CVSS: 4.7EPSS: 0%CPEs: 6EXPL: 0CVE-2024-41005 – netpoll: Fix race condition in netpoll_owner_active
https://notcve.org/view.php?id=CVE-2024-41005
12 Jul 2024 — In the Linux kernel, the following vulnerability has been resolved: netpoll: Fix race condition in netpoll_owner_active KCSAN detected a race condition in netpoll: BUG: KCSAN: data-race in net_rx_action / netpoll_send_skb write (marked) to 0xffff8881164168b0 of 4 bytes by interrupt on cpu 10: net_rx_action (./include/linux/netpoll.h:90 net/core/dev.c:6712 net/core/dev.c:6822)
CVSS: 0EPSS: 0%CPEs: 6EXPL: 0CVE-2024-41004 – tracing: Build event generation tests only as modules
https://notcve.org/view.php?id=CVE-2024-41004
12 Jul 2024 — In the Linux kernel, the following vulnerability has been resolved: tracing: Build event generation tests only as modules The kprobes and synth event generation test modules add events and lock (get a reference) those event file reference in module init function, and unlock and delete it in module exit function. This is because those are designed for playing as modules. If we make those modules as built-in, those events are left locked in the kernel, and never be removed. This causes kprobe event self-test ... • https://git.kernel.org/stable/c/9fe41efaca08416657efa8731c0d47ccb6a3f3eb •
CVSS: 7.0EPSS: 0%CPEs: 2EXPL: 0CVE-2024-41003 – bpf: Fix reg_set_min_max corruption of fake_reg
https://notcve.org/view.php?id=CVE-2024-41003
12 Jul 2024 — In the Linux kernel, the following vulnerability has been resolved: bpf: Fix reg_set_min_max corruption of fake_reg Juan reported that after doing some changes to buzzer [0] and implementing a new fuzzing strategy guided by coverage, they noticed the following in one of the probes: [...] 13: (79) r6 = *(u64 *)(r0 +0) ; R0=map_value(ks=4,vs=8) R6_w=scalar() 14: (b7) r0 = 0 ; R0_w=0 15: (b4) w0 = -1 ; R0_w=0xffffffff 16: (74) w0 >>= 1 ; R0_w=0x7fffffff 17: (5c) w6 &= w0 ; R0_w=0x7fffffff R6_w=scalar(smin=smin... • https://git.kernel.org/stable/c/67420501e8681ae18f9f0ea0a69cd2f432100e70 •
CVSS: 5.5EPSS: 0%CPEs: 5EXPL: 0CVE-2024-41002 – crypto: hisilicon/sec - Fix memory leak for sec resource release
https://notcve.org/view.php?id=CVE-2024-41002
12 Jul 2024 — In the Linux kernel, the following vulnerability has been resolved: crypto: hisilicon/sec - Fix memory leak for sec resource release The AIV is one of the SEC resources. When releasing resources, it need to release the AIV resources at the same time. Otherwise, memory leakage occurs. The aiv resource release is added to the sec resource release function. In the Linux kernel, the following vulnerability has been resolved: crypto: hisilicon/sec - Fix memory leak for sec resource release The AIV is one of the ... • https://git.kernel.org/stable/c/a886bcb0f67d1e3d6b2da25b3519de59098200c2 •
CVSS: 5.5EPSS: 0%CPEs: 4EXPL: 0CVE-2024-41001 – io_uring/sqpoll: work around a potential audit memory leak
https://notcve.org/view.php?id=CVE-2024-41001
12 Jul 2024 — In the Linux kernel, the following vulnerability has been resolved: io_uring/sqpoll: work around a potential audit memory leak kmemleak complains that there's a memory leak related to connect handling: unreferenced object 0xffff0001093bdf00 (size 128): comm "iou-sqp-455", pid 457, jiffies 4294894164 hex dump (first 32 bytes): 02 00 fa ea 7f 00 00 01 00 00 00 00 00 00 00 00 ................ 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ backtrace (crc 2e481b1a): [<00000000c0a26af4>] kmemlea... • https://git.kernel.org/stable/c/55c22375cbaa24f77dd13f9ae0642915444a1227 • CWE-402: Transmission of Private Resources into a New Sphere ('Resource Leak') •
CVSS: 7.8EPSS: 0%CPEs: 6EXPL: 0CVE-2024-41000 – block/ioctl: prefer different overflow check
https://notcve.org/view.php?id=CVE-2024-41000
