CVSS: 5.5EPSS: 0%CPEs: 5EXPL: 0CVE-2024-41002 – crypto: hisilicon/sec - Fix memory leak for sec resource release
https://notcve.org/view.php?id=CVE-2024-41002
12 Jul 2024 — In the Linux kernel, the following vulnerability has been resolved: crypto: hisilicon/sec - Fix memory leak for sec resource release The AIV is one of the SEC resources. When releasing resources, it need to release the AIV resources at the same time. Otherwise, memory leakage occurs. The aiv resource release is added to the sec resource release function. In the Linux kernel, the following vulnerability has been resolved: crypto: hisilicon/sec - Fix memory leak for sec resource release The AIV is one of the ... • https://git.kernel.org/stable/c/a886bcb0f67d1e3d6b2da25b3519de59098200c2 •
CVSS: 5.5EPSS: 0%CPEs: 4EXPL: 0CVE-2024-41001 – io_uring/sqpoll: work around a potential audit memory leak
https://notcve.org/view.php?id=CVE-2024-41001
12 Jul 2024 — In the Linux kernel, the following vulnerability has been resolved: io_uring/sqpoll: work around a potential audit memory leak kmemleak complains that there's a memory leak related to connect handling: unreferenced object 0xffff0001093bdf00 (size 128): comm "iou-sqp-455", pid 457, jiffies 4294894164 hex dump (first 32 bytes): 02 00 fa ea 7f 00 00 01 00 00 00 00 00 00 00 00 ................ 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ backtrace (crc 2e481b1a): [<00000000c0a26af4>] kmemlea... • https://git.kernel.org/stable/c/55c22375cbaa24f77dd13f9ae0642915444a1227 • CWE-402: Transmission of Private Resources into a New Sphere ('Resource Leak') •
CVSS: 7.8EPSS: 0%CPEs: 6EXPL: 0CVE-2024-41000 – block/ioctl: prefer different overflow check
https://notcve.org/view.php?id=CVE-2024-41000
12 Jul 2024 — In the Linux kernel, the following vulnerability has been resolved: block/ioctl: prefer different overflow check Running syzkaller with the newly reintroduced signed integer overflow sanitizer shows this report: [ 62.982337] ------------[ cut here ]------------ [ 62.985692] cgroup: Invalid name [ 62.986211] UBSAN: signed-integer-overflow in ../block/ioctl.c:36:46 [ 62.989370] 9pnet_fd: p9_fd_create_tcp (7343): problem connecting socket to 127.0.0.1 [ 62.992992] 9223372036854775807 + 4095 cannot be represent... • https://git.kernel.org/stable/c/58706e482bf45c4db48b0c53aba2468c97adda24 •
CVSS: 3.6EPSS: 0%CPEs: 2EXPL: 0CVE-2024-40999 – net: ena: Add validation for completion descriptors consistency
https://notcve.org/view.php?id=CVE-2024-40999
12 Jul 2024 — In the Linux kernel, the following vulnerability has been resolved: net: ena: Add validation for completion descriptors consistency Validate that `first` flag is set only for the first descriptor in multi-buffer packets. In case of an invalid descriptor, a reset will occur. A new reset reason for RX data corruption has been added. In the Linux kernel, the following vulnerability has been resolved: net: ena: Add validation for completion descriptors consistency Validate that `first` flag is set only for the ... • https://git.kernel.org/stable/c/42146ee5286f16f1674a84f7c274dcca65c6ff2e •
CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 0CVE-2024-40998 – ext4: fix uninitialized ratelimit_state->lock access in __ext4_fill_super()
https://notcve.org/view.php?id=CVE-2024-40998
12 Jul 2024 — In the Linux kernel, the following vulnerability has been resolved: ext4: fix uninitialized ratelimit_state->lock access in __ext4_fill_super() In the following concurrency we will access the uninitialized rs->lock: ext4_fill_super ext4_register_sysfs // sysfs registered msg_ratelimit_interval_ms // Other processes modify rs->interval to // non-zero via msg_ratelimit_interval_ms ext4_orphan_cleanup ext4_msg(sb, KERN_INFO, "Errors on filesystem, " __ext4_msg ___ratelimit(&(EXT4_SB(sb)->s_msg_ratelimit_state)... • https://git.kernel.org/stable/c/23afcd52af06880c6c913a0ad99022b8937b575c •
CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 0CVE-2024-40997 – cpufreq: amd-pstate: fix memory leak on CPU EPP exit
https://notcve.org/view.php?id=CVE-2024-40997
12 Jul 2024 — In the Linux kernel, the following vulnerability has been resolved: cpufreq: amd-pstate: fix memory leak on CPU EPP exit The cpudata memory from kzalloc() in amd_pstate_epp_cpu_init() is not freed in the analogous exit function, so fix that. [ rjw: Subject and changelog edits ] In the Linux kernel, the following vulnerability has been resolved: cpufreq: amd-pstate: fix memory leak on CPU EPP exit The cpudata memory from kzalloc() in amd_pstate_epp_cpu_init() is not freed in the analogous exit function, so f... • https://git.kernel.org/stable/c/448efb7ea0bfa2c4e27c5a2eb5684fd225cd12cd • CWE-402: Transmission of Private Resources into a New Sphere ('Resource Leak') •
CVSS: 7.8EPSS: 0%CPEs: 5EXPL: 0CVE-2024-40996 – bpf: Avoid splat in pskb_pull_reason
https://notcve.org/view.php?id=CVE-2024-40996
12 Jul 2024 — In the Linux kernel, the following vulnerability has been resolved: bpf: Avoid splat in pskb_pull_reason syzkaller builds (CONFIG_DEBUG_NET=y) frequently trigger a debug hint in pskb_may_pull. We'd like to retain this debug check because it might hint at integer overflows and other issues (kernel code should pull headers, not huge value). In bpf case, this splat isn't interesting at all: such (nonsensical) bpf programs are typically generated by a fuzzer anyway. Do what Eric suggested and suppress such warn... • https://git.kernel.org/stable/c/8af60bb2b215f478b886f1d6d302fefa7f0b917d •
CVSS: 5.5EPSS: 0%CPEs: 7EXPL: 0CVE-2024-40995 – net/sched: act_api: fix possible infinite loop in tcf_idr_check_alloc()
https://notcve.org/view.php?id=CVE-2024-40995
12 Jul 2024 — In the Linux kernel, the following vulnerability has been resolved: net/sched: act_api: fix possible infinite loop in tcf_idr_check_alloc() syzbot found hanging tasks waiting on rtnl_lock [1] A reproducer is available in the syzbot bug. When a request to add multiple actions with the same index is sent, the second request will block forever on the first request. This holds rtnl_lock, and causes tasks to hang. Return -EAGAIN to prevent infinite looping, while keeping documented behavior. [1] INFO: task kwork... • https://git.kernel.org/stable/c/0190c1d452a91c38a3462abdd81752be1b9006a8 • CWE-833: Deadlock •
CVSS: 7.8EPSS: 0%CPEs: 5EXPL: 0CVE-2024-40994 – ptp: fix integer overflow in max_vclocks_store
https://notcve.org/view.php?id=CVE-2024-40994
12 Jul 2024 — In the Linux kernel, the following vulnerability has been resolved: ptp: fix integer overflow in max_vclocks_store On 32bit systems, the "4 * max" multiply can overflow. Use kcalloc() to do the allocation to prevent this. In the Linux kernel, the following vulnerability has been resolved: ptp: fix integer overflow in max_vclocks_store On 32bit systems, the "4 * max" multiply can overflow. Use kcalloc() to do the allocation to prevent this. • https://git.kernel.org/stable/c/44c494c8e30e35713c7d11ca3c5ab332cbfabacf •
CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 0CVE-2024-40993 – netfilter: ipset: Fix suspicious rcu_dereference_protected()
https://notcve.org/view.php?id=CVE-2024-40993
12 Jul 2024 — In the Linux kernel, the following vulnerability has been resolved: netfilter: ipset: Fix suspicious rcu_dereference_protected() When destroying all sets, we are either in pernet exit phase or are executing a "destroy all sets command" from userspace. The latter was taken into account in ip_set_dereference() (nfnetlink mutex is held), but the former was not. The patch adds the required check to rcu_dereference_protected() in ip_set_dereference(). In the Linux kernel, the following vulnerability has been res... • https://git.kernel.org/stable/c/390b353d1a1da3e9c6c0fd14fe650d69063c95d6 •