CVSS: 4.4EPSS: 0%CPEs: 7EXPL: 0CVE-2024-36928 – s390/qeth: Fix kernel panic after setting hsuid
https://notcve.org/view.php?id=CVE-2024-36928
30 May 2024 — In the Linux kernel, the following vulnerability has been resolved: s390/qeth: Fix kernel panic after setting hsuid Symptom: When the hsuid attribute is set for the first time on an IQD Layer3 device while the corresponding network interface is already UP, the kernel will try to execute a napi function pointer that is NULL. ... Reproduction: chzdev -e $devno layer2=0 ip link set dev $network_interface up echo 0 > /sys/bus/ccw ---truncated--- En el kernel de Linux, se ha resuelto la siguiente v... • https://git.kernel.org/stable/c/64e3affee2881bb22df7ce45dd1f1fd7990e382b • CWE-476: NULL Pointer Dereference •
CVSS: 5.5EPSS: 0%CPEs: 11EXPL: 0CVE-2024-36927 – ipv4: Fix uninit-value access in __ip_make_skb()
https://notcve.org/view.php?id=CVE-2024-36927
30 May 2024 — [1] BUG: KMSAN: uninit-value in __ip_make_skb+0x2b74/0x2d20 net/ipv4/ip_output.c:1481 __ip_make_skb+0x2b74/0x2d20 net/ipv4/ip_output.c:1481 ip_finish_skb include/net/ip.h:243 [inline] ip_push_pending_frames+0x4c/0x5c0 net/ipv4/ip_output.c:1508 raw_sendmsg+0x2381/0x2690 net/ipv4/raw.c:654 inet_sendmsg+0x27b/0x2a0 net/ipv4/af_inet.c:851 sock_sendmsg_nosec net/socket.c:730 [inline] __sock_sendmsg+0x274/0x3c0 net/socket.c:745 __sys_sendto+0x62c/0x7b0 net/socket.c:2191 __do_sys_sendto net/socket.c:2203 [inline] ... • https://git.kernel.org/stable/c/99e5acae193e369b71217efe6f1dad42f3f18815 • CWE-99: Improper Control of Resource Identifiers ('Resource Injection') •
CVSS: 6.2EPSS: 0%CPEs: 6EXPL: 0CVE-2024-36926 – powerpc/pseries/iommu: LPAR panics during boot up with a frozen PE
https://notcve.org/view.php?id=CVE-2024-36926
30 May 2024 — NIP [c0000000001024c0] pci_dma_bus_setup_pSeriesLP+0x70/0x2a0 LR [c0000000001024b0] pci_dma_bus_setup_pSeriesLP+0x60/0x2a0 Call Trace: pci_dma_bus_setup_pSeriesLP+0x60/0x2a0 (unreliable) pcibios_setup_bus_self+0x1c0/0x370 __of_scan_bus+0x2f8/0x330 pcibios_scan_phb+0x280/0x3d0 pcibios_init+0x88/0x12c do_one_initcall+0x60/0x320 kernel_init_freeable+0x344/0x3e4 kernel_init+0x34/0x1d0 ret_from_kernel_user_thread+0x14/0x1c En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: powerpc/pseries/... • https://git.kernel.org/stable/c/b1fc44eaa9ba31e28c4125d6b9205a3582b47b5d • CWE-476: NULL Pointer Dereference •
CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 0CVE-2024-36925 – swiotlb: initialise restricted pool list_head when SWIOTLB_DYNAMIC=y
https://notcve.org/view.php?id=CVE-2024-36925
30 May 2024 — In the Linux kernel, the following vulnerability has been resolved: swiotlb: initialise restricted pool list_head when SWIOTLB_DYNAMIC=y Using restricted DMA pools (CONFIG_DMA_RESTRICTED_POOL=y) in conjunction with dynamic SWIOTLB (CONFIG_SWIOTLB_DYNAMIC=y) leads to the following crash when initialising the restricted pools at boot-time: | Unable to handle kernel NULL pointer dereference at virtual address 0000000000000008 | Internal error: Oops: 0000000096000005 [#1] PREEMPT SMP | pc : rmem_swiotlb_... • https://git.kernel.org/stable/c/1aaa736815eb04f4dae3f0b3e977b2a0677a4cfb • CWE-476: NULL Pointer Dereference •
CVSS: 4.4EPSS: 0%CPEs: 4EXPL: 0CVE-2024-36924 – scsi: lpfc: Release hbalock before calling lpfc_worker_wake_up()
https://notcve.org/view.php?id=CVE-2024-36924
30 May 2024 — In the Linux kernel, the following vulnerability has been resolved: scsi: lpfc: Release hbalock before calling lpfc_worker_wake_up() lpfc_worker_wake_up() calls the lpfc_work_done() routine, which takes the hbalock. In the Linux kernel, the following vulnerability has been resolved: scsi: lpfc: Release hbalock before calling lpfc_worker_wake_up() lpfc_worker_wake_up() calls the lpfc_work_done() routine, which takes the hbalock. ... En el kernel de Linux, se ha resuelto la siguiente vuln... • https://git.kernel.org/stable/c/6503c39398506cadda9f4c81695a9655ca5fb4fd • CWE-833: Deadlock •
