CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 0CVE-2024-35945 – net: phy: phy_device: Prevent nullptr exceptions on ISR
https://notcve.org/view.php?id=CVE-2024-35945
19 May 2024 — In the Linux kernel, the following vulnerability has been resolved: net: phy: phy_device: Prevent nullptr exceptions on ISR If phydev->irq is set unconditionally, check for valid interrupt handler or fall back to polling mode to prevent nullptr exceptions in interrupt service routine. En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: net: phy: phy_device: previene excepciones nullptr en ISR. Si phydev->irq está configurado incondicionalmente, verifique si hay un controlador de interrupci... • https://git.kernel.org/stable/c/7a71f61ebf95cedd3f245db6da397822971d8db5 •
CVSS: 5.5EPSS: 0%CPEs: 8EXPL: 0CVE-2024-35944 – VMCI: Fix memcpy() run-time warning in dg_dispatch_as_host()
https://notcve.org/view.php?id=CVE-2024-35944
19 May 2024 — In the Linux kernel, the following vulnerability has been resolved: VMCI: Fix memcpy() run-time warning in dg_dispatch_as_host() Syzkaller hit 'WARNING in dg_dispatch_as_host' bug. memcpy: detected field-spanning write (size 56) of single field "&dg_info->msg" at drivers/misc/vmw_vmci/vmci_datagram.c:237 (size 24) WARNING: CPU: 0 PID: 1555 at drivers/misc/vmw_vmci/vmci_datagram.c:237 dg_dispatch_as_host+0x88e/0xa60 drivers/misc/vmw_vmci/vmci_datagram.c:237 Some code commentry, based on my understanding: 544... • https://git.kernel.org/stable/c/e87bb99d2df6512d8ee37a5d63d2ca9a39a8c051 •
CVSS: 5.5EPSS: 0%CPEs: 4EXPL: 0CVE-2024-35943 – pmdomain: ti: Add a null pointer check to the omap_prm_domain_init
https://notcve.org/view.php?id=CVE-2024-35943
19 May 2024 — In the Linux kernel, the following vulnerability has been resolved: pmdomain: ti: Add a null pointer check to the omap_prm_domain_init devm_kasprintf() returns a pointer to dynamically allocated memory which can be NULL upon failure. Ensure the allocation was successful by checking the pointer validity. En el kernel de Linux, se resolvió la siguiente vulnerabilidad: pmdomain: ti: agregue una verificación de puntero null a omap_prm_domain_init devm_kasprintf() devuelve un puntero a la memoria asignada dinámi... • https://git.kernel.org/stable/c/bc08f5ab11b1881b85371f0bd9c9a3d27f65cca8 •
CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 0CVE-2024-35942 – pmdomain: imx8mp-blk-ctrl: imx8mp_blk: Add fdcc clock to hdmimix domain
https://notcve.org/view.php?id=CVE-2024-35942
19 May 2024 — In the Linux kernel, the following vulnerability has been resolved: pmdomain: imx8mp-blk-ctrl: imx8mp_blk: Add fdcc clock to hdmimix domain According to i.MX8MP RM and HDMI ADD, the fdcc clock is part of hdmi rx verification IP that should not enable for HDMI TX. But actually if the clock is disabled before HDMI/LCDIF probe, LCDIF will not get pixel clock from HDMI PHY and print the error logs: [CRTC:39:crtc-2] vblank wait timed out WARNING: CPU: 2 PID: 9 at drivers/gpu/drm/drm_atomic_helper.c:1634 drm_atom... • https://git.kernel.org/stable/c/9d3f959b426635c4da50dfc7b1306afd84d23e7c •
CVSS: 5.5EPSS: 0%CPEs: 6EXPL: 0CVE-2024-35940 – pstore/zone: Add a null pointer check to the psz_kmsg_read
https://notcve.org/view.php?id=CVE-2024-35940
19 May 2024 — In the Linux kernel, the following vulnerability has been resolved: pstore/zone: Add a null pointer check to the psz_kmsg_read kasprintf() returns a pointer to dynamically allocated memory which can be NULL upon failure. Ensure the allocation was successful by checking the pointer validity. En el kernel de Linux, se resolvió la siguiente vulnerabilidad: pstore/zone: agregue una verificación de puntero null a psz_kmsg_read kasprintf() devuelve un puntero a la memoria asignada dinámicamente que puede ser NULL... • https://git.kernel.org/stable/c/98e2b97acb875d65bdfc75fc408e67975cef3041 • CWE-476: NULL Pointer Dereference •
