CVSS: -EPSS: 0%CPEs: 5EXPL: 0CVE-2024-36029 – mmc: sdhci-msm: pervent access to suspended controller
https://notcve.org/view.php?id=CVE-2024-36029
30 May 2024 — In the Linux kernel, the following vulnerability has been resolved: mmc: sdhci-msm: pervent access to suspended controller Generic sdhci code registers LED device and uses host->runtime_suspended flag to protect access to it. The sdhci-msm driver doesn't set this flag, which causes a crash when LED is accessed while controller is runtime suspended. Fix this by setting the flag correctly. En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: mmc: sdhci-msm: acceso prohibido al controlador susp... • https://git.kernel.org/stable/c/67e6db113c903f2b8af924400b7b43ade4b9ac5c •
CVSS: 4.7EPSS: 0%CPEs: 5EXPL: 0CVE-2024-36028 – mm/hugetlb: fix DEBUG_LOCKS_WARN_ON(1) when dissolve_free_hugetlb_folio()
https://notcve.org/view.php?id=CVE-2024-36028
30 May 2024 — In the Linux kernel, the following vulnerability has been resolved: mm/hugetlb: fix DEBUG_LOCKS_WARN_ON(1) when dissolve_free_hugetlb_folio() When I did memory failure tests recently, below warning occurs: DEBUG_LOCKS_WARN_ON(1) WARNING: CPU: 8 PID: 1011 at kernel/locking/lockdep.c:232 __lock_acquire+0xccb/0x1ca0 Modules linked in: mce_inject hwpoison_inject CPU: 8 PID: 1011 Comm: bash Kdump: loaded Not tainted 6.9.0-rc3-next-20240410-00012-gdb69f219f4be #3 Hardware name: QEMU Standard PC (i440FX + PIIX,... • https://git.kernel.org/stable/c/1b4ce2952b4f33e198d5e993acff0611dff1e399 • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •
CVSS: -EPSS: 0%CPEs: 2EXPL: 0CVE-2024-36027 – btrfs: zoned: do not flag ZEROOUT on non-dirty extent buffer
https://notcve.org/view.php?id=CVE-2024-36027
30 May 2024 — In the Linux kernel, the following vulnerability has been resolved: btrfs: zoned: do not flag ZEROOUT on non-dirty extent buffer Btrfs clears the content of an extent buffer marked as EXTENT_BUFFER_ZONED_ZEROOUT before the bio submission. This mechanism is introduced to prevent a write hole of an extent buffer, which is once allocated, marked dirty, but turns out unnecessary and cleaned up within one transaction operation. Currently, btrfs_clear_buffer_dirty() marks the extent buffer as EXTENT_BUFFER_ZON... • https://git.kernel.org/stable/c/aa6313e6ff2bfbf736a2739047bba355d8241584 •
CVSS: -EPSS: 0%CPEs: 4EXPL: 0CVE-2024-36026 – drm/amd/pm: fixes a random hang in S4 for SMU v13.0.4/11
https://notcve.org/view.php?id=CVE-2024-36026
30 May 2024 — In the Linux kernel, the following vulnerability has been resolved: drm/amd/pm: fixes a random hang in S4 for SMU v13.0.4/11 While doing multiple S4 stress tests, GC/RLC/PMFW get into an invalid state resulting into hard hangs. Adding a GFX reset as workaround just before sending the MP1_UNLOAD message avoids this failure. En el kernel de Linux, se resolvió la siguiente vulnerabilidad: drm/amd/pm: corrige un bloqueo aleatorio en S4 para SMU v13.0.4/11 Al realizar múltiples pruebas de estrés de S4, GC/RLC... • https://git.kernel.org/stable/c/bd9b94055c3deb2398ee4490c1dfdf03f53efb8f •
CVSS: 5.2EPSS: 0%CPEs: 5EXPL: 0CVE-2024-36025 – scsi: qla2xxx: Fix off by one in qla_edif_app_getstats()
https://notcve.org/view.php?id=CVE-2024-36025
30 May 2024 — In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Fix off by one in qla_edif_app_getstats() The app_reply->elem[] array is allocated earlier in this function and it has app_req.num_ports elements. Thus this > comparison needs to be >= to prevent memory corruption. En el kernel de Linux, se resolvió la siguiente vulnerabilidad: scsi: qla2xxx: arreglada por uno en qla_edif_app_getstats() La matriz app_reply->elem[] se asignó anteriormente en esta función y tiene elemento... • https://git.kernel.org/stable/c/7878f22a2e03b69baf792f74488962981a1c9547 • CWE-787: Out-of-bounds Write •
