CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 0CVE-2024-40997 – cpufreq: amd-pstate: fix memory leak on CPU EPP exit
https://notcve.org/view.php?id=CVE-2024-40997
12 Jul 2024 — In the Linux kernel, the following vulnerability has been resolved: cpufreq: amd-pstate: fix memory leak on CPU EPP exit The cpudata memory from kzalloc() in amd_pstate_epp_cpu_init() is not freed in the analogous exit function, so fix that. [ rjw: Subject and changelog edits ] In the Linux kernel, the following vulnerability has been resolved: cpufreq: amd-pstate: fix memory leak on CPU EPP exit The cpudata memory from kzalloc() in amd_pstate_epp_cpu_init() is not freed in the analogous exit function, so f... • https://git.kernel.org/stable/c/448efb7ea0bfa2c4e27c5a2eb5684fd225cd12cd • CWE-402: Transmission of Private Resources into a New Sphere ('Resource Leak') •
CVSS: 7.8EPSS: 0%CPEs: 5EXPL: 0CVE-2024-40996 – bpf: Avoid splat in pskb_pull_reason
https://notcve.org/view.php?id=CVE-2024-40996
12 Jul 2024 — In the Linux kernel, the following vulnerability has been resolved: bpf: Avoid splat in pskb_pull_reason syzkaller builds (CONFIG_DEBUG_NET=y) frequently trigger a debug hint in pskb_may_pull. We'd like to retain this debug check because it might hint at integer overflows and other issues (kernel code should pull headers, not huge value). In bpf case, this splat isn't interesting at all: such (nonsensical) bpf programs are typically generated by a fuzzer anyway. Do what Eric suggested and suppress such warn... • https://git.kernel.org/stable/c/8af60bb2b215f478b886f1d6d302fefa7f0b917d •
CVSS: 5.5EPSS: 0%CPEs: 7EXPL: 0CVE-2024-40995 – net/sched: act_api: fix possible infinite loop in tcf_idr_check_alloc()
https://notcve.org/view.php?id=CVE-2024-40995
12 Jul 2024 — In the Linux kernel, the following vulnerability has been resolved: net/sched: act_api: fix possible infinite loop in tcf_idr_check_alloc() syzbot found hanging tasks waiting on rtnl_lock [1] A reproducer is available in the syzbot bug. When a request to add multiple actions with the same index is sent, the second request will block forever on the first request. This holds rtnl_lock, and causes tasks to hang. Return -EAGAIN to prevent infinite looping, while keeping documented behavior. [1] INFO: task kwork... • https://git.kernel.org/stable/c/0190c1d452a91c38a3462abdd81752be1b9006a8 • CWE-833: Deadlock •
CVSS: 7.8EPSS: 0%CPEs: 5EXPL: 0CVE-2024-40994 – ptp: fix integer overflow in max_vclocks_store
https://notcve.org/view.php?id=CVE-2024-40994
12 Jul 2024 — In the Linux kernel, the following vulnerability has been resolved: ptp: fix integer overflow in max_vclocks_store On 32bit systems, the "4 * max" multiply can overflow. Use kcalloc() to do the allocation to prevent this. In the Linux kernel, the following vulnerability has been resolved: ptp: fix integer overflow in max_vclocks_store On 32bit systems, the "4 * max" multiply can overflow. Use kcalloc() to do the allocation to prevent this. • https://git.kernel.org/stable/c/44c494c8e30e35713c7d11ca3c5ab332cbfabacf •
CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 0CVE-2024-40993 – netfilter: ipset: Fix suspicious rcu_dereference_protected()
https://notcve.org/view.php?id=CVE-2024-40993
