CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 0CVE-2021-47618 – ARM: 9170/1: fix panic when kasan and kprobe are enabled
https://notcve.org/view.php?id=CVE-2021-47618
20 Jun 2024 — In the Linux kernel, the following vulnerability has been resolved: ARM: 9170/1: fix panic when kasan and kprobe are enabled arm32 uses software to simulate the instruction replaced by kprobe. some instructions may be simulated by constructing assembly functions. therefore, before executing instruction simulation, it is necessary to construct assembly function execution environment in C language through binding registers. after kasan is enabled, the register binding relationship will be destroyed, resulting... • https://git.kernel.org/stable/c/35aa1df4328340f38edc46f00837f08d33d49f63 •
CVSS: 5.5EPSS: 0%CPEs: 6EXPL: 0CVE-2021-47617 – PCI: pciehp: Fix infinite loop in IRQ handler upon power fault
https://notcve.org/view.php?id=CVE-2021-47617
20 Jun 2024 — In the Linux kernel, the following vulnerability has been resolved: PCI: pciehp: Fix infinite loop in IRQ handler upon power fault The Power Fault Detected bit in the Slot Status register differs from all other hotplug events in that it is sticky: It can only be cleared after turning off slot power. Per PCIe r5.0, sec. 6.7.1.8: If a power controller detects a main power fault on the hot-plug slot, it must automatically set its internal main power fault latch [...]. The main power fault latch is cleared when... • https://git.kernel.org/stable/c/a8cc52270f3d8e8f4faf01ffd6c4a95bbfb55ba4 •
CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 0CVE-2024-38620 – Bluetooth: HCI: Remove HCI_AMP support
https://notcve.org/view.php?id=CVE-2024-38620
20 Jun 2024 — In the Linux kernel, the following vulnerability has been resolved: Bluetooth: HCI: Remove HCI_AMP support Since BT_HS has been remove HCI_AMP controllers no longer has any use so remove it along with the capability of creating AMP controllers. Since we no longer need to differentiate between AMP and Primary controllers, as only HCI_PRIMARY is left, this also remove hdev->dev_type altogether. En el kernel de Linux, se resolvió la siguiente vulnerabilidad: Bluetooth: HCI: eliminar la compatibilidad con HCI_A... • https://git.kernel.org/stable/c/244bc377591c3882f454882357bc730c90cbedb5 •
CVSS: 5.5EPSS: 0%CPEs: 8EXPL: 0CVE-2024-38619 – usb-storage: alauda: Check whether the media is initialized
https://notcve.org/view.php?id=CVE-2024-38619
20 Jun 2024 — In the Linux kernel, the following vulnerability has been resolved: usb-storage: alauda: Check whether the media is initialized The member "uzonesize" of struct alauda_info will remain 0 if alauda_init_media() fails, potentially causing divide errors in alauda_read_data() and alauda_write_lba(). - Add a member "media_initialized" to struct alauda_info. - Change a condition in alauda_check_media() to ensure the first initialization. - Add an error check for the return value of alauda_init_media(). En el kern... • https://git.kernel.org/stable/c/e80b0fade09ef1ee67b0898d480d4c588f124d5f • CWE-457: Use of Uninitialized Variable •
CVSS: 5.3EPSS: 0%CPEs: 8EXPL: 0CVE-2024-38618 – ALSA: timer: Set lower bound of start tick time
https://notcve.org/view.php?id=CVE-2024-38618
19 Jun 2024 — In the Linux kernel, the following vulnerability has been resolved: ALSA: timer: Set lower bound of start tick time Currently ALSA timer doesn't have the lower limit of the start tick time, and it allows a very small size, e.g. 1 tick with 1ns resolution for hrtimer. Such a situation may lead to an unexpected RCU stall, where the callback repeatedly queuing the expire update, as reported by fuzzer. This patch introduces a sanity check of the timer start tick time, so that the system returns an error when a ... • https://git.kernel.org/stable/c/68396c825c43664b20a3a1ba546844deb2b4e48f • CWE-99: Improper Control of Resource Identifiers ('Resource Injection') •
