CVSS: 7.0EPSS: 0%CPEs: 2EXPL: 0CVE-2024-39492 – mailbox: mtk-cmdq: Fix pm_runtime_get_sync() warning in mbox shutdown
https://notcve.org/view.php?id=CVE-2024-39492
10 Jul 2024 — In the Linux kernel, the following vulnerability has been resolved: mailbox: mtk-cmdq: Fix pm_runtime_get_sync() warning in mbox shutdown The return value of pm_runtime_get_sync() in cmdq_mbox_shutdown() will return 1 when pm runtime state is active, and we don't want to get the warning message in this case. So we change the return value < 0 for WARN_ON(). En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: mailbox: mtk-cmdq: corrige la advertencia pm_runtime_get_sync() en el apagado de mb... • https://git.kernel.org/stable/c/8afe816b0c9944a11adb12628e3b700a08a55d52 • CWE-252: Unchecked Return Value •
CVSS: 4.1EPSS: 0%CPEs: 3EXPL: 0CVE-2024-39491 – ALSA: hda: cs35l56: Fix lifetime of cs_dsp instance
https://notcve.org/view.php?id=CVE-2024-39491
10 Jul 2024 — In the Linux kernel, the following vulnerability has been resolved: ALSA: hda: cs35l56: Fix lifetime of cs_dsp instance The cs_dsp instance is initialized in the driver probe() so it should be freed in the driver remove(). Also fix a missing call to cs_dsp_remove() in the error path of cs35l56_hda_common_probe(). The call to cs_dsp_remove() was being done in the component unbind callback cs35l56_hda_unbind(). This meant that if the driver was unbound and then re-bound it would be using an uninitialized c... • https://git.kernel.org/stable/c/73cfbfa9caea8eda54b4c6e49a9555533660aa1e •
CVSS: 6.2EPSS: 0%CPEs: 5EXPL: 0CVE-2024-39490 – ipv6: sr: fix missing sk_buff release in seg6_input_core
https://notcve.org/view.php?id=CVE-2024-39490
10 Jul 2024 — In the Linux kernel, the following vulnerability has been resolved: ipv6: sr: fix missing sk_buff release in seg6_input_core The seg6_input() function is responsible for adding the SRH into a packet, delegating the operation to the seg6_input_core(). This function uses the skb_cow_head() to ensure that there is sufficient headroom in the sk_buff for accommodating the link-layer header. In the event that the skb_cow_header() function fails, the seg6_input_core() catches the error but it does not release th... • https://git.kernel.org/stable/c/af3b5158b89d3bab9be881113417558c71b71ca4 • CWE-401: Missing Release of Memory after Effective Lifetime •
CVSS: -EPSS: 0%CPEs: 8EXPL: 0CVE-2024-39489 – ipv6: sr: fix memleak in seg6_hmac_init_algo
https://notcve.org/view.php?id=CVE-2024-39489
10 Jul 2024 — In the Linux kernel, the following vulnerability has been resolved: ipv6: sr: fix memleak in seg6_hmac_init_algo seg6_hmac_init_algo returns without cleaning up the previous allocations if one fails, so it's going to leak all that memory and the crypto tfms. Update seg6_hmac_exit to only free the memory when allocated, so we can reuse the code directly. En el kernel de Linux, se resolvió la siguiente vulnerabilidad: ipv6: sr: corrige memleak en seg6_hmac_init_algo seg6_hmac_init_algo regresa sin limpiar ... • https://git.kernel.org/stable/c/bf355b8d2c30a289232042cacc1cfaea4923936c •
CVSS: 5.5EPSS: 0%CPEs: 8EXPL: 0CVE-2024-39488 – arm64: asm-bug: Add .align 2 to the end of __BUG_ENTRY
https://notcve.org/view.php?id=CVE-2024-39488
10 Jul 2024 — In the Linux kernel, the following vulnerability has been resolved: arm64: asm-bug: Add .align 2 to the end of __BUG_ENTRY When CONFIG_DEBUG_BUGVERBOSE=n, we fail to add necessary padding bytes to bug_table entries, and as a result the last entry in a bug table will be ignored, potentially leading to an unexpected panic(). All prior entries in the table will be handled correctly. The arm64 ABI requires that struct fields of up to 8 bytes are naturally-aligned, with padding added within a struct such that... • https://git.kernel.org/stable/c/9fb7410f955f7a62c1f882ca8f9ffd4525907e28 •
