CVE-2024-42279 – spi: microchip-core: ensure TX and RX FIFOs are empty at start of a transfer
https://notcve.org/view.php?id=CVE-2024-42279
In the Linux kernel, the following vulnerability has been resolved: spi: microchip-core: ensure TX and RX FIFOs are empty at start of a transfer While transmitting with rx_len == 0, the RX FIFO is not going to be emptied in the interrupt handler. A subsequent transfer could then read crap from the previous transfer out of the RX FIFO into the start RX buffer. The core provides a register that will empty the RX and TX FIFOs, so do that before each transfer. • https://git.kernel.org/stable/c/9ac8d17694b66d54b13e9718b25c14ca36dbebbd https://git.kernel.org/stable/c/3feda3677e8bbe833c3a62a4091377a08f015b80 https://git.kernel.org/stable/c/45e03d35229b680b79dfea1103a1f2f07d0b5d75 https://git.kernel.org/stable/c/9cf71eb0faef4bff01df4264841b8465382d7927 •
CVE-2024-42278 – ASoC: TAS2781: Fix tasdev_load_calibrated_data()
https://notcve.org/view.php?id=CVE-2024-42278
In the Linux kernel, the following vulnerability has been resolved: ASoC: TAS2781: Fix tasdev_load_calibrated_data() This function has a reversed if statement so it's either a no-op or it leads to a NULL dereference. • https://git.kernel.org/stable/c/57847c2ec5fb5e951fe9028f9e587e3e878d9129 https://git.kernel.org/stable/c/b195acf5266d2dee4067f89345c3e6b88d925311 https://git.kernel.org/stable/c/ddcf2bb619e3955f0e372d4bd8558758fd56303f https://git.kernel.org/stable/c/6d98741dbd1309a6f2d7cffbb10a8f036ec3ca06 https://git.kernel.org/stable/c/51be301d29d674ff328dfcf23705851f326f35b3 https://git.kernel.org/stable/c/92c78222168e9035a9bfb8841c2e56ce23e51f73 •
CVE-2024-42277 – iommu: sprd: Avoid NULL deref in sprd_iommu_hw_en
https://notcve.org/view.php?id=CVE-2024-42277
In the Linux kernel, the following vulnerability has been resolved: iommu: sprd: Avoid NULL deref in sprd_iommu_hw_en In sprd_iommu_cleanup() before calling function sprd_iommu_hw_en() dom->sdev is equal to NULL, which leads to null dereference. Found by Linux Verification Center (linuxtesting.org) with SVACE. • https://git.kernel.org/stable/c/92c089a931fd3939cd32318cf4f54e69e8f51a19 https://git.kernel.org/stable/c/8745f3592ee4a7b49ede16ddd3f12a41ecaa23c9 https://git.kernel.org/stable/c/9afea57384d4ae7b2034593eac7fa76c7122762a https://git.kernel.org/stable/c/d0a917fd5e3b3ed9d9306b4260ba684b982da9f3 https://git.kernel.org/stable/c/8c79ceb4ecf823e6ec10fee6febb0fca3de79922 https://git.kernel.org/stable/c/dfe90030a0cfa26dca4cb6510de28920e5ad22fb https://git.kernel.org/stable/c/b62841e49a2b7938f6fdeaaf93fb57e4eb880bdb https://git.kernel.org/stable/c/d5fe884ce28c5005f8582c35333c195a1 •
CVE-2024-42276 – nvme-pci: add missing condition check for existence of mapped data
https://notcve.org/view.php?id=CVE-2024-42276
