CVSS: 7.1EPSS: 0%CPEs: 2EXPL: 0CVE-2024-42264 – drm/v3d: Prevent out of bounds access in performance query extensions
https://notcve.org/view.php?id=CVE-2024-42264
17 Aug 2024 — In the Linux kernel, the following vulnerability has been resolved: drm/v3d: Prevent out of bounds access in performance query extensions Check that the number of perfmons userspace is passing in the copy and reset extensions is not greater than the internal kernel storage where the ids will be copied into. (cherry picked from commit f32b5128d2c440368b5bf3a7a356823e235caabb) In the Linux kernel, the following vulnerability has been resolved: drm/v3d: Prevent out of bounds access in performance query extensi... • https://git.kernel.org/stable/c/bae7cb5d68001a8d4ceec5964dda74bb9aab7220 •
CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 0CVE-2024-42263 – drm/v3d: Fix potential memory leak in the timestamp extension
https://notcve.org/view.php?id=CVE-2024-42263
17 Aug 2024 — In the Linux kernel, the following vulnerability has been resolved: drm/v3d: Fix potential memory leak in the timestamp extension If fetching of userspace memory fails during the main loop, all drm sync objs looked up until that point will be leaked because of the missing drm_syncobj_put. Fix it by exporting and using a common cleanup helper. (cherry picked from commit 753ce4fea62182c77e1691ab4f9022008f25b62e) In the Linux kernel, the following vulnerability has been resolved: drm/v3d: Fix potential memory ... • https://git.kernel.org/stable/c/9ba0ff3e083f6a4a0b6698f06bfff74805fefa5f •
CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 0CVE-2024-42262 – drm/v3d: Fix potential memory leak in the performance extension
https://notcve.org/view.php?id=CVE-2024-42262
17 Aug 2024 — In the Linux kernel, the following vulnerability has been resolved: drm/v3d: Fix potential memory leak in the performance extension If fetching of userspace memory fails during the main loop, all drm sync objs looked up until that point will be leaked because of the missing drm_syncobj_put. Fix it by exporting and using a common cleanup helper. (cherry picked from commit 484de39fa5f5b7bd0c5f2e2c5265167250ef7501) In the Linux kernel, the following vulnerability has been resolved: drm/v3d: Fix potential memor... • https://git.kernel.org/stable/c/bae7cb5d68001a8d4ceec5964dda74bb9aab7220 •
CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 0CVE-2024-42261 – drm/v3d: Validate passed in drm syncobj handles in the timestamp extension
https://notcve.org/view.php?id=CVE-2024-42261
17 Aug 2024 — In the Linux kernel, the following vulnerability has been resolved: drm/v3d: Validate passed in drm syncobj handles in the timestamp extension If userspace provides an unknown or invalid handle anywhere in the handle array the rest of the driver will not handle that well. Fix it by checking handle was looked up successfully or otherwise fail the extension by jumping into the existing unwind. (cherry picked from commit 8d1276d1b8f738c3afe1457d4dff5cc66fc848a3) In the Linux kernel, the following vulnerability... • https://git.kernel.org/stable/c/9ba0ff3e083f6a4a0b6698f06bfff74805fefa5f •
CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 0CVE-2024-42260 – drm/v3d: Validate passed in drm syncobj handles in the performance extension
https://notcve.org/view.php?id=CVE-2024-42260
17 Aug 2024 — In the Linux kernel, the following vulnerability has been resolved: drm/v3d: Validate passed in drm syncobj handles in the performance extension If userspace provides an unknown or invalid handle anywhere in the handle array the rest of the driver will not handle that well. Fix it by checking handle was looked up successfully or otherwise fail the extension by jumping into the existing unwind. (cherry picked from commit a546b7e4d73c23838d7e4d2c92882b3ca902d213) In the Linux kernel, the following vulnerabili... • https://git.kernel.org/stable/c/bae7cb5d68001a8d4ceec5964dda74bb9aab7220 •
