CVSS: 7.1EPSS: 0%CPEs: 2EXPL: 0CVE-2024-50118 – btrfs: reject ro->rw reconfiguration if there are hard ro requirements
https://notcve.org/view.php?id=CVE-2024-50118
05 Nov 2024 — In the Linux kernel, the following vulnerability has been resolved: btrfs: reject ro->rw reconfiguration if there are hard ro requirements [BUG] Syzbot reports the following crash: BTRFS info (device loop0 state MCS): disabling free space tree BTRFS info (device loop0 state MCS): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1) BTRFS info (device loop0 state MCS): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2) Oops: general protection fault, probably for non-canonical address 0xdff... • https://git.kernel.org/stable/c/f044b318675f0347ecfb88377542651ba4eb9e1f •
CVSS: 8.4EPSS: 0%CPEs: 8EXPL: 0CVE-2024-50117 – drm/amd: Guard against bad data for ATIF ACPI method
https://notcve.org/view.php?id=CVE-2024-50117
05 Nov 2024 — A local attacker could use this to cause a denial of service or possibly execute arbitrary code. • https://git.kernel.org/stable/c/d38ceaf99ed015f2a0b9af3499791bd3a3daae21 •
CVSS: 7.1EPSS: 0%CPEs: 8EXPL: 0CVE-2024-50116 – nilfs2: fix kernel bug due to missing clearing of buffer delay flag
https://notcve.org/view.php?id=CVE-2024-50116
05 Nov 2024 — An attacker could use a specially crafted file system image that, when mounted, could cause a denial of service or possibly execute arbitrary code. • https://git.kernel.org/stable/c/8c26c4e2694a163d525976e804d81cd955bbb40c •
CVSS: 8.5EPSS: 0%CPEs: 6EXPL: 0CVE-2024-50115 – KVM: nSVM: Ignore nCR3[4:0] when loading PDPTEs from memory
https://notcve.org/view.php?id=CVE-2024-50115
05 Nov 2024 — An attacker could use a specially crafted file system image that, when mounted, could cause a denial of service or possibly execute arbitrary code. • https://git.kernel.org/stable/c/e4e517b4be019787ada4cbbce2f04570c21b0cbd • CWE-125: Out-of-bounds Read •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2024-50114 – KVM: arm64: Unregister redistributor for failed vCPU creation
https://notcve.org/view.php?id=CVE-2024-50114
05 Nov 2024 — An attacker could use a specially crafted file system image that, when mounted, could cause a denial of service or possibly execute arbitrary code. • https://git.kernel.org/stable/c/f616506754d34bcfdbfbc7508b562e5c98461e9a • CWE-416: Use After Free •
CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 0CVE-2024-50113 – firewire: core: fix invalid port index for parent device
https://notcve.org/view.php?id=CVE-2024-50113
05 Nov 2024 — An attacker could use a specially crafted file system image that, when mounted, could cause a denial of service or possibly execute arbitrary code. • https://git.kernel.org/stable/c/24b7f8e5cd656196a13077e160aec45ad89b58d9 •
CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 0CVE-2024-50112 – x86/lam: Disable ADDRESS_MASKING in most cases
https://notcve.org/view.php?id=CVE-2024-50112
05 Nov 2024 — No hay procesadores en el mercado que admitan LAM todavía, por lo que actualmente nadie se ve afectado por este problema. [1] SLAM: https://download.vusec.net/papers/slam_sp24.pdf [2] LASS: https://lore.kernel.org/lkml/20230609183632.48706-1-alexander.shishkin@linux.intel.com/ [ dhansen: actualización MITIGACIONES_DE_ESPECULACIÓN -> MITIGACIONES_DE_CPU ] In the Linux kernel, the following vulnerability has been resolved: x86/lam: Disable ADDRESS_MASKING in most cases Linear Address Masking (LAM) has a we... • https://git.kernel.org/stable/c/60a5ba560f296ad8da153f6ad3f70030bfa3958f •
CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 0CVE-2024-50111 – LoongArch: Enable IRQ if do_ale() triggered in irq-enabled context
https://notcve.org/view.php?id=CVE-2024-50111
05 Nov 2024 — An attacker could use a specially crafted file system image that, when mounted, could cause a denial of service or possibly execute arbitrary code. • https://git.kernel.org/stable/c/fa96b57c149061f71a70bd6582d995f6424fbbf4 •
CVSS: 7.1EPSS: 0%CPEs: 5EXPL: 0CVE-2024-50110 – xfrm: fix one more kernel-infoleak in algo dumping
https://notcve.org/view.php?id=CVE-2024-50110
05 Nov 2024 — An attacker could use a specially crafted file system image that, when mounted, could cause a denial of service or possibly execute arbitrary code. • https://git.kernel.org/stable/c/c7a5899eb26e2a4d516d53f65b6dd67be2228041 • CWE-908: Use of Uninitialized Resource •
CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 0CVE-2024-50109 – md/raid10: fix null ptr dereference in raid10_size()
https://notcve.org/view.php?id=CVE-2024-50109
05 Nov 2024 — An attacker could use a specially crafted file system image that, when mounted, could cause a denial of service or possibly execute arbitrary code. • https://git.kernel.org/stable/c/3d8466ba68d444f5528dcbff106e8bf5c7d51aa0 •