CVSS: 5.5EPSS: 0%CPEs: 7EXPL: 0CVE-2024-38590 – RDMA/hns: Modify the print level of CQE error
https://notcve.org/view.php?id=CVE-2024-38590
19 Jun 2024 — In the Linux kernel, the following vulnerability has been resolved: RDMA/hns: Modify the print level of CQE error Too much print may lead to a panic in kernel. Change ibdev_err() to ibdev_err_ratelimited(), and change the printing level of cqe dump to debug level. En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: RDMA/hns: Modifique el nivel de impresión del error CQE. Demasiada impresión puede provocar pánico en el kernel. Cambie ibdev_err() a ibdev_err_ratelimited() y cambie el nivel de i... • https://git.kernel.org/stable/c/7c044adca272768d821921f11d3da4587dcec68a •
CVSS: 7.8EPSS: 0%CPEs: 9EXPL: 0CVE-2024-38589 – netrom: fix possible dead-lock in nr_rt_ioctl()
https://notcve.org/view.php?id=CVE-2024-38589
19 Jun 2024 — In the Linux kernel, the following vulnerability has been resolved: netrom: fix possible dead-lock in nr_rt_ioctl() syzbot loves netrom, and found a possible deadlock in nr_rt_ioctl [1] Make sure we always acquire nr_node_list_lock before nr_node_lock(nr_node) [1] WARNING: possible circular locking dependency detected 6.9.0-rc7-syzkaller-02147-g654de42f3fc6 #0 Not tainted ------------------------------------------------------ syz-executor350/5129 is trying to acquire lock: ffff8880186e2070 (&nr_node->node_l... • https://git.kernel.org/stable/c/1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 •
CVSS: 7.8EPSS: 0%CPEs: 8EXPL: 0CVE-2024-38588 – ftrace: Fix possible use-after-free issue in ftrace_location()
https://notcve.org/view.php?id=CVE-2024-38588
19 Jun 2024 — In the Linux kernel, the following vulnerability has been resolved: ftrace: Fix possible use-after-free issue in ftrace_location() KASAN reports a bug: BUG: KASAN: use-after-free in ftrace_location+0x90/0x120 Read of size 8 at addr ffff888141d40010 by task insmod/424 CPU: 8 PID: 424 Comm: insmod Tainted: G W 6.9.0-rc2+ [...] Call Trace:
CVSS: 6.1EPSS: 0%CPEs: 9EXPL: 0CVE-2024-38587 – speakup: Fix sizeof() vs ARRAY_SIZE() bug
https://notcve.org/view.php?id=CVE-2024-38587
19 Jun 2024 — In the Linux kernel, the following vulnerability has been resolved: speakup: Fix sizeof() vs ARRAY_SIZE() bug The "buf" pointer is an array of u16 values. This code should be using ARRAY_SIZE() (which is 256) instead of sizeof() (which is 512), otherwise it can the still got out of bounds. En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: Speakup: corrige el error sizeof() vs ARRAY_SIZE() El puntero "buf" es una matriz de valores u16. Este código debería usar ARRAY_SIZE() (que es 256) en lu... • https://git.kernel.org/stable/c/756c5cb7c09e537b87b5d3acafcb101b2ccf394f •
CVSS: 4.7EPSS: 0%CPEs: 7EXPL: 0CVE-2024-38586 – r8169: Fix possible ring buffer corruption on fragmented Tx packets.
