CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 0CVE-2024-39477 – mm/hugetlb: do not call vma_add_reservation upon ENOMEM
https://notcve.org/view.php?id=CVE-2024-39477
05 Jul 2024 — In the Linux kernel, the following vulnerability has been resolved: mm/hugetlb: do not call vma_add_reservation upon ENOMEM sysbot reported a splat [1] on __unmap_hugepage_range(). This is because vma_needs_reservation() can return -ENOMEM if allocate_file_region_entries() fails to allocate the file_region struct for the reservation. Check for that and do not call vma_add_reservation() if that is the case, otherwise region_abort() and region_del() will see that we do not have any file_regions. If we detect ... • https://git.kernel.org/stable/c/df7a6d1f64056aec572162c5d35ed9ff86ece6f3 • CWE-770: Allocation of Resources Without Limits or Throttling •
CVSS: 5.5EPSS: 0%CPEs: 11EXPL: 0CVE-2024-39476 – md/raid5: fix deadlock that raid5d() wait for itself to clear MD_SB_CHANGE_PENDING
https://notcve.org/view.php?id=CVE-2024-39476
05 Jul 2024 — In the Linux kernel, the following vulnerability has been resolved: md/raid5: fix deadlock that raid5d() wait for itself to clear MD_SB_CHANGE_PENDING Xiao reported that lvm2 test lvconvert-raid-takeover.sh can hang with small possibility, the root cause is exactly the same as commit bed9e27baf52 ("Revert "md/raid5: Wait for MD_SB_CHANGE_PENDING in raid5d"") However, Dan reported another hang after that, and junxiao investigated the problem and found out that this is caused by plugged bio can't issue from r... • https://git.kernel.org/stable/c/f3d55bd5b7b928ad82f8075d89c908702f3593ab • CWE-667: Improper Locking CWE-833: Deadlock •
CVSS: 5.5EPSS: 0%CPEs: 9EXPL: 0CVE-2024-39475 – fbdev: savage: Handle err return when savagefb_check_var failed
https://notcve.org/view.php?id=CVE-2024-39475
05 Jul 2024 — In the Linux kernel, the following vulnerability has been resolved: fbdev: savage: Handle err return when savagefb_check_var failed The commit 04e5eac8f3ab("fbdev: savage: Error out if pixclock equals zero") checks the value of pixclock to avoid divide-by-zero error. However the function savagefb_probe doesn't handle the error return of savagefb_check_var. When pixclock is 0, it will cause divide-by-zero error. En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: fbdev: savage: Maneja el retor... • https://git.kernel.org/stable/c/224453de8505aede1890f007be973925a3edf6a1 • CWE-369: Divide By Zero •
CVSS: 5.5EPSS: 0%CPEs: 4EXPL: 0CVE-2024-39474 – mm/vmalloc: fix vmalloc which may return null if called with __GFP_NOFAIL
https://notcve.org/view.php?id=CVE-2024-39474
05 Jul 2024 — In the Linux kernel, the following vulnerability has been resolved: mm/vmalloc: fix vmalloc which may return null if called with __GFP_NOFAIL commit a421ef303008 ("mm: allow !GFP_KERNEL allocations for kvmalloc") includes support for __GFP_NOFAIL, but it presents a conflict with commit dd544141b9eb ("vmalloc: back off when the current task is OOM-killed"). A possible scenario is as follows: process-a __vmalloc_node_range(GFP_KERNEL | __GFP_NOFAIL) __vmalloc_area_node() vm_area_alloc_pages() --> oom-killer s... • https://git.kernel.org/stable/c/9376130c390a76fac2788a5d6e1a149017b4ab50 • CWE-476: NULL Pointer Dereference CWE-770: Allocation of Resources Without Limits or Throttling •
CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 0CVE-2024-39473 – ASoC: SOF: ipc4-topology: Fix input format query of process modules without base extension
https://notcve.org/view.php?id=CVE-2024-39473
05 Jul 2024 — In the Linux kernel, the following vulnerability has been resolved: ASoC: SOF: ipc4-topology: Fix input format query of process modules without base extension If a process module does not have base config extension then the same format applies to all of it's inputs and the process->base_config_ext is NULL, causing NULL dereference when specifically crafted topology and sequences used. En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: ASoC: SOF: ipc4-topology: arregla la consulta de formato ... • https://git.kernel.org/stable/c/648fea12847695d60ddeebea86597114885ee76e • CWE-476: NULL Pointer Dereference •
