CVSS: 5.5EPSS: 0%CPEs: 4EXPL: 0CVE-2024-35838 – wifi: mac80211: fix potential sta-link leak
https://notcve.org/view.php?id=CVE-2024-35838
17 May 2024 — In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211: fix potential sta-link leak When a station is allocated, links are added but not set to valid yet (e.g. during connection to an AP MLD), we might remove the station without ever marking links valid, and leak them. Fix that. En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: wifi: mac80211: corrige una posible fuga de sta-link Cuando se asigna una estación, los enlaces se agregan pero aún no se configuran como... • https://git.kernel.org/stable/c/cb71f1d136a635decf43c3b502ee34fb05640fcd •
CVSS: 5.5EPSS: 0%CPEs: 6EXPL: 0CVE-2024-35837 – net: mvpp2: clear BM pool before initialization
https://notcve.org/view.php?id=CVE-2024-35837
17 May 2024 — In the Linux kernel, the following vulnerability has been resolved: net: mvpp2: clear BM pool before initialization Register value persist after booting the kernel using kexec which results in kernel panic. Thus clear the BM pool registers before initialisation to fix the issue. En el kernel de Linux, se resolvió la siguiente vulnerabilidad: net: mvpp2: borre el grupo de BM antes de la inicialización. El valor del registro persiste después de iniciar el kernel usando kexec, lo que genera pánico en el kernel... • https://git.kernel.org/stable/c/3f518509dedc99f0b755d2ce68d24f610e3a005a •
CVSS: 5.5EPSS: 0%CPEs: 8EXPL: 0CVE-2024-35835 – net/mlx5e: fix a double-free in arfs_create_groups
https://notcve.org/view.php?id=CVE-2024-35835
17 May 2024 — In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: fix a double-free in arfs_create_groups When `in` allocated by kvzalloc fails, arfs_create_groups will free ft->g and return an error. However, arfs_create_table, the only caller of arfs_create_groups, will hold this error and call to mlx5e_destroy_flow_table, in which the ft->g will be freed again. En el kernel de Linux, se resolvió la siguiente vulnerabilidad: net/mlx5e: corregido un double free en arfs_create_groups Cuando fal... • https://git.kernel.org/stable/c/1cabe6b0965ec067ac60e8f182f16d479a3b9a5c •
CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 0CVE-2023-52673 – drm/amd/display: Fix a debugfs null pointer error
https://notcve.org/view.php?id=CVE-2023-52673
17 May 2024 — In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Fix a debugfs null pointer error [WHY & HOW] Check whether get_subvp_en() callback exists before calling it. En el kernel de Linux, se resolvió la siguiente vulnerabilidad: drm/amd/display: corrige un error de puntero null de debugfs [POR QUÉ Y CÓMO] Verifique si la devolución de llamada get_subvp_en() existe antes de llamarla. In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Fix a debugf... • https://git.kernel.org/stable/c/43235db21fc23559f50a62f8f273002eeb506f5a •
CVSS: 7.0EPSS: 0%CPEs: 6EXPL: 0CVE-2023-52672 – pipe: wakeup wr_wait after setting max_usage
https://notcve.org/view.php?id=CVE-2023-52672
17 May 2024 — In the Linux kernel, the following vulnerability has been resolved: pipe: wakeup wr_wait after setting max_usage Commit c73be61cede5 ("pipe: Add general notification queue support") a regression was introduced that would lock up resized pipes under certain conditions. See the reproducer in [1]. The commit resizing the pipe ring size was moved to a different function, doing that moved the wakeup for pipe->wr_wait before actually raising pipe->max_usage. If a pipe was full before the resize occured it would r... • https://git.kernel.org/stable/c/c73be61cede5882f9605a852414db559c0ebedfd • CWE-400: Uncontrolled Resource Consumption •
CVSS: 6.6EPSS: 0%CPEs: 3EXPL: 0CVE-2023-52671 – drm/amd/display: Fix hang/underflow when transitioning to ODM4:1
https://notcve.org/view.php?id=CVE-2023-52671
17 May 2024 — In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Fix hang/underflow when transitioning to ODM4:1 [Why] Under some circumstances, disabling an OPTC and attempting to reclaim its OPP(s) for a different OPTC could cause a hang/underflow due to OPPs not being properly disconnected from the disabled OPTC. [How] Ensure that all OPPs are unassigned from an OPTC when it gets disabled. En el kernel de Linux, se resolvió la siguiente vulnerabilidad: drm/amd/display: corrigió bloque... • https://git.kernel.org/stable/c/ae62f1dde66a6f0eee98defc4c7a346bd5acd239 •
CVSS: 6.6EPSS: 0%CPEs: 8EXPL: 0CVE-2023-52670 – rpmsg: virtio: Free driver_override when rpmsg_remove()
https://notcve.org/view.php?id=CVE-2023-52670
17 May 2024 — In the Linux kernel, the following vulnerability has been resolved: rpmsg: virtio: Free driver_override when rpmsg_remove() Free driver_override when rpmsg_remove(), otherwise the following memory leak will occur: unreferenced object 0xffff0000d55d7080 (size 128): comm "kworker/u8:2", pid 56, jiffies 4294893188 (age 214.272s) hex dump (first 32 bytes): 72 70 6d 73 67 5f 6e 73 00 00 00 00 00 00 00 00 rpmsg_ns........ 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ backtrace: [<000000009c94c9... • https://git.kernel.org/stable/c/b0b03b8119633de0649da9bd506e4850c401ff2b • CWE-401: Missing Release of Memory after Effective Lifetime •
CVSS: 5.5EPSS: 0%CPEs: 6EXPL: 0CVE-2023-52669 – crypto: s390/aes - Fix buffer overread in CTR mode
https://notcve.org/view.php?id=CVE-2023-52669
17 May 2024 — In the Linux kernel, the following vulnerability has been resolved: crypto: s390/aes - Fix buffer overread in CTR mode When processing the last block, the s390 ctr code will always read a whole block, even if there isn't a whole block of data left. Fix this by using the actual length left and copy it into a buffer first for processing. En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: crypto: s390/aes - Corrige la sobrelectura del buffer en modo CTR Al procesar el último bloque, el código c... • https://git.kernel.org/stable/c/0200f3ecc19660bebeabbcbaf212957fcf1dbf8f •
CVSS: 5.5EPSS: 0%CPEs: 5EXPL: 0CVE-2023-52667 – net/mlx5e: fix a potential double-free in fs_any_create_groups
https://notcve.org/view.php?id=CVE-2023-52667
17 May 2024 — In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: fix a potential double-free in fs_any_create_groups When kcalloc() for ft->g succeeds but kvzalloc() for in fails, fs_any_create_groups() will free ft->g. However, its caller fs_any_create_table() will free ft->g again through calling mlx5e_destroy_flow_table(), which will lead to a double-free. Fix this by setting ft->g to NULL in fs_any_create_groups(). En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: net/mlx5... • https://git.kernel.org/stable/c/0f575c20bf0686caf3d82d6c626c2e1e4a4c36e6 • CWE-415: Double Free •
CVSS: 5.5EPSS: 0%CPEs: 7EXPL: 0CVE-2024-35833 – dmaengine: fsl-qdma: Fix a memory leak related to the queue command DMA
https://notcve.org/view.php?id=CVE-2024-35833
17 May 2024 — In the Linux kernel, the following vulnerability has been resolved: dmaengine: fsl-qdma: Fix a memory leak related to the queue command DMA This dma_alloc_coherent() is undone neither in the remove function, nor in the error handling path of fsl_qdma_probe(). Switch to the managed version to fix both issues. En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: dmaengine: fsl-qdma: corregida una pérdida de memoria relacionada con el comando de cola DMA. Este dma_alloc_coherent() no se deshace n... • https://git.kernel.org/stable/c/b092529e0aa09829a6404424ce167bf3ce3235e2 •