CVSS: 9.8EPSS: 0%CPEs: 3EXPL: 0CVE-2024-39462 – clk: bcm: dvp: Assign ->num before accessing ->hws
https://notcve.org/view.php?id=CVE-2024-39462
25 Jun 2024 — In the Linux kernel, the following vulnerability has been resolved: clk: bcm: dvp: Assign ->num before accessing ->hws Commit f316cdff8d67 ("clk: Annotate struct clk_hw_onecell_data with __counted_by") annotated the hws member of 'struct clk_hw_onecell_data' with __counted_by, which informs the bounds sanitizer about the number of elements in hws, so that it can warn when hws is accessed out of bounds. In the Linux kernel, the following vulnerability has been resolved: clk: bcm: dvp: Assign ->... • https://git.kernel.org/stable/c/f316cdff8d677db9ad9c90acb44c4cd535b0ee27 • CWE-400: Uncontrolled Resource Consumption •
CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 0CVE-2024-39461 – clk: bcm: rpi: Assign ->num before accessing ->hws
https://notcve.org/view.php?id=CVE-2024-39461
25 Jun 2024 — In the Linux kernel, the following vulnerability has been resolved: clk: bcm: rpi: Assign ->num before accessing ->hws Commit f316cdff8d67 ("clk: Annotate struct clk_hw_onecell_data with __counted_by") annotated the hws member of 'struct clk_hw_onecell_data' with __counted_by, which informs the bounds sanitizer about the number of elements in hws, so that it can warn when hws is accessed out of bounds. In the Linux kernel, the following vulnerability has been resolved: clk: bcm: rpi: Assign ->... • https://git.kernel.org/stable/c/f316cdff8d677db9ad9c90acb44c4cd535b0ee27 •
CVSS: 5.5EPSS: 0%CPEs: 4EXPL: 0CVE-2024-39371 – io_uring: check for non-NULL file pointer in io_file_can_poll()
https://notcve.org/view.php?id=CVE-2024-39371
25 Jun 2024 — In the Linux kernel, the following vulnerability has been resolved: io_uring: check for non-NULL file pointer in io_file_can_poll() In earlier kernels, it was possible to trigger a NULL pointer dereference off the forced async preparation path, if no file had been assigned. In the Linux kernel, the following vulnerability has been resolved: io_uring: check for non-NULL file pointer in io_file_can_poll() In earlier kernels, it was possible to trigger a NULL pointer dereference off the forced as... • https://git.kernel.org/stable/c/a76c0b31eef50fdb8b21d53a6d050f59241fb88e •
CVSS: 5.5EPSS: 0%CPEs: 8EXPL: 0CVE-2024-39301 – net/9p: fix uninit-value in p9_client_rpc()
https://notcve.org/view.php?id=CVE-2024-39301
25 Jun 2024 — In the Linux kernel, the following vulnerability has been resolved: net/9p: fix uninit-value in p9_client_rpc() Syzbot with the help of KMSAN reported the following error: BUG: KMSAN: uninit-value in trace_9p_client_res include/trace/events/9p.h:146 [inline] BUG: KMSAN: uninit-value in p9_client_rpc+0x1314/0x1340 net/9p/client.c:754 trace_9p_client_res include/trace/events/9p.h:146 [inline] p9_client_rpc+0x1314/0x1340 net/9p/client.c:754 p9_client_create+0x1551/0x1ff0 net/9p/client.c:1031 v9fs_sessio... • https://git.kernel.org/stable/c/348b59012e5c6402741d067cf6eeeb6271999d06 •
CVSS: 7.0EPSS: 0%CPEs: 4EXPL: 0CVE-2024-39298 – mm/memory-failure: fix handling of dissolved but not taken off from buddy pages
https://notcve.org/view.php?id=CVE-2024-39298
25 Jun 2024 — In the Linux kernel, the following vulnerability has been resolved: mm/memory-failure: fix handling of dissolved but not taken off from buddy pages When I did memory failure tests recently, below panic occurs: page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x8cee00 flags: 0x6fffe0000000000(node=1|zone=2|lastcpupid=0x7fff) raw: 06fffe0000000000 dead000000000100 dead000000000122 0000000000000000 raw: 0000000000000000 0000000000000009 00000000ffffffff 0000000000000000 page dumped bec... • https://git.kernel.org/stable/c/ceaf8fbea79a854373b9fc03c9fde98eb8712725 • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •
CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 0CVE-2024-39296 – bonding: fix oops during rmmod
https://notcve.org/view.php?id=CVE-2024-39296
25 Jun 2024 — In the Linux kernel, the following vulnerability has been resolved: bonding: fix oops during rmmod "rmmod bonding" causes an oops ever since commit cc317ea3d927 ("bonding: remove redundant NULL check in debugfs function"). ... In the Linux kernel, the following vulnerability has been resolved: bonding: fix oops during rmmod "rmmod bonding" causes an oops ever since commit cc317ea3d927 ("bonding: remove redundant NULL check in debugfs function"). • https://git.kernel.org/stable/c/cc317ea3d9272fab4f6fef527c865f30ca479394 •
CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 0CVE-2024-39293 – Revert "xsk: Support redirect to any socket bound to the same umem"
https://notcve.org/view.php?id=CVE-2024-39293
25 Jun 2024 — In the Linux kernel, the following vulnerability has been resolved: Revert "xsk: Support redirect to any socket bound to the same umem" This reverts commit 2863d665ea41282379f108e4da6c8a2366ba66db. ... In the Linux kernel, the following vulnerability has been resolved: Revert "xsk: Support redirect to any socket bound to the same umem" This reverts commit 2863d665ea41282379f108e4da6c8a2366ba66db. • https://git.kernel.org/stable/c/19cb40b1064566ea09538289bfcf5bc7ecb9b6f5 •
CVSS: 5.5EPSS: 0%CPEs: 10EXPL: 0CVE-2024-39276 – ext4: fix mb_cache_entry's e_refcnt leak in ext4_xattr_block_cache_find()
https://notcve.org/view.php?id=CVE-2024-39276
25 Jun 2024 — In the Linux kernel, the following vulnerability has been resolved: ext4: fix mb_cache_entry's e_refcnt leak in ext4_xattr_block_cache_find() Syzbot reports a warning as follows: ============================================ WARNING: CPU: 0 PID: 5075 at fs/mbcache.c:419 mb_cache_destroy+0x224/0x290 Modules linked in: CPU: 0 PID: 5075 Comm: syz-executor199 Not tainted 6.9.0-rc6-gb947cc5bf6d7 RIP: 0010:mb_cache_destroy+0x224/0x290 fs/mbcache.c:419 Call Trace:
CVSS: 5.5EPSS: 0%CPEs: 8EXPL: 0CVE-2024-38661 – s390/ap: Fix crash in AP internal function modify_bitmap()
https://notcve.org/view.php?id=CVE-2024-38661
25 Jun 2024 — In the Linux kernel, the following vulnerability has been resolved: s390/ap: Fix crash in AP internal function modify_bitmap() A system crash like this Failing address: 200000cb7df6f000 TEID: 200000cb7df6f403 Fault in home space mode while using kernel ASCE. In the Linux kernel, the following vulnerability has been resolved: s390/ap: Fix crash in AP internal function modify_bitmap() A system crash like this Failing address: 200000cb7df6f000 TEID: 200000cb7df6f403 Fault in home space mode while... • https://git.kernel.org/stable/c/2062e3f1f2374102f8014d7ca286b9aa527bd558 •
CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 0CVE-2024-38385 – genirq/irqdesc: Prevent use-after-free in irq_find_at_or_after()
https://notcve.org/view.php?id=CVE-2024-38385
25 Jun 2024 — In the Linux kernel, the following vulnerability has been resolved: genirq/irqdesc: Prevent use-after-free in irq_find_at_or_after() irq_find_at_or_after() dereferences the interrupt descriptor which is returned by mt_find() while neither holding sparse_irq_lock nor RCU read lock, which means the descriptor can be freed between mt_find() and the dereference: CPU0 CPU1 desc = mt_find() delayed_free_desc(desc) irq_desc_get_irq(desc) The use-after-free is reported by KASAN: Call trace: irq_get_next_irq+... • https://git.kernel.org/stable/c/721255b9826bd11c7a38b585905fc2dd0fb94e52 •