CVSS: 4.4EPSS: 0%CPEs: 4EXPL: 0CVE-2024-42230 – powerpc/pseries: Fix scv instruction crash with kexec
https://notcve.org/view.php?id=CVE-2024-42230
30 Jul 2024 — In the Linux kernel, the following vulnerability has been resolved: powerpc/pseries: Fix scv instruction crash with kexec kexec on pseries disables AIL (reloc_on_exc), required for scv instruction support, before other CPUs have been shut down. This means they can execute scv instructions after AIL is disabled, which causes an interrupt at an unexpected entry location that crashes the kernel. Change the kexec sequence to disable AIL after other CPUs have been brought down. As a refresher, the real-mode scv ... • https://git.kernel.org/stable/c/7fa95f9adaee7e5cbb195d3359741120829e488b •
CVSS: 4.1EPSS: 0%CPEs: 8EXPL: 0CVE-2024-42229 – crypto: aead,cipher - zeroize key buffer after use
https://notcve.org/view.php?id=CVE-2024-42229
30 Jul 2024 — In the Linux kernel, the following vulnerability has been resolved: crypto: aead,cipher - zeroize key buffer after use I.G 9.7.B for FIPS 140-3 specifies that variables temporarily holding cryptographic information should be zeroized once they are no longer needed. Accomplish this by using kfree_sensitive for buffers that previously held the private key. In the Linux kernel, the following vulnerability has been resolved: crypto: aead,cipher - zeroize key buffer after use I.G 9.7.B for FIPS 140-3 specifies t... • https://git.kernel.org/stable/c/89b9b6fa4463daf820e6a5ef65c3b0c2db239513 •
CVSS: 7.0EPSS: 0%CPEs: 8EXPL: 0CVE-2024-42228 – drm/amdgpu: Using uninitialized value *size when calling amdgpu_vce_cs_reloc
https://notcve.org/view.php?id=CVE-2024-42228
30 Jul 2024 — In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Using uninitialized value *size when calling amdgpu_vce_cs_reloc Initialize the size before calling amdgpu_vce_cs_reloc, such as case 0x03000001. V2: To really improve the handling we would actually need to have a separate value of 0xffffffff.(Christian) A vulnerability was found in the Linux kernel's amdgpu driver in the amdgpu_vce_ring_parse_cs() function where the size variable is initialized with a pointer that may not be pr... • https://git.kernel.org/stable/c/d35cf41c8eb5d9fe95b21ae6ee2910f9ba4878e8 • CWE-457: Use of Uninitialized Variable •
CVSS: 4.7EPSS: 0%CPEs: 2EXPL: 0CVE-2024-42227 – drm/amd/display: Fix overlapping copy within dml_core_mode_programming
https://notcve.org/view.php?id=CVE-2024-42227
30 Jul 2024 — In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Fix overlapping copy within dml_core_mode_programming [WHY] &mode_lib->mp.Watermark and &locals->Watermark are the same address. memcpy may lead to unexpected behavior. [HOW] memmove should be used. In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Fix overlapping copy within dml_core_mode_programming [WHY] &mode_lib->mp.Watermark and &locals->Watermark are the same address. memcpy may lea... • https://git.kernel.org/stable/c/9342da15f2491d8600eca89c8e0da08876fb969b •
CVSS: 7.5EPSS: 0%CPEs: 5EXPL: 0CVE-2024-42225 – wifi: mt76: replace skb_put with skb_put_zero
https://notcve.org/view.php?id=CVE-2024-42225
30 Jul 2024 — In the Linux kernel, the following vulnerability has been resolved: wifi: mt76: replace skb_put with skb_put_zero Avoid potentially reusing uninitialized data A potential flaw was found in the Linux kernel’s MediaTek WiFi, where it was reusing uninitialized data. This flaw allows a local user to gain unauthorized access to some data potentially. Ubuntu Security Notice 7156-1 - Chenyuan Yang discovered that the USB Gadget subsystem in the Linux kernel did not properly check for the device to be enabled befor... • https://git.kernel.org/stable/c/dc7f14d00d0c4c21898f3504607f4a31079065a2 • CWE-457: Use of Uninitialized Variable •