In the Linux kernel, the following vulnerability has been resolved: nvme-pci: add missing condition check for existence of mapped data nvme_map_data() is called when request has physical segments, hence the nvme_unmap_data() should have same condition to avoid dereference. • https://git.kernel.org/stable/c/4aedb705437f6f98b45f45c394e6803ca67abd33 https://git.kernel.org/stable/c/3f8ec1d6b0ebd8268307d52be8301973fa5a01ec https://git.kernel.org/stable/c/be23ae63080e0bf9e246ab20207200bca6585eba https://git.kernel.org/stable/c/7cc1f4cd90a00b6191cb8cda2d1302fdce59361c https://git.kernel.org/stable/c/d135c3352f7c947a922da93c8e763ee6bc208b64 https://git.kernel.org/stable/c/77848b379e9f85a08048a2c8b3b4a7e8396f5f83 https://git.kernel.org/stable/c/70100fe721840bf6d8e5abd25b8bffe4d2e049b7 https://git.kernel.org/stable/c/c31fad1470389666ac7169fe43aa65bf5 •
CVE-2023-52889 – apparmor: Fix null pointer deref when receiving skb during sock creation
https://notcve.org/view.php?id=CVE-2023-52889
In the Linux kernel, the following vulnerability has been resolved: apparmor: Fix null pointer deref when receiving skb during sock creation The panic below is observed when receiving ICMP packets with secmark set while an ICMP raw socket is being created. SK_CTX(sk)->label is updated in apparmor_socket_post_create(), but the packet is delivered to the socket before that, causing the null pointer dereference. Drop the packet if label context is not set. BUG: kernel NULL pointer dereference, address: 000000000000004c #PF: supervisor read access in kernel mode #PF: error_code(0x0000) - not-present page PGD 0 P4D 0 Oops: 0000 [#1] PREEMPT SMP NOPTI CPU: 0 PID: 407 Comm: a.out Not tainted 6.4.12-arch1-1 #1 3e6fa2753a2d75925c34ecb78e22e85a65d083df Hardware name: VMware, Inc. VMware Virtual Platform/440BX Desktop Reference Platform, BIOS 6.00 05/28/2020 RIP: 0010:aa_label_next_confined+0xb/0x40 Code: 00 00 48 89 ef e8 d5 25 0c 00 e9 66 ff ff ff 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 66 0f 1f 00 0f 1f 44 00 00 89 f0 <8b> 77 4c 39 c6 7e 1f 48 63 d0 48 8d 14 d7 eb 0b 83 c0 01 48 83 c2 RSP: 0018:ffffa92940003b08 EFLAGS: 00010246 RAX: 0000000000000000 RBX: 0000000000000000 RCX: 000000000000000e RDX: ffffa92940003be8 RSI: 0000000000000000 RDI: 0000000000000000 RBP: ffff8b57471e7800 R08: ffff8b574c642400 R09: 0000000000000002 R10: ffffffffbd820eeb R11: ffffffffbeb7ff00 R12: ffff8b574c642400 R13: 0000000000000001 R14: 0000000000000001 R15: 0000000000000000 FS: 00007fb092ea7640(0000) GS:ffff8b577bc00000(0000) knlGS:0000000000000000 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: 000000000000004c CR3: 00000001020f2005 CR4: 00000000007706f0 PKRU: 55555554 Call Trace: <IRQ> ? __die+0x23/0x70 ? page_fault_oops+0x171/0x4e0 ? • https://git.kernel.org/stable/c/ab9f2115081ab7ba63b77a759e0f3eb5d6463d7f https://git.kernel.org/stable/c/0abe35bc48d4ec80424b1f4b3560c0e082cbd5c1 https://git.kernel.org/stable/c/347dcb84a4874b5fb375092c08d8cc4069b94f81 https://git.kernel.org/stable/c/290a6b88e8c19b6636ed1acc733d1458206f7697 https://git.kernel.org/stable/c/ead2ad1d9f045f26fdce3ef1644913b3a6cd38f2 https://git.kernel.org/stable/c/6c920754f62cefc63fccdc38a062c7c3452e2961 https://git.kernel.org/stable/c/46c17ead5b7389e22e7dc9903fd0ba865d05bda2 https://git.kernel.org/stable/c/fce09ea314505a52f2436397608fa0a5d •