CVSS: -EPSS: 0%CPEs: 8EXPL: 0CVE-2024-26839 – IB/hfi1: Fix a memleak in init_credit_return
https://notcve.org/view.php?id=CVE-2024-26839
In the Linux kernel, the following vulnerability has been resolved: IB/hfi1: Fix a memleak in init_credit_return When dma_alloc_coherent fails to allocate dd->cr_base[i].va, init_credit_return should deallocate dd->cr_base and dd->cr_base[i] that allocated before. Or those resources would be never freed and a memleak is triggered. En el kernel de Linux, se resolvió la siguiente vulnerabilidad: IB/hfi1: corrige una fuga de mem en init_credit_return Cuando dma_alloc_coherent no puede asignar dd->cr_base[i].va, init_credit_return debería desasignar dd->cr_base y dd->cr_base[i]. ] el asignado antes. O esos recursos nunca se liberarían y se desencadenaría una fuga de memoria. • https://git.kernel.org/stable/c/7724105686e718ac476a6ad3304fea2fbcfcffde https://git.kernel.org/stable/c/2e4f9f20b32658ef3724aa46f7aef4908d2609e3 https://git.kernel.org/stable/c/cecfb90cf71d91e9efebd68b9e9b84661b277cc8 https://git.kernel.org/stable/c/3fa240bb6b2dbb3e7a3ee1440a4889cbb6207eb7 https://git.kernel.org/stable/c/52de5805c147137205662af89ed7e083d656ae25 https://git.kernel.org/stable/c/f0d857ce31a6bc7a82afcdbadb8f7417d482604b https://git.kernel.org/stable/c/b41d0ade0398007fb746213f09903d52a920e896 https://git.kernel.org/stable/c/8412c86e89cc78d8b513cb25cf2157a2a •
CVSS: -EPSS: 0%CPEs: 4EXPL: 0CVE-2024-26830 – i40e: Do not allow untrusted VF to remove administratively set MAC
https://notcve.org/view.php?id=CVE-2024-26830
In the Linux kernel, the following vulnerability has been resolved: i40e: Do not allow untrusted VF to remove administratively set MAC Currently when PF administratively sets VF's MAC address and the VF is put down (VF tries to delete all MACs) then the MAC is removed from MAC filters and primary VF MAC is zeroed. Do not allow untrusted VF to remove primary MAC when it was set administratively by PF. Reproducer: 1) Create VF 2) Set VF interface up 3) Administratively set the VF's MAC 4) Put VF interface down [root@host ~]# echo 1 > /sys/class/net/enp2s0f0/device/sriov_numvfs [root@host ~]# ip link set enp2s0f0v0 up [root@host ~]# ip link set enp2s0f0 vf 0 mac fe:6c:b5:da:c7:7d [root@host ~]# ip link show enp2s0f0 23: enp2s0f0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq state UP mode DEFAULT group default qlen 1000 link/ether 3c:ec:ef:b7:dd:04 brd ff:ff:ff:ff:ff:ff vf 0 link/ether fe:6c:b5:da:c7:7d brd ff:ff:ff:ff:ff:ff, spoof checking on, link-state auto, trust off [root@host ~]# ip link set enp2s0f0v0 down [root@host ~]# ip link show enp2s0f0 23: enp2s0f0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq state UP mode DEFAULT group default qlen 1000 link/ether 3c:ec:ef:b7:dd:04 brd ff:ff:ff:ff:ff:ff vf 0 link/ether 00:00:00:00:00:00 brd ff:ff:ff:ff:ff:ff, spoof checking on, link-state auto, trust off En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: i40e: No permitir que VF que no es de confianza elimine la MAC configurada administrativamente. Actualmente, cuando PF configura administrativamente la dirección MAC de VF y el VF se desactiva (VF intenta eliminar todas las MAC), entonces la MAC se eliminado de los filtros MAC y el MAC VF primario se pone a cero. No permita que VF que no es de confianza elimine la MAC principal cuando PF la configuró administrativamente. Reproductor: 1) Crear VF 2) Configurar la interfaz VF 3) Configurar administrativamente la MAC del VF 4) Colocar la interfaz VF [root@host ~]# echo 1 > /sys/class/net/enp2s0f0/device/sriov_numvfs [root@ host ~]# enlace ip establecido enp2s0f0v0 up [root@host ~]# enlace ip establecido enp2s0f0 vf 0 mac fe:6c:b5:da:c7:7d [root@host ~]# enlace ip show enp2s0f0 23: enp2s0f0: < BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq estado Modo UP DEFAULT grupo predeterminado qlen 1000 enlace/ether 3c:ec:ef:b7:dd:04 brd ff:ff:ff:ff:ff:ff vf 0 enlace/ ether fe:6c:b5:da:c7:7d brd ff:ff:ff:ff:ff:ff, verificación de suplantación de identidad activada, estado de enlace automático, confianza desactivada [root@host ~]# enlace IP configurado enp2s0f0v0 inactivo [raíz @host ~]# ip link show enp2s0f0 23: enp2s0f0: mtu 1500 qdisc mq state Modo UP DEFAULT grupo predeterminado qlen 1000 link/ether 3c:ec:ef:b7:dd:04 brd ff :ff:ff:ff:ff:ff vf 0 enlace/éter 00:00:00:00:00:00 brd ff:ff:ff:ff:ff:ff, verificación de suplantación de identidad activada, estado de enlace automático, confianza desactivada • https://git.kernel.org/stable/c/700bbf6c1f9e4ab055528d5ab4ac5815fe4a6c1b https://git.kernel.org/stable/c/1c981792e4ccbc134b468797acdd7781959e6893 https://git.kernel.org/stable/c/be147926140ac48022c9605d7ab0a67387e4b404 https://git.kernel.org/stable/c/d250a81ba813a93563be68072c563aa1e346346d https://git.kernel.org/stable/c/73d9629e1c8c1982f13688c4d1019c3994647ccc •
