CVSS: -EPSS: 0%CPEs: 11EXPL: 0CVE-2024-36959 – pinctrl: devicetree: fix refcount leak in pinctrl_dt_to_map()
https://notcve.org/view.php?id=CVE-2024-36959
In the Linux kernel, the following vulnerability has been resolved: pinctrl: devicetree: fix refcount leak in pinctrl_dt_to_map() If we fail to allocate propname buffer, we need to drop the reference count we just took. Because the pinctrl_dt_free_maps() includes the droping operation, here we call it directly. En el kernel de Linux, se resolvió la siguiente vulnerabilidad: pinctrl: devicetree: corrige la fuga de recuento de referencia en pinctrl_dt_to_map() Si no asignamos el búfer de nombre de propiedad, debemos eliminar el recuento de referencias que acabamos de tomar. Debido a que pinctrl_dt_free_maps() incluye la operación de eliminación, aquí la llamamos directamente. • https://git.kernel.org/stable/c/a988dcd3dd9e691c5ccc3324b209688f3b5453e9 https://git.kernel.org/stable/c/040f726fecd88121f3b95e70369785ad452dddf9 https://git.kernel.org/stable/c/777430aa4ddccaa5accec6db90ffc1d47f00d471 https://git.kernel.org/stable/c/97e5b508e96176f1a73888ed89df396d7041bfcb https://git.kernel.org/stable/c/91d5c5060ee24fe8da88cd585bb43b843d2f0dce https://git.kernel.org/stable/c/aaf552c5d53abe4659176e099575fe870d2e4768 https://git.kernel.org/stable/c/b4d9f55cd38435358bc16d580612bc0d798d7b4c https://git.kernel.org/stable/c/5834a3a98cd266ad35a229923c0adbd0a •
CVSS: 4.4EPSS: 0%CPEs: 7EXPL: 0CVE-2024-36957 – octeontx2-af: avoid off-by-one read from userspace
https://notcve.org/view.php?id=CVE-2024-36957
In the Linux kernel, the following vulnerability has been resolved: octeontx2-af: avoid off-by-one read from userspace We try to access count + 1 byte from userspace with memdup_user(buffer, count + 1). However, the userspace only provides buffer of count bytes and only these count bytes are verified to be okay to access. To ensure the copied buffer is NUL terminated, we use memdup_user_nul instead. En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: octeontx2-af: evitar lecturas uno por uno desde el espacio de usuario Intentamos acceder al recuento + 1 byte desde el espacio de usuario con memdup_user (búfer, recuento + 1). Sin embargo, el espacio de usuario solo proporciona un búfer de bytes de recuento y solo se verifica que se puede acceder a estos bytes de recuento. • https://git.kernel.org/stable/c/dae49384d0d7695540e2d75168f323cef1384810 https://git.kernel.org/stable/c/3a2eb515d1367c0f667b76089a6e727279c688b8 https://git.kernel.org/stable/c/c9a2ed3fdd037314a71e6a6ba5d99a3605f6f9c7 https://git.kernel.org/stable/c/bcdac70adceb44373da204c3c297f2a98e13216e https://git.kernel.org/stable/c/ec697fbd38cbe2eef0948b58673b146caa95402f https://git.kernel.org/stable/c/8f11fe3ea3fc261640cfc8a5addd838000407c67 https://git.kernel.org/stable/c/0a0285cee11c7dcc2657bcd456e469958a5009e7 https://git.kernel.org/stable/c/fc3e0076c1f82fe981d321e3a7bad4cbe • CWE-193: Off-by-one Error •
CVSS: 7.7EPSS: 0%CPEs: 5EXPL: 0CVE-2024-36955 – ALSA: hda: intel-sdw-acpi: fix usage of device_get_named_child_node()
https://notcve.org/view.php?id=CVE-2024-36955
In the Linux kernel, the following vulnerability has been resolved: ALSA: hda: intel-sdw-acpi: fix usage of device_get_named_child_node() The documentation for device_get_named_child_node() mentions this important point: " The caller is responsible for calling fwnode_handle_put() on the returned fwnode pointer. " Add fwnode_handle_put() to avoid a leaked reference. En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: ALSA: hda: intel-sdw-acpi: corrige el uso de device_get_named_child_node() La documentación para device_get_named_child_node() menciona este punto importante: "La persona que llama es responsable de llamar a fwnode_handle_put() en el puntero fwnode devuelto. "Agregue fwnode_handle_put() para evitar una referencia filtrada. • https://git.kernel.org/stable/c/08c2a4bc9f2acaefbd0158866db5cb3238a68674 https://git.kernel.org/stable/c/bd2d9641a39e6b5244230c4b41c4aca83b54b377 https://git.kernel.org/stable/c/722d33c442e66e4aabd3e778958d696ff3a2777e https://git.kernel.org/stable/c/7db626d2730d3d80fd31638169054b1e507f07bf https://git.kernel.org/stable/c/7ef6ecf98ce309b1f4e5a25cddd5965d01feea07 https://git.kernel.org/stable/c/c158cf914713efc3bcdc25680c7156c48c12ef6a • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 5.5EPSS: 0%CPEs: 12EXPL: 0CVE-2024-36954 – tipc: fix a possible memleak in tipc_buf_append
https://notcve.org/view.php?id=CVE-2024-36954
In the Linux kernel, the following vulnerability has been resolved: tipc: fix a possible memleak in tipc_buf_append __skb_linearize() doesn't free the skb when it fails, so move '*buf = NULL' after __skb_linearize(), so that the skb can be freed on the err path. En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: tipc: soluciona un posible memleak en tipc_buf_append __skb_linearize() no libera el skb cuando falla, así que mueve '*buf = NULL' después de __skb_linearize(), para que el skb se puede liberar en la ruta de error. • https://git.kernel.org/stable/c/4b1761898861117c97066aea6c58f68a7787f0bf https://git.kernel.org/stable/c/64d17ec9f1ded042c4b188d15734f33486ed9966 https://git.kernel.org/stable/c/6da24cfc83ba4f97ea44fc7ae9999a006101755c https://git.kernel.org/stable/c/b7df21cf1b79ab7026f545e7bf837bd5750ac026 https://git.kernel.org/stable/c/b2c8d28c34b3070407cb1741f9ba3f15d0284b8b https://git.kernel.org/stable/c/5489f30bb78ff0dafb4229a69632afc2ba20765c https://git.kernel.org/stable/c/436d650d374329a591c30339a91fa5078052ed1e https://git.kernel.org/stable/c/ace300eecbccaa698e2b472843c74a5f3 • CWE-402: Transmission of Private Resources into a New Sphere ('Resource Leak') •
CVSS: 4.4EPSS: 0%CPEs: 6EXPL: 0CVE-2024-36953 – KVM: arm64: vgic-v2: Check for non-NULL vCPU in vgic_v2_parse_attr()
https://notcve.org/view.php?id=CVE-2024-36953
In the Linux kernel, the following vulnerability has been resolved: KVM: arm64: vgic-v2: Check for non-NULL vCPU in vgic_v2_parse_attr() vgic_v2_parse_attr() is responsible for finding the vCPU that matches the user-provided CPUID, which (of course) may not be valid. If the ID is invalid, kvm_get_vcpu_by_id() returns NULL, which isn't handled gracefully. Similar to the GICv3 uaccess flow, check that kvm_get_vcpu_by_id() actually returns something and fail the ioctl if not. En el kernel de Linux, se resolvió la siguiente vulnerabilidad: KVM: arm64: vgic-v2: Verifique vCPU que no sea NULL en vgic_v2_parse_attr() vgic_v2_parse_attr() es responsable de encontrar la vCPU que coincida con el CPUID proporcionado por el usuario, que (de curso) puede no ser válido. Si el ID no es válido, kvm_get_vcpu_by_id() devuelve NULL, que no se maneja correctamente. De manera similar al flujo de uaccess de GICv3, verifique que kvm_get_vcpu_by_id() realmente devuelva algo y falle el ioctl si no. • https://git.kernel.org/stable/c/7d450e2821710718fd6703e9c486249cee913bab https://git.kernel.org/stable/c/4404465a1bee3607ad90a4c5f9e16dfd75b85728 https://git.kernel.org/stable/c/17db92da8be5dd3bf63c01f4109fe47db64fc66f https://git.kernel.org/stable/c/3a5b0378ac6776c7c31b18e0f3c1389bd6005e80 https://git.kernel.org/stable/c/8d6a1c8e3de36cb0f5e866f1a582b00939e23104 https://git.kernel.org/stable/c/01981276d64e542c177b243f7c979fee855d5487 https://git.kernel.org/stable/c/6ddb4f372fc63210034b903d96ebbeb3c7195adb https://lists.debian.org/debian-lts-announce/2024/06/ • CWE-158: Improper Neutralization of Null Byte or NUL Character •