CVSS: 7.0EPSS: 0%CPEs: 6EXPL: 0CVE-2024-35844 – f2fs: compress: fix reserve_cblocks counting error when out of space
https://notcve.org/view.php?id=CVE-2024-35844
17 May 2024 — In the Linux kernel, the following vulnerability has been resolved: f2fs: compress: fix reserve_cblocks counting error when out of space When a file only needs one direct_node, performing the following operations will cause the file to be unrepairable: unisoc # ./f2fs_io compress test.apk unisoc #df -h | grep dm-48 /dev/block/dm-48 112G 112G 1.2M 100% /data unisoc # ./f2fs_io release_cblocks test.apk 924 unisoc # df -h | grep dm-48 /dev/block/dm-48 112G 112G 4.8M 100% /data unisoc # dd if=/dev/random of=fil... • https://git.kernel.org/stable/c/c75488fb4d82b697f381f855bf5b16779df440aa •
CVSS: 6.8EPSS: 0%CPEs: 2EXPL: 0CVE-2024-35843 – iommu/vt-d: Use device rbtree in iopf reporting path
https://notcve.org/view.php?id=CVE-2024-35843
17 May 2024 — In the Linux kernel, the following vulnerability has been resolved: iommu/vt-d: Use device rbtree in iopf reporting path The existing I/O page fault handler currently locates the PCI device by calling pci_get_domain_bus_and_slot(). This function searches the list of all PCI devices until the desired device is found. To improve lookup efficiency, replace it with device_rbtree_find() to search the device within the probed device rbtree. The I/O page fault is initiated by the device, which does not have any sy... • https://git.kernel.org/stable/c/3d39238991e745c5df85785604f037f35d9d1b15 • CWE-416: Use After Free •
CVSS: 5.5EPSS: 0%CPEs: 4EXPL: 0CVE-2024-35842 – ASoC: mediatek: sof-common: Add NULL check for normal_link string
https://notcve.org/view.php?id=CVE-2024-35842
17 May 2024 — In the Linux kernel, the following vulnerability has been resolved: ASoC: mediatek: sof-common: Add NULL check for normal_link string It's not granted that all entries of struct sof_conn_stream declare a `normal_link` (a non-SOF, direct link) string, and this is the case for SoCs that support only SOF paths (hence do not support both direct and SOF usecases). For example, in the case of MT8188 there is no normal_link string in any of the sof_conn_stream entries and there will be more drivers doing that in t... • https://git.kernel.org/stable/c/0caf1120c58395108344d5df4e09359b67e95094 •
CVSS: 7.1EPSS: 0%CPEs: 5EXPL: 0CVE-2024-35840 – mptcp: use OPTION_MPTCP_MPJ_SYNACK in subflow_finish_connect()
https://notcve.org/view.php?id=CVE-2024-35840
17 May 2024 — In the Linux kernel, the following vulnerability has been resolved: mptcp: use OPTION_MPTCP_MPJ_SYNACK in subflow_finish_connect() subflow_finish_connect() uses four fields (backup, join_id, thmac, none) that may contain garbage unless OPTION_MPTCP_MPJ_SYNACK has been set in mptcp_parse_option() En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: mptcp: use OPTION_MPTCP_MPJ_SYNACK en subflow_finish_connect() subflow_finish_connect() usa cuatro campos (backup, join_id, thmac, none) que pueden ... • https://git.kernel.org/stable/c/f296234c98a8fcec94eec80304a873f635d350ea •
CVSS: 5.5EPSS: 0%CPEs: 4EXPL: 0CVE-2024-35839 – netfilter: bridge: replace physindev with physinif in nf_bridge_info
https://notcve.org/view.php?id=CVE-2024-35839
17 May 2024 — In the Linux kernel, the following vulnerability has been resolved: netfilter: bridge: replace physindev with physinif in nf_bridge_info An skb can be added to a neigh->arp_queue while waiting for an arp reply. Where original skb's skb->dev can be different to neigh's neigh->dev. For instance in case of bridging dnated skb from one veth to another, the skb would be added to a neigh->arp_queue of the bridge. As skb->dev can be reset back to nf_bridge->physindev and used, and as there is no explicit mechanism... • https://git.kernel.org/stable/c/c4e70a87d975d1f561a00abfe2d3cefa2a486c95 •
