CVSS: 4.6EPSS: 0%CPEs: 5EXPL: 0CVE-2024-26769 – nvmet-fc: avoid deadlock on delete association path
https://notcve.org/view.php?id=CVE-2024-26769
03 Apr 2024 — In the Linux kernel, the following vulnerability has been resolved: nvmet-fc: avoid deadlock on delete association path When deleting an association the shutdown path is deadlocking because we try to flush the nvmet_wq nested. Avoid this by deadlock by deferring the put work into its own work item. En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: nvmet-fc: evita el punto muerto al eliminar la ruta de asociación Al eliminar una asociación, la ruta de cierre se bloquea porque intentamos vaci... • https://git.kernel.org/stable/c/5e0bc09a52b6169ce90f7ac6e195791adb16cec4 • CWE-833: Deadlock •
CVSS: 6.5EPSS: 0%CPEs: 3EXPL: 0CVE-2024-26768 – LoongArch: Change acpi_core_pic[NR_CPUS] to acpi_core_pic[MAX_CORE_PIC]
https://notcve.org/view.php?id=CVE-2024-26768
03 Apr 2024 — In the Linux kernel, the following vulnerability has been resolved: LoongArch: Change acpi_core_pic[NR_CPUS] to acpi_core_pic[MAX_CORE_PIC] With default config, the value of NR_CPUS is 64. When HW platform has more then 64 cpus, system will crash on these platforms. MAX_CORE_PIC is the maximum cpu number in MADT table (max physical number) which can exceed the supported maximum cpu number (NR_CPUS, max logical number), but kernel should not crash. Kernel should boot cpus with NR_CPUS, let the remainder cpus... • https://git.kernel.org/stable/c/fa96b57c149061f71a70bd6582d995f6424fbbf4 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 0CVE-2024-26767 – drm/amd/display: fixed integer types and null check locations
https://notcve.org/view.php?id=CVE-2024-26767
03 Apr 2024 — In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: fixed integer types and null check locations [why]: issues fixed: - comparison with wider integer type in loop condition which can cause infinite loops - pointer dereference before null check En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: drm/amd/display: tipos de enteros fijos y ubicaciones de verificación nula [por qué]: problemas solucionados: - comparación con un tipo de entero más amplio en condició... • https://git.kernel.org/stable/c/71783d1ff65204d69207fd156d4b2eb1d3882375 • CWE-170: Improper Null Termination •
CVSS: 7.8EPSS: 0%CPEs: 9EXPL: 0CVE-2024-26766 – IB/hfi1: Fix sdma.h tx->num_descs off-by-one error
https://notcve.org/view.php?id=CVE-2024-26766
03 Apr 2024 — In the Linux kernel, the following vulnerability has been resolved: IB/hfi1: Fix sdma.h tx->num_descs off-by-one error Unfortunately the commit `fd8958efe877` introduced another error causing the `descs` array to overflow. This reults in further crashes easily reproducible by `sendmsg` system call. [ 1080.836473] general protection fault, probably for non-canonical address 0x400300015528b00a: 0000 [#1] PREEMPT SMP PTI [ 1080.869326] RIP: 0010:hfi1_ipoib_build_ib_tx_headers.constprop.0+0xe1/0x2b0 [hfi1] -- [... • https://git.kernel.org/stable/c/d1c1ee052d25ca23735eea912f843bc7834781b4 •
CVSS: 5.5EPSS: 0%CPEs: 4EXPL: 0CVE-2024-26765 – LoongArch: Disable IRQ before init_fn() for nonboot CPUs
https://notcve.org/view.php?id=CVE-2024-26765
03 Apr 2024 — In the Linux kernel, the following vulnerability has been resolved: LoongArch: Disable IRQ before init_fn() for nonboot CPUs Disable IRQ before init_fn() for nonboot CPUs when hotplug, in order to silence such warnings (and also avoid potential errors due to unexpected interrupts): WARNING: CPU: 1 PID: 0 at kernel/rcu/tree.c:4503 rcu_cpu_starting+0x214/0x280 CPU: 1 PID: 0 Comm: swapper/1 Not tainted 6.6.17+ #1198 pc 90000000048e3334 ra 90000000047bd56c tp 900000010039c000 sp 900000010039fdd0 a0 000000000000... • https://git.kernel.org/stable/c/fa96b57c149061f71a70bd6582d995f6424fbbf4 •
