CVSS: 7.0EPSS: 0%CPEs: 10EXPL: 0CVE-2024-36883 – net: fix out-of-bounds access in ops_init
https://notcve.org/view.php?id=CVE-2024-36883
In the Linux kernel, the following vulnerability has been resolved: net: fix out-of-bounds access in ops_init net_alloc_generic is called by net_alloc, which is called without any locking. It reads max_gen_ptrs, which is changed under pernet_ops_rwsem. It is read twice, first to allocate an array, then to set s.len, which is later used to limit the bounds of the array access. It is possible that the array is allocated and another thread is registering a new pernet ops, increments max_gen_ptrs, which is then used to set s.len with a larger than allocated length for the variable array. Fix it by reading max_gen_ptrs only once in net_alloc_generic. If max_gen_ptrs is later incremented, it will be caught in net_assign_generic. En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: net: corrige el acceso fuera de los límites en ops_init net_alloc_generic es llamado por net_alloc, que se llama sin ningún bloqueo. • https://git.kernel.org/stable/c/073862ba5d249c20bd5c49fc6d904ff0e1f6a672 https://git.kernel.org/stable/c/561331eae0a03d0c4cf60f3cf485aa3e8aa5ab48 https://git.kernel.org/stable/c/a2c82f7bee1ffa9eafa1fb0bd886a7eea8c9e497 https://git.kernel.org/stable/c/3cdc34d76c4f777579e28ad373979d36c030cfd3 https://git.kernel.org/stable/c/7b0e64583eab8c1d896b47e5dd0bf2e7d86ec41f https://git.kernel.org/stable/c/0c3248bc708a7797be573214065cf908ff1f54c7 https://git.kernel.org/stable/c/9518b79bfd2fbf99fa9b7e8e36bcb1825e7ba030 https://git.kernel.org/stable/c/2d60ff5874aefd006717ca5e22ac1e25e • CWE-787: Out-of-bounds Write •
CVSS: -EPSS: 0%CPEs: 5EXPL: 0CVE-2024-36880 – Bluetooth: qca: add missing firmware sanity checks
https://notcve.org/view.php?id=CVE-2024-36880
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: qca: add missing firmware sanity checks Add the missing sanity checks when parsing the firmware files before downloading them to avoid accessing and corrupting memory beyond the vmalloced buffer. En el kernel de Linux, se resolvió la siguiente vulnerabilidad: Bluetooth: qca: agregar comprobaciones de integridad del firmware faltantes Agregue las comprobaciones de integridad del firmware faltantes al analizar los archivos de firmware antes de descargarlos para evitar acceder y dañar la memoria más allá del búfer vmalloced. • https://git.kernel.org/stable/c/83e81961ff7ef75f97756f316caea5aa6bcc19cc https://git.kernel.org/stable/c/ed53949cc92e28aaa3463d246942bda1fbb7f307 https://git.kernel.org/stable/c/1caceadfb50432dbf6d808796cb6c34ebb6d662c https://git.kernel.org/stable/c/427281f9498ed614f9aabc80e46ec077c487da6d https://git.kernel.org/stable/c/02f05ed44b71152d5e11d29be28aed91c0489b4e https://git.kernel.org/stable/c/2e4edfa1e2bd821a317e7d006517dcf2f3fac68d •
CVSS: -EPSS: 0%CPEs: 5EXPL: 0CVE-2024-36032 – Bluetooth: qca: fix info leak when fetching fw build id
https://notcve.org/view.php?id=CVE-2024-36032
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: qca: fix info leak when fetching fw build id Add the missing sanity checks and move the 255-byte build-id buffer off the stack to avoid leaking stack data through debugfs in case the build-info reply is malformed. En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: Bluetooth: qca: corrige la fuga de información al recuperar el ID de compilación del firmware. Agregue las comprobaciones de cordura que faltan y mueva el búfer de ID de compilación de 255 bytes fuera de la pila para evitar la filtración de datos de la pila a través de debugfs en en caso de que la respuesta de información de compilación esté mal formada. • https://git.kernel.org/stable/c/c0187b0bd3e94c48050687d87b2c3c9fbae98ae9 https://git.kernel.org/stable/c/62d5550ab62042dcceaf18844d0feadbb962cffe https://git.kernel.org/stable/c/57062aa13e87b1a78a4a8f6cb5fab6ba24f5f488 https://git.kernel.org/stable/c/6b63e0ef4d3ce0080395e5091fba2023f246c45a https://git.kernel.org/stable/c/a571044cc0a0c944e7c12237b6768aeedd7480e1 https://git.kernel.org/stable/c/cda0d6a198e2a7ec6f176c36173a57bdd8af7af2 •
