CVSS: -EPSS: 0%CPEs: 4EXPL: 0CVE-2024-35932 – drm/vc4: don't check if plane->state->fb == state->fb
https://notcve.org/view.php?id=CVE-2024-35932
19 May 2024 — In the Linux kernel, the following vulnerability has been resolved: drm/vc4: don't check if plane->state->fb == state->fb Currently, when using non-blocking commits, we can see the following kernel warning: [ 110.908514] ------------[ cut here ]------------ [ 110.908529] refcount_t: underflow; use-after-free. [ 110.908620] WARNING: CPU: 0 PID: 1866 at lib/refcount.c:87 refcount_dec_not_one+0xb8/0xc0 [ 110.908664] Modules linked in: rfcomm snd_seq_dummy snd_hrtimer snd_seq snd_seq_device cmac algif_ha... • https://git.kernel.org/stable/c/48bfb4b03c5ff6e1fa1dc73fb915e150b0968c40 •
CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 0CVE-2024-35931 – drm/amdgpu: Skip do PCI error slot reset during RAS recovery
https://notcve.org/view.php?id=CVE-2024-35931
19 May 2024 — In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Skip do PCI error slot reset during RAS recovery Why: The PCI error slot reset maybe triggered after inject ue to UMC multi times, this caused system hang. [ 557.371857] amdgpu 0000:af:00.0: amdgpu: GPU reset succeeded, trying to resume [ 557.373718] [drm] PCIE GART of 512M enabled. [ 557.373722] [drm] PTB located at 0x0000031FED700000 [ 557.373788] [drm] VRAM is lost due to GPU reset! [ 557.37... • https://git.kernel.org/stable/c/395ca1031acf89d8ecb26127c544a71688d96f35 •
CVSS: 5.5EPSS: 0%CPEs: 8EXPL: 0CVE-2024-35930 – scsi: lpfc: Fix possible memory leak in lpfc_rcv_padisc()
https://notcve.org/view.php?id=CVE-2024-35930
19 May 2024 — In the Linux kernel, the following vulnerability has been resolved: scsi: lpfc: Fix possible memory leak in lpfc_rcv_padisc() The call to lpfc_sli4_resume_rpi() in lpfc_rcv_padisc() may return an unsuccessful status. In such cases, the elsiocb is not issued, the completion is not called, and thus the elsiocb resource is leaked. Check return value after calling lpfc_sli4_resume_rpi() and conditionally release the elsiocb resource. En el kernel de Linux, se resolvió la siguiente vulnerabilidad: scsi: lpfc... • https://git.kernel.org/stable/c/edf82aa7e9eb864a09229392054d131b34a5c9e8 •
CVSS: -EPSS: 0%CPEs: 3EXPL: 0CVE-2024-35929 – rcu/nocb: Fix WARN_ON_ONCE() in the rcu_nocb_bypass_lock()
https://notcve.org/view.php?id=CVE-2024-35929
19 May 2024 — In the Linux kernel, the following vulnerability has been resolved: rcu/nocb: Fix WARN_ON_ONCE() in the rcu_nocb_bypass_lock() For the kernels built with CONFIG_RCU_NOCB_CPU_DEFAULT_ALL=y and CONFIG_RCU_LAZY=y, the following scenarios will trigger WARN_ON_ONCE() in the rcu_nocb_bypass_lock() and rcu_nocb_wait_contended() functions: CPU2 CPU11 kthread rcu_nocb_cb_kthread ksys_write rcu_do_batch ... • https://git.kernel.org/stable/c/4d58c9fb45c70e62c19e8be3f3605889c47601bc •
CVSS: 5.5EPSS: 0%CPEs: 5EXPL: 0CVE-2024-35927 – drm: Check output polling initialized before disabling
https://notcve.org/view.php?id=CVE-2024-35927
19 May 2024 — In the Linux kernel, the following vulnerability has been resolved: drm: Check output polling initialized before disabling In drm_kms_helper_poll_disable() check if output polling support is initialized before disabling polling. If not flag this as a warning. Additionally in drm_mode_config_helper_suspend() and drm_mode_config_helper_resume() calls, that re the callers of these functions, avoid invoking them if polling is not initialized. For drivers like hyperv-drm, that do not initialize connector polli... • https://git.kernel.org/stable/c/786c27982a39d79cc753f84229eb5977ac8ef1c1 •
CVSS: 5.5EPSS: 0%CPEs: 8EXPL: 0CVE-2024-35925 – block: prevent division by zero in blk_rq_stat_sum()