CVSS: 6.1EPSS: 0%CPEs: 8EXPL: 0CVE-2024-42224 – net: dsa: mv88e6xxx: Correct check for empty list
https://notcve.org/view.php?id=CVE-2024-42224
30 Jul 2024 — In the Linux kernel, the following vulnerability has been resolved: net: dsa: mv88e6xxx: Correct check for empty list Since commit a3c53be55c95 ("net: dsa: mv88e6xxx: Support multiple MDIO busses") mv88e6xxx_default_mdio_bus() has checked that the return value of list_first_entry() is non-NULL. This appears to be intended to guard against the list chip->mdios being empty. However, it is not the correct check as the implementation of list_first_entry is not designed to return NULL for empty lists. Instead, u... • https://git.kernel.org/stable/c/47d28dde172696031c880c5778633cdca30394ee •
CVSS: 5.5EPSS: 0%CPEs: 8EXPL: 0CVE-2024-42223 – media: dvb-frontends: tda10048: Fix integer overflow
https://notcve.org/view.php?id=CVE-2024-42223
30 Jul 2024 — In the Linux kernel, the following vulnerability has been resolved: media: dvb-frontends: tda10048: Fix integer overflow state->xtal_hz can be up to 16M, so it can overflow a 32 bit integer when multiplied by pll_mfactor. Create a new 64 bit variable to hold the calculations. In the Linux kernel, the following vulnerability has been resolved: media: dvb-frontends: tda10048: Fix integer overflow state->xtal_hz can be up to 16M, so it can overflow a 32 bit integer when multiplied by pll_mfactor. Create a new ... • https://git.kernel.org/stable/c/8167e4d7dc086d4f7ca7897dcff3827e4d22c99a •
CVSS: 7.0EPSS: 0%CPEs: 2EXPL: 0CVE-2024-42162 – gve: Account for stopped queues when reading NIC stats
https://notcve.org/view.php?id=CVE-2024-42162
30 Jul 2024 — In the Linux kernel, the following vulnerability has been resolved: gve: Account for stopped queues when reading NIC stats We now account for the fact that the NIC might send us stats for a subset of queues. Without this change, gve_get_ethtool_stats might make an invalid access on the priv->stats_report->stats array. In the Linux kernel, the following vulnerability has been resolved: gve: Account for stopped queues when reading NIC stats We now account for the fact that the NIC might send us stats for a su... • https://git.kernel.org/stable/c/32675d828c8a392e20d5b42375ed112c407e4b62 •
CVSS: 6.3EPSS: 0%CPEs: 6EXPL: 0CVE-2024-42161 – bpf: Avoid uninitialized value in BPF_CORE_READ_BITFIELD
https://notcve.org/view.php?id=CVE-2024-42161
30 Jul 2024 — In the Linux kernel, the following vulnerability has been resolved: bpf: Avoid uninitialized value in BPF_CORE_READ_BITFIELD [Changes from V1: - Use a default branch in the switch statement to initialize `val'.] GCC warns that `val' may be used uninitialized in the BPF_CRE_READ_BITFIELD macro, defined in bpf_core_read.h as: [...] unsigned long long val; \ [...] \ switch (__CORE_RELO(s, field, BYTE_SIZE)) { \ case 1: val = *(const unsigned char *)p; break; \ case 2: val = *(const unsigned short *)p; break; \... • https://git.kernel.org/stable/c/b694989bb13ed5f166e633faa1eb0f21c6d261a6 •
CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 0CVE-2024-42160 – f2fs: check validation of fault attrs in f2fs_build_fault_attr()
https://notcve.org/view.php?id=CVE-2024-42160
30 Jul 2024 — In the Linux kernel, the following vulnerability has been resolved: f2fs: check validation of fault attrs in f2fs_build_fault_attr() - It missed to check validation of fault attrs in parse_options(), let's fix to add check condition in f2fs_build_fault_attr(). - Use f2fs_build_fault_attr() in __sbi_store() to clean up code. In the Linux kernel, the following vulnerability has been resolved: f2fs: check validation of fault attrs in f2fs_build_fault_attr() - It missed to check validation of fault attrs in par... • https://git.kernel.org/stable/c/bc84dd2c33e0c10fd90d60f0cfc0bfb504d4692d •