: Fix potential data-race in __nft_expr_type_get()
https://notcve.org/view.php?id=CVE-2024-27020
01 May 2024 — In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: Fix potential data-race in __nft_expr_type_get() nft_unregister_expr() can concurrent with __nft_expr_type_get(), and there is not any protection when iterate over nf_tables_expressions list in __nft_expr_type_get(). Therefore, there is potential data-race of nf_tables_expressions list entry. Use list_for_each_entry_rcu() to iterate over nf_tables_expressions list in __nft_expr_type_get(), and use rcu_read_lock() in th... • https://git.kernel.org/stable/c/ef1f7df9170dbd875ce198ba84e6ab80f6fc139e • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •
CVSS: 5.5EPSS: 0%CPEs: 4EXPL: 0CVE-2024-27014 – net/mlx5e: Prevent deadlock while disabling aRFS
https://notcve.org/view.php?id=CVE-2024-27014
01 May 2024 — In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: Prevent deadlock while disabling aRFS When disabling aRFS under the `priv->state_lock`, any scheduled aRFS works are canceled using the `cancel_work_sync` function, which waits for the work to end if it has already started. However, while waiting for the work handler, the handler will try to acquire the `state_lock` which is already acquired. The worker acquires the lock to delete the rules if the state is down, which is not the ... • https://git.kernel.org/stable/c/45bf454ae88414e80b80979ebb2c22bd66ea7d1b • CWE-667: Improper Locking •
CVSS: 5.5EPSS: 0%CPEs: 8EXPL: 0CVE-2024-27013 – tun: limit printing rate when illegal packet received by tun dev
https://notcve.org/view.php?id=CVE-2024-27013
01 May 2024 — In the Linux kernel, the following vulnerability has been resolved: tun: limit printing rate when illegal packet received by tun dev vhost_worker will call tun call backs to receive packets. If too many illegal packets arrives, tun_do_read will keep dumping packet contents. When console is enabled, it will costs much more cpu time to dump packet and soft lockup will be detected. net_ratelimit mechanism can be used to limit the dumping rate. PID: 33036 TASK: ffff949da6f20000 CPU: 23 COMMAND: "vhost-32980" #0... • https://git.kernel.org/stable/c/ef3db4a5954281bc1ea49a4739c88eaea091dc71 • CWE-770: Allocation of Resources Without Limits or Throttling •
CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 0CVE-2024-27010 – net/sched: Fix mirred deadlock on device recursion
https://notcve.org/view.php?id=CVE-2024-27010
01 May 2024 — In the Linux kernel, the following vulnerability has been resolved: net/sched: Fix mirred deadlock on device recursion When the mirred action is used on a classful egress qdisc and a packet is mirrored or redirected to self we hit a qdisc lock deadlock. See trace below. [..... other info removed for brevity....] [ 82.890906] [ 82.890906] ============================================ [ 82.890906] WARNING: possible recursive locking detected [ 82.890906] 6.8.0-05205-g77fadd89fe2d-dirty #213 Tainted: G W [ 82.8... • https://git.kernel.org/stable/c/e578d9c02587d57bfa7b560767c698a668a468c6 •
CVSS: 5.5EPSS: 0%CPEs: 8EXPL: 0CVE-2024-27008 – drm: nv04: Fix out of bounds access
https://notcve.org/view.php?id=CVE-2024-27008
01 May 2024 — In the Linux kernel, the following vulnerability has been resolved: drm: nv04: Fix out of bounds access When Output Resource (dcb->or) value is assigned in fabricate_dcb_output(), there may be out of bounds access to dac_users array in case dcb->or is zero because ffs(dcb->or) is used as index there. The 'or' argument of fabricate_dcb_output() must be interpreted as a number of bit to set, not value. Utilize macros from 'enum nouveau_or' in calls instead of hardcoding. Found by Linux Verification Center (li... • https://git.kernel.org/stable/c/2e5702aff39532662198459726c624d5eadbdd78 •