CVSS: 5.5EPSS: 0%CPEs: 8EXPL: 0CVE-2023-52698 – calipso: fix memory leak in netlbl_calipso_add_pass()
https://notcve.org/view.php?id=CVE-2023-52698
17 May 2024 — In the Linux kernel, the following vulnerability has been resolved: calipso: fix memory leak in netlbl_calipso_add_pass() If IPv6 support is disabled at boot (ipv6.disable=1), the calipso_init() -> netlbl_calipso_ops_register() function isn't called, and the netlbl_calipso_ops_get() function always returns NULL. In this case, the netlbl_calipso_add_pass() function allocates memory for the doi_def variable but doesn't free it with the calipso_doi_free(). BUG: memory leak unreferenced object 0xffff888011d6818... • https://git.kernel.org/stable/c/cb72d38211eacda2dd90b09540542b6582da614e •
CVSS: 7.5EPSS: 0%CPEs: 7EXPL: 0CVE-2023-52696 – powerpc/powernv: Add a null pointer check in opal_powercap_init()
https://notcve.org/view.php?id=CVE-2023-52696
17 May 2024 — In the Linux kernel, the following vulnerability has been resolved: powerpc/powernv: Add a null pointer check in opal_powercap_init() kasprintf() returns a pointer to dynamically allocated memory which can be NULL upon failure. En el kernel de Linux, se resolvió la siguiente vulnerabilidad: powerpc/powernv: agregue una verificación de puntero null en opal_powercap_init() kasprintf() devuelve un puntero a la memoria asignada dinámicamente que puede ser NULL en caso de fallo. In the Linux kernel, the followin... • https://git.kernel.org/stable/c/b9ef7b4b867f56114bedbe6bf104cfaba0ca818e • CWE-476: NULL Pointer Dereference •
CVSS: 5.5EPSS: 0%CPEs: 6EXPL: 0CVE-2023-52694 – drm/bridge: tpd12s015: Drop buggy __exit annotation for remove function
https://notcve.org/view.php?id=CVE-2023-52694
17 May 2024 — In the Linux kernel, the following vulnerability has been resolved: drm/bridge: tpd12s015: Drop buggy __exit annotation for remove function With tpd12s015_remove() marked with __exit this function is discarded when the driver is compiled as a built-in. The result is that when the driver unbinds there is no cleanup done which results in resource leakage or worse. En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: drm/bridge: tpd12s015: Eliminar anotación __exit con errores para eliminar funci... • https://git.kernel.org/stable/c/cff5e6f7e83f6271ed75972e9a2920e2c7f62d6c •
CVSS: 5.5EPSS: 0%CPEs: 8EXPL: 0CVE-2023-52693 – ACPI: video: check for error while searching for backlight device parent
https://notcve.org/view.php?id=CVE-2023-52693
17 May 2024 — In the Linux kernel, the following vulnerability has been resolved: ACPI: video: check for error while searching for backlight device parent If acpi_get_parent() called in acpi_video_dev_register_backlight() fails, for example, because acpi_ut_acquire_mutex() fails inside acpi_get_parent), this can lead to incorrect (uninitialized) acpi_parent handle being passed to acpi_get_pci_dev() for detecting the parent pci device. Check acpi_get_parent() result and set parent device only in case of success. Found by ... • https://git.kernel.org/stable/c/9661e92c10a9775243c1ecb73373528ed8725a10 •
CVSS: 5.5EPSS: 0%CPEs: 5EXPL: 0CVE-2023-52692 – ALSA: scarlett2: Add missing error check to scarlett2_usb_set_config()
https://notcve.org/view.php?id=CVE-2023-52692
17 May 2024 — In the Linux kernel, the following vulnerability has been resolved: ALSA: scarlett2: Add missing error check to scarlett2_usb_set_config() scarlett2_usb_set_config() calls scarlett2_usb_get() but was not checking the result. Return the error if it fails rather than continuing with an invalid value. En el kernel de Linux, se resolvió la siguiente vulnerabilidad: ALSA: scarlett2: Añadida verificación de error faltante a scarlett2_usb_set_config() scarlett2_usb_set_config() llama a scarlett2_usb_get() pero no ... • https://git.kernel.org/stable/c/9e15fae6c51a362418f8b3054f1322c54675df94 •