CVSS: 5.5EPSS: 0%CPEs: 4EXPL: 0CVE-2024-39472 – xfs: fix log recovery buffer allocation for the legacy h_size fixup
https://notcve.org/view.php?id=CVE-2024-39472
05 Jul 2024 — In the Linux kernel, the following vulnerability has been resolved: xfs: fix log recovery buffer allocation for the legacy h_size fixup Commit a70f9fe52daa ("xfs: detect and handle invalid iclog size set by mkfs") added a fixup for incorrect h_size values used for the initial umount record in old xfsprogs versions. Later commit 0c771b99d6c9 ("xfs: clean up calculation of LR header blocks") cleaned up the log reover buffer calculation, but stoped using the fixed up h_size value to size the log recovery buffe... • https://git.kernel.org/stable/c/0c771b99d6c9a0552fea5cc43669b726dad8f659 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-770: Allocation of Resources Without Limits or Throttling •
CVSS: 7.1EPSS: 0%CPEs: 7EXPL: 0CVE-2024-39471 – drm/amdgpu: add error handle to avoid out-of-bounds
https://notcve.org/view.php?id=CVE-2024-39471
25 Jun 2024 — In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: add error handle to avoid out-of-bounds if the sdma_v4_0_irq_id_to_seq return -EINVAL, the process should be stop to avoid out-of-bounds read, so directly return -EINVAL. In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: add error handle to avoid out-of-bounds if the sdma_v4_0_irq_id_to_seq return -EINVAL, the process should be stop to avoid out-of-bounds read, so directly return -EINVAL. • https://git.kernel.org/stable/c/5594971e02764aa1c8210ffb838cb4e7897716e8 • CWE-125: Out-of-bounds Read •
CVSS: 5.5EPSS: 0%CPEs: 4EXPL: 0CVE-2024-39470 – eventfs: Fix a possible null pointer dereference in eventfs_find_events()
https://notcve.org/view.php?id=CVE-2024-39470
25 Jun 2024 — In the Linux kernel, the following vulnerability has been resolved: eventfs: Fix a possible null pointer dereference in eventfs_find_events() In function eventfs_find_events,there is a potential null pointer that may be caused by calling update_events_attr which will perform some operations on the members of the ei struct when ei is NULL. Hence,When ei->is_freed is set,return NULL directly. In the Linux kernel, the following vulnerability has been resolved: eventfs: Fix a possible null pointer dereference i... • https://git.kernel.org/stable/c/628adb842bd5e1c2c598534a7a022b8235289de6 •
CVSS: 4.7EPSS: 0%CPEs: 8EXPL: 0CVE-2024-39469 – nilfs2: fix nilfs_empty_dir() misjudgment and long loop on I/O errors
https://notcve.org/view.php?id=CVE-2024-39469
25 Jun 2024 — In the Linux kernel, the following vulnerability has been resolved: nilfs2: fix nilfs_empty_dir() misjudgment and long loop on I/O errors The error handling in nilfs_empty_dir() when a directory folio/page read fails is incorrect, as in the old ext2 implementation, and if the folio/page cannot be read or nilfs_check_folio() fails, it will falsely determine the directory as empty and corrupt the file system. In addition, since nilfs_empty_dir() does not immediately return on a failed folio/page read, but con... • https://git.kernel.org/stable/c/2ba466d74ed74f073257f86e61519cb8f8f46184 •
CVSS: 5.5EPSS: 0%CPEs: 6EXPL: 0CVE-2024-39468 – smb: client: fix deadlock in smb2_find_smb_tcon()
https://notcve.org/view.php?id=CVE-2024-39468
25 Jun 2024 — In the Linux kernel, the following vulnerability has been resolved: smb: client: fix deadlock in smb2_find_smb_tcon() Unlock cifs_tcp_ses_lock before calling cifs_put_smb_ses() to avoid such deadlock. In the Linux kernel, the following vulnerability has been resolved: smb: client: fix deadlock in smb2_find_smb_tcon() Unlock cifs_tcp_ses_lock before calling cifs_put_smb_ses() to avoid such deadlock. • https://git.kernel.org/stable/c/b055752675cd1d1db4ac9c2750db3dc3e89ea261 •