CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 0CVE-2024-26842 – scsi: ufs: core: Fix shift issue in ufshcd_clear_cmd()
https://notcve.org/view.php?id=CVE-2024-26842
17 Apr 2024 — In the Linux kernel, the following vulnerability has been resolved: scsi: ufs: core: Fix shift issue in ufshcd_clear_cmd() When task_tag >= 32 (in MCQ mode) and sizeof(unsigned int) == 4, 1U << task_tag will out of bounds for a u32 mask. Fix this up to prevent SHIFT_ISSUE (bitwise shifts that are out of bounds for their data type). [name:debug_monitors&]Unexpected kernel BRK exception at EL1 [name:traps&]Internal error: BRK handler: 00000000f2005514 [#1] PREEMPT SMP [name:mediatek_cpufreq_hw&]cpufreq stop D... • https://git.kernel.org/stable/c/7ac9e18f5d66087cd22751c5c5bf0090eb0038fe •
CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 0CVE-2024-26841 – LoongArch: Update cpu_sibling_map when disabling nonboot CPUs
https://notcve.org/view.php?id=CVE-2024-26841
17 Apr 2024 — In the Linux kernel, the following vulnerability has been resolved: LoongArch: Update cpu_sibling_map when disabling nonboot CPUs Update cpu_sibling_map when disabling nonboot CPUs by defining & calling clear_cpu_sibling_map(), otherwise we get such errors on SMT systems: jump label: negative count! WARNING: CPU: 6 PID: 45 at kernel/jump_label.c:263 __static_key_slow_dec_cpuslocked+0xec/0x100 CPU: 6 PID: 45 Comm: cpuhp/6 Not tainted 6.8.0-rc5+ #1340 pc 90000000004c302c ra 90000000004c302c tp 90000001005bc00... • https://git.kernel.org/stable/c/fa96b57c149061f71a70bd6582d995f6424fbbf4 •
CVSS: 5.5EPSS: 0%CPEs: 8EXPL: 0CVE-2024-26840 – cachefiles: fix memory leak in cachefiles_add_cache()
https://notcve.org/view.php?id=CVE-2024-26840
17 Apr 2024 — In the Linux kernel, the following vulnerability has been resolved: cachefiles: fix memory leak in cachefiles_add_cache() The following memory leak was reported after unbinding /dev/cachefiles: ================================================================== unreferenced object 0xffff9b674176e3c0 (size 192): comm "cachefilesd2", pid 680, jiffies 4294881224 hex dump (first 32 bytes): 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 .............. • https://git.kernel.org/stable/c/9ae326a69004dea8af2dae4fde58de27db700a8d • CWE-402: Transmission of Private Resources into a New Sphere ('Resource Leak') •
CVSS: 3.3EPSS: 0%CPEs: 8EXPL: 0CVE-2024-26839 – IB/hfi1: Fix a memleak in init_credit_return
https://notcve.org/view.php?id=CVE-2024-26839
17 Apr 2024 — In the Linux kernel, the following vulnerability has been resolved: IB/hfi1: Fix a memleak in init_credit_return When dma_alloc_coherent fails to allocate dd->cr_base[i].va, init_credit_return should deallocate dd->cr_base and dd->cr_base[i] that allocated before. Or those resources would be never freed and a memleak is triggered. En el kernel de Linux, se resolvió la siguiente vulnerabilidad: IB/hfi1: corrige una fuga de mem en init_credit_return Cuando dma_alloc_coherent no puede asignar dd->cr_base[i]... • https://git.kernel.org/stable/c/7724105686e718ac476a6ad3304fea2fbcfcffde •
CVSS: 5.5EPSS: 0%CPEs: 5EXPL: 0CVE-2024-26838 – RDMA/irdma: Fix KASAN issue with tasklet
https://notcve.org/view.php?id=CVE-2024-26838
17 Apr 2024 — In the Linux kernel, the following vulnerability has been resolved: RDMA/irdma: Fix KASAN issue with tasklet KASAN testing revealed the following issue assocated with freeing an IRQ. [50006.466686] Call Trace: [50006.466691]
CVSS: 5.5EPSS: 0%CPEs: 4EXPL: 0CVE-2024-26837 – net: bridge: switchdev: Skip MDB replays of deferred events on offload
