CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2024-23850
https://notcve.org/view.php?id=CVE-2024-23850
In btrfs_get_root_ref in fs/btrfs/disk-io.c in the Linux kernel through 6.7.1, there can be an assertion failure and crash because a subvolume can be read out too soon after its root item is inserted upon subvolume creation. En btrfs_get_root_ref en fs/btrfs/disk-io.c en el kernel de Linux hasta 6.7.1, puede haber una falla de aserción y un bloqueo porque un subvolumen se puede leer demasiado pronto después de que se inserta su elemento raíz durante la creación del subvolumen. • https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/EZOU3745CWCDZ7EMKMXB2OEEIB5Q3IWM https://lore.kernel.org/all/6a80cb4b32af89787dadee728310e5e2ca85343f.1705741883.git.wqu%40suse.com https://lore.kernel.org/lkml/CALGdzuo6awWdau3X=8XK547x2vX_-VoFmH1aPsqosRTQ5WzJVA%40mail.gmail.com •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2024-23851
https://notcve.org/view.php?id=CVE-2024-23851
copy_params in drivers/md/dm-ioctl.c in the Linux kernel through 6.7.1 can attempt to allocate more than INT_MAX bytes, and crash, because of a missing param_kernel->data_size check. This is related to ctl_ioctl. copy_params en drivers/md/dm-ioctl.c en el kernel de Linux hasta 6.7.1 puede intentar asignar más de INT_MAX bytes y fallar debido a que falta una verificación de param_kernel->data_size. Esto está relacionado con ctl_ioctl. • https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/EZOU3745CWCDZ7EMKMXB2OEEIB5Q3IWM https://www.spinics.net/lists/dm-devel/msg56574.html https://www.spinics.net/lists/dm-devel/msg56694.html •
CVSS: 7.0EPSS: 0%CPEs: 1EXPL: 0CVE-2023-51043 – kernel: use-after-free during a race condition between a nonblocking atomic commit and a driver unload in drivers/gpu/drm/drm_atomic.c
https://notcve.org/view.php?id=CVE-2023-51043
In the Linux kernel before 6.4.5, drivers/gpu/drm/drm_atomic.c has a use-after-free during a race condition between a nonblocking atomic commit and a driver unload. En el kernel de Linux anterior a 6.4.5, drivers/gpu/drm/drm_atomic.c tiene un use-after-free durante una condición de ejecución entre un commit atómico sin bloqueo y una descarga del controlador. A flaw was found in the Linux kernel Direct Rendering Infrastructure (DRI) subsystem in which a use-after-free can be caused when a user triggers a race condition between a nonblocking atomic commit and a driver unload. A local user could use this flaw to crash the system or potentially escalate their privileges on the system. • https://cdn.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.4.5 https://github.com/torvalds/linux/commit/4e076c73e4f6e90816b30fcd4a0d7ab365087255 https://access.redhat.com/security/cve/CVE-2023-51043 https://bugzilla.redhat.com/show_bug.cgi?id=2260005 • CWE-416: Use After Free •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2023-46343
https://notcve.org/view.php?id=CVE-2023-46343
In the Linux kernel before 6.5.9, there is a NULL pointer dereference in send_acknowledge in net/nfc/nci/spi.c. En el kernel de Linux anterior a 6.5.9, hay una desreferencia de puntero NULL en send_acknowledge en net/nfc/nci/spi.c. • https://cdn.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.5.9 https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=7937609cd387246aed994e81aa4fa951358fba41 https://github.com/torvalds/linux/commit/7937609cd387246aed994e81aa4fa951358fba41 https://lore.kernel.org/netdev/20231013184129.18738-1-krzysztof.kozlowski%40linaro.org/T/#r38bdbaf8ae15305b77f6c5bc8e15d38f405623c7 • CWE-476: NULL Pointer Dereference •
CVSS: 7.1EPSS: 0%CPEs: 3EXPL: 0CVE-2024-0775 – Kernel: use-after-free while changing the mount option in __ext4_remount leading
https://notcve.org/view.php?id=CVE-2024-0775
A use-after-free flaw was found in the __ext4_remount in fs/ext4/super.c in ext4 in the Linux kernel. This flaw allows a local user to cause an information leak problem while freeing the old quota file names before a potential failure, leading to a use-after-free. Se encontró una falla de use-after-free en __ext4_remount en fs/ext4/super.c en ext4 en el kernel de Linux. Esta falla permite que un usuario local cause un problema de fuga de información mientras libera los nombres de archivos de cuota antiguos antes de una posible falla, lo que lleva a un use-after-free. • https://access.redhat.com/security/cve/CVE-2024-0775 https://bugzilla.redhat.com/show_bug.cgi?id=2259414 https://scm.linefinity.com/common/linux-stable/commit/4c0b4818b1f636bc96359f7817a2d8bab6370162 • CWE-416: Use After Free •