CVSS: 4.4EPSS: 0%CPEs: 6EXPL: 0CVE-2024-53052 – io_uring/rw: fix missing NOWAIT check for O_DIRECT start write
https://notcve.org/view.php?id=CVE-2024-53052
19 Nov 2024 — In the Linux kernel, the following vulnerability has been resolved: io_uring/rw: fix missing NOWAIT check for O_DIRECT start write When io_uring starts a write, it'll call kiocb_start_write() to bump the super block rwsem, preventing any freezes from happening while that write is in-flight. The freeze side will grab that rwsem for writing, excluding any new writers from happening and waiting for existing writes to finish. But io_uring unconditionally uses kiocb_start_write(), which will block if someone is ... • https://git.kernel.org/stable/c/485d9232112b17f389b29497ff41b97b3189546b •
CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 0CVE-2024-53051 – drm/i915/hdcp: Add encoder check in intel_hdcp_get_capability
https://notcve.org/view.php?id=CVE-2024-53051
19 Nov 2024 — In the Linux kernel, the following vulnerability has been resolved: drm/i915/hdcp: Add encoder check in intel_hdcp_get_capability Sometimes during hotplug scenario or suspend/resume scenario encoder is not always initialized when intel_hdcp_get_capability add a check to avoid kernel null pointer dereference. In the Linux kernel, the following vulnerability has been resolved: drm/i915/hdcp: Add encoder check in intel_hdcp_get_capability Sometimes during hotplug scenario or suspend/resume scenario encoder is ... • https://git.kernel.org/stable/c/4912e8fb3c37fb2dedf48d9c18bbbecd70e720f8 •
CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 0CVE-2024-53050 – drm/i915/hdcp: Add encoder check in hdcp2_get_capability
https://notcve.org/view.php?id=CVE-2024-53050
19 Nov 2024 — In the Linux kernel, the following vulnerability has been resolved: drm/i915/hdcp: Add encoder check in hdcp2_get_capability Add encoder check in intel_hdcp2_get_capability to avoid null pointer error. In the Linux kernel, the following vulnerability has been resolved: drm/i915/hdcp: Add encoder check in hdcp2_get_capability Add encoder check in intel_hdcp2_get_capability to avoid null pointer error. • https://git.kernel.org/stable/c/5b89dcf23575eb5bb95ce8d672cbc2232c2eb096 •
CVSS: 7.8EPSS: 0%CPEs: 8EXPL: 0CVE-2024-50299 – sctp: properly validate chunk size in sctp_sf_ootb()
https://notcve.org/view.php?id=CVE-2024-50299
19 Nov 2024 — In the Linux kernel, the following vulnerability has been resolved: sctp: properly validate chunk size in sctp_sf_ootb() A size validation fix similar to that in Commit 50619dbf8db7 ("sctp: add size validation when walking chunks") is also required in sctp_sf_ootb() to address a crash reported by syzbot: BUG: KMSAN: uninit-value in sctp_sf_ootb+0x7f5/0xce0 net/sctp/sm_statefuns.c:3712 sctp_sf_ootb+0x7f5/0xce0 net/sctp/sm_statefuns.c:3712 sctp_do_sm+0x181/0x93d0 net/sctp/sm_sideeffect.c:1166 sctp_endpoint_bh... • https://git.kernel.org/stable/c/1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 •
CVSS: 7.1EPSS: 0%CPEs: 8EXPL: 0CVE-2024-50290 – media: cx24116: prevent overflows on SNR calculus
https://notcve.org/view.php?id=CVE-2024-50290
19 Nov 2024 — In the Linux kernel, the following vulnerability has been resolved: media: cx24116: prevent overflows on SNR calculus as reported by Coverity, if reading SNR registers fail, a negative number will be returned, causing an underflow when reading SNR registers. Prevent that. In the Linux kernel, the following vulnerability has been resolved: media: cx24116: prevent overflows on SNR calculus as reported by Coverity, if reading SNR registers fail, a negative number will be returned, causing an underflow when rea... • https://git.kernel.org/stable/c/8953db793d5bdeea5ac92c9e97f57d3ff8a7dccf •
