CVSS: -EPSS: 0%CPEs: 6EXPL: 0CVE-2024-56745 – PCI: Fix reset_method_store() memory leak
https://notcve.org/view.php?id=CVE-2024-56745
29 Dec 2024 — In the Linux kernel, the following vulnerability has been resolved: PCI: Fix reset_method_store() memory leak In reset_method_store(), a string is allocated via kstrndup() and assigned to the local "options". options is then used in with strsep() to find spaces: while ((name = strsep(&options, " ")) != NULL) { If there are no remaining spaces, then options is set to NULL by strsep(), so the subsequent kfree(options) doesn't free the memory allocated via kstrndup(). Fix by using a separate tmp_options... • https://git.kernel.org/stable/c/d88f521da3efd698e36d0d504a2abba6ac4f5ef8 •
CVSS: -EPSS: 0%CPEs: 5EXPL: 0CVE-2024-56744 – f2fs: fix to avoid potential deadlock in f2fs_record_stop_reason()
https://notcve.org/view.php?id=CVE-2024-56744
29 Dec 2024 — In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to avoid potential deadlock in f2fs_record_stop_reason() syzbot reports deadlock issue of f2fs as below: ====================================================== WARNING: possible circular locking dependency detected 6.12.0-rc3-syzkaller-00087-gc964ced77262 #0 Not tainted ------------------------------------------------------ kswapd0/79 is trying to acquire lock: ffff888011824088 (&sbi->sb_lock){++++}-{3:3}, at: f2fs_down_write f... • https://git.kernel.org/stable/c/b62e71be2110d8b52bf5faf3c3ed7ca1a0c113a5 •
CVSS: -EPSS: 0%CPEs: 3EXPL: 0CVE-2024-56742 – vfio/mlx5: Fix an unwind issue in mlx5vf_add_migration_pages()
https://notcve.org/view.php?id=CVE-2024-56742
29 Dec 2024 — In the Linux kernel, the following vulnerability has been resolved: vfio/mlx5: Fix an unwind issue in mlx5vf_add_migration_pages() Fix an unwind issue in mlx5vf_add_migration_pages(). If a set of pages is allocated but fails to be added to the SG table, they need to be freed to prevent a memory leak. Any pages successfully added to the SG table will be freed as part of mlx5vf_free_data_buffer(). • https://git.kernel.org/stable/c/6fadb021266d03c5fd7bca2cfa1607efd246dad1 •
CVSS: -EPSS: 0%CPEs: 7EXPL: 0CVE-2024-56741 – apparmor: test: Fix memory leak for aa_unpack_strdup()
https://notcve.org/view.php?id=CVE-2024-56741
29 Dec 2024 — In the Linux kernel, the following vulnerability has been resolved: apparmor: test: Fix memory leak for aa_unpack_strdup() The string allocated by kmemdup() in aa_unpack_strdup() is not freed and cause following memory leaks, free them to fix it. unreferenced object 0xffffff80c6af8a50 (size 8): comm "kunit_try_catch", pid 225, jiffies 4294894407 hex dump (first 8 bytes): 74 65 73 74 69 6e 67 00 testing. backtrace (crc 5eab668b): [<0000000001e3714d>] kmemleak_a... • https://git.kernel.org/stable/c/4d944bcd4e731ab7bfe8d01a7041ea0ebdc090f1 •
CVSS: -EPSS: 0%CPEs: 9EXPL: 0CVE-2024-56739 – rtc: check if __rtc_read_time was successful in rtc_timer_do_work()
https://notcve.org/view.php?id=CVE-2024-56739
29 Dec 2024 — In the Linux kernel, the following vulnerability has been resolved: rtc: check if __rtc_read_time was successful in rtc_timer_do_work() If the __rtc_read_time call fails,, the struct rtc_time tm; may contain uninitialized data, or an illegal date/time read from the RTC hardware. When calling rtc_tm_to_ktime later, the result may be a very large value (possibly KTIME_MAX). If there are periodic timers in rtc->timerqueue, they will continually expire, may causing kernel softlockup. • https://git.kernel.org/stable/c/6610e0893b8bc6f59b14fed7f089c5997f035f88 •
CVSS: -EPSS: 0%CPEs: 4EXPL: 0CVE-2024-56729 – smb: Initialize cfid->tcon before performing network ops
https://notcve.org/view.php?id=CVE-2024-56729
29 Dec 2024 — In the Linux kernel, the following vulnerability has been resolved: smb: Initialize cfid->tcon before performing network ops Avoid leaking a tcon ref when a lease break races with opening the cached directory. Processing the leak break might take a reference to the tcon in cached_dir_lease_break() and then fail to release the ref in cached_dir_offload_close, since cfid->tcon is still NULL. • https://git.kernel.org/stable/c/ebe98f1447bbccf8228335c62d86af02a0ed23f7 •
CVSS: -EPSS: 0%CPEs: 7EXPL: 0CVE-2024-56728 – octeontx2-pf: handle otx2_mbox_get_rsp errors in otx2_ethtool.c
https://notcve.org/view.php?id=CVE-2024-56728
29 Dec 2024 — In the Linux kernel, the following vulnerability has been resolved: octeontx2-pf: handle otx2_mbox_get_rsp errors in otx2_ethtool.c Add error pointer check after calling otx2_mbox_get_rsp(). • https://git.kernel.org/stable/c/75f36270990c7875c0091afb961ca37f52b6bc55 •
CVSS: -EPSS: 0%CPEs: 5EXPL: 0CVE-2024-56727 – octeontx2-pf: handle otx2_mbox_get_rsp errors in otx2_flows.c
https://notcve.org/view.php?id=CVE-2024-56727
29 Dec 2024 — In the Linux kernel, the following vulnerability has been resolved: octeontx2-pf: handle otx2_mbox_get_rsp errors in otx2_flows.c Adding error pointer check after calling otx2_mbox_get_rsp(). • https://git.kernel.org/stable/c/f0a1913f8a6f947531c3042f9d6524946e661b57 •
CVSS: -EPSS: 0%CPEs: 6EXPL: 0CVE-2024-56726 – octeontx2-pf: handle otx2_mbox_get_rsp errors in cn10k.c
https://notcve.org/view.php?id=CVE-2024-56726
29 Dec 2024 — In the Linux kernel, the following vulnerability has been resolved: octeontx2-pf: handle otx2_mbox_get_rsp errors in cn10k.c Add error pointer check after calling otx2_mbox_get_rsp(). • https://git.kernel.org/stable/c/2ca89a2c37527221edc549ffd3b65c6f8d9d4088 •
CVSS: -EPSS: 0%CPEs: 5EXPL: 0CVE-2024-56725 – octeontx2-pf: handle otx2_mbox_get_rsp errors in otx2_dcbnl.c
https://notcve.org/view.php?id=CVE-2024-56725
29 Dec 2024 — In the Linux kernel, the following vulnerability has been resolved: octeontx2-pf: handle otx2_mbox_get_rsp errors in otx2_dcbnl.c Add error pointer check after calling otx2_mbox_get_rsp(). • https://git.kernel.org/stable/c/8e67558177f8f55dcffa47273c2af0a6f2ab9418 •