https://notcve.org/view.php?id=CVE-2024-35925
19 May 2024 — In the Linux kernel, the following vulnerability has been resolved: block: prevent division by zero in blk_rq_stat_sum() The expression dst->nr_samples + src->nr_samples may have zero value on overflow. It is necessary to add a check to avoid division by zero. Found by Linux Verification Center (linuxtesting.org) with Svace. En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: bloquear: evitar la división por cero en blk_rq_stat_sum() La expresión dst->nr_samples + src->nr_samples pue... • https://git.kernel.org/stable/c/6a55dab4ac956deb23690eedd74e70b892a378e7 •
CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 0CVE-2024-35924 – usb: typec: ucsi: Limit read size on v1.2
https://notcve.org/view.php?id=CVE-2024-35924
19 May 2024 — In the Linux kernel, the following vulnerability has been resolved: usb: typec: ucsi: Limit read size on v1.2 Between UCSI 1.2 and UCSI 2.0, the size of the MESSAGE_IN region was increased from 16 to 256. In order to avoid overflowing reads for older systems, add a mechanism to use the read UCSI version to truncate read sizes on UCSI v1.2. En el kernel de Linux se ha resuelto la siguiente vulnerabilidad: usb: typec: ucsi: Limitar el tamaño de lectura en v1.2 Entre UCSI 1.2 y UCSI 2.0, el tamaño de la regi... • https://git.kernel.org/stable/c/266f403ec47573046dee4bcebda82777ce702c40 •
CVSS: -EPSS: 0%CPEs: 8EXPL: 0CVE-2024-35922 – fbmon: prevent division by zero in fb_videomode_from_videomode()
https://notcve.org/view.php?id=CVE-2024-35922
19 May 2024 — In the Linux kernel, the following vulnerability has been resolved: fbmon: prevent division by zero in fb_videomode_from_videomode() The expression htotal * vtotal can have a zero value on overflow. It is necessary to prevent division by zero like in fb_var_to_videomode(). Found by Linux Verification Center (linuxtesting.org) with Svace. En el kernel de Linux se ha resuelto la siguiente vulnerabilidad: fbmon: evita la división por cero en fb_videomode_from_videomode() La expresión htotal * vtotal puede t... • https://git.kernel.org/stable/c/1fb52bc1de55e9e0bdf71fe078efd4da0889710f •
CVSS: 5.3EPSS: 0%CPEs: 8EXPL: 0CVE-2023-52699 – sysv: don't call sb_bread() with pointers_lock held
https://notcve.org/view.php?id=CVE-2023-52699
19 May 2024 — In the Linux kernel, the following vulnerability has been resolved: sysv: don't call sb_bread() with pointers_lock held syzbot is reporting sleep in atomic context in SysV filesystem [1], for sb_bread() is called with rw_spinlock held. A "write_lock(&pointers_lock) => read_lock(&pointers_lock) deadlock" bug and a "sb_bread() with write_lock(&pointers_lock)" bug were introduced by "Replace BKL for chain locking with sysvfs-private rwlock" in Linux 2.5.12. Then, "[PATCH] err1-40: sysvfs locking fix" in Li... • https://git.kernel.org/stable/c/13b33feb2ebddc2b1aa607f553566b18a4af1d76 •
CVSS: -EPSS: 0%CPEs: 8EXPL: 0CVE-2024-35915 – nfc: nci: Fix uninit-value in nci_dev_up and nci_ntf_packet
https://notcve.org/view.php?id=CVE-2024-35915
19 May 2024 — In the Linux kernel, the following vulnerability has been resolved: nfc: nci: Fix uninit-value in nci_dev_up and nci_ntf_packet syzbot reported the following uninit-value access issue [1][2]: nci_rx_work() parses and processes received packet. When the payload length is zero, each message type handler reads uninitialized payload and KMSAN detects this issue. The receipt of a packet with a zero-size payload is considered unexpected, and therefore, such packets should be silently discarded. This patch res... • https://git.kernel.org/stable/c/6a2968aaf50c7a22fced77a5e24aa636281efca8 •