CVSS: 4.7EPSS: 0%CPEs: 8EXPL: 0CVE-2024-44954 – ALSA: line6: Fix racy access to midibuf
https://notcve.org/view.php?id=CVE-2024-44954
04 Sep 2024 — In the Linux kernel, the following vulnerability has been resolved: ALSA: line6: Fix racy access to midibuf There can be concurrent accesses to line6 midibuf from both the URB completion callback and the rawmidi API access. This could be a cause of KMSAN warning triggered by syzkaller below (so put as reported-by here). This patch protects the midibuf call of the former code path with a spinlock for avoiding the possible races. In the Linux kernel, the following vulnerability has been resolved: ALSA: line6:... • https://git.kernel.org/stable/c/643293b68fbb6c03f5e907736498da17d43f0d81 •
CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 0CVE-2024-44953 – scsi: ufs: core: Fix deadlock during RTC update
https://notcve.org/view.php?id=CVE-2024-44953
04 Sep 2024 — In the Linux kernel, the following vulnerability has been resolved: scsi: ufs: core: Fix deadlock during RTC update There is a deadlock when runtime suspend waits for the flush of RTC work, and the RTC work calls ufshcd_rpm_get_sync() to wait for runtime resume. Here is deadlock backtrace: kworker/0:1 D 4892.876354 10 10971 4859 0x4208060 0x8 10 0 120 670730152367 ptr f0ffff80c2e40000 0 1 0x00000001 0x000000ff 0x000000ff 0x000000ff
CVSS: 7.8EPSS: 0%CPEs: 5EXPL: 0CVE-2024-44951 – serial: sc16is7xx: fix TX fifo corruption
https://notcve.org/view.php?id=CVE-2024-44951
04 Sep 2024 — In the Linux kernel, the following vulnerability has been resolved: serial: sc16is7xx: fix TX fifo corruption Sometimes, when a packet is received on channel A at almost the same time as a packet is about to be transmitted on channel B, we observe with a logic analyzer that the received packet on channel A is transmitted on channel B. In other words, the Tx buffer data on channel B is corrupted with data from channel A. The problem appeared since commit 4409df5866b7 ("serial: sc16is7xx: change EFR lock to o... • https://git.kernel.org/stable/c/4409df5866b7ff7686ba27e449ca97a92ee063c9 •
CVSS: 5.5EPSS: 0%CPEs: 4EXPL: 0CVE-2024-44950 – serial: sc16is7xx: fix invalid FIFO access with special register set
https://notcve.org/view.php?id=CVE-2024-44950
04 Sep 2024 — In the Linux kernel, the following vulnerability has been resolved: serial: sc16is7xx: fix invalid FIFO access with special register set When enabling access to the special register set, Receiver time-out and RHR interrupts can happen. In this case, the IRQ handler will try to read from the FIFO thru the RHR register at address 0x00, but address 0x00 is mapped to DLL register, resulting in erroneous FIFO reading. Call graph example: sc16is7xx_startup(): entry sc16is7xx_ms_proc(): entry sc16is7xx_set_termios... • https://git.kernel.org/stable/c/dfeae619d781dee61666d5551b93ba3be755a86b •
CVSS: 7.8EPSS: 0%CPEs: 6EXPL: 0CVE-2024-44949 – parisc: fix a possible DMA corruption
https://notcve.org/view.php?id=CVE-2024-44949
04 Sep 2024 — In the Linux kernel, the following vulnerability has been resolved: parisc: fix a possible DMA corruption ARCH_DMA_MINALIGN was defined as 16 - this is too small - it may be possible that two unrelated 16-byte allocations share a cache line. If one of these allocations is written using DMA and the other is written using cached write, the value that was written with DMA may be corrupted. This commit changes ARCH_DMA_MINALIGN to be 128 on PA20 and 32 on PA1.1 - that's the largest possible cache line size. As ... • https://git.kernel.org/stable/c/dadac97f066a67334268132c1e2d0fd599fbcbec •