CVSS: 3.3EPSS: 0%CPEs: 8EXPL: 0CVE-2024-26764 – fs/aio: Restrict kiocb_set_cancel_fn() to I/O submitted via libaio
https://notcve.org/view.php?id=CVE-2024-26764
03 Apr 2024 — In the Linux kernel, the following vulnerability has been resolved: fs/aio: Restrict kiocb_set_cancel_fn() to I/O submitted via libaio If kiocb_set_cancel_fn() is called for I/O submitted via io_uring, the following kernel warning appears: WARNING: CPU: 3 PID: 368 at fs/aio.c:598 kiocb_set_cancel_fn+0x9c/0xa8 Call trace: kiocb_set_cancel_fn+0x9c/0xa8 ffs_epfile_read_iter+0x144/0x1d0 io_read+0x19c/0x498 io_issue_sqe+0x118/0x27c io_submit_sqes+0x25c/0x5fc __arm64_sys_io_uring_enter+0x104/0xab0 invoke_syscall+... • https://git.kernel.org/stable/c/337b543e274fe7a8f47df3c8293cc6686ffa620f •
CVSS: 5.5EPSS: 0%CPEs: 8EXPL: 0CVE-2024-26763 – dm-crypt: don't modify the data when using authenticated encryption
https://notcve.org/view.php?id=CVE-2024-26763
03 Apr 2024 — In the Linux kernel, the following vulnerability has been resolved: dm-crypt: don't modify the data when using authenticated encryption It was said that authenticated encryption could produce invalid tag when the data that is being encrypted is modified [1]. So, fix this problem by copying the data into the clone bio first and then encrypt them inside the clone bio. This may reduce performance, but it is needed to prevent the user from corrupting the device by writing data with O_DIRECT and modifying them a... • https://git.kernel.org/stable/c/43a202bd552976497474ae144942e32cc5f34d7e •
CVSS: 6.2EPSS: 0%CPEs: 4EXPL: 0CVE-2024-26761 – cxl/pci: Fix disabling memory if DVSEC CXL Range does not match a CFMWS window
https://notcve.org/view.php?id=CVE-2024-26761
03 Apr 2024 — In the Linux kernel, the following vulnerability has been resolved: cxl/pci: Fix disabling memory if DVSEC CXL Range does not match a CFMWS window The Linux CXL subsystem is built on the assumption that HPA == SPA. That is, the host physical address (HPA) the HDM decoder registers are programmed with are system physical addresses (SPA). During HDM decoder setup, the DVSEC CXL range registers (cxl-3.1, 8.1.3.8) are checked if the memory is enabled and the CXL range is in a HPA window that is described in a C... • https://git.kernel.org/stable/c/34e37b4c432cd0f1842b352fde4b8878b4166888 • CWE-20: Improper Input Validation •
CVSS: 5.5EPSS: 0%CPEs: 4EXPL: 0CVE-2024-26760 – scsi: target: pscsi: Fix bio_put() for error case
https://notcve.org/view.php?id=CVE-2024-26760
03 Apr 2024 — In the Linux kernel, the following vulnerability has been resolved: scsi: target: pscsi: Fix bio_put() for error case As of commit 066ff571011d ("block: turn bio_kmalloc into a simple kmalloc wrapper"), a bio allocated by bio_kmalloc() must be freed by bio_uninit() and kfree(). That is not done properly for the error case, hitting WARN and NULL pointer dereference in bio_free(). En el kernel de Linux, se resolvió la siguiente vulnerabilidad: scsi: target: pscsi: corrige bio_put() para el caso de error A par... • https://git.kernel.org/stable/c/066ff571011d8416e903d3d4f1f41e0b5eb91e1d •
CVSS: 5.5EPSS: 0%CPEs: 4EXPL: 0CVE-2024-26759 – mm/swap: fix race when skipping swapcache
https://notcve.org/view.php?id=CVE-2024-26759
03 Apr 2024 — In the Linux kernel, the following vulnerability has been resolved: mm/swap: fix race when skipping swapcache When skipping swapcache for SWP_SYNCHRONOUS_IO, if two or more threads swapin the same entry at the same time, they get different pages (A, B). Before one thread (T0) finishes the swapin and installs page (A) to the PTE, another thread (T1) could finish swapin of page (B), swap_free the entry, then swap out the possibly modified page reusing the same entry. It breaks the pte_same check in (T0) becau... • https://git.kernel.org/stable/c/0bcac06f27d7528591c27ac2b093ccd71c5d0168 • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •