CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 0CVE-2024-35784 – btrfs: fix deadlock with fiemap and extent locking
https://notcve.org/view.php?id=CVE-2024-35784
17 May 2024 — In the Linux kernel, the following vulnerability has been resolved: btrfs: fix deadlock with fiemap and extent locking While working on the patchset to remove extent locking I got a lockdep splat with fiemap and pagefaulting with my new extent lock replacement lock. This deadlock exists with our normal code, we just don't have lockdep annotations with the extent locking so we've never noticed it. Since we're copying the fiemap extent to user space on every iteration we have the chance of pagefaulting. Becau... • https://git.kernel.org/stable/c/ded566b4637f1b6b4c9ba74e7d0b8493e93f19cf •
CVSS: 5.5EPSS: 0%CPEs: 9EXPL: 0CVE-2024-27436 – ALSA: usb-audio: Stop parsing channels bits when all channels are found.
https://notcve.org/view.php?id=CVE-2024-27436
17 May 2024 — In the Linux kernel, the following vulnerability has been resolved: ALSA: usb-audio: Stop parsing channels bits when all channels are found. If a usb audio device sets more bits than the amount of channels it could write outside of the map array. En el kernel de Linux se ha resuelto la siguiente vulnerabilidad: ALSA: usb-audio: deja de analizar bits de canales cuando se encuentran todos los canales. Si un dispositivo de audio USB establece más bits que la cantidad de canales, podría escribir fuera de la mat... • https://git.kernel.org/stable/c/04324ccc75f96b3ed7aad1c866d1b7925e977bdf • CWE-787: Out-of-bounds Write •
CVSS: 5.5EPSS: 0%CPEs: 5EXPL: 0CVE-2024-27435 – nvme: fix reconnection fail due to reserved tag allocation
https://notcve.org/view.php?id=CVE-2024-27435
17 May 2024 — In the Linux kernel, the following vulnerability has been resolved: nvme: fix reconnection fail due to reserved tag allocation We found a issue on production environment while using NVMe over RDMA, admin_q reconnect failed forever while remote target and network is ok. After dig into it, we found it may caused by a ABBA deadlock due to tag allocation. In my case, the tag was hold by a keep alive request waiting inside admin_q, as we quiesced admin_q while reset ctrl, so the request maked as idle and will no... • https://git.kernel.org/stable/c/ed01fee283a067c72b2d6500046080dbc1bb9dae •
CVSS: 5.5EPSS: 0%CPEs: 6EXPL: 0CVE-2024-27432 – net: ethernet: mtk_eth_soc: fix PPE hanging issue
https://notcve.org/view.php?id=CVE-2024-27432
17 May 2024 — In the Linux kernel, the following vulnerability has been resolved: net: ethernet: mtk_eth_soc: fix PPE hanging issue A patch to resolve an issue was found in MediaTek's GPL-licensed SDK: In the mtk_ppe_stop() function, the PPE scan mode is not disabled before disabling the PPE. This can potentially lead to a hang during the process of disabling the PPE. Without this patch, the PPE may experience a hang during the reboot test. En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: net: ethernet:... • https://git.kernel.org/stable/c/ba37b7caf1ed2395cc84d8f823ff933975f1f789 •
CVSS: 5.5EPSS: 0%CPEs: 4EXPL: 0CVE-2023-52660 – media: rkisp1: Fix IRQ handling due to shared interrupts
https://notcve.org/view.php?id=CVE-2023-52660
17 May 2024 — In the Linux kernel, the following vulnerability has been resolved: media: rkisp1: Fix IRQ handling due to shared interrupts The driver requests the interrupts as IRQF_SHARED, so the interrupt handlers can be called at any time. If such a call happens while the ISP is powered down, the SoC will hang as the driver tries to access the ISP registers. This can be reproduced even without the platform sharing the IRQ line: Enable CONFIG_DEBUG_SHIRQ and unload the driver, and the board will hang. Fix this by addin... • https://git.kernel.org/stable/c/25cb42af9ffabffec499e9e69e2fd3797774ce5b •
