CVSS: 5.6EPSS: 0%CPEs: 4EXPL: 0CVE-2024-40989 – KVM: arm64: Disassociate vcpus from redistributor region on teardown
https://notcve.org/view.php?id=CVE-2024-40989
In the Linux kernel, the following vulnerability has been resolved: KVM: arm64: Disassociate vcpus from redistributor region on teardown When tearing down a redistributor region, make sure we don't have any dangling pointer to that region stored in a vcpu. A vulnerability was found in the Linux kernel's KVM for ARM64 within the vgic-init.c, vgic-mmio-v3.c, and vgic.h files. The virtual vCPUs may retain dangling pointers in a redistributor region after they have been torn down, leading to potential memory corruption. • https://git.kernel.org/stable/c/e5a35635464bc5304674b84ea42615a3fd0bd949 https://git.kernel.org/stable/c/68df4fc449fcc24347209e500ce26d5816705a77 https://git.kernel.org/stable/c/48bb62859d47c5c4197a8c01128d0fa4f46ee58c https://git.kernel.org/stable/c/152b4123f21e6aff31cea01158176ad96a999c76 https://git.kernel.org/stable/c/0d92e4a7ffd5c42b9fa864692f82476c0bf8bcc8 https://access.redhat.com/security/cve/CVE-2024-40989 https://bugzilla.redhat.com/show_bug.cgi?id=2297573 • CWE-825: Expired Pointer Dereference •
CVSS: 4.7EPSS: 0%CPEs: 8EXPL: 0CVE-2024-40988 – drm/radeon: fix UBSAN warning in kv_dpm.c
https://notcve.org/view.php?id=CVE-2024-40988
In the Linux kernel, the following vulnerability has been resolved: drm/radeon: fix UBSAN warning in kv_dpm.c Adds bounds check for sumo_vid_mapping_entry. • https://git.kernel.org/stable/c/07e8f15fa16695cf4c90e89854e59af4a760055b https://git.kernel.org/stable/c/a8c6df9fe5bc390645d1e96eff14ffe414951aad https://git.kernel.org/stable/c/febe794b83693257f21a23d2e03ea695a62449c8 https://git.kernel.org/stable/c/cf1cc8fcfe517e108794fb711f7faabfca0dc855 https://git.kernel.org/stable/c/f803532bc3825384100dfc58873e035d77248447 https://git.kernel.org/stable/c/9e57611182a817824a17b1c3dd300ee74a174b42 https://git.kernel.org/stable/c/468a50fd46a09bba7ba18a11054ae64b6479ecdc https://git.kernel.org/stable/c/a498df5421fd737d11bfd152428ba6b1c • CWE-787: Out-of-bounds Write •
CVSS: -EPSS: 0%CPEs: 8EXPL: 0CVE-2024-40987 – drm/amdgpu: fix UBSAN warning in kv_dpm.c
https://notcve.org/view.php?id=CVE-2024-40987
In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: fix UBSAN warning in kv_dpm.c Adds bounds check for sumo_vid_mapping_entry. • https://git.kernel.org/stable/c/4ad7d49059358ceadd352b4e2511425bdb68f400 https://git.kernel.org/stable/c/1c44f7759a5650acf8f13d3e0a184d09e03be9e4 https://git.kernel.org/stable/c/d8a04a6bfa75251ba7bcc3651ed211e82f13f388 https://git.kernel.org/stable/c/4d020c1dbd2b2304f44d003e6de956ae570049dc https://git.kernel.org/stable/c/fc5cb952e6723c5c55e47b8cf94a891bd4af1a86 https://git.kernel.org/stable/c/b065d79ed06a0bb4377bc6dcc2ff0cb1f55a798f https://git.kernel.org/stable/c/b0d612619ed70cab476c77b19e00d13aa414e14f https://git.kernel.org/stable/c/f0d576f840153392d04b2d52cf3adab8f •
CVSS: -EPSS: 0%CPEs: 3EXPL: 0CVE-2024-40986 – dmaengine: xilinx: xdma: Fix data synchronisation in xdma_channel_isr()
https://notcve.org/view.php?id=CVE-2024-40986
In the Linux kernel, the following vulnerability has been resolved: dmaengine: xilinx: xdma: Fix data synchronisation in xdma_channel_isr() Requests the vchan lock before using xdma->stop_request. • https://git.kernel.org/stable/c/6a40fb8245965b481b4dcce011cd63f20bf91ee0 https://git.kernel.org/stable/c/582ce5d734190d74e5ce9cd711cf6e964e1e7b29 https://git.kernel.org/stable/c/8e1f54e4a3f3207c9dc68bb5000603b75802e7f0 https://git.kernel.org/stable/c/462237d2d93fc9e9221d1cf9f773954d27da83c0 •
CVSS: -EPSS: 0%CPEs: 2EXPL: 0CVE-2024-40985 – net/tcp_ao: Don't leak ao_info on error-path
https://notcve.org/view.php?id=CVE-2024-40985
In the Linux kernel, the following vulnerability has been resolved: net/tcp_ao: Don't leak ao_info on error-path It seems I introduced it together with TCP_AO_CMDF_AO_REQUIRED, on version 5 [1] of TCP-AO patches. Quite frustrative that having all these selftests that I've written, running kmemtest & kcov was always in todo. [1]: https://lore.kernel.org/netdev/20230215183335.800122-5-dima@arista.com/ • https://git.kernel.org/stable/c/0aadc73995d08f6b0dc061c14a564ffa46f5914e https://git.kernel.org/stable/c/ebaa7d3c26332330a48f9a15f8e518d526cc0f21 https://git.kernel.org/stable/c/f9ae848904289ddb16c7c9e4553ed4c64300de49 •