CVSS: 5.5EPSS: 0%CPEs: 9EXPL: 0CVE-2024-26973 – fat: fix uninitialized field in nostale filehandles
https://notcve.org/view.php?id=CVE-2024-26973
01 May 2024 — In the Linux kernel, the following vulnerability has been resolved: fat: fix uninitialized field in nostale filehandles When fat_encode_fh_nostale() encodes file handle without a parent it stores only first 10 bytes of the file handle. However the length of the file handle must be a multiple of 4 so the file handle is actually 12 bytes long and the last two bytes remain uninitialized. This is not great at we potentially leak uninitialized information with the handle to userspace. Properly initialize the f... • https://git.kernel.org/stable/c/ea3983ace6b79c96e6ab3d3837e2eaf81ab881e2 •
CVSS: -EPSS: 0%CPEs: 4EXPL: 0CVE-2024-26971 – clk: qcom: gcc-ipq5018: fix terminating of frequency table arrays
https://notcve.org/view.php?id=CVE-2024-26971
01 May 2024 — In the Linux kernel, the following vulnerability has been resolved: clk: qcom: gcc-ipq5018: fix terminating of frequency table arrays The frequency table arrays are supposed to be terminated with an empty element. Add such entry to the end of the arrays where it is missing in order to avoid possible out-of-bound access when the table is traversed by functions like qcom_find_freq() or qcom_find_freq_floor(). En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: clk: qcom: gcc-ipq5018: correcci... • https://git.kernel.org/stable/c/e3fdbef1bab8e372981c8cc4d8febbaa76c490b0 •
CVSS: 5.5EPSS: 0%CPEs: 7EXPL: 0CVE-2024-26970 – clk: qcom: gcc-ipq6018: fix terminating of frequency table arrays
https://notcve.org/view.php?id=CVE-2024-26970
01 May 2024 — In the Linux kernel, the following vulnerability has been resolved: clk: qcom: gcc-ipq6018: fix terminating of frequency table arrays The frequency table arrays are supposed to be terminated with an empty element. Add such entry to the end of the arrays where it is missing in order to avoid possible out-of-bound access when the table is traversed by functions like qcom_find_freq() or qcom_find_freq_floor(). Only compile tested. En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: clk: qcom:... • https://git.kernel.org/stable/c/d9db07f088af01a1080d01de363141b673c7d646 • CWE-125: Out-of-bounds Read •
CVSS: -EPSS: 0%CPEs: 9EXPL: 0CVE-2024-26969 – clk: qcom: gcc-ipq8074: fix terminating of frequency table arrays
https://notcve.org/view.php?id=CVE-2024-26969
01 May 2024 — In the Linux kernel, the following vulnerability has been resolved: clk: qcom: gcc-ipq8074: fix terminating of frequency table arrays The frequency table arrays are supposed to be terminated with an empty element. Add such entry to the end of the arrays where it is missing in order to avoid possible out-of-bound access when the table is traversed by functions like qcom_find_freq() or qcom_find_freq_floor(). Only compile tested. En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: clk: qcom:... • https://git.kernel.org/stable/c/9607f6224b3966652ce3f4e620c4694df190b64a •
CVSS: -EPSS: 0%CPEs: 4EXPL: 0CVE-2024-26968 – clk: qcom: gcc-ipq9574: fix terminating of frequency table arrays
https://notcve.org/view.php?id=CVE-2024-26968
01 May 2024 — In the Linux kernel, the following vulnerability has been resolved: clk: qcom: gcc-ipq9574: fix terminating of frequency table arrays The frequency table arrays are supposed to be terminated with an empty element. Add such entry to the end of the arrays where it is missing in order to avoid possible out-of-bound access when the table is traversed by functions like qcom_find_freq() or qcom_find_freq_floor(). Only compile tested. En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: clk: qcom:... • https://git.kernel.org/stable/c/d75b82cff48883b5e75abfd3930afa7a148ab440 •
