CVSS: -EPSS: 0%CPEs: 6EXPL: 0CVE-2024-49927 – x86/ioapic: Handle allocation failures gracefully
https://notcve.org/view.php?id=CVE-2024-49927
21 Oct 2024 — In the Linux kernel, the following vulnerability has been resolved: x86/ioapic: Handle allocation failures gracefully Breno observed panics when using failslab under certain conditions during runtime: can not alloc irq_pin_list (-1,0,20) Kernel panic - not syncing: IO-APIC: failed to add irq-pin. Can not proceed panic+0x4e9/0x590 mp_irqdomain_alloc+0x9ab/0xa80 irq_domain_alloc_irqs_locked+0x25d/0x8d0 __irq_domain_alloc_irqs+0x80/0x110 mp_map_pin_to_irq+0x645/0x890 acpi_register_g... • https://git.kernel.org/stable/c/e479cb835feeb2abff97f25766e23b96a6eabe28 •
CVSS: -EPSS: 0%CPEs: 6EXPL: 0CVE-2024-49926 – rcu-tasks: Fix access non-existent percpu rtpcp variable in rcu_tasks_need_gpcb()
https://notcve.org/view.php?id=CVE-2024-49926
21 Oct 2024 — In the Linux kernel, the following vulnerability has been resolved: rcu-tasks: Fix access non-existent percpu rtpcp variable in rcu_tasks_need_gpcb() For kernels built with CONFIG_FORCE_NR_CPUS=y, the nr_cpu_ids is defined as NR_CPUS instead of the number of possible cpus, this will cause the following system panic: smpboot: Allowing 4 CPUs, 0 hotplug CPUs ... setup_percpu: NR_CPUS:512 nr_cpumask_bits:512 nr_cpu_ids:512 nr_node_ids:1 ... BUG: unable to handle page fault for address: ffffffff9911c8c8 Oops... • https://git.kernel.org/stable/c/224fd631c41b81697aa622d38615bfbf446b91cf •
CVSS: -EPSS: 0%CPEs: 5EXPL: 0CVE-2024-49925 – fbdev: efifb: Register sysfs groups through driver core
https://notcve.org/view.php?id=CVE-2024-49925
21 Oct 2024 — In the Linux kernel, the following vulnerability has been resolved: fbdev: efifb: Register sysfs groups through driver core The driver core can register and cleanup sysfs groups already. Make use of that functionality to simplify the error handling and cleanup. Also avoid a UAF race during unregistering where the sysctl attributes were usable after the info struct was freed. • https://git.kernel.org/stable/c/2a9c40c72097b583b23aeb2a26d429ccfc81fbc1 •
CVSS: -EPSS: 0%CPEs: 9EXPL: 0CVE-2024-49924 – fbdev: pxafb: Fix possible use after free in pxafb_task()
https://notcve.org/view.php?id=CVE-2024-49924
21 Oct 2024 — In the Linux kernel, the following vulnerability has been resolved: fbdev: pxafb: Fix possible use after free in pxafb_task() In the pxafb_probe function, it calls the pxafb_init_fbinfo function, after which &fbi->task is associated with pxafb_task. Moreover, within this pxafb_init_fbinfo function, the pxafb_blank function within the &pxafb_ops struct is capable of scheduling work. If we remove the module which will call pxafb_remove to make cleanup, it will call unregister_framebuffer function which can... • https://git.kernel.org/stable/c/e657fa2df4429f3805a9b3e47fb1a4a1b02a72bd •
CVSS: -EPSS: 0%CPEs: 3EXPL: 0CVE-2024-49923 – drm/amd/display: Pass non-null to dcn20_validate_apply_pipe_split_flags
https://notcve.org/view.php?id=CVE-2024-49923
21 Oct 2024 — In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Pass non-null to dcn20_validate_apply_pipe_split_flags [WHAT & HOW] "dcn20_validate_apply_pipe_split_flags" dereferences merge, and thus it cannot be a null pointer. Let's pass a valid pointer to avoid null dereference. This fixes 2 FORWARD_NULL issues reported by Coverity. Ubuntu Security Notice 7170-1 - Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the s... • https://git.kernel.org/stable/c/85aa996ecfaa95d1e922867390502d23ce21b905 •