https://notcve.org/view.php?id=CVE-2024-38586
19 Jun 2024 — In the Linux kernel, the following vulnerability has been resolved: r8169: Fix possible ring buffer corruption on fragmented Tx packets. An issue was found on the RTL8125b when transmitting small fragmented packets, whereby invalid entries were inserted into the transmit ring buffer, subsequently leading to calls to dma_unmap_single() with a null address. This was caused by rtl8169_start_xmit() not noticing changes to nr_frags which may occur when small packets are padded (to work around hardware quirks) in... • https://git.kernel.org/stable/c/9020845fb5d6bb4876a38fdf1259600e7d9a63d4 • CWE-457: Use of Uninitialized Variable •
CVSS: 7.8EPSS: 0%CPEs: 5EXPL: 0CVE-2024-38585 – tools/nolibc/stdlib: fix memory error in realloc()
https://notcve.org/view.php?id=CVE-2024-38585
19 Jun 2024 — In the Linux kernel, the following vulnerability has been resolved: tools/nolibc/stdlib: fix memory error in realloc() Pass user_p_len to memcpy() instead of heap->len to prevent realloc() from copying an extra sizeof(heap) bytes from beyond the allocated region. En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: tools/nolibc/stdlib: corrige el error de memoria en realloc() Pase user_p_len a memcpy() en lugar de heap->len para evitar que realloc() copie un tamaño extra de(heap) bytes más ... • https://git.kernel.org/stable/c/0e0ff638400be8f497a35b51a4751fd823f6bd6a •
CVSS: 5.5EPSS: 0%CPEs: 4EXPL: 0CVE-2024-38584 – net: ti: icssg_prueth: Fix NULL pointer dereference in prueth_probe()
https://notcve.org/view.php?id=CVE-2024-38584
19 Jun 2024 — In the Linux kernel, the following vulnerability has been resolved: net: ti: icssg_prueth: Fix NULL pointer dereference in prueth_probe() In the prueth_probe() function, if one of the calls to emac_phy_connect() fails due to of_phy_connect() returning NULL, then the subsequent call to phy_attached_info() will dereference a NULL pointer. Check the return code of emac_phy_connect and fail cleanly if there is an error. En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: net: ti: icssg_prueth: co... • https://git.kernel.org/stable/c/128d5874c0822105ae9556d5435fb8562aff2e3b •
CVSS: 7.8EPSS: 0%CPEs: 9EXPL: 0CVE-2024-38583 – nilfs2: fix use-after-free of timer for log writer thread
https://notcve.org/view.php?id=CVE-2024-38583
19 Jun 2024 — In the Linux kernel, the following vulnerability has been resolved: nilfs2: fix use-after-free of timer for log writer thread Patch series "nilfs2: fix log writer related issues". This bug fix series covers three nilfs2 log writer-related issues, including a timer use-after-free issue and potential deadlock issue on unmount, and a potential freeze issue in event synchronization found during their analysis. Details are described in each commit log. This patch (of 3): A use-after-free issue has been reported ... • https://git.kernel.org/stable/c/fdce895ea5dd4e24edf1f4d693827349a4e5b3b4 •
CVSS: 5.3EPSS: 0%CPEs: 9EXPL: 0CVE-2024-38582 – nilfs2: fix potential hang in nilfs_detach_log_writer()
https://notcve.org/view.php?id=CVE-2024-38582
19 Jun 2024 — In the Linux kernel, the following vulnerability has been resolved: nilfs2: fix potential hang in nilfs_detach_log_writer() Syzbot has reported a potential hang in nilfs_detach_log_writer() called during nilfs2 unmount. Analysis revealed that this is because nilfs_segctor_sync(), which synchronizes with the log writer thread, can be called after nilfs_segctor_destroy() terminates that thread, as shown in the call trace below: nilfs_detach_log_writer nilfs_segctor_destroy nilfs_segctor_kill_thread --> Shut d... • https://git.kernel.org/stable/c/911d38be151921a5d152bb55e81fd752384c6830 •
CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 0CVE-2024-38581 – drm/amdgpu/mes: fix use-after-free issue
https://notcve.org/view.php?id=CVE-2024-38581
19 Jun 2024 — In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu/mes: fix use-after-free issue Delete fence fallback timer to fix the ramdom use-after-free issue. v2: move to amdgpu_mes.c En el kernel de Linux, se resolvió la siguiente vulnerabilidad: drm/amdgpu/mes: soluciona el problema de use-after-free. Elimina el temporizador de reserva de valla para solucionar el problema de use-after-free. v2: pasar a amdgpu_mes.c A flaw was found in the Linux kernel. This issue is due to a possible use... • https://git.kernel.org/stable/c/70b1bf6d9edc8692d241f59a65f073aec6d501de •