CVSS: 5.5EPSS: 0%CPEs: 8EXPL: 0CVE-2024-43861 – net: usb: qmi_wwan: fix memory leak for not ip packets
https://notcve.org/view.php?id=CVE-2024-43861
20 Aug 2024 — In the Linux kernel, the following vulnerability has been resolved: net: usb: qmi_wwan: fix memory leak for not ip packets Free the unused skb when not ip packets arrive. It was discovered that the CIFS network file system implementation in the Linux kernel did not properly validate certain SMB messages, leading to an out-of-bounds read vulnerability. ... Supraja Sridhara, Benedict Schlüter, Mark Kuhne, Andrin Bertschi, and Shweta Shinde discovered that the Confidential Computing framework in... • https://git.kernel.org/stable/c/c6adf77953bcec0ad63d7782479452464e50f7a3 •
CVSS: 5.5EPSS: 0%CPEs: 8EXPL: 0CVE-2024-43860 – remoteproc: imx_rproc: Skip over memory region when node value is NULL
https://notcve.org/view.php?id=CVE-2024-43860
17 Aug 2024 — In the Linux kernel, the following vulnerability has been resolved: remoteproc: imx_rproc: Skip over memory region when node value is NULL In imx_rproc_addr_init() "nph = of_count_phandle_with_args()" just counts number of phandles. ... Found by Linux Verification Center (linuxtesting.org) with SVACE. Found by Linux Verification Center (linuxtesting.org) with SVACE. ... Found by Linux Verification Center (linuxtesting.org) with SVACE. [Fixed title to fit within the prescribed 70-... • https://git.kernel.org/stable/c/a0ff4aa6f010801b2a61c203c6e09d01b110fddf •
CVSS: 5.5EPSS: 0%CPEs: 4EXPL: 0CVE-2024-43859 – f2fs: fix to truncate preallocated blocks in f2fs_file_open()
https://notcve.org/view.php?id=CVE-2024-43859
17 Aug 2024 — In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to truncate preallocated blocks in f2fs_file_open() chenyuwen reports a f2fs bug as below: Unable to handle kernel NULL pointer dereference at virtual address 0000000000000011 fscrypt_set_bio_crypt_ctx+0x78/0x1e8 f2fs_grab_read_bio+0x78/0x208 f2fs_submit_page_read+0x44/0x154 f2fs_get_read_data_page+0x288/0x5f4 f2fs_get_lock_data_page+0x60/0x190 truncate_partial_data_page+0x108/0x4fc f2fs_do_truncate_blocks+0x344/0x5f0 f2fs_... • https://git.kernel.org/stable/c/d4dd19ec1ea0cf6532d65709325c42b1398614a8 •
CVSS: 7.8EPSS: 0%CPEs: 8EXPL: 0CVE-2024-43858 – jfs: Fix array-index-out-of-bounds in diFree
https://notcve.org/view.php?id=CVE-2024-43858
17 Aug 2024 — In the Linux kernel, the following vulnerability has been resolved: jfs: Fix array-index-out-of-bounds in diFree It was discovered that the CIFS network file system implementation in the Linux kernel did not properly validate certain SMB messages, leading to an out-of-bounds read vulnerability. ... Supraja Sridhara, Benedict Schlüter, Mark Kuhne, Andrin Bertschi, and Shweta Shinde discovered that the Confidential Computing framework in the Linux kernel for x86 platforms did not properl... • https://git.kernel.org/stable/c/1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 •
CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 0CVE-2024-43857 – f2fs: fix null reference error when checking end of zone
https://notcve.org/view.php?id=CVE-2024-43857
17 Aug 2024 — In the Linux kernel, the following vulnerability has been resolved: f2fs: fix null reference error when checking end of zone This patch fixes a potentially null pointer being accessed by is_end_zone_blkaddr() that checks the last block of a zone when f2fs is mounted as a single device. In the Linux kernel, the following vulnerability has been resolved: f2fs: fix null reference error when checking end of zone This patch fixes a potentially null pointer being accessed by is_end_zone_blkaddr() th... • https://git.kernel.org/stable/c/e067dc3c6b9c419bac43c6a0be2d85f44681f863 •
