CVSS: 5.5EPSS: 0%CPEs: 5EXPL: 0CVE-2024-26774 – ext4: avoid dividing by 0 in mb_update_avg_fragment_size() when block bitmap corrupt
https://notcve.org/view.php?id=CVE-2024-26774
03 Apr 2024 — In the Linux kernel, the following vulnerability has been resolved: ext4: avoid dividing by 0 in mb_update_avg_fragment_size() when block bitmap corrupt Determine if bb_fragments is 0 instead of determining bb_free to eliminate the risk of dividing by zero when the block bitmap is corrupted. En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: ext4: evitar dividir por 0 en mb_update_avg_fragment_size() cuando el mapa de bits del bloque está dañado. Determine si bb_fragments es 0 en lugar de de... • https://git.kernel.org/stable/c/687061cfaa2ac3095170e136dd9c29a4974f41d4 • CWE-369: Divide By Zero •
CVSS: 5.5EPSS: 0%CPEs: 8EXPL: 0CVE-2024-26773 – ext4: avoid allocating blocks from corrupted group in ext4_mb_try_best_found()
https://notcve.org/view.php?id=CVE-2024-26773
03 Apr 2024 — In the Linux kernel, the following vulnerability has been resolved: ext4: avoid allocating blocks from corrupted group in ext4_mb_try_best_found() Determine if the group block bitmap is corrupted before using ac_b_ex in ext4_mb_try_best_found() to avoid allocating blocks from a group with a corrupted block bitmap in the following concurrency and making the situation worse. ext4_mb_regular_allocator ext4_lock_group(sb, group) ext4_mb_good_group // check if the group bbitmap is corrupted ext4_mb_complex_scan_... • https://git.kernel.org/stable/c/21f8cfe79f776287459343e9cfa6055af61328ea • CWE-229: Improper Handling of Values •
CVSS: 5.5EPSS: 0%CPEs: 8EXPL: 0CVE-2024-26772 – ext4: avoid allocating blocks from corrupted group in ext4_mb_find_by_goal()
https://notcve.org/view.php?id=CVE-2024-26772
03 Apr 2024 — In the Linux kernel, the following vulnerability has been resolved: ext4: avoid allocating blocks from corrupted group in ext4_mb_find_by_goal() Places the logic for checking if the group's block bitmap is corrupt under the protection of the group lock to avoid allocating blocks from the group with a corrupted block bitmap. En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: ext4: evita asignar bloques del grupo corrupto en ext4_mb_find_by_goal() Coloca la lógica para verificar si el mapa de ... • https://git.kernel.org/stable/c/5a6dcc4ad0f7f7fa8e8d127b5526e7c5f2d38a43 • CWE-229: Improper Handling of Values •
CVSS: 5.5EPSS: 0%CPEs: 6EXPL: 0CVE-2024-26771 – dmaengine: ti: edma: Add some null pointer checks to the edma_probe
https://notcve.org/view.php?id=CVE-2024-26771
03 Apr 2024 — In the Linux kernel, the following vulnerability has been resolved: dmaengine: ti: edma: Add some null pointer checks to the edma_probe devm_kasprintf() returns a pointer to dynamically allocated memory which can be NULL upon failure. Ensure the allocation was successful by checking the pointer validity. En el kernel de Linux, se resolvió la siguiente vulnerabilidad: dmaengine: ti: edma: agregue algunas comprobaciones de puntero nulo a edma_probe devm_kasprintf() devuelve un puntero a la memoria asignada di... • https://git.kernel.org/stable/c/c432094aa7c9970f2fa10d2305d550d3810657ce •
CVSS: 4.6EPSS: 0%CPEs: 5EXPL: 0CVE-2024-26769 – nvmet-fc: avoid deadlock on delete association path
https://notcve.org/view.php?id=CVE-2024-26769
03 Apr 2024 — In the Linux kernel, the following vulnerability has been resolved: nvmet-fc: avoid deadlock on delete association path When deleting an association the shutdown path is deadlocking because we try to flush the nvmet_wq nested. Avoid this by deadlock by deferring the put work into its own work item. En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: nvmet-fc: evita el punto muerto al eliminar la ruta de asociación Al eliminar una asociación, la ruta de cierre se bloquea porque intentamos vaci... • https://git.kernel.org/stable/c/5e0bc09a52b6169ce90f7ac6e195791adb16cec4 • CWE-833: Deadlock •
CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 0CVE-2024-26767 – drm/amd/display: fixed integer types and null check locations
https://notcve.org/view.php?id=CVE-2024-26767
03 Apr 2024 — In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: fixed integer types and null check locations [why]: issues fixed: - comparison with wider integer type in loop condition which can cause infinite loops - pointer dereference before null check En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: drm/amd/display: tipos de enteros fijos y ubicaciones de verificación nula [por qué]: problemas solucionados: - comparación con un tipo de entero más amplio en condició... • https://git.kernel.org/stable/c/71783d1ff65204d69207fd156d4b2eb1d3882375 • CWE-170: Improper Null Termination •
CVSS: 7.8EPSS: 0%CPEs: 9EXPL: 0CVE-2024-26766 – IB/hfi1: Fix sdma.h tx->num_descs off-by-one error
https://notcve.org/view.php?id=CVE-2024-26766
03 Apr 2024 — In the Linux kernel, the following vulnerability has been resolved: IB/hfi1: Fix sdma.h tx->num_descs off-by-one error Unfortunately the commit `fd8958efe877` introduced another error causing the `descs` array to overflow. This reults in further crashes easily reproducible by `sendmsg` system call. [ 1080.836473] general protection fault, probably for non-canonical address 0x400300015528b00a: 0000 [#1] PREEMPT SMP PTI [ 1080.869326] RIP: 0010:hfi1_ipoib_build_ib_tx_headers.constprop.0+0xe1/0x2b0 [hfi1] -- [... • https://git.kernel.org/stable/c/d1c1ee052d25ca23735eea912f843bc7834781b4 •
CVSS: 3.3EPSS: 0%CPEs: 8EXPL: 0CVE-2024-26764 – fs/aio: Restrict kiocb_set_cancel_fn() to I/O submitted via libaio
https://notcve.org/view.php?id=CVE-2024-26764
03 Apr 2024 — In the Linux kernel, the following vulnerability has been resolved: fs/aio: Restrict kiocb_set_cancel_fn() to I/O submitted via libaio If kiocb_set_cancel_fn() is called for I/O submitted via io_uring, the following kernel warning appears: WARNING: CPU: 3 PID: 368 at fs/aio.c:598 kiocb_set_cancel_fn+0x9c/0xa8 Call trace: kiocb_set_cancel_fn+0x9c/0xa8 ffs_epfile_read_iter+0x144/0x1d0 io_read+0x19c/0x498 io_issue_sqe+0x118/0x27c io_submit_sqes+0x25c/0x5fc __arm64_sys_io_uring_enter+0x104/0xab0 invoke_syscall+... • https://git.kernel.org/stable/c/337b543e274fe7a8f47df3c8293cc6686ffa620f •
CVSS: 5.5EPSS: 0%CPEs: 8EXPL: 0CVE-2024-26763 – dm-crypt: don't modify the data when using authenticated encryption
https://notcve.org/view.php?id=CVE-2024-26763
03 Apr 2024 — In the Linux kernel, the following vulnerability has been resolved: dm-crypt: don't modify the data when using authenticated encryption It was said that authenticated encryption could produce invalid tag when the data that is being encrypted is modified [1]. So, fix this problem by copying the data into the clone bio first and then encrypt them inside the clone bio. This may reduce performance, but it is needed to prevent the user from corrupting the device by writing data with O_DIRECT and modifying them a... • https://git.kernel.org/stable/c/43a202bd552976497474ae144942e32cc5f34d7e •
CVSS: 5.5EPSS: 0%CPEs: 4EXPL: 0CVE-2024-26759 – mm/swap: fix race when skipping swapcache
https://notcve.org/view.php?id=CVE-2024-26759
03 Apr 2024 — In the Linux kernel, the following vulnerability has been resolved: mm/swap: fix race when skipping swapcache When skipping swapcache for SWP_SYNCHRONOUS_IO, if two or more threads swapin the same entry at the same time, they get different pages (A, B). Before one thread (T0) finishes the swapin and installs page (A) to the PTE, another thread (T1) could finish swapin of page (B), swap_free the entry, then swap out the possibly modified page reusing the same entry. It breaks the pte_same check in (T0) becau... • https://git.kernel.org/stable/c/0bcac06f27d7528591c27ac2b093ccd71c5d0168 • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •