CVSS: -EPSS: 0%CPEs: 2EXPL: 0CVE-2024-53089 – LoongArch: KVM: Mark hrtimer to expire in hard interrupt context
https://notcve.org/view.php?id=CVE-2024-53089
21 Nov 2024 — In the Linux kernel, the following vulnerability has been resolved: LoongArch: KVM: Mark hrtimer to expire in hard interrupt context Like commit 2c0d278f3293f ("KVM: LAPIC: Mark hrtimer to expire in hard interrupt context") and commit 9090825fa9974 ("KVM: arm/arm64: Let the timer expire in hardirq context on RT"), On PREEMPT_RT enabled kernels unmarked hrtimers are moved into soft interrupt expiry mode by default. Then the timers are canceled from an preempt-notifier which is invoked with disabled preempt... • https://git.kernel.org/stable/c/fa96b57c149061f71a70bd6582d995f6424fbbf4 •
CVSS: 6.3EPSS: 0%CPEs: 5EXPL: 0CVE-2024-53088 – i40e: fix race condition by adding filter's intermediate sync state
https://notcve.org/view.php?id=CVE-2024-53088
19 Nov 2024 — In the Linux kernel, the following vulnerability has been resolved: i40e: fix race condition by adding filter's intermediate sync state Fix a race condition in the i40e driver that leads to MAC/VLAN filters becoming corrupted and leaking. Address the issue that occurs under heavy load when multiple threads are concurrently modifying MAC/VLAN filters by setting mac and port VLAN. 1. Thread T0 allocates a filter in i40e_add_filter() within i40e_ndo_set_vf_port_vlan(). 2. Thread T1 concurrently free... • https://git.kernel.org/stable/c/278e7d0b9d6864a9749b9473a273892aa1528621 •
CVSS: 5.5EPSS: 0%CPEs: 5EXPL: 0CVE-2024-53085 – tpm: Lock TPM chip in tpm_pm_suspend() first
https://notcve.org/view.php?id=CVE-2024-53085
19 Nov 2024 — In the Linux kernel, the following vulnerability has been resolved: tpm: Lock TPM chip in tpm_pm_suspend() first Setting TPM_CHIP_FLAG_SUSPENDED in the end of tpm_pm_suspend() can be racy according, as this leaves window for tpm_hwrng_read() to be called while the operation is in progress. The recent bug report gives also evidence of this behaviour. Aadress this by locking the TPM chip before checking any chip->flags both in tpm_pm_suspend() and tpm_hwrng_read(). Move TPM_CHIP_FLAG_SUSPENDED check inside... • https://git.kernel.org/stable/c/99d46450625590d410f86fe4660a5eff7d3b8343 •
CVSS: 7.1EPSS: 0%CPEs: 4EXPL: 0CVE-2024-53082 – virtio_net: Add hash_key_length check
https://notcve.org/view.php?id=CVE-2024-53082
19 Nov 2024 — In the Linux kernel, the following vulnerability has been resolved: virtio_net: Add hash_key_length check Add hash_key_length check in virtnet_probe() to avoid possible out of bound errors when setting/reading the hash key. In the Linux kernel, the following vulnerability has been resolved: virtio_net: Add hash_key_length check Add hash_key_length check in virtnet_probe() to avoid possible out of bound errors when setting/reading the hash key. • https://git.kernel.org/stable/c/c7114b1249fa3b5f3a434606ba4cc89c4a27d618 •
CVSS: 5.5EPSS: 0%CPEs: 4EXPL: 0CVE-2024-53081 – media: ar0521: don't overflow when checking PLL values
https://notcve.org/view.php?id=CVE-2024-53081
19 Nov 2024 — In the Linux kernel, the following vulnerability has been resolved: media: ar0521: don't overflow when checking PLL values The PLL checks are comparing 64 bit integers with 32 bit ones, as reported by Coverity. Depending on the values of the variables, this may underflow. Fix it ensuring that both sides of the expression are u64. In the Linux kernel, the following vulnerability has been resolved: media: ar0521: don't overflow when checking PLL values The PLL checks are comparing 64 bit integers with 32 b... • https://git.kernel.org/stable/c/852b50aeed153b513c0b36298559114fab0fab80 •
