CVSS: 5.0EPSS: 0%CPEs: 3EXPL: 0CVE-2024-57976 – btrfs: do proper folio cleanup when cow_file_range() failed
https://notcve.org/view.php?id=CVE-2024-57976
27 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: btrfs: do proper folio cleanup when cow_file_range() failed [BUG] When testing with COW fixup marked as BUG_ON() (this is involved with the new pin_user_pages*() change, which should not result new out-of-band dirty pages), I hit a crash triggered by the BUG_ON() from hitting COW fixup path. ... keep_locked cases) ---truncated--- In the Linux kernel, the following vulnerability has been resolved: btrfs: do proper folio cleanup... • https://git.kernel.org/stable/c/10b3772292bf1be45604ba83fd9650eb94382e78 •
CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 0CVE-2024-57975 – btrfs: do proper folio cleanup when run_delalloc_nocow() failed
https://notcve.org/view.php?id=CVE-2024-57975
27 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: btrfs: do proper folio cleanup when run_delalloc_nocow() failed [BUG] With CONFIG_DEBUG_VM set, test case generic/476 has some chance to crash with the following VM_BUG_ON_FOLIO(): BTRFS error (device dm-3): cow_file_range failed, start 1146880 end 1253375 len 106496 ret -28 BTRFS error (device dm-3): run_delalloc_nocow failed, start 1146880 end 1253375 len 106496 ret -28 page: refcount:4 mapcount:0 mapping:00000000592787cc index:0x1... • https://git.kernel.org/stable/c/5ae72abbf91eb172ce3a838a4dc34be3c9707296 •
CVSS: 8.8EPSS: 0%CPEs: 3EXPL: 0CVE-2024-57974 – udp: Deal with race between UDP socket address change and rehash
https://notcve.org/view.php?id=CVE-2024-57974
27 Feb 2025 — In another variant of this reproducer, starting the client with: strace -f pasta --config-net -u 1337 socat UDP4-LISTEN:1337,null-eof OPEN:tmp.out,create,tru ---truncated--- In the Linux kernel, the following vulnerability has been resolved: udp: Deal with race between UDP socket address change and rehash If a UDP socket changes its local address while it's receiving datagrams, as a result of connect(), there is a period during which a lookup operation might fail to find it, after the address is chan... • https://git.kernel.org/stable/c/30fff9231fad757c061285e347b33c5149c2c2e4 •
CVSS: 5.5EPSS: 0%CPEs: 8EXPL: 0CVE-2024-57973 – rdma/cxgb4: Prevent potential integer overflow on 32bit
https://notcve.org/view.php?id=CVE-2024-57973
27 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: rdma/cxgb4: Prevent potential integer overflow on 32bit The "gl->tot_len" variable is controlled by the user. In the Linux kernel, the following vulnerability has been resolved: rdma/cxgb4: Prevent potential integer overflow on 32bit The "gl->tot_len" variable is controlled by the user. ... • https://git.kernel.org/stable/c/1cab775c3e75f1250c965feafd061d696df36e53 •
CVSS: 7.1EPSS: 0%CPEs: 3EXPL: 0CVE-2024-57953 – rtc: tps6594: Fix integer overflow on 32bit systems
https://notcve.org/view.php?id=CVE-2024-57953
27 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: rtc: tps6594: Fix integer overflow on 32bit systems The problem is this multiply in tps6594_rtc_set_offset() tmp = offset * TICKS_PER_HOUR; The "tmp" variable is an s64 but "offset" is a long in the (-277774)-277774 range. In the Linux kernel, the following vulnerability has been resolved: rtc: tps6594: Fix integer overflow on 32bit systems The problem is this multiply in tps6594_rtc_set_offset() tmp = offset * TICKS_PER_HOUR;... • https://git.kernel.org/stable/c/9f67c1e63976d3403f0b250b03ffe959c890f9db •
CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 0CVE-2022-49732 – sock: redo the psock vs ULP protection check
https://notcve.org/view.php?id=CVE-2022-49732
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: sock: redo the psock vs ULP protection check Commit 8a59f9d1e3d4 ("sock: Introduce sk->sk_prot->psock_update_sk_prot()") has moved the inet_csk_has_ulp(sk) check from sk_psock_init() to the new tcp_bpf_update_proto() function. In the Linux kernel, the following vulnerability has been resolved: sock: redo the psock vs ULP protection check Commit 8a59f9d1e3d4 ("sock: Introduce sk->sk_prot->psock_update_sk_prot()") has moved the ... • https://git.kernel.org/stable/c/8a59f9d1e3d4340659fdfee8879dc09a6f2546e1 •
CVSS: 5.5EPSS: 0%CPEs: 8EXPL: 0CVE-2022-49731 – ata: libata-core: fix NULL pointer deref in ata_host_alloc_pinfo()
https://notcve.org/view.php?id=CVE-2022-49731
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: ata: libata-core: fix NULL pointer deref in ata_host_alloc_pinfo() In an unlikely (and probably wrong?) ... Found by Linux Verification Center (linuxtesting.org) with the SVACE static analysis tool. Found by Linux Verification Center (linuxtesting.org) with the SVACE static analysis tool. A flaw was found in the libata module in the Linux kernel. ... • https://git.kernel.org/stable/c/ca4693e6e06e4fd2b240c0fec47aa2498c94848e • CWE-476: NULL Pointer Dereference •
CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 0CVE-2022-49730 – scsi: lpfc: Resolve NULL ptr dereference after an ELS LOGO is aborted
https://notcve.org/view.php?id=CVE-2022-49730
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: scsi: lpfc: Resolve NULL ptr dereference after an ELS LOGO is aborted A use-after-free crash can occur after an ELS LOGO is aborted. In the Linux kernel, the following vulnerability has been resolved: scsi: lpfc: Resolve NULL ptr dereference after an ELS LOGO is aborted A use-after-free crash can occur after an ELS LOGO is aborted. ... • https://git.kernel.org/stable/c/5e83869e29448958f8ae2c6911f350318f75e4fc • CWE-416: Use After Free •
CVSS: 5.5EPSS: 0%CPEs: 8EXPL: 0CVE-2022-49729 – nfc: nfcmrvl: Fix memory leak in nfcmrvl_play_deferred
https://notcve.org/view.php?id=CVE-2022-49729
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: nfc: nfcmrvl: Fix memory leak in nfcmrvl_play_deferred Similar to the handling of play_deferred in commit 19cfe912c37b ("Bluetooth: btusb: Fix memory leak in play_deferred"), we thought a patch might be needed here as well. In the Linux kernel, the following vulnerability has been resolved: nfc: nfcmrvl: Fix memory leak in nfcmrvl_play_deferred Similar to the handling of play_deferred in commit 19cfe912c37b ("Bluetooth: btusb:... • https://git.kernel.org/stable/c/1eb0afecfb9cd0f38424b82bd9aaa542310934ee •
CVSS: 7.1EPSS: 0%CPEs: 4EXPL: 0CVE-2022-49728 – ipv6: Fix signed integer overflow in __ip6_append_data
https://notcve.org/view.php?id=CVE-2022-49728
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: ipv6: Fix signed integer overflow in __ip6_append_data Resurrect ubsan overflow checks and ubsan report this warning, fix it by change the variable [length] type to size_t. In the Linux kernel, the following vulnerability has been resolved: ipv6: Fix signed integer overflow in __ip6_append_data Resurrect ubsan overflow checks and ubsan report this warning, fix it by change the variable [length] type to size_t. ... • https://git.kernel.org/stable/c/f26422eabeb517629568edf8c2dd9c6cb9147584 •