CVSS: -EPSS: 0%CPEs: 8EXPL: 0CVE-2024-41034 – nilfs2: fix kernel bug on rename operation of broken directory
https://notcve.org/view.php?id=CVE-2024-41034
In the Linux kernel, the following vulnerability has been resolved: nilfs2: fix kernel bug on rename operation of broken directory Syzbot reported that in rename directory operation on broken directory on nilfs2, __block_write_begin_int() called to prepare block write may fail BUG_ON check for access exceeding the folio/page size. This is because nilfs_dotdot(), which gets parent directory reference entry ("..") of the directory to be moved or renamed, does not check consistency enough, and may return location exceeding folio/page size for broken directories. Fix this issue by checking required directory entries ("." and "..") in the first chunk of the directory in nilfs_dotdot(). • https://git.kernel.org/stable/c/2ba466d74ed74f073257f86e61519cb8f8f46184 https://git.kernel.org/stable/c/ff9767ba2cb949701e45e6e4287f8af82986b703 https://git.kernel.org/stable/c/24c1c8566a9b6be51f5347be2ea76e25fc82b11e https://git.kernel.org/stable/c/a9a466a69b85059b341239766a10efdd3ee68a4b https://git.kernel.org/stable/c/7000b438dda9d0f41a956fc9bffed92d2eb6be0d https://git.kernel.org/stable/c/1a8879c0771a68d70ee2e5e66eea34207e8c6231 https://git.kernel.org/stable/c/60f61514374e4a0c3b65b08c6024dd7e26150bfd https://git.kernel.org/stable/c/298cd810d7fb687c90a14d8f9fd1b8719 •
CVSS: -EPSS: 0%CPEs: 2EXPL: 0CVE-2024-41033 – cachestat: do not flush stats in recency check
https://notcve.org/view.php?id=CVE-2024-41033
In the Linux kernel, the following vulnerability has been resolved: cachestat: do not flush stats in recency check syzbot detects that cachestat() is flushing stats, which can sleep, in its RCU read section (see [1]). • https://git.kernel.org/stable/c/b006847222623ac3cda8589d15379eac86a2bcb7 https://git.kernel.org/stable/c/1d1ba14e00d290b1ed616ed78c8c49bf897ce390 https://git.kernel.org/stable/c/5a4d8944d6b1e1aaaa83ea42c116b520b4ed0394 •
CVSS: -EPSS: 0%CPEs: 3EXPL: 0CVE-2024-41032 – mm: vmalloc: check if a hash-index is in cpu_possible_mask
https://notcve.org/view.php?id=CVE-2024-41032
In the Linux kernel, the following vulnerability has been resolved: mm: vmalloc: check if a hash-index is in cpu_possible_mask The problem is that there are systems where cpu_possible_mask has gaps between set CPUs, for example SPARC. • https://git.kernel.org/stable/c/062eacf57ad91b5c272f89dc964fd6dd9715ea7d https://git.kernel.org/stable/c/28acd531c9a365dac01b32e6bc54aed8c1429bcb https://git.kernel.org/stable/c/47f9b6e49b422392fb0e348a65eb925103ba1882 https://git.kernel.org/stable/c/a34acf30b19bc4ee3ba2f1082756ea2604c19138 •
CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 0CVE-2024-41031 – mm/filemap: skip to create PMD-sized page cache if needed
https://notcve.org/view.php?id=CVE-2024-41031
In the Linux kernel, the following vulnerability has been resolved: mm/filemap: skip to create PMD-sized page cache if needed On ARM64, HPAGE_PMD_ORDER is 13 when the base page size is 64KB. ... A vulnerability was found in the Linux kernel related to how large page caching is handled, particularly for AMD64 architectures. • https://git.kernel.org/stable/c/4687fdbb805a92ce5a9f23042c436dc64fef8b77 https://git.kernel.org/stable/c/06b5a69c27ec405a3c3f2da8520ff1ee70b94a21 https://git.kernel.org/stable/c/1ef650d3b1b2a16473981b447f38705fe9b93972 https://git.kernel.org/stable/c/3390916aca7af1893ed2ebcdfee1d6fdb65bb058 https://access.redhat.com/security/cve/CVE-2024-41031 https://bugzilla.redhat.com/show_bug.cgi?id=2300395 • CWE-99: Improper Control of Resource Identifiers ('Resource Injection') •
CVSS: -EPSS: 0%CPEs: 4EXPL: 0CVE-2024-41030 – ksmbd: discard write access to the directory open
https://notcve.org/view.php?id=CVE-2024-41030
In the Linux kernel, the following vulnerability has been resolved: ksmbd: discard write access to the directory open may_open() does not allow a directory to be opened with the write access. However, some writing flags set by client result in adding write access on server, making ksmbd incompatible with FUSE file system. • https://git.kernel.org/stable/c/66cf853e1c7a2407f15d9f7aaa3e47d61745e361 https://git.kernel.org/stable/c/9e84b1ba5c98fb5c9f869c85db1d870354613baa https://git.kernel.org/stable/c/198498b2049c0f11f7670be6974570e02b0cc035 https://git.kernel.org/stable/c/e2e33caa5dc2eae7bddf88b22ce11ec3d760e5cd •