12 Jul 2024 — In the Linux kernel, the following vulnerability has been resolved: netfilter: ipset: Fix suspicious rcu_dereference_protected() When destroying all sets, we are either in pernet exit phase or are executing a "destroy all sets command" from userspace. The latter was taken into account in ip_set_dereference() (nfnetlink mutex is held), but the former was not. The patch adds the required check to rcu_dereference_protected() in ip_set_dereference(). In the Linux kernel, the following vulnerability has been res... • https://git.kernel.org/stable/c/390b353d1a1da3e9c6c0fd14fe650d69063c95d6 •
CVSS: 5.5EPSS: 0%CPEs: 6EXPL: 0CVE-2024-40990 – RDMA/mlx5: Add check for srq max_sge attribute
https://notcve.org/view.php?id=CVE-2024-40990
12 Jul 2024 — In the Linux kernel, the following vulnerability has been resolved: RDMA/mlx5: Add check for srq max_sge attribute max_sge attribute is passed by the user, and is inserted and used unchecked, so verify that the value doesn't exceed maximum allowed value before using it. In the Linux kernel, the following vulnerability has been resolved: RDMA/mlx5: Add check for srq max_sge attribute max_sge attribute is passed by the user, and is inserted and used unchecked, so verify that the value doesn't exceed maximum a... • https://git.kernel.org/stable/c/e126ba97dba9edeb6fafa3665b5f8497fc9cdf8c •
CVSS: 6.8EPSS: 0%CPEs: 4EXPL: 0CVE-2024-40989 – KVM: arm64: Disassociate vcpus from redistributor region on teardown
https://notcve.org/view.php?id=CVE-2024-40989
12 Jul 2024 — In the Linux kernel, the following vulnerability has been resolved: KVM: arm64: Disassociate vcpus from redistributor region on teardown When tearing down a redistributor region, make sure we don't have any dangling pointer to that region stored in a vcpu. A vulnerability was found in the Linux kernel's KVM for ARM64 within the vgic-init.c, vgic-mmio-v3.c, and vgic.h files. The virtual vCPUs may retain dangling pointers in a redistributor region after they have been torn down, leading to potential memory co... • https://git.kernel.org/stable/c/e5a35635464bc5304674b84ea42615a3fd0bd949 • CWE-825: Expired Pointer Dereference •
CVSS: 4.7EPSS: 0%CPEs: 8EXPL: 0CVE-2024-40988 – drm/radeon: fix UBSAN warning in kv_dpm.c
https://notcve.org/view.php?id=CVE-2024-40988
12 Jul 2024 — In the Linux kernel, the following vulnerability has been resolved: drm/radeon: fix UBSAN warning in kv_dpm.c Adds bounds check for sumo_vid_mapping_entry. • https://git.kernel.org/stable/c/07e8f15fa16695cf4c90e89854e59af4a760055b • CWE-787: Out-of-bounds Write •
CVSS: 5.0EPSS: 0%CPEs: 8EXPL: 0CVE-2024-40987 – drm/amdgpu: fix UBSAN warning in kv_dpm.c
https://notcve.org/view.php?id=CVE-2024-40987
12 Jul 2024 — In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: fix UBSAN warning in kv_dpm.c Adds bounds check for sumo_vid_mapping_entry. • https://git.kernel.org/stable/c/4ad7d49059358ceadd352b4e2511425bdb68f400 •
CVSS: 5.5EPSS: 0%CPEs: 8EXPL: 0CVE-2024-40984 – ACPICA: Revert "ACPICA: avoid Info: mapping multiple BARs. Your kernel is fine."
https://notcve.org/view.php?id=CVE-2024-40984
12 Jul 2024 — In the Linux kernel, the following vulnerability has been resolved: ACPICA: Revert "ACPICA: avoid Info: mapping multiple BARs. Your kernel is fine." Undo the modifications made in commit d410ee5109a1 ("ACPICA: avoid "Info: mapping multiple BARs. Your kernel is fine.""). The initial purpose of this commit was to stop memory mappings for operation regions from overlapping page boundaries, as it can trigger warnings if different page attributes are present. • https://git.kernel.org/stable/c/d410ee5109a1633a686a5663c6743a92e1181f9b • CWE-476: NULL Pointer Dereference •