CVSS: 4.6EPSS: 0%CPEs: 6EXPL: 0CVE-2024-38575 – wifi: brcmfmac: pcie: handle randbuf allocation failure
https://notcve.org/view.php?id=CVE-2024-38575
19 Jun 2024 — In the Linux kernel, the following vulnerability has been resolved: wifi: brcmfmac: pcie: handle randbuf allocation failure The kzalloc() in brcmf_pcie_download_fw_nvram() will return null if the physical memory has run out. In the Linux kernel, the following vulnerability has been resolved: wifi: brcmfmac: pcie: handle randbuf allocation failure The kzalloc() in brcmf_pcie_download_fw_nvram() will return null if the physical memory has run out. ... En el kernel de Linux, se ha resuelto... • https://git.kernel.org/stable/c/c35105f375b530bc27e03ea9250b1c26dd4cae86 • CWE-476: NULL Pointer Dereference •
CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 0CVE-2024-38574 – libbpf: Prevent null-pointer dereference when prog to load has no BTF
https://notcve.org/view.php?id=CVE-2024-38574
19 Jun 2024 — In the Linux kernel, the following vulnerability has been resolved: libbpf: Prevent null-pointer dereference when prog to load has no BTF In bpf_objec_load_prog(), there's no guarantee that obj->btf is non-NULL when passing it to btf__fd(), and this function does not perform any check before dereferencing its argument (as bpf_object__btf_fd() used to do). In the Linux kernel, the following vulnerability has been resolved: libbpf: Prevent null-pointer dereference when prog to load has no BTF In... • https://git.kernel.org/stable/c/df7c3f7d3a3ddab31ca8cfa9b86a8729ec43fd2e •
CVSS: 7.5EPSS: 0%CPEs: 6EXPL: 0CVE-2024-38573 – cppc_cpufreq: Fix possible null pointer dereference
https://notcve.org/view.php?id=CVE-2024-38573
19 Jun 2024 — In the Linux kernel, the following vulnerability has been resolved: cppc_cpufreq: Fix possible null pointer dereference cppc_cpufreq_get_rate() and hisi_cppc_cpufreq_get_rate() can be called from different places with various parameters. ... Found by Linux Verification Center (linuxtesting.org) with SVACE. Found by Linux Verification Center (linuxtesting.org) with SVACE. ... Encontrado por el Centro de verificación de Linux (linuxtesting.org) con SVACE. A NULL pointer dereference... • https://git.kernel.org/stable/c/a28b2bfc099c6b9caa6ef697660408e076a32019 • CWE-476: NULL Pointer Dereference •
CVSS: 5.3EPSS: 0%CPEs: 4EXPL: 0CVE-2024-38572 – wifi: ath12k: fix out-of-bound access of qmi_invoke_handler()
https://notcve.org/view.php?id=CVE-2024-38572
19 Jun 2024 — In the Linux kernel, the following vulnerability has been resolved: wifi: ath12k: fix out-of-bound access of qmi_invoke_handler() Currently, there is no terminator entry for ath12k_qmi_msg_handlers hence facing below KASAN warning, ================================================================== BUG: KASAN: global-out-of-bounds in qmi_invoke_handler+0xa4/0x148 Read of size 8 at addr ffffffd00a6428d8 by task kworker/u8:2/1273 CPU: 0 PID: 1273 Comm: kworker/u8:2 Not tainted 5.4.213 #0 Workqueue: qmi_... • https://git.kernel.org/stable/c/d889913205cf7ebda905b1e62c5867ed4e39f6c2 •
CVSS: 5.5EPSS: 0%CPEs: 6EXPL: 0CVE-2024-38571 – thermal/drivers/tsens: Fix null pointer dereference
https://notcve.org/view.php?id=CVE-2024-38571
19 Jun 2024 — In the Linux kernel, the following vulnerability has been resolved: thermal/drivers/tsens: Fix null pointer dereference compute_intercept_slope() is called from calibrate_8960() (in tsens-8960.c) as compute_intercept_slope(priv, p1, NULL, ONE_PT_CALIB) which lead to null pointer dereference (if DEBUG or DYNAMIC_DEBUG set). In the Linux kernel, the following vulnerability has been resolved: thermal/drivers/tsens: Fix null pointer dereference compute_intercept_slope() is called from calibrate_89... • https://git.kernel.org/stable/c/dfc1193d4dbd6c3cb68c944413146c940bde290a •
CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 0CVE-2024-38570 – gfs2: Fix potential glock use-after-free on unmount
https://notcve.org/view.php?id=CVE-2024-38570
19 Jun 2024 — In the Linux kernel, the following vulnerability has been resolved: gfs2: Fix potential glock use-after-free on unmount When a DLM lockspace is released and there ares still locks in that lockspace, DLM will unlock those locks automatically. In the Linux kernel, the following vulnerability has been resolved: gfs2: Fix potential glock use-after-free on unmount When a DLM lockspace is released and there ares still locks in that lockspace, DLM will unlock those locks automatically. ... En el kern... • https://git.kernel.org/stable/c/fb6791d100d1bba20b5cdbc4912e1f7086ec60f8 • CWE-416: Use After Free •
CVSS: 7.8EPSS: 0%CPEs: 5EXPL: 0CVE-2024-38569 – drivers/perf: hisi_pcie: Fix out-of-bound access when valid event group
https://notcve.org/view.php?id=CVE-2024-38569
19 Jun 2024 — In the Linux kernel, the following vulnerability has been resolved: drivers/perf: hisi_pcie: Fix out-of-bound access when valid event group The perf tool allows users to create event groups through following cmd [1], but the driver does not check whether the array index is out of bounds when writing data to the event_group array. ... ,pmu/event9/}' En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: drivers/perf: hisi_pcie: corrige el acceso fuera de los límites cuando el grupo ... • https://git.kernel.org/stable/c/8404b0fbc7fbd42e5c5d28cdedd450e70829c77a •
CVSS: 7.8EPSS: 0%CPEs: 5EXPL: 0CVE-2024-38568 – drivers/perf: hisi: hns3: Fix out-of-bound access when valid event group
https://notcve.org/view.php?id=CVE-2024-38568
19 Jun 2024 — In the Linux kernel, the following vulnerability has been resolved: drivers/perf: hisi: hns3: Fix out-of-bound access when valid event group The perf tool allows users to create event groups through following cmd [1], but the driver does not check whether the array index is out of bounds when writing data to the event_group array. ... ,pmu/event9/} En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: drivers/perf: hisi: hns3: corrige el acceso fuera de los límites cuando el grupo... • https://git.kernel.org/stable/c/66637ab137b44914356a9dc7a9b3f8ebcf0b0695 •
CVSS: 5.5EPSS: 0%CPEs: 9EXPL: 0CVE-2024-38567 – wifi: carl9170: add a proper sanity check for endpoints
https://notcve.org/view.php?id=CVE-2024-38567
19 Jun 2024 — In the Linux kernel, the following vulnerability has been resolved: wifi: carl9170: add a proper sanity check for endpoints Syzkaller reports [1] hitting a warning which is caused by presence of a wrong endpoint type at the URB sumbitting stage. ... Fix the issue by doing a comprehensive check of all endpoints taking into account difference between high- and full-speed configuration. [1] Syzkaller report: ... • https://git.kernel.org/stable/c/a84fab3cbfdc427e7d366f1cc844f27b2084c26c •
CVSS: 5.5EPSS: 0%CPEs: 4EXPL: 0CVE-2024-38566 – bpf: Fix verifier assumptions about socket->sk
https://notcve.org/view.php?id=CVE-2024-38566
19 Jun 2024 — In the Linux kernel, the following vulnerability has been resolved: bpf: Fix verifier assumptions about socket->sk The verifier assumes that 'sk' field in 'struct socket' is valid and non-NULL when 'socket' pointer itself is trusted and non-NULL. In the Linux kernel, the following vulnerability has been resolved: bpf: Fix verifier assumptions about socket->sk The verifier assumes that 'sk' field in 'struct socket' is valid and non-NULL when 'socket' pointer itself is trusted and non-NULL. • https://git.kernel.org/stable/c/6fcd486b3a0a628c41f12b3a7329a18a2c74b351 •