CVSS: -EPSS: 0%CPEs: 4EXPL: 0CVE-2024-56584 – io_uring/tctx: work around xa_store() allocation error issue
https://notcve.org/view.php?id=CVE-2024-56584
27 Dec 2024 — In the Linux kernel, the following vulnerability has been resolved: io_uring/tctx: work around xa_store() allocation error issue syzbot triggered the following WARN_ON: WARNING: CPU: 0 PID: 16 at io_uring/tctx.c:51 __io_uring_free+0xfa/0x140 io_uring/tctx.c:51 which is the WARN_ON_ONCE(!xa_empty(&tctx->xa)); sanity check in __io_uring_free() when a io_uring_task is going through its final put. The syzbot test case includes injecting memory allocation failures, and it very much looks like xa_store() ca... • https://git.kernel.org/stable/c/94ad56f61b873ffeebcc620d451eacfbdf9d40f0 •
CVSS: -EPSS: 0%CPEs: 4EXPL: 0CVE-2024-56583 – sched/deadline: Fix warning in migrate_enable for boosted tasks
https://notcve.org/view.php?id=CVE-2024-56583
27 Dec 2024 — In the Linux kernel, the following vulnerability has been resolved: sched/deadline: Fix warning in migrate_enable for boosted tasks When running the following command: while true; do stress-ng --cyclic 30 --timeout 30s --minimize --quiet done a warning is eventually triggered: WARNING: CPU: 43 PID: 2848 at kernel/sched/deadline.c:794 setup_new_dl_entity+0x13e/0x180 ... Call Trace:
CVSS: -EPSS: 0%CPEs: 2EXPL: 0CVE-2024-56582 – btrfs: fix use-after-free in btrfs_encoded_read_endio()
https://notcve.org/view.php?id=CVE-2024-56582
27 Dec 2024 — In the Linux kernel, the following vulnerability has been resolved: btrfs: fix use-after-free in btrfs_encoded_read_endio() Shinichiro reported the following use-after free that sometimes is happening in our CI system when running fstests' btrfs/284 on a TCMU runner device: BUG: KASAN: slab-use-after-free in lock_release+0x708/0x780 Read of size 8 at addr ffff888106a83f18 by task kworker/u80:6/219 CPU: 8 UID: 0 PID: 219 Comm: kworker/u80:6 Not tainted 6.12.0-rc6-kts+ #15 Hardware name: Supermicr... • https://git.kernel.org/stable/c/1881fba89bd5dcd364d2e1bf561912a90a11c21a •
CVSS: -EPSS: 0%CPEs: 7EXPL: 0CVE-2024-56581 – btrfs: ref-verify: fix use-after-free after invalid ref action
https://notcve.org/view.php?id=CVE-2024-56581
27 Dec 2024 — In the Linux kernel, the following vulnerability has been resolved: btrfs: ref-verify: fix use-after-free after invalid ref action At btrfs_ref_tree_mod() after we successfully inserted the new ref entry (local variable 'ref') into the respective block entry's rbtree (local variable 'be'), if we find an unexpected action of BTRFS_DROP_DELAYED_REF, we error out and free the ref entry without removing it from the block entry's rbtree. Then in the error path of btrfs_ref_tree_mod() we call btrfs_free_ref_cac... • https://git.kernel.org/stable/c/fd708b81d972a0714b02a60eb4792fdbf15868c4 •
CVSS: -EPSS: 0%CPEs: 4EXPL: 0CVE-2024-56579 – media: amphion: Set video drvdata before register video device
https://notcve.org/view.php?id=CVE-2024-56579
27 Dec 2024 — In the Linux kernel, the following vulnerability has been resolved: media: amphion: Set video drvdata before register video device The video drvdata should be set before the video device is registered, otherwise video_drvdata() may return NULL in the open() file ops, and led to oops. • https://git.kernel.org/stable/c/3cd084519c6f91cbef9d604bcf26844fa81d4922 •
CVSS: -EPSS: 0%CPEs: 5EXPL: 0CVE-2024-56578 – media: imx-jpeg: Set video drvdata before register video device