CVSS: -EPSS: 0%CPEs: 3EXPL: 0CVE-2024-49922 – drm/amd/display: Check null pointers before using them
https://notcve.org/view.php?id=CVE-2024-49922
21 Oct 2024 — In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Check null pointers before using them [WHAT & HOW] These pointers are null checked previously in the same function, indicating they might be null as reported by Coverity. As a result, they need to be checked when used again. This fixes 3 FORWARD_NULL issue reported by Coverity. Ubuntu Security Notice 7170-1 - Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise t... • https://git.kernel.org/stable/c/65e1d2c291553ef3f433a0b7109cc3002a5f40ae •
CVSS: -EPSS: 0%CPEs: 2EXPL: 0CVE-2024-49921 – drm/amd/display: Check null pointers before used
https://notcve.org/view.php?id=CVE-2024-49921
21 Oct 2024 — In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Check null pointers before used [WHAT & HOW] Poniters, such as dc->clk_mgr, are null checked previously in the same function, so Coverity warns "implies that "dc->clk_mgr" might be null". As a result, these pointers need to be checked when used again. This fixes 10 FORWARD_NULL issues reported by Coverity. • https://git.kernel.org/stable/c/5b35bf1a82eb29841b67ff5643ba83762250fc24 •
CVSS: -EPSS: 0%CPEs: 2EXPL: 0CVE-2024-49920 – drm/amd/display: Check null pointers before multiple uses
https://notcve.org/view.php?id=CVE-2024-49920
21 Oct 2024 — In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Check null pointers before multiple uses [WHAT & HOW] Poniters, such as stream_enc and dc->bw_vbios, are null checked previously in the same function, so Coverity warns "implies that stream_enc and dc->bw_vbios might be null". They are used multiple times in the subsequent code and need to be checked. This fixes 10 FORWARD_NULL issues reported by Coverity. • https://git.kernel.org/stable/c/26787fb6c2b2ee0d1a7e1574b36f4711ae40fe27 •
CVSS: -EPSS: 0%CPEs: 3EXPL: 0CVE-2024-49919 – drm/amd/display: Add null check for head_pipe in dcn201_acquire_free_pipe_for_layer
https://notcve.org/view.php?id=CVE-2024-49919
21 Oct 2024 — In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Add null check for head_pipe in dcn201_acquire_free_pipe_for_layer This commit addresses a potential null pointer dereference issue in the `dcn201_acquire_free_pipe_for_layer` function. The issue could occur when `head_pipe` is null. The fix adds a check to ensure `head_pipe` is not null before asserting it. If `head_pipe` is null, the function returns NULL to prevent a potential null pointer dereference. Reported by sm... • https://git.kernel.org/stable/c/390d757621f5f35d11a63ed7d9d3262ead240064 •
CVSS: -EPSS: 0%CPEs: 3EXPL: 0CVE-2024-49918 – drm/amd/display: Add null check for head_pipe in dcn32_acquire_idle_pipe_for_head_pipe_in_layer
https://notcve.org/view.php?id=CVE-2024-49918
21 Oct 2024 — In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Add null check for head_pipe in dcn32_acquire_idle_pipe_for_head_pipe_in_layer This commit addresses a potential null pointer dereference issue in the `dcn32_acquire_idle_pipe_for_head_pipe_in_layer` function. The issue could occur when `head_pipe` is null. The fix adds a check to ensure `head_pipe` is not null before asserting it. If `head_pipe` is null, the function returns NULL to prevent a potential null pointer dere... • https://git.kernel.org/stable/c/4f47292f488fa7041284dca1f1244116c18721f1 •