CVSS: -EPSS: 0%CPEs: 7EXPL: 0CVE-2024-42302 – PCI/DPC: Fix use-after-free on concurrent DPC and hot-removal
https://notcve.org/view.php?id=CVE-2024-42302
In the Linux kernel, the following vulnerability has been resolved: PCI/DPC: Fix use-after-free on concurrent DPC and hot-removal Keith reports a use-after-free when a DPC event occurs concurrently to hot-removal of the same portion of the hierarchy: The dpc_handler() awaits readiness of the secondary bus below the Downstream Port where the DPC event occurred. • https://git.kernel.org/stable/c/d0292124bb5787a2f1ab1316509e801ca89c10fb https://git.kernel.org/stable/c/ffe2318405e605f1b3985ce188eff69e6d1d1baa https://git.kernel.org/stable/c/189f856e76f5463f59efb5fc18dcc1692d04c41a https://git.kernel.org/stable/c/53b54ad074de1896f8b021615f65b27f557ce874 https://git.kernel.org/stable/c/0081032082b5b45ca902b3c3d6986cb5cca69ff2 https://git.kernel.org/stable/c/c52f9e1a9eb40f13993142c331a6cfd334d4b91d https://git.kernel.org/stable/c/2c111413f38ca5cf87557cab89f6d82b0e3433e7 https://git.kernel.org/stable/c/f63df70b439bb8331358a306541893bf4 •
CVSS: -EPSS: 0%CPEs: 8EXPL: 0CVE-2024-42301 – dev/parport: fix the array out-of-bounds risk
https://notcve.org/view.php?id=CVE-2024-42301
In the Linux kernel, the following vulnerability has been resolved: dev/parport: fix the array out-of-bounds risk Fixed array out-of-bounds issues caused by sprintf by replacing it with snprintf for safer data copying, ensuring the destination buffer is not overflowed. Below is the stack trace I encountered during the actual issue: [ 66.575408s] [pid:5118,cpu4,QThread,4]Kernel panic - not syncing: stack-protector: Kernel stack is corrupted in: do_hardware_base_addr+0xcc/0xd0 [parport] [ 66.575408s] [pid:5118,cpu4,QThread,5]CPU: 4 PID: 5118 Comm: QThread Tainted: G S W O 5.10.97-arm64-desktop #7100.57021.2 [ 66.575439s] [pid:5118,cpu4,QThread,6]TGID: 5087 Comm: EFileApp [ 66.575439s] [pid:5118,cpu4,QThread,7]Hardware name: HUAWEI HUAWEI QingYun PGUX-W515x-B081/SP1PANGUXM, BIOS 1.00.07 04/29/2024 [ 66.575439s] [pid:5118,cpu4,QThread,8]Call trace: [ 66.575469s] [pid:5118,cpu4,QThread,9] dump_backtrace+0x0/0x1c0 [ 66.575469s] [pid:5118,cpu4,QThread,0] show_stack+0x14/0x20 [ 66.575469s] [pid:5118,cpu4,QThread,1] dump_stack+0xd4/0x10c [ 66.575500s] [pid:5118,cpu4,QThread,2] panic+0x1d8/0x3bc [ 66.575500s] [pid:5118,cpu4,QThread,3] __stack_chk_fail+0x2c/0x38 [ 66.575500s] [pid:5118,cpu4,QThread,4] do_hardware_base_addr+0xcc/0xd0 [parport] • https://git.kernel.org/stable/c/166a0bddcc27de41fe13f861c8348e8e53e988c8 https://git.kernel.org/stable/c/47b3dce100778001cd76f7e9188944b5cb27a76d https://git.kernel.org/stable/c/a44f88f7576bc1916d8d6293f5c62fbe7cbe03e0 https://git.kernel.org/stable/c/c719b393374d3763e64900ee19aaed767d5a08d6 https://git.kernel.org/stable/c/7f4da759092a1a6ce35fb085182d02de8cc4cc84 https://git.kernel.org/stable/c/b579ea3516c371ecf59d073772bc45dfd28c8a0e https://git.kernel.org/stable/c/7789a1d6792af410aa9b39a1eb237ed24fa2170a https://git.kernel.org/stable/c/ab11dac93d2d568d151b1918d7b84c2d0 •
CVSS: -EPSS: 0%CPEs: 2EXPL: 0CVE-2024-42300 – erofs: fix race in z_erofs_get_gbuf()
https://notcve.org/view.php?id=CVE-2024-42300
In the Linux kernel, the following vulnerability has been resolved: erofs: fix race in z_erofs_get_gbuf() In z_erofs_get_gbuf(), the current task may be migrated to another CPU between `z_erofs_gbuf_id()` and `spin_lock(&gbuf->lock)`. Therefore, z_erofs_put_gbuf() will trigger the following issue which was found by stress test: <2>[772156.434168] kernel BUG at fs/erofs/zutil.c:58! • https://git.kernel.org/stable/c/f36f3010f67611a45d66e773bc91e4c66a9abab5 https://git.kernel.org/stable/c/49b22e06a947727a6d1c802d2d9ad92420b90fc5 https://git.kernel.org/stable/c/7dc5537c3f8be87e005f0844a7626c987914f8fd •
CVSS: -EPSS: 0%CPEs: 5EXPL: 0CVE-2024-42299 – fs/ntfs3: Update log->page_{mask,bits} if log->page_size changed
https://notcve.org/view.php?id=CVE-2024-42299
In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: Update log->page_{mask,bits} if log->page_size changed If an NTFS file system is mounted to another system with different PAGE_SIZE from the original system, log->page_size will change in log_replay(), but log->page_{mask,bits} don't change correspondingly. This will cause a panic because "u32 bytes = log->page_size - page_off" will get a negative value in the later read_log_page(). • https://git.kernel.org/stable/c/b46acd6a6a627d876898e1c84d3f84902264b445 https://git.kernel.org/stable/c/0484adcb5fbcadd9ba0fd4485c42630f72e97da9 https://git.kernel.org/stable/c/b90ceffdc975502bc085ce8e79c6adeff05f9521 https://git.kernel.org/stable/c/2cac0df3324b5e287d8020bc0708f7d2dec88a6f https://git.kernel.org/stable/c/0a4ae2644e2a3b3b219aad9639fb2b0691d08420 https://git.kernel.org/stable/c/2fef55d8f78383c8e6d6d4c014b9597375132696 •
CVSS: -EPSS: 0%CPEs: 3EXPL: 0CVE-2024-42298 – ASoC: fsl: fsl_qmc_audio: Check devm_kasprintf() returned value
https://notcve.org/view.php?id=CVE-2024-42298
In the Linux kernel, the following vulnerability has been resolved: ASoC: fsl: fsl_qmc_audio: Check devm_kasprintf() returned value devm_kasprintf() can return a NULL pointer on failure but this returned value is not checked. Fix this lack and check the returned value. • https://git.kernel.org/stable/c/075c7125b11c72e7933401d73000d6d151196072 https://git.kernel.org/stable/c/b4205dfcfe96182118e54343954827eda51b2135 https://git.kernel.org/stable/c/af466037fa2b263e8ea5c47285513d2487e17d90 https://git.kernel.org/stable/c/e62599902327d27687693f6e5253a5d56583db58 •