https://notcve.org/view.php?id=CVE-2024-56578
27 Dec 2024 — In the Linux kernel, the following vulnerability has been resolved: media: imx-jpeg: Set video drvdata before register video device The video drvdata should be set before the video device is registered, otherwise video_drvdata() may return NULL in the open() file ops, and led to oops. • https://git.kernel.org/stable/c/2db16c6ed72ce644d5639b3ed15e5817442db4ba •
CVSS: -EPSS: 0%CPEs: 3EXPL: 0CVE-2024-56577 – media: mtk-jpeg: Fix null-ptr-deref during unload module
https://notcve.org/view.php?id=CVE-2024-56577
27 Dec 2024 — In the Linux kernel, the following vulnerability has been resolved: media: mtk-jpeg: Fix null-ptr-deref during unload module The workqueue should be destroyed in mtk_jpeg_core.c since commit 09aea13ecf6f ("media: mtk-jpeg: refactor some variables"), otherwise the below calltrace can be easily triggered. [ 677.862514] Unable to handle kernel paging request at virtual address dfff800000000023 [ 677.863633] KASAN: null-ptr-deref in range [0x0000000000000118-0x000000000000011f] ... [ 677.879654] CPU: 6 PI... • https://git.kernel.org/stable/c/09aea13ecf6f89ed7f18114953695563f64f461c •
CVSS: -EPSS: 0%CPEs: 7EXPL: 0CVE-2024-56576 – media: i2c: tc358743: Fix crash in the probe error path when using polling
https://notcve.org/view.php?id=CVE-2024-56576
27 Dec 2024 — In the Linux kernel, the following vulnerability has been resolved: media: i2c: tc358743: Fix crash in the probe error path when using polling If an error occurs in the probe() function, we should remove the polling timer that was alarmed earlier, otherwise the timer is called with arguments that are already freed, which results in a crash. ------------[ cut here ]------------ WARNING: CPU: 3 PID: 0 at kernel/time/timer.c:1830 __run_timers+0x244/0x268 Modules linked in: CPU: 3 UID: 0 PID: 0 Comm: swapper... • https://git.kernel.org/stable/c/4e66a52a2e4c832dfa35a39204d0f7ce717d4a4a •
CVSS: -EPSS: 0%CPEs: 5EXPL: 0CVE-2024-56575 – media: imx-jpeg: Ensure power suppliers be suspended before detach them
https://notcve.org/view.php?id=CVE-2024-56575
27 Dec 2024 — In the Linux kernel, the following vulnerability has been resolved: media: imx-jpeg: Ensure power suppliers be suspended before detach them The power suppliers are always requested to suspend asynchronously, dev_pm_domain_detach() requires the caller to ensure proper synchronization of this function with power management callbacks. otherwise the detach may led to kernel panic, like below: [ 1457.107934] Unable to handle kernel NULL pointer dereference at virtual address 0000000000000040 [ 1457.116777] Me... • https://git.kernel.org/stable/c/2db16c6ed72ce644d5639b3ed15e5817442db4ba •
CVSS: -EPSS: 0%CPEs: 7EXPL: 0CVE-2024-56574 – media: ts2020: fix null-ptr-deref in ts2020_probe()
https://notcve.org/view.php?id=CVE-2024-56574
27 Dec 2024 — In the Linux kernel, the following vulnerability has been resolved: media: ts2020: fix null-ptr-deref in ts2020_probe() KASAN reported a null-ptr-deref issue when executing the following command: # echo ts2020 0x20 > /sys/bus/i2c/devices/i2c-0/new_device KASAN: null-ptr-deref in range [0x0000000000000010-0x0000000000000017] CPU: 53 UID: 0 PID: 970 Comm: systemd-udevd Not tainted 6.12.0-rc2+ #24 Hardware name: QEMU Standard PC (Q35 + ICH9, 2009) RIP: 0010:ts2020_probe+0xad/0xe10 [ts2020]... • https://git.kernel.org/stable/c/dc245a5f9b5163511e0c164c8aa47848f07b75a9 •