CVSS: 5.5EPSS: 0%CPEs: 5EXPL: 0CVE-2024-42270 – netfilter: iptables: Fix null-ptr-deref in iptable_nat_table_init().
https://notcve.org/view.php?id=CVE-2024-42270
17 Aug 2024 — bpfilter_send_req (net/bpfilter/bpfilter_kern.c:52) bpfilter nf_getsockopt (net/netfilter/nf_sockopt.c:116) ip_getsockopt (net/ipv4/ip_sockglue.c:1827) __sys_getsockopt (net/socket.c:2327) __x64_sys_getsockopt (net/socket.c:2342 net/socket.c:2339 net/socket.c:2339) do_syscall_64 (arch/x86/entry/common.c:51 arch/x86/entry/common.c:81) entry_SYSCALL_64_after_hwframe (arch/x86/entry/entry_64.S:121) RIP: 0033:0x7f62844685ee Code: 48 8b 0d 45 28 0f 00 f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f 84 00 00 00 00 00 9... • https://git.kernel.org/stable/c/fdacd57c79b79a03c7ca88f706ad9fb7b46831c1 •
CVSS: 5.5EPSS: 0%CPEs: 5EXPL: 0CVE-2024-42269 – netfilter: iptables: Fix potential null-ptr-deref in ip6table_nat_table_init().
https://notcve.org/view.php?id=CVE-2024-42269
17 Aug 2024 — In the Linux kernel, the following vulnerability has been resolved: netfilter: iptables: Fix potential null-ptr-deref in ip6table_nat_table_init(). In the Linux kernel, the following vulnerability has been resolved: netfilter: iptables: Fix potential null-ptr-deref in ip6table_nat_table_init(). ip6table_nat_table_init() accesses net->gen->ptr[ip6table_nat_net_ops.id], but the function is exposed to user space before the entry is allocated via register_pernet_subsys(). ... • https://git.kernel.org/stable/c/fdacd57c79b79a03c7ca88f706ad9fb7b46831c1 •
CVSS: 5.5EPSS: 0%CPEs: 4EXPL: 0CVE-2024-42268 – net/mlx5: Fix missing lock on sync reset reload
https://notcve.org/view.php?id=CVE-2024-42268
17 Aug 2024 — In the Linux kernel, the following vulnerability has been resolved: net/mlx5: Fix missing lock on sync reset reload On sync reset reload work, when remote host updates devlink on reload actions performed on that host, it misses taking devlink lock before calling devlink_remote_reload_actions_performed() which results in triggering lock assert like the following: WARNING: CPU: 4 PID: 1164 at net/devlink/core.c:261 devl_assert_locked+0x3e/0x50 … CPU: 4 PID: 1164 Comm: kworker/u96:6 Tainted: G S W 6.10.... • https://git.kernel.org/stable/c/84a433a40d0ebf3bbf36b8bfa58c6f45dc782344 • CWE-617: Reachable Assertion •
CVSS: 5.5EPSS: 0%CPEs: 6EXPL: 0CVE-2024-42267 – riscv/mm: Add handling for VM_FAULT_SIGSEGV in mm_fault_error()
https://notcve.org/view.php?id=CVE-2024-42267
17 Aug 2024 — In the Linux kernel, the following vulnerability has been resolved: riscv/mm: Add handling for VM_FAULT_SIGSEGV in mm_fault_error() Handle VM_FAULT_SIGSEGV in the page fault path so that we correctly kill the process and we don't BUG() the kernel. In the Linux kernel, the following vulnerability has been resolved: riscv/mm: Add handling for VM_FAULT_SIGSEGV in mm_fault_error() Handle VM_FAULT_SIGSEGV in the page fault path so that we correctly kill the process and we don't BUG() the kernel. • https://git.kernel.org/stable/c/07037db5d479f90377c998259a4f9a469c404edf •
CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 0CVE-2024-42266 – btrfs: make cow_file_range_inline() honor locked_page on error
https://notcve.org/view.php?id=CVE-2024-42266
17 Aug 2024 — Oops: invalid opcode: 0000 [#1] PREEMPT SMP KASAN PTI CPU: 1 PID: 5090 Comm: syz-executor225 Not tainted 6.10.0-syzkaller-05505-gb1bc554e009e #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024 RIP: 0010:btrfs_folio_end_all_writers+0x55b/0x610 fs/btrfs/subpage.c:871 Code: e9 d3 fb ff ff e8 25 22 c2 fd 48 c7 c7 c0 3c 0e 8c 48 c7 c6 80 3d 0e 8c 48 c7 c2 60 3c 0e 8c b9 67 03 00 00 e8 66 47 ad 07 90 <0f> 0b e8 6e 45 b0 07 4c 89 ff be 08 00 00 00 e8 21 12 25 fe 4c 89 RSP:... • https://git.kernel.org/stable/c/0586d0a89e77d717da14df42648ace4a9fd67981 •
CVSS: 5.5EPSS: 0%CPEs: 8EXPL: 0CVE-2024-42265 – protect the fetch of ->fd[fd] in do_dup2() from mispredictions
