CVSS: 3.3EPSS: 0%CPEs: 8EXPL: 0CVE-2024-42087 – drm/panel: ilitek-ili9881c: Fix warning with GPIO controllers that sleep
https://notcve.org/view.php?id=CVE-2024-42087
29 Jul 2024 — A local attacker could use this to cause a denial of service or possibly execute arbitrary code. • https://git.kernel.org/stable/c/b71348be1236398be2d04c5e145fd6eaae86a91b •
CVSS: 6.3EPSS: 0%CPEs: 8EXPL: 0CVE-2024-42086 – iio: chemical: bme680: Fix overflows in compensate() functions
https://notcve.org/view.php?id=CVE-2024-42086
29 Jul 2024 — A local attacker could use this to cause a denial of service or possibly execute arbitrary code. • https://git.kernel.org/stable/c/1b3bd8592780c87c5eddabbe98666b086bbaee36 •
CVSS: 5.5EPSS: 0%CPEs: 5EXPL: 0CVE-2024-42085 – usb: dwc3: core: remove lock of otg mode during gadget suspend/resume to avoid deadlock
https://notcve.org/view.php?id=CVE-2024-42085
29 Jul 2024 — It causes the following code is executed and deadlock occurs when trying to get the spinlock. It causes the following code is executed and deadlock occurs when trying to get the spinlock. ... Detailed invoking path as below: dwc3_suspend_common() spin_lock_irqsave(&dwc->lock, flags); <-- 1st dwc3_gadget_suspend(dwc); dwc3_gadget_soft_disconnect(dwc); spin_lock_irqsave(&dwc->lock, flags); <-- 2nd This issue is exposed by commit c7ebd8149ee5 ("usb: dwc3: gadget: Fix NULL pointer dereference in d... • https://git.kernel.org/stable/c/2fa487a9466760a4fb6f147aed6219379dabfc2e •
CVSS: 5.5EPSS: 0%CPEs: 6EXPL: 0CVE-2024-42082 – xdp: Remove WARN() from __xdp_reg_mem_model()
https://notcve.org/view.php?id=CVE-2024-42082
29 Jul 2024 — A local attacker could use this to cause a denial of service or possibly execute arbitrary code. • https://git.kernel.org/stable/c/8d5d88527587516bd58ff0f3810f07c38e65e2be • CWE-770: Allocation of Resources Without Limits or Throttling •
CVSS: 5.5EPSS: 0%CPEs: 5EXPL: 0CVE-2024-42080 – RDMA/restrack: Fix potential invalid address access
https://notcve.org/view.php?id=CVE-2024-42080
29 Jul 2024 — These code is used to help find one forgotten PD release in one of the ULPs. ... These code is used to help find one forgotten PD release in one of the ULPs. ... A local attacker could use this to cause a denial of service or possibly execute arbitrary code. • https://git.kernel.org/stable/c/8656ef8a9288d6c932654f8d3856dc4ab1cfc6b5 •
CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 0CVE-2024-42079 – gfs2: Fix NULL pointer dereference in gfs2_log_flush
https://notcve.org/view.php?id=CVE-2024-42079
29 Jul 2024 — A physically proximate remote attacker could use this to cause a denial of service or possibly execute arbitrary code. ... A physically proximate remote attacker could use this to expose sensitive information. • https://git.kernel.org/stable/c/3429ef5f50909cee9e498c50f0c499b9397116ce • CWE-476: NULL Pointer Dereference •
CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 0CVE-2024-42078 – nfsd: initialise nfsd_info.mutex early.
https://notcve.org/view.php?id=CVE-2024-42078
29 Jul 2024 — A local attacker could use this to cause a denial of service or possibly execute arbitrary code. • https://git.kernel.org/stable/c/7b207ccd983350a5dedd132b57c666186dd02a7c • CWE-457: Use of Uninitialized Variable •
CVSS: 5.5EPSS: 0%CPEs: 8EXPL: 0CVE-2024-42070 – netfilter: nf_tables: fully validate NFT_DATA_VALUE on store to data registers
https://notcve.org/view.php?id=CVE-2024-42070
29 Jul 2024 — An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the implementation of packet filtering. ... An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the kernel. ... A local attacker could use this to cause a denial of service or possibly execute arbitrary code. • https://git.kernel.org/stable/c/96518518cc417bb0a8c80b9fb736202e28acdf96 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 5.5EPSS: 0%CPEs: 8EXPL: 0CVE-2024-41098 – ata: libata-core: Fix null pointer dereference on error
https://notcve.org/view.php?id=CVE-2024-41098
29 Jul 2024 — However, the code in ata_host_release() tries to free ata_port struct members unconditionally, which can lead to the following: BUG: unable to handle page fault for address: 0000000000003990 PGD 0 P4D 0 Oops: Oops: 0000 [#1] PREEMPT SMP NOPTI CPU: 10 PID: 594 Comm: (udev-worker) Not tainted 6.10.0-rc5 #44 Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.16.3-2.fc40 04/01/2014 RIP: 0010:ata_host_release.cold+0x2f/0x6e [libata] Code: e4 4d 63 f4 44 89 e2 48 c7 c6 90 ad 32 c0 48 c7 c7 d0 70... • https://git.kernel.org/stable/c/633273a3ed1cf37ced90475b0f95cf81deab04f1 •
CVSS: 5.5EPSS: 0%CPEs: 9EXPL: 0CVE-2024-41097 – usb: atm: cxacru: fix endpoint checking in cxacru_bind()
https://notcve.org/view.php?id=CVE-2024-41097
29 Jul 2024 — A local attacker could use this to cause a denial of service or possibly execute arbitrary code. • https://git.kernel.org/stable/c/902ffc3c707c1d459ea57428a619a807cbe412f9 • CWE-99: Improper Control of Resource Identifiers ('Resource Injection') •