CVSS: 5.5EPSS: 0%CPEs: 8EXPL: 0CVE-2024-44948 – x86/mtrr: Check if fixed MTRRs exist before saving them
https://notcve.org/view.php?id=CVE-2024-44948
04 Sep 2024 — In the Linux kernel, the following vulnerability has been resolved: x86/mtrr: Check if fixed MTRRs exist before saving them MTRRs have an obsolete fixed variant for fine grained caching control of the 640K-1MB region that uses separate MSRs. This fixed variant has a separate capability bit in the MTRR capability MSR. So far all x86 CPUs which support MTRR have this separate bit set, so it went unnoticed that mtrr_save_state() does not check the capability bit before accessing the fixed MTRR MSRs. Though on ... • https://git.kernel.org/stable/c/2b1f6278d77c1f2f669346fc2bb48012b5e9495a •
CVSS: 5.5EPSS: 0%CPEs: 8EXPL: 1CVE-2024-44947 – fuse: Initialize beyond-EOF page contents before setting uptodate
https://notcve.org/view.php?id=CVE-2024-44947
02 Sep 2024 — In the Linux kernel, the following vulnerability has been resolved: fuse: Initialize beyond-EOF page contents before setting uptodate fuse_notify_store(), unlike fuse_do_readpage(), does not enable page zeroing (because it can be used to change partial page contents). So fuse_notify_store() must be more careful to fully initialize page contents (including parts of the page that are beyond end-of-file) before marking the page uptodate. The current code can leave beyond-EOF page contents uninitialized, which ... • https://github.com/Abdurahmon3236/CVE-2024-44947 • CWE-402: Transmission of Private Resources into a New Sphere ('Resource Leak') •
CVSS: 5.5EPSS: 0%CPEs: 8EXPL: 1CVE-2024-44946 – kcm: Serialise kcm_sendmsg() for the same socket.
https://notcve.org/view.php?id=CVE-2024-44946
31 Aug 2024 — In the Linux kernel, the following vulnerability has been resolved: kcm: Serialise kcm_sendmsg() for the same socket. syzkaller reported UAF in kcm_release(). [0] The scenario is 1. Thread A builds a skb with MSG_MORE and sets kcm->seq_skb. 2. Thread A resumes building skb from kcm->seq_skb but is blocked by sk_stream_wait_memory() 3. Thread B calls sendmsg() concurrently, finishes building kcm->seq_skb and puts the skb to the write queue 4. Thread A faces an error and finally frees skb that is already in t... • https://github.com/Abdurahmon3236/CVE-2024-44946 •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2024-44945 – netfilter: nfnetlink: Initialise extack before use in ACKs
https://notcve.org/view.php?id=CVE-2024-44945
31 Aug 2024 — In the Linux kernel, the following vulnerability has been resolved: netfilter: nfnetlink: Initialise extack before use in ACKs Add missing extack initialisation when ACKing BATCH_BEGIN and BATCH_END. • https://git.kernel.org/stable/c/bf2ac490d28c21a349e9eef81edc45320fca4a3c •
CVSS: 5.5EPSS: 0%CPEs: 5EXPL: 0CVE-2022-48944 – sched: Fix yet more sched_fork() races
https://notcve.org/view.php?id=CVE-2022-48944
30 Aug 2024 — In the Linux kernel, the following vulnerability has been resolved: sched: Fix yet more sched_fork() races Where commit 4ef0c5c6b5ba ("kernel/sched: Fix sched_fork() access an invalid sched_task_group") fixed a fork race vs cgroup, it opened up a race vs syscalls by not placing the task on the runqueue before it gets exposed through the pidhash. Commit 13765de8148f ("sched/fair: Fix fault in reweight_entity") is trying to fix a single instance of this, instead fix the whole class of issues, effectively reve... • https://git.kernel.org/stable/c/3869eecf050416a1d19bac60926f6b5d64b0aa58 •