CVSS: 5.5EPSS: 0%CPEs: 8EXPL: 0CVE-2024-42259 – drm/i915/gem: Fix Virtual Memory mapping boundaries calculation
https://notcve.org/view.php?id=CVE-2024-42259
14 Aug 2024 — In the Linux kernel, the following vulnerability has been resolved: drm/i915/gem: Fix Virtual Memory mapping boundaries calculation Calculating the size of the mapped area as the lesser value between the requested size and the actual size does not consider the partial mapping offset. This can cause page fault access. Fix the calculation of the starting and ending addresses, the total size is now deduced from the difference between the end and start addresses. Additionally, the calculations have been rewritt... • https://git.kernel.org/stable/c/c58305af1835095ddc25ee6f548ac05915e66ac5 •
CVSS: 5.5EPSS: 0%CPEs: 4EXPL: 0CVE-2024-42258 – mm: huge_memory: use !CONFIG_64BIT to relax huge page alignment on 32 bit machines
https://notcve.org/view.php?id=CVE-2024-42258
12 Aug 2024 — In the Linux kernel, the following vulnerability has been resolved: mm: huge_memory: use !CONFIG_64BIT to relax huge page alignment on 32 bit machines Yves-Alexis Perez reported commit 4ef9ad19e176 ("mm: huge_memory: don't force huge page alignment on 32 bit") didn't work for x86_32 [1]. It is because x86_32 uses CONFIG_X86_32 instead of CONFIG_32BIT. !CONFIG_64BIT should cover all 32 bit machines. [1] https://lore.kernel.org/linux-mm/CAHbLzkr1LwH3pcTgM+aGQ31ip2bKqiqEQ8=FQB+t2c3dhNKNHA@mail.gmail.com/ In th... • https://git.kernel.org/stable/c/87632bc9ecff5ded93433bc0fca428019bdd1cfe •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2024-42257 – ext4: use memtostr_pad() for s_volume_name
https://notcve.org/view.php?id=CVE-2024-42257
08 Aug 2024 — In the Linux kernel, the following vulnerability has been resolved: ext4: use memtostr_pad() for s_volume_name As with the other strings in struct ext4_super_block, s_volume_name is not NUL terminated. The other strings were marked in commit 072ebb3bffe6 ("ext4: add nonstring annotations to ext4.h"). Using strscpy() isn't the right replacement for strncpy(); it should use memtostr_pad() instead. En el kernel de Linux, se resolvió la siguiente vulnerabilidad: ext4: use memtostr_pad() para s_volume_name Al ig... • https://git.kernel.org/stable/c/744a56389f7398f286231e062c2e63f0de01bcc6 •
CVSS: 10.0EPSS: 0%CPEs: 2EXPL: 0CVE-2024-42256 – cifs: Fix server re-repick on subrequest retry
https://notcve.org/view.php?id=CVE-2024-42256
08 Aug 2024 — In the Linux kernel, the following vulnerability has been resolved: cifs: Fix server re-repick on subrequest retry When a subrequest is marked for needing retry, netfs will call cifs_prepare_write() which will make cifs repick the server for the op before renegotiating credits; it then calls cifs_issue_write() which invokes smb2_async_writev() - which re-repicks the server. If a different server is then selected, this causes the increment of server->in_flight to happen against one record and the decrement t... • https://git.kernel.org/stable/c/3ee1a1fc39819906f04d6c62c180e760cd3a689d •
CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 0CVE-2024-42255 – tpm: Use auth only after NULL check in tpm_buf_check_hmac_response()
https://notcve.org/view.php?id=CVE-2024-42255
08 Aug 2024 — In the Linux kernel, the following vulnerability has been resolved: tpm: Use auth only after NULL check in tpm_buf_check_hmac_response() Dereference auth after NULL check in tpm_buf_check_hmac_response(). Otherwise, unless tpm2_sessions_init() was called, a call can cause NULL dereference, when TCG_TPM2_HMAC is enabled. [jarkko: adjusted the commit message.] En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: tpm: use autenticación solo después de la verificación NULL en tpm_buf_check_hmac_re... • https://git.kernel.org/stable/c/7ca110f2679b7d1f3ac1afc90e6ffbf0af3edf0d •