CVSS: 5.5EPSS: 0%CPEs: 6EXPL: 0CVE-2024-27431 – cpumap: Zero-initialise xdp_rxq_info struct before running XDP program
https://notcve.org/view.php?id=CVE-2024-27431
17 May 2024 — In the Linux kernel, the following vulnerability has been resolved: cpumap: Zero-initialise xdp_rxq_info struct before running XDP program When running an XDP program that is attached to a cpumap entry, we don't initialise the xdp_rxq_info data structure being used in the xdp_buff that backs the XDP program invocation. Tobias noticed that this leads to random values being returned as the xdp_md->rx_queue_index value for XDP programs running in a cpumap. This means we're basically returning the contents of t... • https://git.kernel.org/stable/c/9216477449f33cdbc9c9a99d49f500b7fbb81702 • CWE-908: Use of Uninitialized Resource •
CVSS: 2.5EPSS: 0%CPEs: 8EXPL: 0CVE-2024-27419 – netrom: Fix data-races around sysctl_net_busy_read
https://notcve.org/view.php?id=CVE-2024-27419
17 May 2024 — In the Linux kernel, the following vulnerability has been resolved: netrom: Fix data-races around sysctl_net_busy_read We need to protect the reader reading the sysctl value because the value can be changed concurrently. En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: netrom: corrige carreras de datos alrededor de sysctl_net_busy_read Necesitamos proteger al lector que lee el valor de sysctl porque el valor se puede cambiar simultáneamente. In the Linux kernel, the following vulnerability... • https://git.kernel.org/stable/c/1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 •
CVSS: 5.5EPSS: 0%CPEs: 5EXPL: 0CVE-2023-52658 – Revert "net/mlx5: Block entering switchdev mode with ns inconsistency"
https://notcve.org/view.php?id=CVE-2023-52658
17 May 2024 — In the Linux kernel, the following vulnerability has been resolved: Revert "net/mlx5: Block entering switchdev mode with ns inconsistency" This reverts commit 662404b24a4c4d839839ed25e3097571f5938b9b. The revert is required due to the suspicion it is not good for anything and cause crash. En el kernel de Linux, se resolvió la siguiente vulnerabilidad: Revertir "net/mlx5: Block entering switchdev mode with ns inconsistency" Esto revierte la confirmación 662404b24a4c4d839839ed25e3097571f5938b9b. La reversión ... • https://git.kernel.org/stable/c/662404b24a4c4d839839ed25e3097571f5938b9b •
CVSS: 5.5EPSS: 0%CPEs: 4EXPL: 0CVE-2024-27418 – net: mctp: take ownership of skb in mctp_local_output
https://notcve.org/view.php?id=CVE-2024-27418
17 May 2024 — In the Linux kernel, the following vulnerability has been resolved: net: mctp: take ownership of skb in mctp_local_output Currently, mctp_local_output only takes ownership of skb on success, and we may leak an skb if mctp_local_output fails in specific states; the skb ownership isn't transferred until the actual output routing occurs. Instead, make mctp_local_output free the skb on all error paths up to the route action, so it always consumes the passed skb. En el kernel de Linux, se resolvió la siguiente v... • https://git.kernel.org/stable/c/833ef3b91de692ef33b800bca6b1569c39dece74 •
CVSS: 5.5EPSS: 0%CPEs: 7EXPL: 0CVE-2024-27417 – ipv6: fix potential "struct net" leak in inet6_rtm_getaddr()
https://notcve.org/view.php?id=CVE-2024-27417
17 May 2024 — In the Linux kernel, the following vulnerability has been resolved: ipv6: fix potential "struct net" leak in inet6_rtm_getaddr() It seems that if userspace provides a correct IFA_TARGET_NETNSID value but no IFA_ADDRESS and IFA_LOCAL attributes, inet6_rtm_getaddr() returns -EINVAL with an elevated "struct net" refcount. En el kernel de Linux, se resolvió la siguiente vulnerabilidad: ipv6: soluciona una posible fuga de "struct net" en inet6_rtm_getaddr() Parece que si el espacio de usuario proporciona un valo... • https://git.kernel.org/stable/c/6ecf4c37eb3e89b0832c9616089a5cdca3747da7 •