CVSS: -EPSS: 0%CPEs: 4EXPL: 0CVE-2024-56538 – drm: zynqmp_kms: Unplug DRM device before removal
https://notcve.org/view.php?id=CVE-2024-56538
In the Linux kernel, the following vulnerability has been resolved: drm: zynqmp_kms: Unplug DRM device before removal Prevent userspace accesses to the DRM device from causing use-after-frees by unplugging the device before we remove it. This causes any further userspace accesses to result in an error without further calls into this driver's internals. • https://git.kernel.org/stable/c/d76271d22694e874ed70791702db9252ffe96a4c https://git.kernel.org/stable/c/a17b9afe58c474657449cf87e238b1788200576b https://git.kernel.org/stable/c/4fb97432e28a7e136b2d76135d50e988ada8e1af https://git.kernel.org/stable/c/692f52aedccbf79b212a1e14e3735192b4c24a7d https://git.kernel.org/stable/c/2e07c88914fc5289c21820b1aa94f058feb38197 •
CVSS: -EPSS: 0%CPEs: 7EXPL: 0CVE-2024-56533 – ALSA: usx2y: Use snd_card_free_when_closed() at disconnection
https://notcve.org/view.php?id=CVE-2024-56533
In the Linux kernel, the following vulnerability has been resolved: ALSA: usx2y: Use snd_card_free_when_closed() at disconnection The USB disconnect callback is supposed to be short and not too-long waiting. OTOH, the current code uses snd_card_free() at disconnection, but this waits for the close of all used fds, hence it can take long. It eventually blocks the upper layer USB ioctls, which may trigger a soft lockup. An easy workaround is to replace snd_card_free() with snd_card_free_when_closed(). This variant returns immediately while the release of resources is done asynchronously by the card device release at the last close. • https://git.kernel.org/stable/c/230cd5e24853ed4dd960461989b8ed0986d37a99 https://git.kernel.org/stable/c/24fe9f7ca83ec9acf765339054951f5cd9ae5c5d https://git.kernel.org/stable/c/befcca1777525e37c659b4129d8ac7463b07ef67 https://git.kernel.org/stable/c/7bd8838c0ea886679a32834fdcacab296d072fbe https://git.kernel.org/stable/c/e07605d855c4104d981653146a330ea48f6266ed https://git.kernel.org/stable/c/ffbfc6c4330fc233698529656798bee44fea96f5 https://git.kernel.org/stable/c/e869642a77a9b3b98b0ab2c8fec7af4385140909 https://git.kernel.org/stable/c/dafb28f02be407e07a6f679e922a62659 •
CVSS: -EPSS: 0%CPEs: 9EXPL: 0CVE-2024-56532 – ALSA: us122l: Use snd_card_free_when_closed() at disconnection
https://notcve.org/view.php?id=CVE-2024-56532
In the Linux kernel, the following vulnerability has been resolved: ALSA: us122l: Use snd_card_free_when_closed() at disconnection The USB disconnect callback is supposed to be short and not too-long waiting. OTOH, the current code uses snd_card_free() at disconnection, but this waits for the close of all used fds, hence it can take long. It eventually blocks the upper layer USB ioctls, which may trigger a soft lockup. An easy workaround is to replace snd_card_free() with snd_card_free_when_closed(). This variant returns immediately while the release of resources is done asynchronously by the card device release at the last close. The loop of us122l->mmap_count check is dropped as well. The check is useless for the asynchronous operation with *_when_closed(). • https://git.kernel.org/stable/c/030a07e441296c372f946cd4065b5d831d8dc40c https://git.kernel.org/stable/c/020cbc4d7414f0962004213e2b7bc5cc607e9ec7 https://git.kernel.org/stable/c/75f418b249d84021865eaa59515d3ed9b75ce4d6 https://git.kernel.org/stable/c/bf0aa35a7cb8602cccf2387712114e836f65c154 https://git.kernel.org/stable/c/9a48bd2184b142c92a4e17eac074c61fcf975bc9 https://git.kernel.org/stable/c/bc778ad3e495333eebda36fe91d5b2c93109cc16 https://git.kernel.org/stable/c/2938dd2648522336133c151dd67bb9bf01cbd390 https://git.kernel.org/stable/c/9b27924dc8d7f8a8c35e521287d4ccb9a •
CVSS: -EPSS: 0%CPEs: 9EXPL: 0CVE-2024-56531 – ALSA: caiaq: Use snd_card_free_when_closed() at disconnection
https://notcve.org/view.php?id=CVE-2024-56531
In the Linux kernel, the following vulnerability has been resolved: ALSA: caiaq: Use snd_card_free_when_closed() at disconnection The USB disconnect callback is supposed to be short and not too-long waiting. OTOH, the current code uses snd_card_free() at disconnection, but this waits for the close of all used fds, hence it can take long. It eventually blocks the upper layer USB ioctls, which may trigger a soft lockup. An easy workaround is to replace snd_card_free() with snd_card_free_when_closed(). This variant returns immediately while the release of resources is done asynchronously by the card device release at the last close. This patch also splits the code to the disconnect and the free phases; the former is called immediately at the USB disconnect callback while the latter is called from the card destructor. • https://git.kernel.org/stable/c/523f1dce37434a9a6623bf46e7893e2b4b10ac3c https://git.kernel.org/stable/c/3993edf44d3df7b6e8c753eac6ac8783473fcbab https://git.kernel.org/stable/c/ebad462eec93b0f701dfe4de98990e7355283801 https://git.kernel.org/stable/c/4dd821dcbfcecf7af6a08370b0b217cde2818acf https://git.kernel.org/stable/c/cadf1d8e9ddcd74584ec961aeac14ac549b261d8 https://git.kernel.org/stable/c/237f3faf0177bdde728fa3106d730d806436aa4d https://git.kernel.org/stable/c/4507a8b9b30344c5ddd8219945f446d47e966a6d https://git.kernel.org/stable/c/dd0de8cb708951cebf727aa045e8242ba •
CVSS: -EPSS: 0%CPEs: 9EXPL: 0CVE-2024-53239 – ALSA: 6fire: Release resources at card release
https://notcve.org/view.php?id=CVE-2024-53239
In the Linux kernel, the following vulnerability has been resolved: ALSA: 6fire: Release resources at card release The current 6fire code tries to release the resources right after the call of usb6fire_chip_abort(). But at this moment, the card object might be still in use (as we're calling snd_card_free_when_closed()). For avoid potential UAFs, move the release of resources to the card's private_free instead of the manual call of usb6fire_chip_destroy() at the USB disconnect callback. • https://git.kernel.org/stable/c/c6d43ba816d1cf1d125bfbfc938f2a28a87facf9 https://git.kernel.org/stable/c/74357d0b5cd3ef544752bc9f21cbeee4902fae6c https://git.kernel.org/stable/c/273eec23467dfbfbd0e4c10302579ba441fb1e13 https://git.kernel.org/stable/c/f2d06d4e129e2508e356136f99bb20a332ff1a00 https://git.kernel.org/stable/c/b889a7d68d7e76b8795b754a75c91a2d561d5e8c https://git.kernel.org/stable/c/ea8cc56db659cf0ae57073e32a4735ead7bd7ee3 https://git.kernel.org/stable/c/b754e831a94f82f2593af806741392903f359168 https://git.kernel.org/stable/c/0df7f4b5cc10f5adf98be0845372e9eef •