CVSS: -EPSS: 0%CPEs: 2EXPL: 0CVE-2024-36024 – drm/amd/display: Disable idle reallow as part of command/gpint execution
https://notcve.org/view.php?id=CVE-2024-36024
30 May 2024 — In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Disable idle reallow as part of command/gpint execution [Why] Workaroud for a race condition where DMCUB is in the process of committing to IPS1 during the handshake causing us to miss the transition into IPS2 and touch the INBOX1 RPTR causing a HW hang. [How] Disable the reallow to ensure that we have enough of a gap between entry and exit and we're not seeing back-to-back wake_and_executes. En el kernel de Linux, se re... • https://git.kernel.org/stable/c/2aac387445610d6dfd681f5214388e86f5677ef7 •
CVSS: 5.5EPSS: 0%CPEs: 4EXPL: 0CVE-2024-36023 – Julia Lawall reported this null pointer dereference, this should fix it.
https://notcve.org/view.php?id=CVE-2024-36023
30 May 2024 — In the Linux kernel, the following vulnerability has been resolved: Julia Lawall reported this null pointer dereference, this should fix it. En el kernel de Linux, se resolvió la siguiente vulnerabilidad: Julia Lawall informó esta desreferencia de puntero nulo, esto debería solucionarlo. • https://git.kernel.org/stable/c/2e2177f94c0e0bc41323d7b6975a5f4820ed347e • CWE-476: NULL Pointer Dereference •
CVSS: 4.4EPSS: 0%CPEs: 2EXPL: 0CVE-2024-36022 – drm/amdgpu: Init zone device and drm client after mode-1 reset on reload
https://notcve.org/view.php?id=CVE-2024-36022
30 May 2024 — In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Init zone device and drm client after mode-1 reset on reload In passthrough environment, when amdgpu is reloaded after unload, mode-1 is triggered after initializing the necessary IPs, That init does not include KFD, and KFD init waits until the reset is completed. KFD init is called in the reset handler, but in this case, the zone device and drm client is not initialized, causing app to create kernel panic. v2: Removing the ... • https://git.kernel.org/stable/c/4f8154f775197d0021b690c2945d6a4d8094c8f6 • CWE-908: Use of Uninitialized Resource •
CVSS: -EPSS: 0%CPEs: 4EXPL: 0CVE-2024-36021 – net: hns3: fix kernel crash when devlink reload during pf initialization
https://notcve.org/view.php?id=CVE-2024-36021
30 May 2024 — In the Linux kernel, the following vulnerability has been resolved: net: hns3: fix kernel crash when devlink reload during pf initialization The devlink reload process will access the hardware resources, but the register operation is done before the hardware is initialized. So, processing the devlink reload during initialization may lead to kernel crash. This patch fixes this by taking devl_lock during initialization. En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: net: hns3: soluciona ... • https://git.kernel.org/stable/c/b741269b275953786832805df329851299ab4de7 •
CVSS: 5.3EPSS: 0%CPEs: 9EXPL: 0CVE-2024-36020 – i40e: fix vf may be used uninitialized in this function warning
https://notcve.org/view.php?id=CVE-2024-36020
30 May 2024 — In the Linux kernel, the following vulnerability has been resolved: i40e: fix vf may be used uninitialized in this function warning To fix the regression introduced by commit 52424f974bc5, which causes servers hang in very hard to reproduce conditions with resets races. Using two sources for the information is the root cause. In this function before the fix bumping v didn't mean bumping vf pointer. But the code used this variables interchangeably, so stale vf could point to different/not intended vf. Rem... • https://git.kernel.org/stable/c/76ed715836c6994bac29d9638e9314e6e3b08651 • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •