CVSS: 7.1EPSS: 0%CPEs: 7EXPL: 0CVE-2024-56586 – f2fs: fix f2fs_bug_on when uninstalling filesystem call f2fs_evict_inode.
https://notcve.org/view.php?id=CVE-2024-56586
27 Dec 2024 — In the Linux kernel, the following vulnerability has been resolved: f2fs: fix f2fs_bug_on when uninstalling filesystem call f2fs_evict_inode. creating a large files during checkpoint disable until it runs out of space and then delete it, then remount to enable checkpoint again, and then unmount the filesystem triggers the f2fs_bug_on as below: ------------[ cut here ]------------ kernel BUG at fs/f2fs/inode.c:896! CPU: 2 UID: 0 PID: 1286 Comm: umount Not tainted 6.11.0-rc7-dirty #360 Oops: invalid opcode: 0... • https://git.kernel.org/stable/c/ac8aaf78bd039fa1be0acaa8e84a56499f79d721 •
CVSS: 5.5EPSS: 0%CPEs: 4EXPL: 0CVE-2024-56585 – LoongArch: Fix sleeping in atomic context for PREEMPT_RT
https://notcve.org/view.php?id=CVE-2024-56585
27 Dec 2024 — In the Linux kernel, the following vulnerability has been resolved: LoongArch: Fix sleeping in atomic context for PREEMPT_RT Commit bab1c299f3945ffe79 ("LoongArch: Fix sleeping in atomic context in setup_tlb_handler()") changes the gfp flag from GFP_KERNEL to GFP_ATOMIC for alloc_pages_node(). However, for PREEMPT_RT kernels we can still get a "sleeping in atomic context" error: [ 0.372259] BUG: sleeping function called from invalid context at kernel/locking/spinlock_rt.c:48 [ 0.372266] in_atomic(): 1, irqs... • https://git.kernel.org/stable/c/fa96b57c149061f71a70bd6582d995f6424fbbf4 •
CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 0CVE-2024-56584 – io_uring/tctx: work around xa_store() allocation error issue
https://notcve.org/view.php?id=CVE-2024-56584
27 Dec 2024 — In the Linux kernel, the following vulnerability has been resolved: io_uring/tctx: work around xa_store() allocation error issue syzbot triggered the following WARN_ON: WARNING: CPU: 0 PID: 16 at io_uring/tctx.c:51 __io_uring_free+0xfa/0x140 io_uring/tctx.c:51 which is the WARN_ON_ONCE(!xa_empty(&tctx->xa)); sanity check in __io_uring_free() when a io_uring_task is going through its final put. The syzbot test case includes injecting memory allocation failures, and it very much looks like xa_store() can fail... • https://git.kernel.org/stable/c/94ad56f61b873ffeebcc620d451eacfbdf9d40f0 •
CVSS: 7.1EPSS: 0%CPEs: 4EXPL: 0CVE-2024-56583 – sched/deadline: Fix warning in migrate_enable for boosted tasks
https://notcve.org/view.php?id=CVE-2024-56583
27 Dec 2024 — In the Linux kernel, the following vulnerability has been resolved: sched/deadline: Fix warning in migrate_enable for boosted tasks When running the following command: while true; do stress-ng --cyclic 30 --timeout 30s --minimize --quiet done a warning is eventually triggered: WARNING: CPU: 43 PID: 2848 at kernel/sched/deadline.c:794 setup_new_dl_entity+0x13e/0x180 ... Call Trace: <TASK> ? show_trace_log_lvl+0x1c4/0x2df ? enqueue_dl_entity+0x631/0x6e0 ? setup_new_dl_entity+0x13e/0x180 ? __warn+0x7e/0xd0 ? • https://git.kernel.org/stable/c/295d6d5e373607729bcc8182c25afe964655714f •
CVSS: 7.1EPSS: 0%CPEs: 2EXPL: 0CVE-2024-56582 – btrfs: fix use-after-free in btrfs_encoded_read_endio()
https://notcve.org/view.php?id=CVE-2024-56582
27 Dec 2024 — In the Linux kernel, the following vulnerability has been resolved: btrfs: fix use-after-free in btrfs_encoded_read_endio() Shinichiro reported the following use-after free that sometimes is happening in our CI system when running fstests' btrfs/284 on a TCMU runner device: BUG: KASAN: slab-use-after-free in lock_release+0x708/0x780 Read of size 8 at addr ffff888106a83f18 by task kworker/u80:6/219 CPU: 8 UID: 0 PID: 219 Comm: kworker/u80:6 Not tainted 6.12.0-rc6-kts+ #15 Hardware name: Supermicro Super Serv... • https://git.kernel.org/stable/c/1881fba89bd5dcd364d2e1bf561912a90a11c21a •