CVSS: -EPSS: 0%CPEs: 8EXPL: 0CVE-2024-26825 – nfc: nci: free rx_data_reassembly skb on NCI device cleanup
https://notcve.org/view.php?id=CVE-2024-26825
In the Linux kernel, the following vulnerability has been resolved: nfc: nci: free rx_data_reassembly skb on NCI device cleanup rx_data_reassembly skb is stored during NCI data exchange for processing fragmented packets. It is dropped only when the last fragment is processed or when an NTF packet with NCI_OP_RF_DEACTIVATE_NTF opcode is received. However, the NCI device may be deallocated before that which leads to skb leak. As by design the rx_data_reassembly skb is bound to the NCI device and nothing prevents the device to be freed before the skb is processed in some way and cleaned, free it on the NCI device cleanup. Found by Linux Verification Center (linuxtesting.org) with Syzkaller. En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: nfc: nci: rx_data_reassembly skb gratuito en la limpieza del dispositivo NCI rx_data_reassembly skb se almacena durante el intercambio de datos NCI para procesar paquetes fragmentados. Se elimina solo cuando se procesa el último fragmento o cuando se recibe un paquete NTF con el código de operación NCI_OP_RF_DEACTIVATE_NTF. Sin embargo, el dispositivo NCI puede desasignarse antes de lo que provoca una fuga de skb. • https://git.kernel.org/stable/c/6a2968aaf50c7a22fced77a5e24aa636281efca8 https://git.kernel.org/stable/c/7e9a8498658b398bf11b8e388005fa54e40aed81 https://git.kernel.org/stable/c/71349abe3aba7fedcab5b3fcd7aa82371fb5ccbf https://git.kernel.org/stable/c/2f6d16f0520d6505241629ee2f5c131b547d5f9d https://git.kernel.org/stable/c/471c9ede8061357b43a116fa692e70d91941ac23 https://git.kernel.org/stable/c/5c0c5ffaed73cbae6c317374dc32ba6cacc60895 https://git.kernel.org/stable/c/16d3f507b0fa70453dc54550df093d6e9ac630c1 https://git.kernel.org/stable/c/a3d90fb5c23f29ba59c04005ae76c5228 •
CVSS: -EPSS: 0%CPEs: 6EXPL: 0CVE-2023-52642 – media: rc: bpf attach/detach requires write permission
https://notcve.org/view.php?id=CVE-2023-52642
In the Linux kernel, the following vulnerability has been resolved: media: rc: bpf attach/detach requires write permission Note that bpf attach/detach also requires CAP_NET_ADMIN. En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: medios: rc: bpf adjunto/detach requiere permiso de escritura. Tenga en cuenta que bpf adjunto/detach también requiere CAP_NET_ADMIN. • https://git.kernel.org/stable/c/93d8109bf182510629bbefc8cd45296d2393987f https://git.kernel.org/stable/c/d98210108e7b2ff64b332b0a3541c8ad6a0617b0 https://git.kernel.org/stable/c/9f6087851ec6dce5b15f694aeaf3e8ec8243224e https://git.kernel.org/stable/c/93136132d1b5792bf44151e3494ae3691cd738e8 https://git.kernel.org/stable/c/caf2da1d4562de4e35eedec0be2b7f1ee25d83be https://git.kernel.org/stable/c/6a9d552483d50953320b9d3b57abdee8d436f23f https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html •
CVSS: -EPSS: 0%CPEs: 8EXPL: 1CVE-2024-26817 – amdkfd: use calloc instead of kzalloc to avoid integer overflow
https://notcve.org/view.php?id=CVE-2024-26817
In the Linux kernel, the following vulnerability has been resolved: amdkfd: use calloc instead of kzalloc to avoid integer overflow This uses calloc instead of doing the multiplication which might overflow. En el kernel de Linux se ha resuelto la siguiente vulnerabilidad: amdkfd: usa calloc en lugar de kzalloc para evitar el desbordamiento de enteros. Esto usa calloc en lugar de hacer la multiplicación que podría desbordarse. • https://github.com/MaherAzzouzi/CVE-2024-26817-amdkfd https://git.kernel.org/stable/c/e6721ea845fcb93a764a92bd40f1afc0d6c69751 https://git.kernel.org/stable/c/8b0564704255c6b3c6a7188e86939f754e1577c0 https://git.kernel.org/stable/c/fcbd99b3c73309107e3be71f20dff9414df64f91 https://git.kernel.org/stable/c/cbac7de1d9901521e78cdc34e15451df3611f2ad https://git.kernel.org/stable/c/e6768c6737f4c02cba193a3339f0cc2907f0b86a https://git.kernel.org/stable/c/315eb3c2df7e4cb18e3eacfa18a53a46f2bf0ef7 https://git.kernel.org/stable/c/0c33d11153949310d76631d8f4a4736519eacd3a http •