https://notcve.org/view.php?id=CVE-2024-26837
17 Apr 2024 — In the Linux kernel, the following vulnerability has been resolved: net: bridge: switchdev: Skip MDB replays of deferred events on offload Before this change, generation of the list of MDB events to replay would race against the creation of new group memberships, either from the IGMP/MLD snooping logic or from user configuration. While new memberships are immediately visible to walkers of br->mdb_list, the notification of their existence to switchdev event subscribers is deferred until a later point in time... • https://git.kernel.org/stable/c/4f2673b3a2b6246729a1ff13b8945a040839dbd3 • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •
CVSS: 4.6EPSS: 0%CPEs: 3EXPL: 0CVE-2024-26836 – platform/x86: think-lmi: Fix password opcode ordering for workstations
https://notcve.org/view.php?id=CVE-2024-26836
17 Apr 2024 — In the Linux kernel, the following vulnerability has been resolved: platform/x86: think-lmi: Fix password opcode ordering for workstations The Lenovo workstations require the password opcode to be run before the attribute value is changed (if Admin password is enabled). Tested on some Thinkpads to confirm they are OK with this order too. En el kernel de Linux, se resolvió la siguiente vulnerabilidad: plataforma/x86: think-lmi: corrige el orden del código de operación de contraseña para las estaciones de tra... • https://git.kernel.org/stable/c/640a5fa50a42b99bfa2a0ec51b4ea9591d9bd055 •
CVSS: 4.7EPSS: 0%CPEs: 7EXPL: 0CVE-2024-26835 – netfilter: nf_tables: set dormant flag on hook register failure
https://notcve.org/view.php?id=CVE-2024-26835
17 Apr 2024 — In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: set dormant flag on hook register failure We need to set the dormant flag again if we fail to register the hooks. During memory pressure hook registration can fail and we end up with a table marked as active but no registered hooks. On table/base chain deletion, nf_tables will attempt to unregister the hook again which yields a warn splat from the nftables core. En el kernel de Linux, se ha resuelto la siguiente vulner... • https://git.kernel.org/stable/c/e10f661adc556c4969c70ddaddf238bffdaf1e87 • CWE-459: Incomplete Cleanup •
CVSS: 5.5EPSS: 0%CPEs: 6EXPL: 0CVE-2024-26833 – drm/amd/display: Fix memory leak in dm_sw_fini()
https://notcve.org/view.php?id=CVE-2024-26833
17 Apr 2024 — In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Fix memory leak in dm_sw_fini() After destroying dmub_srv, the memory associated with it is not freed, causing a memory leak: unreferenced object 0xffff896302b45800 (size 1024): comm "(udev-worker)", pid 222, jiffies 4294894636 hex dump (first 32 bytes): 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ backtrace (crc 6265fd77): [
CVSS: 5.5EPSS: 0%CPEs: 5EXPL: 0CVE-2024-26832 – mm: zswap: fix missing folio cleanup in writeback race path
https://notcve.org/view.php?id=CVE-2024-26832
17 Apr 2024 — In the Linux kernel, the following vulnerability has been resolved: mm: zswap: fix missing folio cleanup in writeback race path In zswap_writeback_entry(), after we get a folio from __read_swap_cache_async(), we grab the tree lock again to check that the swap entry was not invalidated and recycled. If it was, we delete the folio we just added to the swap cache and exit. However, __read_swap_cache_async() returns the folio locked when it is newly allocated, which is always true for this path, and the folio i... • https://git.kernel.org/stable/c/2cab13f500a6333bd2b853783ac76be9e4956f8a •