CVSS: -EPSS: 0%CPEs: 8EXPL: 0CVE-2024-46758 – hwmon: (lm95234) Fix underflows seen when writing limit attributes
https://notcve.org/view.php?id=CVE-2024-46758
In the Linux kernel, the following vulnerability has been resolved: hwmon: (lm95234) Fix underflows seen when writing limit attributes DIV_ROUND_CLOSEST() after kstrtol() results in an underflow if a large negative number such as -9223372036854775808 is provided by the user. Fix it by reordering clamp_val() and DIV_ROUND_CLOSEST() operations. • https://git.kernel.org/stable/c/93f0f5721d0cca45dac50af1ae6f9a9826c699fd https://git.kernel.org/stable/c/438453dfbbdcf4be26891492644aa3ecbb42c336 https://git.kernel.org/stable/c/59c1fb9874a01c9abc49a0a32f192a7e7b4e2650 https://git.kernel.org/stable/c/0fc27747633aa419f9af40e7bdfa00d2ec94ea81 https://git.kernel.org/stable/c/da765bebd90e1b92bdbc3c6a27a3f3cc81529ab6 https://git.kernel.org/stable/c/46e4fd338d5bdbaf60e41cda625b24949d2af201 https://git.kernel.org/stable/c/16f42953231be1e7be77bc24005270d9e0d9d2ee https://git.kernel.org/stable/c/af64e3e1537896337405f880c1e9ac1f8 •
CVSS: -EPSS: 0%CPEs: 8EXPL: 0CVE-2024-46757 – hwmon: (nct6775-core) Fix underflows seen when writing limit attributes
https://notcve.org/view.php?id=CVE-2024-46757
In the Linux kernel, the following vulnerability has been resolved: hwmon: (nct6775-core) Fix underflows seen when writing limit attributes DIV_ROUND_CLOSEST() after kstrtol() results in an underflow if a large negative number such as -9223372036854775808 is provided by the user. Fix it by reordering clamp_val() and DIV_ROUND_CLOSEST() operations. • https://git.kernel.org/stable/c/298a55f11edd811f2189b74eb8f53dee34d4f14c https://git.kernel.org/stable/c/d6035c55fa9afefc23f85f57eff1d4a1d82c5b10 https://git.kernel.org/stable/c/8a1e958e26640ce015abdbb75c8896301b9bf398 https://git.kernel.org/stable/c/02bb3b4c7d5695ff4be01e0f55676bba49df435e https://git.kernel.org/stable/c/0c23e18cef20b989a9fd7cb0a745e1259b969159 https://git.kernel.org/stable/c/2f695544084a559f181cafdfd3f864c5ff9dd1db https://git.kernel.org/stable/c/996221b030995cc5f5baa4a642201d64b62a17cd https://git.kernel.org/stable/c/0403e10bf0824bf0ec2bb135d4cf1c0cc •
CVSS: -EPSS: 0%CPEs: 8EXPL: 0CVE-2024-46756 – hwmon: (w83627ehf) Fix underflows seen when writing limit attributes
https://notcve.org/view.php?id=CVE-2024-46756
In the Linux kernel, the following vulnerability has been resolved: hwmon: (w83627ehf) Fix underflows seen when writing limit attributes DIV_ROUND_CLOSEST() after kstrtol() results in an underflow if a large negative number such as -9223372036854775808 is provided by the user. Fix it by reordering clamp_val() and DIV_ROUND_CLOSEST() operations. • https://git.kernel.org/stable/c/93cf73a7bfdce683bde3a7bb65f270d3bd24497b https://git.kernel.org/stable/c/77ab0fd231c4ca873ec6908e761970360acc6df2 https://git.kernel.org/stable/c/56cfdeb2c77291f0b5e4592731adfb6ca8fc7c24 https://git.kernel.org/stable/c/cc4be794c8d8c253770103e097ab9dbdb5f99ae1 https://git.kernel.org/stable/c/d92f0baf99a7e327dcceab37cce57c38aab1f691 https://git.kernel.org/stable/c/8fecb75bff1b7d87a071c32a37aa0700f2be379d https://git.kernel.org/stable/c/26825b62bd1bd3e53b4f44e0745cb516d5186343 https://git.kernel.org/stable/c/5c1de37969b7bc0abcb20b86e91e70cae •
CVSS: -EPSS: 0%CPEs: 8EXPL: 0CVE-2024-46755 – wifi: mwifiex: Do not return unused priv in mwifiex_get_priv_by_id()
https://notcve.org/view.php?id=CVE-2024-46755
In the Linux kernel, the following vulnerability has been resolved: wifi: mwifiex: Do not return unused priv in mwifiex_get_priv_by_id() mwifiex_get_priv_by_id() returns the priv pointer corresponding to the bss_num and bss_type, but without checking if the priv is actually currently in use. Unused priv pointers do not have a wiphy attached to them which can lead to NULL pointer dereferences further down the callstack. • https://git.kernel.org/stable/c/a12cf97cbefa139ef8d95081f2ea047cbbd74b7a https://git.kernel.org/stable/c/d834433ff313838a259bb6607055ece87b895b66 https://git.kernel.org/stable/c/9813770f25855b866b8ead8155b8806b2db70f6d https://git.kernel.org/stable/c/cb67b2e51b75f1a17bee7599c8161b96e1808a70 https://git.kernel.org/stable/c/1a05d8d02cfa3540ea5dbd6b39446bd3f515521f https://git.kernel.org/stable/c/c2618dcb26c7211342b54520b5b148c0d3471c8a https://git.kernel.org/stable/c/c16916dd6c16fa7e13ca3923eb6b9f50d848ad03 https://git.kernel.org/stable/c/c145eea2f75ff7949392aebecf7ef0a81 •
CVSS: -EPSS: 0%CPEs: 2EXPL: 0CVE-2024-46754 – bpf: Remove tst_run from lwt_seg6local_prog_ops.
https://notcve.org/view.php?id=CVE-2024-46754
In the Linux kernel, the following vulnerability has been resolved: bpf: Remove tst_run from lwt_seg6local_prog_ops. The syzbot reported that the lwt_seg6 related BPF ops can be invoked via bpf_test_run() without without entering input_action_end_bpf() first. Martin KaFai Lau said that self test for BPF_PROG_TYPE_LWT_SEG6LOCAL probably didn't work since it was introduced in commit 04d4b274e2a ("ipv6: sr: Add seg6local action End.BPF"). • https://git.kernel.org/stable/c/004d4b274e2a1a895a0e5dc66158b90a7d463d44 https://git.kernel.org/stable/c/9cd15511de7c619bbd0f54bb3f28e6e720ded5d6 https://git.kernel.org/stable/c/c13fda93aca118b8e5cd202e339046728ee7dddb •