CVSS: 4.4EPSS: 0%CPEs: 7EXPL: 0CVE-2023-52730 – mmc: sdio: fix possible resource leaks in some error paths
https://notcve.org/view.php?id=CVE-2023-52730
21 May 2024 — In the Linux kernel, the following vulnerability has been resolved: mmc: sdio: fix possible resource leaks in some error paths If sdio_add_func() or sdio_init_func() fails, sdio_remove_func() can not release the resources, because the sdio function is not presented in these two cases, it won't call of_node_put() or put_device(). To fix these leaks, make sdio_func_present() only control whether device_del() needs to be called or not, then always call of_node_put() and put_device(). In error case in sdio_... • https://git.kernel.org/stable/c/3d10a1ba0d37c8f5fd5afcdda00613fbb8a90bf5 • CWE-402: Transmission of Private Resources into a New Sphere ('Resource Leak') •
CVSS: -EPSS: 0%CPEs: 5EXPL: 0CVE-2023-52708 – mmc: mmc_spi: fix error handling in mmc_spi_probe()
https://notcve.org/view.php?id=CVE-2023-52708
21 May 2024 — In the Linux kernel, the following vulnerability has been resolved: mmc: mmc_spi: fix error handling in mmc_spi_probe() If mmc_add_host() fails, it doesn't need to call mmc_remove_host(), or it will cause null-ptr-deref, because of deleting a not added device in mmc_remove_host(). To fix this, goto label 'fail_glue_init', if mmc_add_host() fails, and change the label 'fail_add_host' to 'fail_gpiod_request'. En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: mmc: mmc_spi: corrige el manejo... • https://git.kernel.org/stable/c/15a0580ced081a0f7dc2deea8a4812bdc5e9a109 •
CVSS: 7.0EPSS: 0%CPEs: 5EXPL: 0CVE-2023-52707 – sched/psi: Fix use-after-free in ep_remove_wait_queue()
https://notcve.org/view.php?id=CVE-2023-52707
21 May 2024 — In the Linux kernel, the following vulnerability has been resolved: sched/psi: Fix use-after-free in ep_remove_wait_queue() If a non-root cgroup gets removed when there is a thread that registered trigger and is polling on a pressure file within the cgroup, the polling waitqueue gets freed in the following path: do_rmdir cgroup_rmdir kernfs_drain_open_files cgroup_file_release cgroup_pressure_release psi_trigger_destroy However, the polling thread still has a referenc... • https://git.kernel.org/stable/c/0e94682b73bfa6c44c98af7a26771c9c08c055d5 • CWE-416: Use After Free •
CVSS: -EPSS: 0%CPEs: 2EXPL: 0CVE-2023-52706 – gpio: sim: fix a memory leak
https://notcve.org/view.php?id=CVE-2023-52706
21 May 2024 — In the Linux kernel, the following vulnerability has been resolved: gpio: sim: fix a memory leak Fix an inverted logic bug in gpio_sim_remove_hogs() that leads to GPIO hog structures never being freed. En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: gpio: sim: corrige una pérdida de memoria. Se corrige un error de lógica invertida en gpio_sim_remove_hogs() que hace que las estructuras GPIO hog nunca se liberen. • https://git.kernel.org/stable/c/cb8c474e79be458f58e9df073f51ca159f3a2aa0 •
CVSS: -EPSS: 0%CPEs: 7EXPL: 0CVE-2023-52705 – nilfs2: fix underflow in second superblock position calculations
https://notcve.org/view.php?id=CVE-2023-52705
21 May 2024 — In the Linux kernel, the following vulnerability has been resolved: nilfs2: fix underflow in second superblock position calculations Macro NILFS_SB2_OFFSET_BYTES, which computes the position of the second superblock, underflows when the argument device size is less than 4096 bytes. Therefore, when using this macro, it is necessary to check in advance that the device size is not less than a lower limit, or at least that underflow does not occur. The current nilfs2 implementation lacks this check, causing... • https://git.kernel.org/stable/c/2f7a1135b202977b82457adde7db6c390056863b •
CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 0CVE-2023-52704 – freezer,umh: Fix call_usermode_helper_exec() vs SIGKILL
https://notcve.org/view.php?id=CVE-2023-52704
21 May 2024 — In the Linux kernel, the following vulnerability has been resolved: freezer,umh: Fix call_usermode_helper_exec() vs SIGKILL Tetsuo-San noted that commit f5d39b020809 ("freezer,sched: Rewrite core freezer logic") broke call_usermodehelper_exec() for the KILLABLE case. Specifically it was missed that the second, unconditional, wait_for_completion() was not optional and ensures the on-stack completion is unused before going out-of-scope. En el kernel de Linux, se resolvió la siguiente vulnerabilidad: freeze... • https://git.kernel.org/stable/c/f5d39b020809146cc28e6e73369bf8065e0310aa •
CVSS: 3.3EPSS: 0%CPEs: 7EXPL: 0CVE-2023-52703 – net/usb: kalmia: Don't pass act_len in usb_bulk_msg error path
https://notcve.org/view.php?id=CVE-2023-52703
21 May 2024 — In the Linux kernel, the following vulnerability has been resolved: net/usb: kalmia: Don't pass act_len in usb_bulk_msg error path syzbot reported that act_len in kalmia_send_init_packet() is uninitialized when passing it to the first usb_bulk_msg error path. Jiri Pirko noted that it's pointless to pass it in the error path, and that the value that would be printed in the second error path would be the value of act_len from the first call to usb_bulk_msg.[1] With this in mind, let's just not pass act_len... • https://git.kernel.org/stable/c/d40261236e8e278cb1936cb5e934262971692b10 • CWE-15: External Control of System or Configuration Setting •
CVSS: -EPSS: 0%CPEs: 4EXPL: 0CVE-2023-52702 – net: openvswitch: fix possible memory leak in ovs_meter_cmd_set()
https://notcve.org/view.php?id=CVE-2023-52702
21 May 2024 — In the Linux kernel, the following vulnerability has been resolved: net: openvswitch: fix possible memory leak in ovs_meter_cmd_set() old_meter needs to be free after it is detached regardless of whether the new meter is successfully attached. En el kernel de Linux, se resolvió la siguiente vulnerabilidad: net: openvswitch: corrige una posible pérdida de memoria en ovs_meter_cmd_set() old_meter debe estar libre después de desconectarlo, independientemente de si el nuevo medidor se conectó correctamente. • https://git.kernel.org/stable/c/c7c4c44c9a95d87e50ced38f7480e779cb472174 •
CVSS: -EPSS: 0%CPEs: 2EXPL: 0CVE-2023-52701 – net: use a bounce buffer for copying skb->mark
https://notcve.org/view.php?id=CVE-2023-52701
21 May 2024 — In the Linux kernel, the following vulnerability has been resolved: net: use a bounce buffer for copying skb->mark syzbot found arm64 builds would crash in sock_recv_mark() when CONFIG_HARDENED_USERCOPY=y x86 and powerpc are not detecting the issue because they define user_access_begin. This will be handled in a different patch, because a check_object_size() is missing. Only data from skb->cb[] can be copied directly to/from user space, as explained in commit 79a8a642bf05 ("net: Whitelist the skbuff_hea... • https://git.kernel.org/stable/c/6fd1d51cfa253b5ee7dae18d7cf1df830e9b6137 •
CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 0CVE-2023-52700 – tipc: fix kernel warning when sending SYN message
https://notcve.org/view.php?id=CVE-2023-52700
21 May 2024 — In the Linux kernel, the following vulnerability has been resolved: tipc: fix kernel warning when sending SYN message When sending a SYN message, this kernel stack trace is observed: ... [ 13.396352] RIP: 0010:_copy_from_iter+0xb4/0x550 ... [ 13.398494] Call Trace: [ 13.398630]