CVE-2024-40929 – wifi: iwlwifi: mvm: check n_ssids before accessing the ssids
https://notcve.org/view.php?id=CVE-2024-40929
In the Linux kernel, the following vulnerability has been resolved: wifi: iwlwifi: mvm: check n_ssids before accessing the ssids In some versions of cfg80211, the ssids poinet might be a valid one even though n_ssids is 0. • https://git.kernel.org/stable/c/c1a7515393e403758a684fd0a2372af466675b15 https://git.kernel.org/stable/c/3c4771091ea8016c8601399078916f722dd8833b https://git.kernel.org/stable/c/f777792952d03bbaf8329fdfa99393a5a33e2640 https://git.kernel.org/stable/c/9e719ae3abad60e245ce248ba3f08148f375a614 https://git.kernel.org/stable/c/29a18d56bd64b95bd10bda4afda512558471382a https://git.kernel.org/stable/c/62e007bdeb91c6879a4652c3426aef1cd9d2937b https://git.kernel.org/stable/c/60d62757df30b74bf397a2847a6db7385c6ee281 https://access.redhat.com/security/cve/CVE-2024-40929 • CWE-125: Out-of-bounds Read •
CVE-2024-40928 – net: ethtool: fix the error condition in ethtool_get_phy_stats_ethtool()
https://notcve.org/view.php?id=CVE-2024-40928
In the Linux kernel, the following vulnerability has been resolved: net: ethtool: fix the error condition in ethtool_get_phy_stats_ethtool() Clang static checker (scan-build) warning: net/ethtool/ioctl.c:line 2233, column 2 Called function pointer is null (null dereference). Return '-EOPNOTSUPP' when 'ops->get_ethtool_phy_stats' is NULL to fix this typo error. • https://git.kernel.org/stable/c/201ed315f9676809cd5b20a39206e964106d4f27 https://git.kernel.org/stable/c/6548d543a27449a1a3d8079925de93f5764d6f22 https://git.kernel.org/stable/c/92196be82a4eb61813833dc62876fd198ae51ab1 https://git.kernel.org/stable/c/0dcc53abf58d572d34c5313de85f607cd33fc691 https://access.redhat.com/security/cve/CVE-2024-40928 https://bugzilla.redhat.com/show_bug.cgi?id=2297512 • CWE-476: NULL Pointer Dereference •
CVE-2024-40927 – xhci: Handle TD clearing for multiple streams case
https://notcve.org/view.php?id=CVE-2024-40927
In the Linux kernel, the following vulnerability has been resolved: xhci: Handle TD clearing for multiple streams case When multiple streams are in use, multiple TDs might be in flight when an endpoint is stopped. • https://git.kernel.org/stable/c/e9df17eb1408cfafa3d1844bfc7f22c7237b31b8 https://git.kernel.org/stable/c/26460c1afa311524f588e288a4941432f0de6228 https://git.kernel.org/stable/c/633f72cb6124ecda97b641fbc119340bd88d51a9 https://git.kernel.org/stable/c/949be4ec5835e0ccb3e2a8ab0e46179cb5512518 https://git.kernel.org/stable/c/61593dc413c3655e4328a351555235bc3089486a https://git.kernel.org/stable/c/5ceac4402f5d975e5a01c806438eb4e554771577 https://access.redhat.com/security/cve/CVE-2024-40927 https://bugzilla.redhat.com/show_bug.cgi?id=2297511 • CWE-820: Missing Synchronization •
CVE-2024-40926 – drm/nouveau: don't attempt to schedule hpd_work on headless cards
https://notcve.org/view.php?id=CVE-2024-40926
In the Linux kernel, the following vulnerability has been resolved: drm/nouveau: don't attempt to schedule hpd_work on headless cards If the card doesn't have display hardware, hpd_work and hpd_lock are left uninitialized which causes BUG when attempting to schedule hpd_work on runtime PM resume. Fix it by adding headless flag to DRM and skip any hpd if it's set. • https://git.kernel.org/stable/c/ae1aadb1eb8d3cbc52e42bee71d67bd4a71f9f07 https://git.kernel.org/stable/c/227349998e5740f14d531b0f0d704e66b1ed3c2f https://git.kernel.org/stable/c/b96a225377b6602299a03d2ce3c289b68cd41bb7 •
CVE-2024-40925 – block: fix request.queuelist usage in flush
https://notcve.org/view.php?id=CVE-2024-40925
In the Linux kernel, the following vulnerability has been resolved: block: fix request.queuelist usage in flush Friedrich Weber reported a kernel crash problem and bisected to commit 81ada09cc25e ("blk-flush: reuse rq queuelist in flush state machine"). The root cause is that we use "list_move_tail(&rq->queuelist, pending)" in the PREFLUSH/POSTFLUSH sequences. • https://git.kernel.org/stable/c/81ada09cc25e4bf2de7d2951925fb409338a545d https://git.kernel.org/stable/c/fe1e395563ccb051e9dbd8fa99859f5caaad2e71 https://git.kernel.org/stable/c/87907bd69721a8506618a954d41a1de3040e88aa https://git.kernel.org/stable/c/d0321c812d89c5910d8da8e4b10c891c6b96ff70 •