CVSS: 5.5EPSS: 0%CPEs: 8EXPL: 0CVE-2024-43856 – dma: fix call order in dmam_free_coherent
https://notcve.org/view.php?id=CVE-2024-43856
17 Aug 2024 — In the Linux kernel, the following vulnerability has been resolved: dma: fix call order in dmam_free_coherent dmam_free_coherent() frees a DMA allocation, which makes the freed vaddr available for reuse, then calls devres_destroy() to remove and free the data structure used to track the DMA allocation. ... Fix by destroying the devres entry before freeing the DMA allocation. kokonut //net/encryption http://sponge2/b9145fe6-0f72-4325-ac2f-a84d81075b03 In the Linux kernel, the following vulnerab... • https://git.kernel.org/stable/c/9ac7849e35f705830f7b016ff272b0ff1f7ff759 • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •
CVSS: 5.5EPSS: 0%CPEs: 5EXPL: 0CVE-2024-43855 – md: fix deadlock between mddev_suspend and flush bio
https://notcve.org/view.php?id=CVE-2024-43855
17 Aug 2024 — In the Linux kernel, the following vulnerability has been resolved: md: fix deadlock between mddev_suspend and flush bio Deadlock occurs when mddev is being suspended while some flush bio is in progress. In the Linux kernel, the following vulnerability has been resolved: md: fix deadlock between mddev_suspend and flush bio Deadlock occurs when mddev is being suspended while some flush bio is in progress. ... • https://git.kernel.org/stable/c/f9f2d957a8ea93c73182aebf7de30935a58c027d •
CVSS: 5.5EPSS: 0%CPEs: 8EXPL: 0CVE-2024-43854 – block: initialize integrity buffer to zero before writing it to media
https://notcve.org/view.php?id=CVE-2024-43854
17 Aug 2024 — In the Linux kernel, the following vulnerability has been resolved: block: initialize integrity buffer to zero before writing it to media Metadata added by bio_integrity_prep is using plain kmalloc, which leads to random kernel memory being written media. In the Linux kernel, the following vulnerability has been resolved: block: initialize integrity buffer to zero before writing it to media Metadata added by bio_integrity_prep is using plain kmalloc, which leads to random kernel memory being w... • https://git.kernel.org/stable/c/7ba1ba12eeef0aa7113beb16410ef8b7c748e18b • CWE-401: Missing Release of Memory after Effective Lifetime •
CVSS: 5.5EPSS: 0%CPEs: 8EXPL: 0CVE-2024-43853 – cgroup/cpuset: Prevent UAF in proc_cpuset_show()
https://notcve.org/view.php?id=CVE-2024-43853
17 Aug 2024 — In the Linux kernel, the following vulnerability has been resolved: cgroup/cpuset: Prevent UAF in proc_cpuset_show() An UAF can happen when /proc/cpuset is read as reported in [1]. ... extid=9b1ff7be974a403aa4cd In the Linux kernel, the following vulnerability has been resolved: cgroup/cpuset: Prevent UAF in proc_cpuset_show() An UAF can happen when /proc/cpuset is read as reported in [1]. ... extid=9b1ff7be974a403aa4cd It was discovered that the CIFS network file system implementation in the ... • https://git.kernel.org/stable/c/a79a908fd2b080977b45bf103184b81c9d11ad07 •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2024-43852 – hwmon: (ltc2991) re-order conditions to fix off by one bug
https://notcve.org/view.php?id=CVE-2024-43852
17 Aug 2024 — In the Linux kernel, the following vulnerability has been resolved: hwmon: (ltc2991) re-order conditions to fix off by one bug LTC2991_T_INT_CH_NR is 4. In the Linux kernel, the following vulnerability has been resolved: hwmon: (ltc2991) re-order conditions to fix off by one bug LTC2991_T_INT_CH_NR is 4. ... In the Linux kernel, the following vulnerability has been resolved: hwmon: (ltc2991) re-order conditions to fix off by one bug LTC2991_T_INT_CH_NR is 4. ... Chenyuan Yang discovered... • https://git.kernel.org/stable/c/2b9ea4262ae9114b0b86ac893b4d6175d8520001 •