CVSS: 7.1EPSS: 0%CPEs: 7EXPL: 0CVE-2024-56581 – btrfs: ref-verify: fix use-after-free after invalid ref action
https://notcve.org/view.php?id=CVE-2024-56581
27 Dec 2024 — In the Linux kernel, the following vulnerability has been resolved: btrfs: ref-verify: fix use-after-free after invalid ref action At btrfs_ref_tree_mod() after we successfully inserted the new ref entry (local variable 'ref') into the respective block entry's rbtree (local variable 'be'), if we find an unexpected action of BTRFS_DROP_DELAYED_REF, we error out and free the ref entry without removing it from the block entry's rbtree. Then in the error path of btrfs_ref_tree_mod() we call btrfs_free_ref_cache... • https://git.kernel.org/stable/c/fd708b81d972a0714b02a60eb4792fdbf15868c4 •
CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 0CVE-2024-56580 – media: qcom: camss: fix error path on configuration of power domains
https://notcve.org/view.php?id=CVE-2024-56580
27 Dec 2024 — In the Linux kernel, the following vulnerability has been resolved: media: qcom: camss: fix error path on configuration of power domains There is a chance to meet runtime issues during configuration of CAMSS power domains, because on the error path dev_pm_domain_detach() is unexpectedly called with NULL or error pointer. One of the simplest ways to reproduce the problem is to probe CAMSS driver before registration of CAMSS power domains, for instance if a platform CAMCC driver is simply not built. Warning b... • https://git.kernel.org/stable/c/23aa4f0cd3273b269560a9236c48b43a3982ac13 •
CVSS: -EPSS: 0%CPEs: 4EXPL: 0CVE-2024-56579 – media: amphion: Set video drvdata before register video device
https://notcve.org/view.php?id=CVE-2024-56579
27 Dec 2024 — In the Linux kernel, the following vulnerability has been resolved: media: amphion: Set video drvdata before register video device The video drvdata should be set before the video device is registered, otherwise video_drvdata() may return NULL in the open() file ops, and led to oops. In the Linux kernel, the following vulnerability has been resolved: media: amphion: Set video drvdata before register video device The video drvdata should be set before the video device is registered, otherwise video_drvdata()... • https://git.kernel.org/stable/c/3cd084519c6f91cbef9d604bcf26844fa81d4922 •
CVSS: -EPSS: 0%CPEs: 5EXPL: 0CVE-2024-56578 – media: imx-jpeg: Set video drvdata before register video device
https://notcve.org/view.php?id=CVE-2024-56578
27 Dec 2024 — In the Linux kernel, the following vulnerability has been resolved: media: imx-jpeg: Set video drvdata before register video device The video drvdata should be set before the video device is registered, otherwise video_drvdata() may return NULL in the open() file ops, and led to oops. In the Linux kernel, the following vulnerability has been resolved: media: imx-jpeg: Set video drvdata before register video device The video drvdata should be set before the video device is registered, otherwise video_drvdata... • https://git.kernel.org/stable/c/2db16c6ed72ce644d5639b3ed15e5817442db4ba •
CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 0CVE-2024-56577 – media: mtk-jpeg: Fix null-ptr-deref during unload module
https://notcve.org/view.php?id=CVE-2024-56577
27 Dec 2024 — In the Linux kernel, the following vulnerability has been resolved: media: mtk-jpeg: Fix null-ptr-deref during unload module The workqueue should be destroyed in mtk_jpeg_core.c since commit 09aea13ecf6f ("media: mtk-jpeg: refactor some variables"), otherwise the below calltrace can be easily triggered. [ 677.862514] Unable to handle kernel paging request at virtual address dfff800000000023 [ 677.863633] KASAN: null-ptr-deref in range [0x0000000000000118-0x000000000000011f] ... [ 677.879654] CPU: 6 PID: 107... • https://git.kernel.org/stable/c/09aea13ecf6f89ed7f18114953695563f64f461c •