CVSS: 5.3EPSS: 0%CPEs: 4EXPL: 0CVE-2024-36923 – fs/9p: fix uninitialized values during inode evict
https://notcve.org/view.php?id=CVE-2024-36923
30 May 2024 — In the Linux kernel, the following vulnerability has been resolved: fs/9p: fix uninitialized values during inode evict If an iget fails due to not being able to retrieve information from the server then the inode structure is only partially initialized. In the Linux kernel, the following vulnerability has been resolved: fs/9p: fix uninitialized values during inode evict If an iget fails due to not being able to retrieve information from the server then the inode structure is only partially ini... • https://git.kernel.org/stable/c/18cf7026355187b8d2b4cdfed61dbf873e9d29ff •
CVSS: 4.4EPSS: 0%CPEs: 3EXPL: 0CVE-2024-36922 – wifi: iwlwifi: read txq->read_ptr under lock
https://notcve.org/view.php?id=CVE-2024-36922
30 May 2024 — In the Linux kernel, the following vulnerability has been resolved: wifi: iwlwifi: read txq->read_ptr under lock If we read txq->read_ptr without lock, we can read the same value twice, then obtain the lock, and reclaim from there to two different places, but crucially reclaim the same entry twice, resulting in the WARN_ONCE() a little later. In the Linux kernel, the following vulnerability has been resolved: wifi: iwlwifi: read txq->read_ptr under lock If we read txq->read_ptr without lock, w... • https://git.kernel.org/stable/c/b83db8e756dec68a950ed2f056248b1704b3deaa • CWE-413: Improper Resource Locking •
CVSS: 8.3EPSS: 0%CPEs: 3EXPL: 0CVE-2024-36921 – wifi: iwlwifi: mvm: guard against invalid STA ID on removal
https://notcve.org/view.php?id=CVE-2024-36921
30 May 2024 — In the Linux kernel, the following vulnerability has been resolved: wifi: iwlwifi: mvm: guard against invalid STA ID on removal Guard against invalid station IDs in iwl_mvm_mld_rm_sta_id as that would result in out-of-bounds array accesses. In the Linux kernel, the following vulnerability has been resolved: wifi: iwlwifi: mvm: guard against invalid STA ID on removal Guard against invalid station IDs in iwl_mvm_mld_rm_sta_id as that would result in out-of-bounds array accesses. ... En el kernel... • https://git.kernel.org/stable/c/94f80a8ec15e238b78521f20f8afaed60521a294 • CWE-125: Out-of-bounds Read •
CVSS: 4.4EPSS: 0%CPEs: 4EXPL: 0CVE-2024-36920 – scsi: mpi3mr: Avoid memcpy field-spanning write WARNING
https://notcve.org/view.php?id=CVE-2024-36920
30 May 2024 — In the Linux kernel, the following vulnerability has been resolved: scsi: mpi3mr: Avoid memcpy field-spanning write WARNING When the "storcli2 show" command is executed for eHBA-9600, mpi3mr driver prints this WARNING message: memcpy: detected field-spanning write (size 128) of single field "bsg_reply_buf->reply_buf" at drivers/scsi/mpi3mr/mpi3mr_app.c:1658 (size 1) WARNING: CPU: 0 PID: 12760 at drivers/scsi/mpi3mr/mpi3mr_app.c:1658 mpi3mr_bsg_request+0x6b12/0x7f10 [mpi3mr] The cause of the WARN is 1... • https://git.kernel.org/stable/c/c4f7ac64616ee513f9ac4ae6c4d8c3cccb6974df •
CVSS: 4.6EPSS: 0%CPEs: 8EXPL: 0CVE-2024-36919 – scsi: bnx2fc: Remove spin_lock_bh while releasing resources after upload
https://notcve.org/view.php?id=CVE-2024-36919
30 May 2024 — set_kthread_struct+0x40/0x40 [ 450.044411] ret_from_fork+0x22/0x30 [ 450.048404] Modules linked in: vfat msdos fat xfs nfs_layout_nfsv41_files rpcsec_gss_krb5 auth_rpcgss nfsv4 dns_resolver dm_service_time qedf qed crc8 bnx2fc libfcoe libfc scsi_transport_fc intel_rapl_msr intel_rapl_common x86_pkg_temp_thermal intel_powerclamp dcdbas rapl intel_cstate intel_uncore mei_me pcspkr mei ipmi_ssif lpc_ich ipmi_si fuse zram ext4 mbcache jbd2 loop nfsv3 nfs_acl nfs lockd grace fscache netfs irdma ice sd_mod t10_pi... • https://git.kernel.org/stable/c/468f3e3c15076338367b0945b041105b67cf31e3 • CWE-667: Improper Locking •