CVSS: 4.4EPSS: 0%CPEs: 8EXPL: 0CVE-2024-38615 – cpufreq: exit() callback is optional
https://notcve.org/view.php?id=CVE-2024-38615
19 Jun 2024 — In the Linux kernel, the following vulnerability has been resolved: cpufreq: exit() callback is optional The exit() callback is optional and shouldn't be called without checking a valid pointer first. Also, we must clear freq_table pointer even if the exit() callback isn't present. En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: cpufreq: la devolución de llamada exit() es opcional La devolución de llamada exit() es opcional y no debe llamarse sin verificar primero un puntero válido. Ademá... • https://git.kernel.org/stable/c/91a12e91dc39137906d929a4ff6f9c32c59697fa • CWE-459: Incomplete Cleanup •
CVSS: 7.8EPSS: 0%CPEs: 9EXPL: 0CVE-2024-38613 – m68k: Fix spinlock race in kernel thread creation
https://notcve.org/view.php?id=CVE-2024-38613
19 Jun 2024 — In the Linux kernel, the following vulnerability has been resolved: m68k: Fix spinlock race in kernel thread creation Context switching does take care to retain the correct lock owner across the switch from 'prev' to 'next' tasks. This does rely on interrupts remaining disabled for the entire duration of the switch. This condition is guaranteed for normal process creation and context switching between already running processes, because both 'prev' and 'next' already have interrupts disabled in their saved c... • https://git.kernel.org/stable/c/533e6903bea0440816a0f517b0845ccea4cc7917 •
CVSS: 9.8EPSS: 0%CPEs: 9EXPL: 0CVE-2024-38612 – ipv6: sr: fix invalid unregister error path
https://notcve.org/view.php?id=CVE-2024-38612
19 Jun 2024 — In the Linux kernel, the following vulnerability has been resolved: ipv6: sr: fix invalid unregister error path The error path of seg6_init() is wrong in case CONFIG_IPV6_SEG6_LWTUNNEL is not defined. In that case if seg6_hmac_init() fails, the genl_unregister_family() isn't called. This issue exist since commit 46738b1317e1 ("ipv6: sr: add option to control lwtunnel support"), and commit 5559cea2d5aa ("ipv6: sr: fix possible use-after-free and null-ptr-deref") replaced unregister_pernet_subsys() with genl_... • https://git.kernel.org/stable/c/46738b1317e169b281ad74690276916e24d1be6d • CWE-416: Use After Free CWE-476: NULL Pointer Dereference •
CVSS: 4.4EPSS: 0%CPEs: 4EXPL: 0CVE-2024-38611 – media: i2c: et8ek8: Don't strip remove function when driver is builtin
https://notcve.org/view.php?id=CVE-2024-38611
19 Jun 2024 — In the Linux kernel, the following vulnerability has been resolved: media: i2c: et8ek8: Don't strip remove function when driver is builtin Using __exit for the remove function results in the remove callback being discarded with CONFIG_VIDEO_ET8EK8=y. When such a device gets unbound (e.g. using sysfs or hotplug), the driver is just removed without the cleanup being performed. This results in resource leaks. Fix it by compiling in the remove callback unconditionally. This also fixes a W=1 modpost warning: WAR... • https://git.kernel.org/stable/c/c5254e72b8edc2ca0a98703e92e8c34959343d2c •
CVSS: 7.8EPSS: 0%CPEs: 8EXPL: 0CVE-2024-38610 – drivers/virt/acrn: fix PFNMAP PTE checks in acrn_vm_ram_map()
https://notcve.org/view.php?id=CVE-2024-38610
19 Jun 2024 — In the Linux kernel, the following vulnerability has been resolved: drivers/virt/acrn: fix PFNMAP PTE checks in acrn_vm_ram_map() Patch series "mm: follow_pte() improvements and acrn follow_pte() fixes". Patch #1 fixes a bunch of issues I spotted in the acrn driver. It compiles, that's all I know. I'll appreciate some review and testing from acrn folks. Patch #2+#3 improve follow_pte(), passing a VMA instead of the MM, adding more sanity checks, and improving the documentation. • https://git.kernel.org/stable/c/b9c43aa0b18da5619aac347d54cb67fe30d1f884 •