CVSS: 9.8EPSS: 0%CPEs: 7EXPL: 0CVE-2024-36031 – keys: Fix overwrite of key expiration on instantiation
https://notcve.org/view.php?id=CVE-2024-36031
In the Linux kernel, the following vulnerability has been resolved: keys: Fix overwrite of key expiration on instantiation The expiry time of a key is unconditionally overwritten during instantiation, defaulting to turn it permanent. This causes a problem for DNS resolution as the expiration set by user-space is overwritten to TIME64_MAX, disabling further DNS updates. Fix this by restoring the condition that key_set_expiry is only called when the pre-parser sets a specific expiry. En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: claves: se corrige la sobrescritura de la caducidad de la clave al crear instancias. El tiempo de caducidad de una clave se sobrescribe incondicionalmente durante la creación de instancias, y de forma predeterminada se vuelve permanente. • https://git.kernel.org/stable/c/97be1e865e70e5a0ad0a5b5f5dca5031ca0b53ac https://git.kernel.org/stable/c/2552b32b0b349df160a509fe49f5f308cb922f2b https://git.kernel.org/stable/c/791d5409cdb974c31a1bc7a903ea729ddc7d83df https://git.kernel.org/stable/c/afc360e8a1256acb7579a6f5b6f2c30b85b39301 https://git.kernel.org/stable/c/39299bdd2546688d92ed9db4948f6219ca1b9542 https://git.kernel.org/stable/c/ad2011ea787928b2accb5134f1e423b11fe80a8a https://git.kernel.org/stable/c/ed79b93f725cd0da39a265dc23d77add1527b9be https://git.kernel.org/stable/c/e4519a016650e952ad9eb27937f8c447d • CWE-324: Use of a Key Past its Expiration Date •
CVSS: -EPSS: 0%CPEs: 7EXPL: 0CVE-2023-52882 – clk: sunxi-ng: h6: Reparent CPUX during PLL CPUX rate change
https://notcve.org/view.php?id=CVE-2023-52882
In the Linux kernel, the following vulnerability has been resolved: clk: sunxi-ng: h6: Reparent CPUX during PLL CPUX rate change While PLL CPUX clock rate change when CPU is running from it works in vast majority of cases, now and then it causes instability. This leads to system crashes and other undefined behaviour. After a lot of testing (30+ hours) while also doing a lot of frequency switches, we can't observe any instability issues anymore when doing reparenting to stable clock like 24 MHz oscillator. En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: clk: sunxi-ng: h6: CPUX reparent durante el cambio de velocidad de CPUX de PLL. Mientras que el cambio de velocidad de reloj de CPUX de PLL cuando la CPU se está ejecutando, funciona en la gran mayoría de los casos, de vez en cuando provoca inestabilidad. • https://git.kernel.org/stable/c/524353ea480b0094c16f2b5684ce7e0a23ab3685 https://git.kernel.org/stable/c/fe11826ffa200e1a7a826e745163cb2f47875f66 https://git.kernel.org/stable/c/bfc78b4628497eb6df09a6b5bba9dd31616ee175 https://git.kernel.org/stable/c/f1fa9a9816204ac4b118b2e613d3a7c981355019 https://git.kernel.org/stable/c/70f64cb29014e4c4f1fabd3265feebd80590d069 https://git.kernel.org/stable/c/0b82eb134d2942ecc669e2ab2be3f0a58d79428a https://git.kernel.org/stable/c/9708e5081cfc4f085690294163389bcf82655f90 https://git.kernel.org/stable/c/7e91ed763dc07437777bd012af7a2bd44 •