CVSS: 7.0EPSS: 0%CPEs: 3EXPL: 0CVE-2024-38625 – fs/ntfs3: Check 'folio' pointer for NULL
https://notcve.org/view.php?id=CVE-2024-38625
21 Jun 2024 — In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: Check 'folio' pointer for NULL It can be NULL if bmap is called. • https://git.kernel.org/stable/c/82cae269cfa953032fbb8980a7d554d60fb00b17 •
CVSS: 7.0EPSS: 0%CPEs: 5EXPL: 0CVE-2024-38624 – fs/ntfs3: Use 64 bit variable to avoid 32 bit overflow
https://notcve.org/view.php?id=CVE-2024-38624
21 Jun 2024 — In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: Use 64 bit variable to avoid 32 bit overflow For example, in the expression: vbo = 2 * vbo + skip • https://git.kernel.org/stable/c/b46acd6a6a627d876898e1c84d3f84902264b445 •
CVSS: 9.8EPSS: 0%CPEs: 5EXPL: 0CVE-2024-38623 – fs/ntfs3: Use variable length array instead of fixed size
https://notcve.org/view.php?id=CVE-2024-38623
21 Jun 2024 — In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: Use variable length array instead of fixed size Should fix smatch warning: ntfs_set_label() error: __builtin_memcpy() 'uni->name' too small (20 vs 256) En el kernel de Linux, se resolvió la siguiente vulnerabilidad: fs/ntfs3: use una matriz de longitud variable en lugar de un tamaño fijo. • https://git.kernel.org/stable/c/4534a70b7056fd4b9a1c6db5a4ce3c98546b291e • CWE-129: Improper Validation of Array Index •
CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 0CVE-2024-38622 – drm/msm/dpu: Add callback function pointer check before its call
https://notcve.org/view.php?id=CVE-2024-38622
21 Jun 2024 — In the Linux kernel, the following vulnerability has been resolved: drm/msm/dpu: Add callback function pointer check before its call In dpu_core_irq_callback_handler() callback function pointer is compared to NULL, but then callback function is unconditionally called by this pointer. Fix this bug by adding conditional return. Found by Linux Verification Center (linuxtesting.org) with SVACE. Found by Linux Verification Center (linuxtesting.org) with SVACE. Patchwork: https://patchwork.fr... • https://git.kernel.org/stable/c/c929ac60b3ed34accd25a052a4833e418900f466 •
CVSS: 5.5EPSS: 0%CPEs: 8EXPL: 0CVE-2024-38621 – media: stk1160: fix bounds checking in stk1160_copy_video()
https://notcve.org/view.php?id=CVE-2024-38621
21 Jun 2024 — In the Linux kernel, the following vulnerability has been resolved: media: stk1160: fix bounds checking in stk1160_copy_video() The subtract in this condition is reversed. In the Linux kernel, the following vulnerability has been resolved: media: stk1160: fix bounds checking in stk1160_copy_video() The subtract in this condition is reversed. ... En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: medios: stk1160: revisión de los límites fijos en stk1160_copy_video() La re... • https://git.kernel.org/stable/c/9cb2173e6ea8f2948bd1367c93083a2500fcf08f •
CVSS: 5.5EPSS: 0%CPEs: 5EXPL: 0CVE-2024-38390 – drm/msm/a6xx: Avoid a nullptr dereference when speedbin setting fails
https://notcve.org/view.php?id=CVE-2024-38390