12 Jul 2024 — In the Linux kernel, the following vulnerability has been resolved: block/ioctl: prefer different overflow check Running syzkaller with the newly reintroduced signed integer overflow sanitizer shows this report: [ 62.982337] ------------[ cut here ]------------ [ 62.985692] cgroup: Invalid name [ 62.986211] UBSAN: signed-integer-overflow in ../block/ioctl.c:36:46 [ 62.989370] 9pnet_fd: p9_fd_create_tcp (7343): problem connecting socket to 127.0.0.1 [ 62.992992] 9223372036854775807 + 4095 cannot be represent... • https://git.kernel.org/stable/c/58706e482bf45c4db48b0c53aba2468c97adda24 •
CVSS: 3.6EPSS: 0%CPEs: 2EXPL: 0CVE-2024-40999 – net: ena: Add validation for completion descriptors consistency
https://notcve.org/view.php?id=CVE-2024-40999
12 Jul 2024 — In the Linux kernel, the following vulnerability has been resolved: net: ena: Add validation for completion descriptors consistency Validate that `first` flag is set only for the first descriptor in multi-buffer packets. In case of an invalid descriptor, a reset will occur. A new reset reason for RX data corruption has been added. In the Linux kernel, the following vulnerability has been resolved: net: ena: Add validation for completion descriptors consistency Validate that `first` flag is set only for the ... • https://git.kernel.org/stable/c/42146ee5286f16f1674a84f7c274dcca65c6ff2e •
CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 0CVE-2024-40998 – ext4: fix uninitialized ratelimit_state->lock access in __ext4_fill_super()
https://notcve.org/view.php?id=CVE-2024-40998
12 Jul 2024 — In the Linux kernel, the following vulnerability has been resolved: ext4: fix uninitialized ratelimit_state->lock access in __ext4_fill_super() In the following concurrency we will access the uninitialized rs->lock: ext4_fill_super ext4_register_sysfs // sysfs registered msg_ratelimit_interval_ms // Other processes modify rs->interval to // non-zero via msg_ratelimit_interval_ms ext4_orphan_cleanup ext4_msg(sb, KERN_INFO, "Errors on filesystem, " __ext4_msg ___ratelimit(&(EXT4_SB(sb)->s_msg_ratelimit_state)... • https://git.kernel.org/stable/c/23afcd52af06880c6c913a0ad99022b8937b575c •
CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 0CVE-2024-40997 – cpufreq: amd-pstate: fix memory leak on CPU EPP exit
https://notcve.org/view.php?id=CVE-2024-40997
12 Jul 2024 — In the Linux kernel, the following vulnerability has been resolved: cpufreq: amd-pstate: fix memory leak on CPU EPP exit The cpudata memory from kzalloc() in amd_pstate_epp_cpu_init() is not freed in the analogous exit function, so fix that. [ rjw: Subject and changelog edits ] In the Linux kernel, the following vulnerability has been resolved: cpufreq: amd-pstate: fix memory leak on CPU EPP exit The cpudata memory from kzalloc() in amd_pstate_epp_cpu_init() is not freed in the analogous exit function, so f... • https://git.kernel.org/stable/c/448efb7ea0bfa2c4e27c5a2eb5684fd225cd12cd • CWE-402: Transmission of Private Resources into a New Sphere ('Resource Leak') •
CVSS: 7.8EPSS: 0%CPEs: 5EXPL: 0CVE-2024-40996 – bpf: Avoid splat in pskb_pull_reason
https://notcve.org/view.php?id=CVE-2024-40996
12 Jul 2024 — In the Linux kernel, the following vulnerability has been resolved: bpf: Avoid splat in pskb_pull_reason syzkaller builds (CONFIG_DEBUG_NET=y) frequently trigger a debug hint in pskb_may_pull. We'd like to retain this debug check because it might hint at integer overflows and other issues (kernel code should pull headers, not huge value). In bpf case, this splat isn't interesting at all: such (nonsensical) bpf programs are typically generated by a fuzzer anyway. Do what Eric suggested and suppress such warn... • https://git.kernel.org/stable/c/8af60bb2b215f478b886f1d6d302fefa7f0b917d •