CVSS: -EPSS: 0%CPEs: 5EXPL: 0CVE-2024-56744 – f2fs: fix to avoid potential deadlock in f2fs_record_stop_reason()
https://notcve.org/view.php?id=CVE-2024-56744
29 Dec 2024 — In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to avoid potential deadlock in f2fs_record_stop_reason() syzbot reports deadlock issue of f2fs as below: ====================================================== WARNING: possible circular locking dependency detected 6.12.0-rc3-syzkaller-00087-gc964ced77262 #0 Not tainted ------------------------------------------------------ kswapd0/79 is trying to acquire lock: ffff888011824088 (&sbi->sb_lock){++++}-{3:3}, at: f2fs_down_write f... • https://git.kernel.org/stable/c/b62e71be2110d8b52bf5faf3c3ed7ca1a0c113a5 •
CVSS: -EPSS: 0%CPEs: 3EXPL: 0CVE-2024-56742 – vfio/mlx5: Fix an unwind issue in mlx5vf_add_migration_pages()
https://notcve.org/view.php?id=CVE-2024-56742
29 Dec 2024 — In the Linux kernel, the following vulnerability has been resolved: vfio/mlx5: Fix an unwind issue in mlx5vf_add_migration_pages() Fix an unwind issue in mlx5vf_add_migration_pages(). If a set of pages is allocated but fails to be added to the SG table, they need to be freed to prevent a memory leak. Any pages successfully added to the SG table will be freed as part of mlx5vf_free_data_buffer(). • https://git.kernel.org/stable/c/6fadb021266d03c5fd7bca2cfa1607efd246dad1 •
CVSS: -EPSS: 0%CPEs: 7EXPL: 0CVE-2024-56741 – apparmor: test: Fix memory leak for aa_unpack_strdup()
https://notcve.org/view.php?id=CVE-2024-56741
29 Dec 2024 — In the Linux kernel, the following vulnerability has been resolved: apparmor: test: Fix memory leak for aa_unpack_strdup() The string allocated by kmemdup() in aa_unpack_strdup() is not freed and cause following memory leaks, free them to fix it. unreferenced object 0xffffff80c6af8a50 (size 8): comm "kunit_try_catch", pid 225, jiffies 4294894407 hex dump (first 8 bytes): 74 65 73 74 69 6e 67 00 testing. backtrace (crc 5eab668b): [<0000000001e3714d>] kmemleak_a... • https://git.kernel.org/stable/c/4d944bcd4e731ab7bfe8d01a7041ea0ebdc090f1 •
CVSS: -EPSS: 0%CPEs: 9EXPL: 0CVE-2024-56739 – rtc: check if __rtc_read_time was successful in rtc_timer_do_work()
https://notcve.org/view.php?id=CVE-2024-56739
29 Dec 2024 — In the Linux kernel, the following vulnerability has been resolved: rtc: check if __rtc_read_time was successful in rtc_timer_do_work() If the __rtc_read_time call fails,, the struct rtc_time tm; may contain uninitialized data, or an illegal date/time read from the RTC hardware. When calling rtc_tm_to_ktime later, the result may be a very large value (possibly KTIME_MAX). If there are periodic timers in rtc->timerqueue, they will continually expire, may causing kernel softlockup. • https://git.kernel.org/stable/c/6610e0893b8bc6f59b14fed7f089c5997f035f88 •
CVSS: -EPSS: 0%CPEs: 4EXPL: 0CVE-2024-56729 – smb: Initialize cfid->tcon before performing network ops
https://notcve.org/view.php?id=CVE-2024-56729
29 Dec 2024 — In the Linux kernel, the following vulnerability has been resolved: smb: Initialize cfid->tcon before performing network ops Avoid leaking a tcon ref when a lease break races with opening the cached directory. Processing the leak break might take a reference to the tcon in cached_dir_lease_break() and then fail to release the ref in cached_dir_offload_close, since cfid->tcon is still NULL. • https://git.kernel.org/stable/c/ebe98f1447bbccf8228335c62d86af02a0ed23f7 •
CVSS: -EPSS: 0%CPEs: 7EXPL: 0CVE-2024-56728 – octeontx2-pf: handle otx2_mbox_get_rsp errors in otx2_ethtool.c
https://notcve.org/view.php?id=CVE-2024-56728
29 Dec 2024 — In the Linux kernel, the following vulnerability has been resolved: octeontx2-pf: handle otx2_mbox_get_rsp errors in otx2_ethtool.c Add error pointer check after calling otx2_mbox_get_rsp(). • https://git.kernel.org/stable/c/75f36270990c7875c0091afb961ca37f52b6bc55 •
CVSS: -EPSS: 0%CPEs: 5EXPL: 0CVE-2024-56727 – octeontx2-pf: handle otx2_mbox_get_rsp errors in otx2_flows.c
https://notcve.org/view.php?id=CVE-2024-56727
29 Dec 2024 — In the Linux kernel, the following vulnerability has been resolved: octeontx2-pf: handle otx2_mbox_get_rsp errors in otx2_flows.c Adding error pointer check after calling otx2_mbox_get_rsp(). • https://git.kernel.org/stable/c/f0a1913f8a6f947531c3042f9d6524946e661b57 •
CVSS: -EPSS: 0%CPEs: 6EXPL: 0CVE-2024-56726 – octeontx2-pf: handle otx2_mbox_get_rsp errors in cn10k.c
https://notcve.org/view.php?id=CVE-2024-56726
29 Dec 2024 — In the Linux kernel, the following vulnerability has been resolved: octeontx2-pf: handle otx2_mbox_get_rsp errors in cn10k.c Add error pointer check after calling otx2_mbox_get_rsp(). • https://git.kernel.org/stable/c/2ca89a2c37527221edc549ffd3b65c6f8d9d4088 •
CVSS: -EPSS: 0%CPEs: 5EXPL: 0CVE-2024-56725 – octeontx2-pf: handle otx2_mbox_get_rsp errors in otx2_dcbnl.c
https://notcve.org/view.php?id=CVE-2024-56725
29 Dec 2024 — In the Linux kernel, the following vulnerability has been resolved: octeontx2-pf: handle otx2_mbox_get_rsp errors in otx2_dcbnl.c Add error pointer check after calling otx2_mbox_get_rsp(). • https://git.kernel.org/stable/c/8e67558177f8f55dcffa47273c2af0a6f2ab9418 •
CVSS: -EPSS: 0%CPEs: 8EXPL: 0CVE-2024-56724 – mfd: intel_soc_pmic_bxtwc: Use IRQ domain for TMU device
https://notcve.org/view.php?id=CVE-2024-56724
29 Dec 2024 — In the Linux kernel, the following vulnerability has been resolved: mfd: intel_soc_pmic_bxtwc: Use IRQ domain for TMU device While design wise the idea of converting the driver to use the hierarchy of the IRQ chips is correct, the implementation has (inherited) flaws. This was unveiled when platform_get_irq() had started WARN() on IRQ 0 that is supposed to be a Linux IRQ number (also known as vIRQ). Rework the driver to respect IRQ domain when creating each MFD device separately, as the domain is not the... • https://git.kernel.org/stable/c/957ae5098185e763b5c06be6c3b4b6e98c048712 •