CVSS: 5.5EPSS: 0%CPEs: 8EXPL: 0CVE-2024-39487 – bonding: Fix out-of-bounds read in bond_option_arp_ip_targets_set()
https://notcve.org/view.php?id=CVE-2024-39487
09 Jul 2024 — In the Linux kernel, the following vulnerability has been resolved: bonding: Fix out-of-bounds read in bond_option_arp_ip_targets_set() In function bond_option_arp_ip_targets_set(), if newval->string is an empty string, newval->string+1 will point to the byte after the string, causing an out-of-bound read. BUG: KASAN: slab-out-of-bounds in strlen+0x7d/0xa0 lib/string.c:418 Read of size 1 at addr ffff8881119c4781 by task syz-executor665/8107 CPU: 1 PID: 8107 Comm: syz-executor665 Not tainted 6.7.0-rc7 #1 ... • https://git.kernel.org/stable/c/f9de11a165943a55e0fbda714caf60eaeb276a42 •
CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 0CVE-2024-39486 – drm/drm_file: Fix pid refcounting race
https://notcve.org/view.php?id=CVE-2024-39486
06 Jul 2024 — In the Linux kernel, the following vulnerability has been resolved: drm/drm_file: Fix pid refcounting race
CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 0CVE-2024-39485 – media: v4l: async: Properly re-initialise notifier entry in unregister
https://notcve.org/view.php?id=CVE-2024-39485
05 Jul 2024 — In the Linux kernel, the following vulnerability has been resolved: media: v4l: async: Properly re-initialise notifier entry in unregister The notifier_entry of a notifier is not re-initialised after unregistering the notifier. This leads to dangling pointers being left there so use list_del_init() to return the notifier_entry an empty list. En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: medios: v4l: async: Reinicializar correctamente la entrada del notificador al cancelar el registro ... • https://git.kernel.org/stable/c/b8ec754ae4c563f6aab8c0cb47aeb2eae67f1da3 • CWE-665: Improper Initialization •
CVSS: 5.5EPSS: 0%CPEs: 6EXPL: 0CVE-2024-39484 – mmc: davinci: Don't strip remove function when driver is builtin
https://notcve.org/view.php?id=CVE-2024-39484
05 Jul 2024 — In the Linux kernel, the following vulnerability has been resolved: mmc: davinci: Don't strip remove function when driver is builtin Using __exit for the remove function results in the remove callback being discarded with CONFIG_MMC_DAVINCI=y. When such a device gets unbound (e.g. using sysfs or hotplug), the driver is just removed without the cleanup being performed. This results in resource leaks. Fix it by compiling in the remove callback unconditionally. This also fixes a W=1 modpost warning: WARNIN... • https://git.kernel.org/stable/c/b4cff4549b7a8c5fc8b88e3493b6287555f0512c • CWE-770: Allocation of Resources Without Limits or Throttling •
CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 0CVE-2024-39483 – KVM: SVM: WARN on vNMI + NMI window iff NMIs are outright masked
https://notcve.org/view.php?id=CVE-2024-39483
05 Jul 2024 — In the Linux kernel, the following vulnerability has been resolved: KVM: SVM: WARN on vNMI + NMI window iff NMIs are outright masked When requesting an NMI window, WARN on vNMI support being enabled if and only if NMIs are actually masked, i.e. if the vCPU is already handling an NMI. KVM's ABI for NMIs that arrive simultanesouly (from KVM's point of view) is to inject one NMI and pend the other. When using vNMI, KVM pends the second NMI simply by setting V_NMI_PENDING, and lets the CPU do the rest (hard... • https://git.kernel.org/stable/c/fa4c027a7956f5e07697bfcb580d25eeb8471257 • CWE-99: Improper Control of Resource Identifiers ('Resource Injection') •