CVE-2024-50289 – media: av7110: fix a spectre vulnerability
https://notcve.org/view.php?id=CVE-2024-50289
In the Linux kernel, the following vulnerability has been resolved: media: av7110: fix a spectre vulnerability As warned by smatch: drivers/staging/media/av7110/av7110_ca.c:270 dvb_ca_ioctl() warn: potential spectre issue 'av7110->ci_slot' [w] (local cap) There is a spectre-related vulnerability at the code. Fix it. • https://git.kernel.org/stable/c/1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 https://git.kernel.org/stable/c/f3927206c478bd249c225414f7a751752a30e7b9 https://git.kernel.org/stable/c/458ea1c0be991573ec436aa0afa23baacfae101a •
CVE-2024-50287 – media: v4l2-tpg: prevent the risk of a division by zero
https://notcve.org/view.php?id=CVE-2024-50287
In the Linux kernel, the following vulnerability has been resolved: media: v4l2-tpg: prevent the risk of a division by zero As reported by Coverity, the logic at tpg_precalculate_line() blindly rescales the buffer even when scaled_witdh is equal to zero. If this ever happens, this will cause a division by zero. Instead, add a WARN_ON_ONCE() to trigger such cases and return without doing any precalculation. • https://git.kernel.org/stable/c/63881df94d3ecbb0deafa0b77da62ff2f32961c4 https://git.kernel.org/stable/c/e3c36d0bde309f690ed1f9cd5f7e63b3a513f94a https://git.kernel.org/stable/c/0bfc6e38ee2250f0503d96f1a1de441c31d88715 https://git.kernel.org/stable/c/054931ca3cfcb8e8fa036e887d6f379942b02565 https://git.kernel.org/stable/c/a749c15dccc58d9cbad9cd23bd8ab4b5fa96cf47 https://git.kernel.org/stable/c/c63c30c9d9f2c8de34b16cd2b8400240533b914e https://git.kernel.org/stable/c/2d0f01aa602fd15a805771bdf3f4d9a9b4df7f47 https://git.kernel.org/stable/c/0cdb42ba0b28f548c1a4e86bb8489dba0 •
CVE-2024-50286 – ksmbd: fix slab-use-after-free in ksmbd_smb2_session_create
https://notcve.org/view.php?id=CVE-2024-50286
In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix slab-use-after-free in ksmbd_smb2_session_create There is a race condition between ksmbd_smb2_session_create and ksmbd_expire_session. This patch add missing sessions_table_lock while adding/deleting session from global session table. • https://git.kernel.org/stable/c/0626e6641f6b467447c81dd7678a69c66f7746cf https://git.kernel.org/stable/c/f56446ba5378d19e31040b548a14ee9a8f1500ea https://git.kernel.org/stable/c/e923503a56b3385b64ae492e3225e4623f560c5b https://git.kernel.org/stable/c/e7a2ad2044377853cf8c59528dac808a08a99c72 https://git.kernel.org/stable/c/0a77715db22611df50b178374c51e2ba0d58866e •
CVE-2024-50285 – ksmbd: check outstanding simultaneous SMB operations
https://notcve.org/view.php?id=CVE-2024-50285
In the Linux kernel, the following vulnerability has been resolved: ksmbd: check outstanding simultaneous SMB operations If Client send simultaneous SMB operations to ksmbd, It exhausts too much memory through the "ksmbd_work_cacheā. It will cause OOM issue. ksmbd has a credit mechanism but it can't handle this problem. This patch add the check if it exceeds max credits to prevent this problem by assuming that one smb request consumes at least one credit. This vulnerability allows remote attackers to create a denial-of-service condition on affected installations of the Linux Kernel. Authentication is not required to exploit this vulnerability. • https://git.kernel.org/stable/c/0626e6641f6b467447c81dd7678a69c66f7746cf https://git.kernel.org/stable/c/1f993777275cbd8f74765c4f9d9285cb907c9be5 https://git.kernel.org/stable/c/e257ac6fe138623cf59fca8898abdf659dbc8356 https://git.kernel.org/stable/c/0a77d947f599b1f39065015bec99390d0c0022ee •
CVE-2024-50284 – ksmbd: Fix the missing xa_store error check
https://notcve.org/view.php?id=CVE-2024-50284
In the Linux kernel, the following vulnerability has been resolved: ksmbd: Fix the missing xa_store error check xa_store() can fail, it return xa_err(-EINVAL) if the entry cannot be stored in an XArray, or xa_err(-ENOMEM) if memory allocation failed, so check error for xa_store() to fix it. • https://git.kernel.org/stable/c/052b41ef2abe274f068e892aee81406f11bd1f3a https://git.kernel.org/stable/c/b685757c7b08d5073046fb379be965fd6c06aafc https://git.kernel.org/stable/c/1f485b54d04a920723984062c912174330a05178 https://git.kernel.org/stable/c/d8664ce789bd46290c59a00da6897252f92c237d https://git.kernel.org/stable/c/726c1568b9145fa13ee248df184b186c382a7ff8 https://git.kernel.org/stable/c/c2a232c4f790f4bcd4d218904c56ac7a39a448f5 https://git.kernel.org/stable/c/3abab905b14f4ba756d413f37f1fb02b708eee93 •