21 Jun 2024 — Patchwork: https://patchwork.freedesktop.org/patch/588919/ In the Linux kernel, the following vulnerability has been resolved: drm/msm/a6xx: Avoid a nullptr dereference when speedbin setting fails Calling a6xx_destroy() before adreno_gpu_init() leads to a null pointer dereference on: msm_gpu_cleanup() : platform_set_drvdata(gpu->pdev, NULL); as gpu->pdev is only assigned in: a6xx_gpu_init() |_ adreno_gpu_init |_ msm_gpu_init() Instead of relying on handwavy null checks down the cleanup chain, explici... • https://git.kernel.org/stable/c/76efc2453d0e8e5d6692ef69981b183ad674edea •
CVSS: 4.4EPSS: 0%CPEs: 4EXPL: 0CVE-2024-38388 – ALSA: hda/cs_dsp_ctl: Use private_free for control cleanup
https://notcve.org/view.php?id=CVE-2024-38388
21 Jun 2024 — In the Linux kernel, the following vulnerability has been resolved: ALSA: hda/cs_dsp_ctl: Use private_free for control cleanup Use the control private_free callback to free the associated data block. ... In the Linux kernel, the following vulnerability has been resolved: ALSA: hda/cs_dsp_ctl: Use private_free for control cleanup Use the control private_free callback to free the associated data block. • https://git.kernel.org/stable/c/3233b978af23f11b4ad4f7f11a9a64bd05702b1f • CWE-99: Improper Control of Resource Identifiers ('Resource Injection') •
CVSS: 7.1EPSS: 0%CPEs: 9EXPL: 0CVE-2024-38381 – nfc: nci: Fix uninit-value in nci_rx_work
https://notcve.org/view.php?id=CVE-2024-38381
21 Jun 2024 — In the Linux kernel, the following vulnerability has been resolved: nfc: nci: Fix uninit-value in nci_rx_work syzbot reported the following uninit-value access issue [1] nci_rx_work() parses received packet from ndev->rx_q. In the Linux kernel, the following vulnerability has been resolved: nfc: nci: Fix uninit-value in nci_rx_work syzbot reported the following uninit-value access issue [1] nci_rx_work() parses received packet from ndev->rx_q. ... En el kernel de Linux, se resolvió la s... • https://git.kernel.org/stable/c/11387b2effbb55f58dc2111ef4b4b896f2756240 •
CVSS: 6.6EPSS: 0%CPEs: 8EXPL: 0CVE-2024-37356 – tcp: Fix shift-out-of-bounds in dctcp_update_alpha().
https://notcve.org/view.php?id=CVE-2024-37356
21 Jun 2024 — With this patch: # echo 10 > /sys/module/tcp_dctcp/parameters/dctcp_shift_g # cat /sys/module/tcp_dctcp/parameters/dctcp_shift_g 10 # echo 11 > /sys/module/tcp_dctcp/parameters/dctcp_shift_g -bash: echo: write error: Invalid argument [0]: UBSAN: shift-out-of-bounds in net/ipv4/tcp_dctcp.c:143:12 shift exponent 100 is too large for 32-bit type 'u32' (aka 'unsigned int') CPU: 0 PID: 8083 Comm: syz-executor345 Not tainted 6.9.0-05151-g1b294a1f3561 #2 Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS ... • https://git.kernel.org/stable/c/e3118e8359bb7c59555aca60c725106e6d78c5ce • CWE-125: Out-of-bounds Read •
CVSS: 6.1EPSS: 0%CPEs: 6EXPL: 0CVE-2024-36489 – tls: fix missing memory barrier in tls_init
https://notcve.org/view.php?id=CVE-2024-36489
21 Jun 2024 — In the Linux kernel, the following vulnerability has been resolved: tls: fix missing memory barrier in tls_init In tls_init(), a write memory barrier is missing, and store-store reordering may cause NULL dereference in tls_{setsockopt,getsockopt}. In the Linux kernel, the following vulnerability has been resolved: tls: fix missing memory barrier in tls_init In tls_init(), a write memory barrier is missing, and store-store reordering may cause NULL dereference in tls_{setsockopt,getsockopt}. • https://git.kernel.org/stable/c/d5bee7374b68de3c44586d46e9e61ffc97a1e886 • CWE-402: Transmission of Private Resources into a New Sphere ('Resource Leak') •