CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 0CVE-2024-40923 – vmxnet3: disable rx data ring on dma allocation failure
https://notcve.org/view.php?id=CVE-2024-40923
12 Jul 2024 — VMware Virtual Platform/440BX Desktop Reference Platform, BIOS 6.00 12/12/2018 [ 95.443481] RIP: 0010:skb_panic+0x4d/0x4f [ 95.444404] Code: 4f 70 50 8b 87 c0 00 00 00 50 8b 87 bc 00 00 00 50 ff b7 d0 00 00 00 4c 8b 8f c8 00 00 00 48 c7 c7 68 e8 be 9f e8 63 58 f9 ff <0f> 0b 48 8b 14 24 48 c7 c1 d0 73 65 9f e8 a1 ff ff ff 48 8b 14 24 [ 95.447684] RSP: 0018:ffffa13340274dd0 EFLAGS: 00010246 [ 95.448762] RAX: 0000000000000089 RBX: ffff8fbbc72b02d0 RCX: 000000000000083f [ 95.450148] RDX: 0000000000000000... • https://git.kernel.org/stable/c/6f4833383e8514ea796d094e05c24889b8997fde • CWE-99: Improper Control of Resource Identifiers ('Resource Injection') •
CVSS: 4.4EPSS: 0%CPEs: 3EXPL: 0CVE-2024-40922 – io_uring/rsrc: don't lock while !TASK_RUNNING
https://notcve.org/view.php?id=CVE-2024-40922
12 Jul 2024 — A local attacker could use this to cause a denial of service or possibly execute arbitrary code. • https://git.kernel.org/stable/c/4ea15b56f0810f0d8795d475db1bb74b3a7c1b2f • CWE-413: Improper Resource Locking •
CVSS: 5.5EPSS: 0%CPEs: 4EXPL: 0CVE-2024-40921 – net: bridge: mst: pass vlan group directly to br_mst_vlan_set_state
https://notcve.org/view.php?id=CVE-2024-40921
12 Jul 2024 — A local attacker could use this to cause a denial of service or possibly execute arbitrary code. • https://git.kernel.org/stable/c/8ca9a750fc711911ef616ceb627d07357b04545e •
CVSS: 5.5EPSS: 0%CPEs: 4EXPL: 0CVE-2024-40920 – net: bridge: mst: fix suspicious rcu usage in br_mst_set_state
https://notcve.org/view.php?id=CVE-2024-40920
12 Jul 2024 — A local attacker could use this to cause a denial of service or possibly execute arbitrary code. • https://git.kernel.org/stable/c/8ca9a750fc711911ef616ceb627d07357b04545e •
CVSS: 5.5EPSS: 0%CPEs: 4EXPL: 0CVE-2024-40919 – bnxt_en: Adjust logging of firmware messages in case of released token in __hwrm_send()
https://notcve.org/view.php?id=CVE-2024-40919
12 Jul 2024 — This issue is expected to be prevented by HWRM_ERR_CODE_PF_UNAVAILABLE error code. But this error code is returned by recent firmware. ... This issue is expected to be prevented by HWRM_ERR_CODE_PF_UNAVAILABLE error code. But this error code is returned by recent firmware. ... A local attacker could use this to cause a denial of service or possibly execute arbitrary code. • https://git.kernel.org/stable/c/8fa4219dba8e621aa1e78dfa7eeab10f55acb3c0 • CWE-476: NULL Pointer Dereference •
CVSS: 7.0EPSS: 0%CPEs: 3EXPL: 0CVE-2024-40918 – parisc: Try to fix random segmentation faults in package builds
https://notcve.org/view.php?id=CVE-2024-40918
12 Jul 2024 — On reviewing the cache code, I realized that there were two issues which the existing code didn't handle correctly. On reviewing the cache code, I realized that there were two issues which the existing code didn't handle correctly. ... It finally dawned on me that some lines weren't being flushed because the pte check code was racy. It finally dawned on me that some lines weren't being flushed because the pte check code was racy. ... • https://git.kernel.org/stable/c/5bf196f1936bf93df31112fbdfb78c03537c07b0 •
CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 0CVE-2024-40917 – memblock: make memblock_set_node() also warn about use of MAX_NUMNODES
https://notcve.org/view.php?id=CVE-2024-40917
12 Jul 2024 — A local attacker could use this to cause a denial of service or possibly execute arbitrary code. • https://git.kernel.org/stable/c/6fdc770506eb8379bf68a49d4e193c8364ac64e0 •
CVSS: 7.0EPSS: 0%CPEs: 4EXPL: 0CVE-2024-40915 – riscv: rewrite __kernel_map_pages() to fix sleeping in invalid context
https://notcve.org/view.php?id=CVE-2024-40915
12 Jul 2024 — An attacker with access to the VMM could use this to cause a denial of service or possibly execute arbitrary code. • https://git.kernel.org/stable/c/5fde3db5eb028b95aeefa1ab192d36800414e8b8 •
CVSS: 4.7EPSS: 0%CPEs: 6EXPL: 0CVE-2024-40914 – mm/huge_memory: don't unpoison huge_zero_folio
https://notcve.org/view.php?id=CVE-2024-40914
12 Jul 2024 — A local attacker could use this to cause a denial of service or possibly execute arbitrary code. • https://git.kernel.org/stable/c/f8f836100fff594cea8a0a027affb9d5520f09a7 • CWE-911: Improper Update of Reference Count •
CVSS: 6.7EPSS: 0%CPEs: 4EXPL: 0CVE-2024-40913 – cachefiles: defer exposing anon_fd until after copy_to_user() succeeds
https://notcve.org/view.php?id=CVE-2024-40913
12 Jul 2024 — A local attacker could use this to cause a denial of service or possibly execute arbitrary code. • https://git.kernel.org/stable/c/c8383054506c77b814489c09877b5db83fd4abf2 • CWE-416: Use After Free •