CVSS: -EPSS: 0%CPEs: 6EXPL: 0CVE-2024-42277 – iommu: sprd: Avoid NULL deref in sprd_iommu_hw_en
https://notcve.org/view.php?id=CVE-2024-42277
In the Linux kernel, the following vulnerability has been resolved: iommu: sprd: Avoid NULL deref in sprd_iommu_hw_en In sprd_iommu_cleanup() before calling function sprd_iommu_hw_en() dom->sdev is equal to NULL, which leads to null dereference. Found by Linux Verification Center (linuxtesting.org) with SVACE. • https://git.kernel.org/stable/c/92c089a931fd3939cd32318cf4f54e69e8f51a19 https://git.kernel.org/stable/c/8745f3592ee4a7b49ede16ddd3f12a41ecaa23c9 https://git.kernel.org/stable/c/9afea57384d4ae7b2034593eac7fa76c7122762a https://git.kernel.org/stable/c/d0a917fd5e3b3ed9d9306b4260ba684b982da9f3 https://git.kernel.org/stable/c/8c79ceb4ecf823e6ec10fee6febb0fca3de79922 https://git.kernel.org/stable/c/dfe90030a0cfa26dca4cb6510de28920e5ad22fb https://git.kernel.org/stable/c/b62841e49a2b7938f6fdeaaf93fb57e4eb880bdb https://git.kernel.org/stable/c/d5fe884ce28c5005f8582c35333c195a1 •
CVSS: -EPSS: 0%CPEs: 7EXPL: 0CVE-2024-42276 – nvme-pci: add missing condition check for existence of mapped data
https://notcve.org/view.php?id=CVE-2024-42276
In the Linux kernel, the following vulnerability has been resolved: nvme-pci: add missing condition check for existence of mapped data nvme_map_data() is called when request has physical segments, hence the nvme_unmap_data() should have same condition to avoid dereference. • https://git.kernel.org/stable/c/4aedb705437f6f98b45f45c394e6803ca67abd33 https://git.kernel.org/stable/c/3f8ec1d6b0ebd8268307d52be8301973fa5a01ec https://git.kernel.org/stable/c/be23ae63080e0bf9e246ab20207200bca6585eba https://git.kernel.org/stable/c/7cc1f4cd90a00b6191cb8cda2d1302fdce59361c https://git.kernel.org/stable/c/d135c3352f7c947a922da93c8e763ee6bc208b64 https://git.kernel.org/stable/c/77848b379e9f85a08048a2c8b3b4a7e8396f5f83 https://git.kernel.org/stable/c/70100fe721840bf6d8e5abd25b8bffe4d2e049b7 https://git.kernel.org/stable/c/c31fad1470389666ac7169fe43aa65bf5 •
CVSS: -EPSS: 0%CPEs: 7EXPL: 0CVE-2023-52889 – apparmor: Fix null pointer deref when receiving skb during sock creation
https://notcve.org/view.php?id=CVE-2023-52889
In the Linux kernel, the following vulnerability has been resolved: apparmor: Fix null pointer deref when receiving skb during sock creation The panic below is observed when receiving ICMP packets with secmark set while an ICMP raw socket is being created. • https://git.kernel.org/stable/c/ab9f2115081ab7ba63b77a759e0f3eb5d6463d7f https://git.kernel.org/stable/c/0abe35bc48d4ec80424b1f4b3560c0e082cbd5c1 https://git.kernel.org/stable/c/347dcb84a4874b5fb375092c08d8cc4069b94f81 https://git.kernel.org/stable/c/290a6b88e8c19b6636ed1acc733d1458206f7697 https://git.kernel.org/stable/c/ead2ad1d9f045f26fdce3ef1644913b3a6cd38f2 https://git.kernel.org/stable/c/6c920754f62cefc63fccdc38a062c7c3452e2961 https://git.kernel.org/stable/c/46c17ead5b7389e22e7dc9903fd0ba865d05bda2 https://git.kernel.org/stable/c/fce09ea314505a52f2436397608fa0a5d •
CVSS: -EPSS: 0%CPEs: 2EXPL: 0CVE-2024-42275 – drm/client: Fix error code in drm_client_buffer_vmap_local()
https://notcve.org/view.php?id=CVE-2024-42275
In the Linux kernel, the following vulnerability has been resolved: drm/client: Fix error code in drm_client_buffer_vmap_local() This function accidentally returns zero/success on the failure path. It leads to locking issues and an uninitialized *map_copy in the caller. • https://git.kernel.org/stable/c/b4b0193e83cb987143583e2b4011b35331f429bd https://git.kernel.org/stable/c/c0f412961653237f52e2f16ee8747fb330bcf074 https://git.kernel.org/stable/c/b5fbf924f125ba3638cfdc21c0515eb7e76264ca •
CVSS: -EPSS: 0%CPEs: 5EXPL: 0CVE-2024-42274 – Revert "ALSA: firewire-lib: operate for period elapse event in process context"
https://notcve.org/view.php?id=CVE-2024-42274
In the Linux kernel, the following vulnerability has been resolved: Revert "ALSA: firewire-lib: operate for period elapse event in process context" Commit 7ba5ca32fe6e ("ALSA: firewire-lib: operate for period elapse event in process context") removed the process context workqueue from amdtp_domain_stream_pcm_pointer() and update_pcm_pointers() to remove its overhead. With RME Fireface 800, this lead to a regression since Kernels 5.14.0, causing an AB/BA deadlock competition for the substream lock with eventual system freeze under ALSA operation: thread 0: * (lock A) acquire substream lock by snd_pcm_stream_lock_irq() in snd_pcm_status64() * (lock B) wait for tasklet to finish by calling tasklet_unlock_spin_wait() in tasklet_disable_in_atomic() in ohci_flush_iso_completions() of ohci.c thread 1: * (lock B) enter tasklet * (lock A) attempt to acquire substream lock, waiting for it to be released: snd_pcm_stream_lock_irqsave() in snd_pcm_period_elapsed() in update_pcm_pointers() in process_ctx_payloads() in process_rx_packets() of amdtp-stream.c ? • https://git.kernel.org/stable/c/7ba5ca32fe6e8d2e153fb5602997336517b34743 https://git.kernel.org/stable/c/7c07220cf634002f93a87ca2252a32766850f2d1 https://git.kernel.org/stable/c/b239a37d68e8bc59f9516444da222841e3b13ba9 https://git.kernel.org/stable/c/f5043e69aeb2786f32e84132817a007a6430aa7d https://git.kernel.org/stable/c/36c255db5a25edd42d1aca48e38b8e95ee5fd9ef https://git.kernel.org/stable/c/3dab73ab925a51ab05543b491bf17463a48ca323 •