CVSS: 5.5EPSS: 0%CPEs: 4EXPL: 0CVE-2024-35939 – dma-direct: Leak pages on dma_set_decrypted() failure
https://notcve.org/view.php?id=CVE-2024-35939
19 May 2024 — In the Linux kernel, the following vulnerability has been resolved: dma-direct: Leak pages on dma_set_decrypted() failure On TDX it is possible for the untrusted host to cause set_memory_encrypted() or set_memory_decrypted() to fail such that an error is returned and the resulting memory is shared. Callers need to take care to handle these errors to avoid returning decrypted (shared) memory to the page allocator, which could lead to functional or security issues. DMA could free decrypted/shared pages if dma... • https://git.kernel.org/stable/c/4e0cfb25d49da2e6261ad582f58ffa5b5dd8c8e9 •
CVSS: 5.5EPSS: 0%CPEs: 5EXPL: 0CVE-2024-35938 – wifi: ath11k: decrease MHI channel buffer length to 8KB
https://notcve.org/view.php?id=CVE-2024-35938
19 May 2024 — In the Linux kernel, the following vulnerability has been resolved: wifi: ath11k: decrease MHI channel buffer length to 8KB Currently buf_len field of ath11k_mhi_config_qca6390 is assigned with 0, making MHI use a default size, 64KB, to allocate channel buffers. This is likely to fail in some scenarios where system memory is highly fragmented and memory compaction or reclaim is not allowed. There is a fail report which is caused by it: kworker/u32:45: page allocation failure: order:4, mode:0x40c00(GFP_NOIO|... • https://git.kernel.org/stable/c/d5c65159f2895379e11ca13f62feabe93278985d •
CVSS: 5.8EPSS: 0%CPEs: 4EXPL: 0CVE-2024-35937 – wifi: cfg80211: check A-MSDU format more carefully
https://notcve.org/view.php?id=CVE-2024-35937
19 May 2024 — In the Linux kernel, the following vulnerability has been resolved: wifi: cfg80211: check A-MSDU format more carefully If it looks like there's another subframe in the A-MSDU but the header isn't fully there, we can end up reading data out of bounds, only to discard later. Make this a bit more careful and check if the subframe header can even be present. En el kernel de Linux se ha resuelto la siguiente vulnerabilidad: wifi: cfg80211: comprueba más detenidamente el formato A-MSDU Si parece que hay otra subt... • https://git.kernel.org/stable/c/9eb3bc0973d084423a6df21cf2c74692ff05647e •
CVSS: 5.5EPSS: 0%CPEs: 8EXPL: 0CVE-2024-35936 – btrfs: handle chunk tree lookup error in btrfs_relocate_sys_chunks()
https://notcve.org/view.php?id=CVE-2024-35936
19 May 2024 — In the Linux kernel, the following vulnerability has been resolved: btrfs: handle chunk tree lookup error in btrfs_relocate_sys_chunks() The unhandled case in btrfs_relocate_sys_chunks() loop is a corruption, as it could be caused only by two impossible conditions: - at first the search key is set up to look for a chunk tree item, with offset -1, this is an inexact search and the key->offset will contain the correct offset upon a successful search, a valid chunk tree item cannot have an offset -1 - after fi... • https://git.kernel.org/stable/c/bebd9e0ff90034875c5dfe4bd514fd7055fc7a89 •
CVSS: 5.5EPSS: 0%CPEs: 8EXPL: 0CVE-2024-35935 – btrfs: send: handle path ref underflow in header iterate_inode_ref()
https://notcve.org/view.php?id=CVE-2024-35935
19 May 2024 — In the Linux kernel, the following vulnerability has been resolved: btrfs: send: handle path ref underflow in header iterate_inode_ref() Change BUG_ON to proper error handling if building the path buffer fails. The pointers are not printed so we don't accidentally leak kernel addresses. En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: btrfs: enviar: manejar el desbordamiento de la referencia de ruta en el encabezado iterate_inode_ref() Cambie BUG_ON al manejo adecuado de errores si falla l... • https://git.kernel.org/stable/c/be2b6bcc936ae17f42fff6494106a5660b35d8d3 •