CVSS: 5.5EPSS: 0%CPEs: 8EXPL: 0CVE-2024-27073 – media: ttpci: fix two memleaks in budget_av_attach
https://notcve.org/view.php?id=CVE-2024-27073
01 May 2024 — In the Linux kernel, the following vulnerability has been resolved: media: ttpci: fix two memleaks in budget_av_attach When saa7146_register_device and saa7146_vv_init fails, budget_av_attach should free the resources it allocates, like the error-handling of ttpci_budget_init does. Besides, there are two fixme comment refers to such deallocations. En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: medios: ttpci: corrige dos fugas de mem en Budget_av_attach Cuando fallan saa7146_register_devi... • https://git.kernel.org/stable/c/1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 •
CVSS: 5.5EPSS: 0%CPEs: 6EXPL: 0CVE-2024-27072 – media: usbtv: Remove useless locks in usbtv_video_free()
https://notcve.org/view.php?id=CVE-2024-27072
01 May 2024 — In the Linux kernel, the following vulnerability has been resolved: media: usbtv: Remove useless locks in usbtv_video_free() Remove locks calls in usbtv_video_free() because are useless and may led to a deadlock as reported here: https://syzkaller.appspot.com/x/bisect.txt?x=166dc872180000 Also remove usbtv_stop() call since it will be called when unregistering the device. Before 'c838530d230b' this issue would only be noticed if you disconnect while streaming and now it is noticeable even when disconnecting... • https://git.kernel.org/stable/c/f3d27f34fdd7701e499617d2c1d94480a98f6d07 •
CVSS: 4.7EPSS: 0%CPEs: 8EXPL: 0CVE-2024-27065 – netfilter: nf_tables: do not compare internal table flags on updates
https://notcve.org/view.php?id=CVE-2024-27065
01 May 2024 — In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: do not compare internal table flags on updates Restore skipping transaction if table update does not modify flags. En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: netfilter: nf_tables: no comparar indicadores de tablas internas en las actualizaciones Restaurar la transacción omitida si la actualización de la tabla no modifica los indicadores. • https://git.kernel.org/stable/c/e10f661adc556c4969c70ddaddf238bffdaf1e87 •
CVSS: 5.5EPSS: 0%CPEs: 4EXPL: 0CVE-2023-52653 – SUNRPC: fix a memleak in gss_import_v2_context
https://notcve.org/view.php?id=CVE-2023-52653
01 May 2024 — In the Linux kernel, the following vulnerability has been resolved: SUNRPC: fix a memleak in gss_import_v2_context The ctx->mech_used.data allocated by kmemdup is not freed in neither gss_import_v2_context nor it only caller gss_krb5_import_sec_context, which frees ctx on error. Thus, this patch reform the last call of gss_import_v2_context to the gss_krb5_import_ctx_v2, preventing the memleak while keepping the return formation. En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: SUNRPC: cor... • https://git.kernel.org/stable/c/47d84807762966c3611c38adecec6ea703ddda7a •
CVSS: 3.3EPSS: 0%CPEs: 6EXPL: 0CVE-2023-52652 – NTB: fix possible name leak in ntb_register_device()
https://notcve.org/view.php?id=CVE-2023-52652
01 May 2024 — In the Linux kernel, the following vulnerability has been resolved: NTB: fix possible name leak in ntb_register_device() If device_register() fails in ntb_register_device(), the device name allocated by dev_set_name() should be freed. As per the comment in device_register(), callers should use put_device() to give up the reference in the error path. So fix this by calling put_device() in the error path so that the name can be freed in kobject_cleanup(). As a result of this, put_device() in the error path of... • https://git.kernel.org/stable/c/a1bd3baeb2f18b2b3d0f98ce5fdaa725149b950b •
CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 0CVE-2024-27062 – nouveau: lock the client object tree.
https://notcve.org/view.php?id=CVE-2024-27062
01 May 2024 — In the Linux kernel, the following vulnerability has been resolved: nouveau: lock the client object tree. It appears the client object tree has no locking unless I've missed something else. Fix races around adding/removing client objects, mostly vram bar mappings. 4562.099306] general protection fault, probably for non-canonical address 0x6677ed422bceb80c: 0000 [#1] PREEMPT SMP PTI [ 4562.099314] CPU: 2 PID: 23171 Comm: deqp-vk Not tainted 6.8.0-rc6+ #27 [ 4562.099324] Hardware name: Gigabyte Technology Co.... • https://git.kernel.org/stable/c/6887314f5356389fc219b8152e951ac084a10ef7 • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •
CVSS: 5.5EPSS: 0%CPEs: 8EXPL: 0CVE-2024-27059 – USB: usb-storage: Prevent divide-by-0 error in isd200_ata_command
https://notcve.org/view.php?id=CVE-2024-27059
01 May 2024 — In the Linux kernel, the following vulnerability has been resolved: USB: usb-storage: Prevent divide-by-0 error in isd200_ata_command The isd200 sub-driver in usb-storage uses the HEADS and SECTORS values in the ATA ID information to calculate cylinder and head values when creating a CDB for READ or WRITE commands. The calculation involves division and modulus operations, which will cause a crash if either of these values is 0. While this never happens with a genuine device, it could happen with a flawed or... • https://git.kernel.org/stable/c/1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 •
CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 0CVE-2024-27057 – ASoC: SOF: ipc4-pcm: Workaround for crashed firmware on system suspend
https://notcve.org/view.php?id=CVE-2024-27057
01 May 2024 — In the Linux kernel, the following vulnerability has been resolved: ASoC: SOF: ipc4-pcm: Workaround for crashed firmware on system suspend When the system is suspended while audio is active, the sof_ipc4_pcm_hw_free() is invoked to reset the pipelines since during suspend the DSP is turned off, streams will be re-started after resume. If the firmware crashes during while audio is running (or when we reset the stream before suspend) then the sof_ipc4_set_multi_pipeline_state() will fail with IPC error and th... • https://git.kernel.org/stable/c/3cac6eebea9b4bc5f041e157e45c76e212ad6759 •
CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 0CVE-2024-27056 – wifi: iwlwifi: mvm: ensure offloading TID queue exists
https://notcve.org/view.php?id=CVE-2024-27056
01 May 2024 — In the Linux kernel, the following vulnerability has been resolved: wifi: iwlwifi: mvm: ensure offloading TID queue exists The resume code path assumes that the TX queue for the offloading TID has been configured. At resume time it then tries to sync the write pointer as it may have been updated by the firmware. In the unusual event that no packets have been send on TID 0, the queue will not have been allocated and this causes a crash. Fix this by ensuring the queue exist at suspend time. En el kernel de Li... • https://git.kernel.org/stable/c/ed35a509390ef4011ea2226da5dd6f62b73873b5 •
CVSS: 5.5EPSS: 0%CPEs: 6EXPL: 0CVE-2024-27054 – s390/dasd: fix double module refcount decrement
https://notcve.org/view.php?id=CVE-2024-27054
01 May 2024 — In the Linux kernel, the following vulnerability has been resolved: s390/dasd: fix double module refcount decrement Once the discipline is associated with the device, deleting the device takes care of decrementing the module's refcount. Doing it manually on this error path causes refcount to artificially decrease on each error while it should just stay the same. En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: s390/dasd: corrige la disminución del doble recuento del módulo Una vez que la d... • https://git.kernel.org/stable/c/c020d722b110a44c613ef71e657e6dd4116e09d9 •