https://notcve.org/view.php?id=CVE-2024-42265
17 Aug 2024 — In the Linux kernel, the following vulnerability has been resolved: protect the fetch of ->fd[fd] in do_dup2() from mispredictions both callers have verified that fd is not greater than ->max_fds; however, misprediction might end up with tofree = fdt->fd[fd]; being speculatively executed. In the Linux kernel, the following vulnerability has been resolved: protect the fetch of ->fd[fd] in do_dup2() from mispredictions both callers have verified that fd is not greater than ->max_fds; however, mi... • https://git.kernel.org/stable/c/ed42e8ff509d2a61c6642d1825032072dab79f26 • CWE-99: Improper Control of Resource Identifiers ('Resource Injection') •
CVSS: 7.1EPSS: 0%CPEs: 2EXPL: 0CVE-2024-42264 – drm/v3d: Prevent out of bounds access in performance query extensions
https://notcve.org/view.php?id=CVE-2024-42264
17 Aug 2024 — In the Linux kernel, the following vulnerability has been resolved: drm/v3d: Prevent out of bounds access in performance query extensions Check that the number of perfmons userspace is passing in the copy and reset extensions is not greater than the internal kernel storage where the ids will be copied into. (cherry picked from commit f32b5128d2c440368b5bf3a7a356823e235caabb) In the Linux kernel, the following vulnerability has been resolved: drm/v3d: Prevent out of bounds access in performance... • https://git.kernel.org/stable/c/bae7cb5d68001a8d4ceec5964dda74bb9aab7220 •
CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 0CVE-2024-42263 – drm/v3d: Fix potential memory leak in the timestamp extension
https://notcve.org/view.php?id=CVE-2024-42263
17 Aug 2024 — In the Linux kernel, the following vulnerability has been resolved: drm/v3d: Fix potential memory leak in the timestamp extension If fetching of userspace memory fails during the main loop, all drm sync objs looked up until that point will be leaked because of the missing drm_syncobj_put. ... (cherry picked from commit 753ce4fea62182c77e1691ab4f9022008f25b62e) In the Linux kernel, the following vulnerability has been resolved: drm/v3d: Fix potential memory leak in the timestamp extension If fe... • https://git.kernel.org/stable/c/9ba0ff3e083f6a4a0b6698f06bfff74805fefa5f •
CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 0CVE-2024-42262 – drm/v3d: Fix potential memory leak in the performance extension
https://notcve.org/view.php?id=CVE-2024-42262
17 Aug 2024 — In the Linux kernel, the following vulnerability has been resolved: drm/v3d: Fix potential memory leak in the performance extension If fetching of userspace memory fails during the main loop, all drm sync objs looked up until that point will be leaked because of the missing drm_syncobj_put. ... (cherry picked from commit 484de39fa5f5b7bd0c5f2e2c5265167250ef7501) In the Linux kernel, the following vulnerability has been resolved: drm/v3d: Fix potential memory leak in the performance extension I... • https://git.kernel.org/stable/c/bae7cb5d68001a8d4ceec5964dda74bb9aab7220 •
CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 0CVE-2024-42261 – drm/v3d: Validate passed in drm syncobj handles in the timestamp extension
https://notcve.org/view.php?id=CVE-2024-42261
17 Aug 2024 — In the Linux kernel, the following vulnerability has been resolved: drm/v3d: Validate passed in drm syncobj handles in the timestamp extension If userspace provides an unknown or invalid handle anywhere in the handle array the rest of the driver will not handle that well. ... (cherry picked from commit 8d1276d1b8f738c3afe1457d4dff5cc66fc848a3) In the Linux kernel, the following vulnerability has been resolved: drm/v3d: Validate passed in drm syncobj handles in the timestamp extension If usersp... • https://git.kernel.org/stable/c/9ba0ff3e083f6a4a0b6698f06bfff74805fefa5f •