CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 0CVE-2024-53118 – vsock: Fix sk_error_queue memory leak
https://notcve.org/view.php?id=CVE-2024-53118
02 Dec 2024 — In the Linux kernel, the following vulnerability has been resolved: vsock: Fix sk_error_queue memory leak Kernel queues MSG_ZEROCOPY completion notifications on the error queue. Where they remain, until explicitly recv()ed. To prevent memory leaks, clean up the queue when the socket is destroyed. unreferenced object 0xffff8881028beb00 (size 224): comm "vsock_test", pid 1218, jiffies 4294694897 hex dump (first 32 bytes): 90 b0 21 17 81 88 ff ff 90 b0 21 17 81 88 ff ff ..!.......!..... 00 00 00 00 00 00 00 00... • https://git.kernel.org/stable/c/581512a6dc939ef122e49336626ae159f3b8a345 •
CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 0CVE-2024-53117 – virtio/vsock: Improve MSG_ZEROCOPY error handling
https://notcve.org/view.php?id=CVE-2024-53117
02 Dec 2024 — In the Linux kernel, the following vulnerability has been resolved: virtio/vsock: Improve MSG_ZEROCOPY error handling Add a missing kfree_skb() to prevent memory leaks. En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: virtio/vsock: Mejorar el manejo de errores MSG_ZEROCOPY. Agregar un kfree_skb() faltante para evitar pérdidas de memoria. • https://git.kernel.org/stable/c/581512a6dc939ef122e49336626ae159f3b8a345 •
CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 0CVE-2024-53114 – x86/CPU/AMD: Clear virtualized VMLOAD/VMSAVE on Zen4 client
https://notcve.org/view.php?id=CVE-2024-53114
02 Dec 2024 — In the Linux kernel, the following vulnerability has been resolved: x86/CPU/AMD: Clear virtualized VMLOAD/VMSAVE on Zen4 client A number of Zen4 client SoCs advertise the ability to use virtualized VMLOAD/VMSAVE, but using these instructions is reported to be a cause of a random host reboot. These instructions aren't intended to be advertised on Zen4 client so clear the capability. En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: x86/CPU/AMD: Borrar VMLOAD/VMSAVE virtualizado en el cliente... • https://git.kernel.org/stable/c/00c713f84f477a85e524f34aad8fbd11a1c051f0 •
CVSS: 5.5EPSS: 0%CPEs: 5EXPL: 0CVE-2024-53113 – mm: fix NULL pointer dereference in alloc_pages_bulk_noprof
https://notcve.org/view.php?id=CVE-2024-53113
02 Dec 2024 — In the Linux kernel, the following vulnerability has been resolved: mm: fix NULL pointer dereference in alloc_pages_bulk_noprof We triggered a NULL pointer dereference for ac.preferred_zoneref->zone in alloc_pages_bulk_noprof() when the task is migrated between cpusets. When cpuset is enabled, in prepare_alloc_pages(), ac->nodemask may be ¤t->mems_allowed. when first_zones_zonelist() is called to find preferred_zoneref, the ac->nodemask may be modified concurrently if the task is migrated between diff... • https://git.kernel.org/stable/c/387ba26fb1cb9be9e35dc14a6d97188e916eda05 •
CVSS: 5.5EPSS: 0%CPEs: 8EXPL: 0CVE-2024-53112 – ocfs2: uncache inode which has failed entering the group
https://notcve.org/view.php?id=CVE-2024-53112
02 Dec 2024 — In the Linux kernel, the following vulnerability has been resolved: ocfs2: uncache inode which has failed entering the group Syzbot has reported the following BUG: kernel BUG at fs/ocfs2/uptodate.c:509! ... Call Trace: <TASK> ? __die_body+0x5f/0xb0 ? die+0x9e/0xc0 ? do_trap+0x15a/0x3a0 ? • https://git.kernel.org/stable/c/7909f2bf835376a20d6dbf853eb459a27566eba2 •
CVSS: 7.1EPSS: 0%CPEs: 2EXPL: 0CVE-2024-53111 – mm/mremap: fix address wraparound in move_page_tables()
https://notcve.org/view.php?id=CVE-2024-53111
02 Dec 2024 — In the Linux kernel, the following vulnerability has been resolved: mm/mremap: fix address wraparound in move_page_tables() On 32-bit platforms, it is possible for the expression `len + old_addr < old_end` to be false-positive if `len + old_addr` wraps around. `old_addr` is the cursor in the old range up to which page table entries have been moved; so if the operation succeeded, `old_addr` is the *end* of the old region, and adding `len` to it can wrap. The overflow causes mremap() to mistakenly believe tha... • https://git.kernel.org/stable/c/af8ca1c149069176e6322a77b532e3ffd99ccffe •
CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 0CVE-2024-53110 – vp_vdpa: fix id_table array not null terminated error
https://notcve.org/view.php?id=CVE-2024-53110
02 Dec 2024 — In the Linux kernel, the following vulnerability has been resolved: vp_vdpa: fix id_table array not null terminated error Allocate one extra virtio_device_id as null terminator, otherwise vdpa_mgmtdev_get_classes() may iterate multiple times and visit undefined memory. En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: vp_vdpa: se corrige el error de matriz id_table no terminada en nulo. Asigne un virtio_device_id adicional como terminador nulo; de lo contrario, vdpa_mgmtdev_get_classes() pu... • https://git.kernel.org/stable/c/ffbda8e9df10d1784d5427ec199e7d8308e3763f •
CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 0CVE-2024-53109 – nommu: pass NULL argument to vma_iter_prealloc()
https://notcve.org/view.php?id=CVE-2024-53109
02 Dec 2024 — In the Linux kernel, the following vulnerability has been resolved: nommu: pass NULL argument to vma_iter_prealloc() When deleting a vma entry from a maple tree, it has to pass NULL to vma_iter_prealloc() in order to calculate internal state of the tree, but it passed a wrong argument. As a result, nommu kernels crashed upon accessing a vma iterator, such as acct_collect() reading the size of vma entries after do_munmap(). This commit fixes this issue by passing a right argument to the preallocation call. E... • https://git.kernel.org/stable/c/b5df09226450165c434084d346fcb6d4858b0d52 •
CVSS: 7.1EPSS: 0%CPEs: 3EXPL: 0CVE-2024-53108 – drm/amd/display: Adjust VSDB parser for replay feature
https://notcve.org/view.php?id=CVE-2024-53108
02 Dec 2024 — In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Adjust VSDB parser for replay feature At some point, the IEEE ID identification for the replay check in the AMD EDID was added. However, this check causes the following out-of-bounds issues when using KASAN: [ 27.804016] BUG: KASAN: slab-out-of-bounds in amdgpu_dm_update_freesync_caps+0xefa/0x17a0 [amdgpu] [ 27.804788] Read of size 1 at addr ffff8881647fdb00 by task systemd-udevd/383 ... [ 27.821207] Memory state around the... • https://git.kernel.org/stable/c/0a326fbc8f72a320051f27328d4d4e7abdfe68d7 •
CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 0CVE-2024-53107 – fs/proc/task_mmu: prevent integer overflow in pagemap_scan_get_args()
https://notcve.org/view.php?id=CVE-2024-53107
02 Dec 2024 — In the Linux kernel, the following vulnerability has been resolved: fs/proc/task_mmu: prevent integer overflow in pagemap_scan_get_args() The "arg->vec_len" variable is a u64 that comes from the user at the start of the function. The "arg->vec_len * sizeof(struct page_region))" multiplication can lead to integer wrapping. Use size_mul() to avoid that. Also the size_add/mul() functions work on unsigned long so for 32bit systems we need to ensure that "arg->vec_len" fits in an unsigned long. En el kernel de L... • https://git.kernel.org/stable/c/52526ca7fdb905a768a93f8faa418e9b988fc34b •