CVSS: -EPSS: 0%CPEs: 3EXPL: 0CVE-2024-53079 – mm/thp: fix deferred split unqueue naming and locking
https://notcve.org/view.php?id=CVE-2024-53079
19 Nov 2024 — In the Linux kernel, the following vulnerability has been resolved: mm/thp: fix deferred split unqueue naming and locking Recent changes are putting more pressure on THP deferred split queues: under load revealing long-standing races, causing list_del corruptions, "Bad page state"s and worse (I keep BUGs in both of those, so usually don't get to see how badly they end up without). The relevant recent changes being 6.8's mTHP, 6.10's mTHP swapout, and 6.12's mTHP swapin, improved swap allocation, and unde... • https://git.kernel.org/stable/c/87eaceb3faa59b9b4d940ec9554ce251325d83fe •
CVSS: 5.5EPSS: 0%CPEs: 4EXPL: 0CVE-2024-53072 – platform/x86/amd/pmc: Detect when STB is not available
https://notcve.org/view.php?id=CVE-2024-53072
19 Nov 2024 — In the Linux kernel, the following vulnerability has been resolved: platform/x86/amd/pmc: Detect when STB is not available Loading the amd_pmc module as: amd_pmc enable_stb=1 ...can result in the following messages in the kernel ring buffer: amd_pmc AMDI0009:00: SMU cmd failed. err: 0xff ioremap on RAM at 0x0000000000000000 - 0x0000000000ffffff WARNING: CPU: 10 PID: 2151 at arch/x86/mm/ioremap.c:217 __ioremap_caller+0x2cd/0x340 Further debugging reveals that this occurs when the reques... • https://git.kernel.org/stable/c/3d7d407dfb05b257e15cb0c6b056428a4a8c2e5d •
CVSS: 5.5EPSS: 0%CPEs: 4EXPL: 0CVE-2024-53070 – usb: dwc3: fix fault at system suspend if device was already runtime suspended
https://notcve.org/view.php?id=CVE-2024-53070
19 Nov 2024 — In the Linux kernel, the following vulnerability has been resolved: usb: dwc3: fix fault at system suspend if device was already runtime suspended If the device was already runtime suspended then during system suspend we cannot access the device registers else it will crash. Also we cannot access any registers after dwc3_core_exit() on some platforms so move the dwc3_enable_susphy() call to the top. In the Linux kernel, the following vulnerability has been resolved: usb: dwc3: fix fault at system suspend... • https://git.kernel.org/stable/c/073530898ebf44a9418434e899cfa9ca86945333 •
CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 0CVE-2024-53068 – firmware: arm_scmi: Fix slab-use-after-free in scmi_bus_notifier()
https://notcve.org/view.php?id=CVE-2024-53068
19 Nov 2024 — In the Linux kernel, the following vulnerability has been resolved: firmware: arm_scmi: Fix slab-use-after-free in scmi_bus_notifier() The scmi_dev->name is released prematurely in __scmi_device_destroy(), which causes slab-use-after-free when accessing scmi_dev->name in scmi_bus_notifier(). So move the release of scmi_dev->name to scmi_device_release() to avoid slab-use-after-free. | BUG: KASAN: slab-use-after-free in strncmp+0xe4/0xec | Read of size 1 at addr ffffff80a482bcc0 by task swapper/0/1 ... • https://git.kernel.org/stable/c/ee7a9c9f67c59008b330deff2762bd8cf1407eec •
CVSS: 5.5EPSS: 0%CPEs: 8EXPL: 0CVE-2024-53066 – nfs: Fix KMSAN warning in decode_getfattr_attrs()
https://notcve.org/view.php?id=CVE-2024-53066
19 Nov 2024 — In the Linux kernel, the following vulnerability has been resolved: nfs: Fix KMSAN warning in decode_getfattr_attrs() Fix the following KMSAN warning: CPU: 1 UID: 0 PID: 7651 Comm: cp Tainted: G B Tainted: [B]=BAD_PAGE Hardware name: QEMU Standard PC (Q35 + ICH9, 2009) ===================================================== ===================================================== BUG: KMSAN: uninit-value in decode_getfattr_attrs+0x2d6d/0x2f90 decode_getfattr_attrs+0x2d6d/0x2f90 decode_getfattr_generic+0x... • https://git.kernel.org/stable/c/88034c3d88c2c48b215f2cc5eb22e564aa817f9c •