CVSS: -EPSS: %CPEs: 5EXPL: 0CVE-2024-56777 – drm/sti: avoid potential dereference of error pointers in sti_gdp_atomic_check
https://notcve.org/view.php?id=CVE-2024-56777
08 Jan 2025 — In the Linux kernel, the following vulnerability has been resolved: drm/sti: avoid potential dereference of error pointers in sti_gdp_atomic_check The return value of drm_atomic_get_crtc_state() needs to be checked. To avoid use of error pointer 'crtc_state' in case of the failure. • https://git.kernel.org/stable/c/dd86dc2f9ae1102f46115be1f1422265c15540f1 •
CVSS: -EPSS: %CPEs: 5EXPL: 0CVE-2024-56776 – drm/sti: avoid potential dereference of error pointers
https://notcve.org/view.php?id=CVE-2024-56776
08 Jan 2025 — In the Linux kernel, the following vulnerability has been resolved: drm/sti: avoid potential dereference of error pointers The return value of drm_atomic_get_crtc_state() needs to be checked. To avoid use of error pointer 'crtc_state' in case of the failure. • https://git.kernel.org/stable/c/dd86dc2f9ae1102f46115be1f1422265c15540f1 •
CVSS: -EPSS: %CPEs: 2EXPL: 0CVE-2024-56775 – drm/amd/display: Fix handling of plane refcount
https://notcve.org/view.php?id=CVE-2024-56775
08 Jan 2025 — In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Fix handling of plane refcount [Why] The mechanism to backup and restore plane states doesn't maintain refcount, which can cause issues if the refcount of the plane changes in between backup and restore operations, such as memory leaks if the refcount was supposed to go down, or double frees / invalid memory accesses if the refcount was supposed to go up. [How] Cache and re-apply current refcount when restoring plane states... • https://git.kernel.org/stable/c/8cb2f6793845f135b28361ba8e96901cae3e5790 •
CVSS: -EPSS: %CPEs: 5EXPL: 0CVE-2024-56774 – btrfs: add a sanity check for btrfs root in btrfs_search_slot()
https://notcve.org/view.php?id=CVE-2024-56774
08 Jan 2025 — In the Linux kernel, the following vulnerability has been resolved: btrfs: add a sanity check for btrfs root in btrfs_search_slot() Syzbot reports a null-ptr-deref in btrfs_search_slot(). The reproducer is using rescue=ibadroots, and the extent tree root is corrupted thus the extent tree is NULL. When scrub tries to search the extent tree to gather the needed extent info, btrfs_search_slot() doesn't check if the target root is NULL or not, resulting the null-ptr-deref. Add sanity check for btrfs root before... • https://git.kernel.org/stable/c/42437a6386ffeaaf200731e73d723ea491f3fe7d •
CVSS: -EPSS: %CPEs: 7EXPL: 0CVE-2024-56770 – net/sched: netem: account for backlog updates from child qdisc
https://notcve.org/view.php?id=CVE-2024-56770
08 Jan 2025 — In the Linux kernel, the following vulnerability has been resolved: net/sched: netem: account for backlog updates from child qdisc In general, 'qlen' of any classful qdisc should keep track of the number of packets that the qdisc itself and all of its children holds. In case of netem, 'qlen' only accounts for the packets in its internal tfifo. When netem is used with a child qdisc, the child qdisc can use 'qdisc_tree_reduce_backlog' to inform its parent, netem, about created or dropped SKBs. This function u... • https://git.kernel.org/stable/c/50612537e9ab29693122fab20fc1eed235054ffe •
CVSS: 7.2EPSS: 0%CPEs: 4EXPL: 0CVE-2024-56769 – media: dvb-frontends: dib3000mb: fix uninit-value in dib3000_write_reg
https://notcve.org/view.php?id=CVE-2024-56769
06 Jan 2025 — In the Linux kernel, the following vulnerability has been resolved: media: dvb-frontends: dib3000mb: fix uninit-value in dib3000_write_reg Syzbot reports [1] an uninitialized value issue found by KMSAN in dib3000_read_reg(). Local u8 rb[2] is used in i2c_transfer() as a read buffer; in case that call fails, the buffer may end up with some undefined values. Since no elaborate error handling is expected in dib3000_write_reg(), simply zero out rb buffer to mitigate the problem. [1] Syzkaller report dvb-usb: bu... • https://git.kernel.org/stable/c/74340b0a8bc60b400c7e5fe4950303aa6f914d16 •
CVSS: 5.5EPSS: 0%CPEs: 4EXPL: 0CVE-2024-56767 – dmaengine: at_xdmac: avoid null_prt_deref in at_xdmac_prep_dma_memset
https://notcve.org/view.php?id=CVE-2024-56767
06 Jan 2025 — In the Linux kernel, the following vulnerability has been resolved: dmaengine: at_xdmac: avoid null_prt_deref in at_xdmac_prep_dma_memset The at_xdmac_memset_create_desc may return NULL, which will lead to a null pointer dereference. For example, the len input is error, or the atchan->free_descs_list is empty and memory is exhausted. Therefore, add check to avoid this. En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: dmaengine: at_xdmac: evitar null_prt_deref en at_xdmac_prep_dma_memset El... • https://git.kernel.org/stable/c/b206d9a23ac71cb905f5fb6e0cd813406f89b678 •
CVSS: 7.1EPSS: 0%CPEs: 9EXPL: 0CVE-2024-56766 – mtd: rawnand: fix double free in atmel_pmecc_create_user()
https://notcve.org/view.php?id=CVE-2024-56766
06 Jan 2025 — In the Linux kernel, the following vulnerability has been resolved: mtd: rawnand: fix double free in atmel_pmecc_create_user() The "user" pointer was converted from being allocated with kzalloc() to being allocated by devm_kzalloc(). Calling kfree(user) will lead to a double free. En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: mtd: rawnand: se corrige una liberación doble en atmel_pmecc_create_user(). El puntero "usuario" pasó de estar asignado con kzalloc() a estar asignado por devm_kza... • https://git.kernel.org/stable/c/24cbc37e837fd9e31e5024480b779207d1d99f1d •
CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 0CVE-2024-56765 – powerpc/pseries/vas: Add close() callback in vas_vm_ops struct
https://notcve.org/view.php?id=CVE-2024-56765
06 Jan 2025 — In the Linux kernel, the following vulnerability has been resolved: powerpc/pseries/vas: Add close() callback in vas_vm_ops struct The mapping VMA address is saved in VAS window struct when the paste address is mapped. This VMA address is used during migration to unmap the paste address if the window is active. The paste address mapping will be removed when the window is closed or with the munmap(). But the VMA address in the VAS window is not updated with munmap() which is causing invalid access during mig... • https://git.kernel.org/stable/c/37e6764895ef7431f45ff603a548549d409993d2 •
CVSS: 5.5EPSS: 0%CPEs: 4EXPL: 0CVE-2024-56763 – tracing: Prevent bad count for tracing_cpumask_write
https://notcve.org/view.php?id=CVE-2024-56763
06 Jan 2025 — In the Linux kernel, the following vulnerability has been resolved: tracing: Prevent bad count for tracing_cpumask_write If a large count is provided, it will trigger a warning in bitmap_parse_user. Also check zero for it. En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: tracing: Evitar recuento incorrecto para tracing_cpumask_write Si se proporciona un recuento alto, se activará una advertencia en bitmap_parse_user. También verifique que esté a cero. In the Linux kernel, the following vul... • https://git.kernel.org/stable/c/9e01c1b74c9531e301c900edaa92a99fcb7738f2 •