CVSS: 7.1EPSS: 0%CPEs: 2EXPL: 0CVE-2024-50289 – media: av7110: fix a spectre vulnerability
https://notcve.org/view.php?id=CVE-2024-50289
19 Nov 2024 — In the Linux kernel, the following vulnerability has been resolved: media: av7110: fix a spectre vulnerability As warned by smatch: drivers/staging/media/av7110/av7110_ca.c:270 dvb_ca_ioctl() warn: potential spectre issue 'av7110->ci_slot' [w] (local cap) There is a spectre-related vulnerability at the code. Fix it. • https://git.kernel.org/stable/c/1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 •
CVSS: 7.8EPSS: 0%CPEs: 8EXPL: 0CVE-2024-50282 – drm/amdgpu: add missing size check in amdgpu_debugfs_gprwave_read()
https://notcve.org/view.php?id=CVE-2024-50282
19 Nov 2024 — In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: add missing size check in amdgpu_debugfs_gprwave_read() Avoid a possible buffer overflow if size is larger than 4K. (cherry picked from commit f5d873f5825b40d886d03bd2aede91d4cf002434) • https://git.kernel.org/stable/c/673bdb4200c092692f83b5f7ba3df57021d52d29 •
CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 0CVE-2024-50277 – dm: fix a crash if blk_alloc_disk fails
https://notcve.org/view.php?id=CVE-2024-50277
19 Nov 2024 — In the Linux kernel, the following vulnerability has been resolved: dm: fix a crash if blk_alloc_disk fails If blk_alloc_disk fails, the variable md->disk is set to an error value. cleanup_mapped_device will see that md->disk is non-NULL and it will attempt to access it, causing a crash on this statement "md->disk->private_data = NULL;". In the Linux kernel, the following vulnerability has been resolved: dm: fix a crash if blk_alloc_disk fails If blk_alloc_disk fails, the variable md->disk is set to an erro... • https://git.kernel.org/stable/c/d7aec2a06730b774a97caaf48cbbc58330a85829 •
CVSS: 7.8EPSS: 0%CPEs: 8EXPL: 0CVE-2024-50267 – USB: serial: io_edgeport: fix use after free in debug printk
https://notcve.org/view.php?id=CVE-2024-50267
19 Nov 2024 — In the Linux kernel, the following vulnerability has been resolved: USB: serial: io_edgeport: fix use after free in debug printk The "dev_dbg(&urb->dev->dev, ..." which happens after usb_free_urb(urb) is a use after free of the "urb" pointer. Store the "dev" pointer at the start of the function to avoid this issue. In the Linux kernel, the following vulnerability has been resolved: USB: serial: io_edgeport: fix use after free in debug printk The "dev_dbg(&urb->dev->dev, ..." which happens after usb_free_urb... • https://git.kernel.org/stable/c/984f68683298ba53af32f909de1f9452fbb37ccb • CWE-416: Use After Free •
CVSS: 9.0EPSS: 0%CPEs: 8EXPL: 0CVE-2024-50265 – ocfs2: remove entry once instead of null-ptr-dereference in ocfs2_xa_remove()
https://notcve.org/view.php?id=CVE-2024-50265
19 Nov 2024 — In the Linux kernel, the following vulnerability has been resolved: ocfs2: remove entry once instead of null-ptr-dereference in ocfs2_xa_remove() Syzkaller is able to provoke null-ptr-dereference in ocfs2_xa_remove(): [ 57.319872] (a.out,1161,7):ocfs2_xa_remove:2028 ERROR: status = -12 [ 57.320420] (a.out,1161,7):ocfs2_xa_cleanup_value_truncate:1999 ERROR: Partial truncate while removing xattr overlay.upper. Leaking 1 clusters and removing the entry [ 57.321727] BUG: kernel NULL pointer dereference, address... • https://git.kernel.org/stable/c/399ff3a748cf4c8c853e96dd477153202636527b •