CVSS: -EPSS: 0%CPEs: 9EXPL: 0CVE-2024-26966 – clk: qcom: mmcc-apq8084: fix terminating of frequency table arrays
https://notcve.org/view.php?id=CVE-2024-26966
01 May 2024 — In the Linux kernel, the following vulnerability has been resolved: clk: qcom: mmcc-apq8084: fix terminating of frequency table arrays The frequency table arrays are supposed to be terminated with an empty element. Add such entry to the end of the arrays where it is missing in order to avoid possible out-of-bound access when the table is traversed by functions like qcom_find_freq() or qcom_find_freq_floor(). Only compile tested. En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: clk: qcom... • https://git.kernel.org/stable/c/2b46cd23a5a2cf0b8d3583338b63409f5e78e7cd •
CVSS: -EPSS: 0%CPEs: 9EXPL: 0CVE-2024-26965 – clk: qcom: mmcc-msm8974: fix terminating of frequency table arrays
https://notcve.org/view.php?id=CVE-2024-26965
01 May 2024 — In the Linux kernel, the following vulnerability has been resolved: clk: qcom: mmcc-msm8974: fix terminating of frequency table arrays The frequency table arrays are supposed to be terminated with an empty element. Add such entry to the end of the arrays where it is missing in order to avoid possible out-of-bound access when the table is traversed by functions like qcom_find_freq() or qcom_find_freq_floor(). Only compile tested. En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: clk: qcom... • https://git.kernel.org/stable/c/d8b212014e69d6b6323773ce6898f224ef4ed0d6 •
CVSS: 5.5EPSS: 0%CPEs: 6EXPL: 0CVE-2024-26964 – usb: xhci: Add error handling in xhci_map_urb_for_dma
https://notcve.org/view.php?id=CVE-2024-26964
01 May 2024 — In the Linux kernel, the following vulnerability has been resolved: usb: xhci: Add error handling in xhci_map_urb_for_dma Currently xhci_map_urb_for_dma() creates a temporary buffer and copies the SG list to the new linear buffer. But if the kzalloc_node() fails, then the following sg_pcopy_to_buffer() can lead to crash since it tries to memcpy to NULL pointer. So return -ENOMEM if kzalloc returns null pointer. En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: usb: xhci: agregar manejo d... • https://git.kernel.org/stable/c/2017a1e58472a27e532b9644b4a61dfe18f6baac •
CVSS: -EPSS: 0%CPEs: 5EXPL: 0CVE-2024-26963 – usb: dwc3-am62: fix module unload/reload behavior
https://notcve.org/view.php?id=CVE-2024-26963
01 May 2024 — In the Linux kernel, the following vulnerability has been resolved: usb: dwc3-am62: fix module unload/reload behavior As runtime PM is enabled, the module can be runtime suspended when .remove() is called. Do a pm_runtime_get_sync() to make sure module is active before doing any register operations. Doing a pm_runtime_put_sync() should disable the refclk so no need to disable it again. Fixes the below warning at module removel. [ 39.705310] ------------[ cut here ]------------ [ 39.710004] clk:162... • https://git.kernel.org/stable/c/e8784c0aec03a2581ee55827ba694e129d6a57ad •
CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 0CVE-2024-26962 – dm-raid456, md/raid456: fix a deadlock for dm-raid456 while io concurrent with reshape
https://notcve.org/view.php?id=CVE-2024-26962
01 May 2024 — In the Linux kernel, the following vulnerability has been resolved: dm-raid456, md/raid456: fix a deadlock for dm-raid456 while io concurrent with reshape For raid456, if reshape is still in progress, then IO across reshape position will wait for reshape to make progress. However, for dm-raid, in following cases reshape will never make progress hence IO will hang: 1) the array is read-only; 2) MD_RECOVERY_WAIT is set; 3) MD_RECOVERY_FROZEN is set; After commit c467e97f079f ("md/raid6: use valid sector v... • https://git.kernel.org/stable/c/5943a34bf6bab5801e08a55f63e1b8d5bc90dae1 •