CVSS: 4.6EPSS: 0%CPEs: 7EXPL: 0CVE-2024-26715 – usb: dwc3: gadget: Fix NULL pointer dereference in dwc3_gadget_suspend
https://notcve.org/view.php?id=CVE-2024-26715
03 Apr 2024 — In the Linux kernel, the following vulnerability has been resolved: usb: dwc3: gadget: Fix NULL pointer dereference in dwc3_gadget_suspend In current scenario if Plug-out and Plug-In performed continuously there could be a chance while checking for dwc->gadget_driver in dwc3_gadget_suspend, a NULL pointer dereference may occur. Call Stack: CPU1: CPU2: gadget_unbind_driver dwc3_suspend_common dwc3_gadget_stop dwc3_gadget_suspend dwc3_disconnect_gadget CPU1 basically clears the variable and CPU2 checks the va... • https://git.kernel.org/stable/c/9772b47a4c2916d645c551228b6085ea24acbe5d •
CVSS: 5.5EPSS: 0%CPEs: 4EXPL: 0CVE-2024-26714 – interconnect: qcom: sc8180x: Mark CO0 BCM keepalive
https://notcve.org/view.php?id=CVE-2024-26714
03 Apr 2024 — In the Linux kernel, the following vulnerability has been resolved: interconnect: qcom: sc8180x: Mark CO0 BCM keepalive The CO0 BCM needs to be up at all times, otherwise some hardware (like the UFS controller) loses its connection to the rest of the SoC, resulting in a hang of the platform, accompanied by a spectacular logspam. Mark it as keepalive to prevent such cases. En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: interconexión: qcom: sc8180x: Mark CO0 BCM keepalive El CO0 BCM debe e... • https://git.kernel.org/stable/c/9c8c6bac1ae86f6902baa938101902fb3a0a100b •
CVSS: 4.4EPSS: 0%CPEs: 7EXPL: 0CVE-2024-26712 – powerpc/kasan: Fix addr error caused by page alignment
https://notcve.org/view.php?id=CVE-2024-26712
03 Apr 2024 — In the Linux kernel, the following vulnerability has been resolved: powerpc/kasan: Fix addr error caused by page alignment In kasan_init_region, when k_start is not page aligned, at the begin of for loop, k_cur = k_start & PAGE_MASK is less than k_start, and then `va = block + k_cur - k_start` is less than block, the addr va is invalid, because the memory address space from va to block is not alloced by memblock_alloc, which will not be reserved by memblock_reserve later, it will be used by other places. As... • https://git.kernel.org/stable/c/663c0c9496a69f80011205ba3194049bcafd681d • CWE-20: Improper Input Validation •
CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 0CVE-2024-26711 – iio: adc: ad4130: zero-initialize clock init data
https://notcve.org/view.php?id=CVE-2024-26711
03 Apr 2024 — In the Linux kernel, the following vulnerability has been resolved: iio: adc: ad4130: zero-initialize clock init data The clk_init_data struct does not have all its members initialized, causing issues when trying to expose the internal clock on the CLK pin. Fix this by zero-initializing the clk_init_data struct. En el kernel de Linux, se resolvió la siguiente vulnerabilidad: iio: adc: ad4130: datos de inicio de reloj con inicialización cero La estructura clk_init_data no tiene todos sus miembros inicializad... • https://git.kernel.org/stable/c/62094060cf3acaf52e277457d807ea753269b89e •
CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 0CVE-2024-26710 – powerpc/kasan: Limit KASAN thread size increase to 32KB
https://notcve.org/view.php?id=CVE-2024-26710
03 Apr 2024 — In the Linux kernel, the following vulnerability has been resolved: powerpc/kasan: Limit KASAN thread size increase to 32KB KASAN is seen to increase stack usage, to the point that it was reported to lead to stack overflow on some 32-bit machines (see link). To avoid overflows the stack size was doubled for KASAN builds in commit 3e8635fb2e07 ("powerpc/kasan: Force thread size increase with KASAN"). However with a 32KB stack size to begin with, the doubling leads to a 64KB stack, which causes build errors: ... • https://git.kernel.org/stable/c/9ccf64e763aca088b0d25c1274af42b1a6a45135 •
CVSS: 4.9EPSS: 0%CPEs: 2EXPL: 0CVE-2024-26709 – powerpc/iommu: Fix the missing iommu_group_put() during platform domain attach
https://notcve.org/view.php?id=CVE-2024-26709
03 Apr 2024 — In the Linux kernel, the following vulnerability has been resolved: powerpc/iommu: Fix the missing iommu_group_put() during platform domain attach The function spapr_tce_platform_iommu_attach_dev() is missing to call iommu_group_put() when the domain is already set. This refcount leak shows up with BUG_ON() during DLPAR remove operation as: KernelBug: Kernel bug in state 'None': kernel BUG at arch/powerpc/platforms/pseries/iommu.c:100! Oops: Exception in kernel mode, sig: 5 [#1] LE PAGE_SIZE=64K MMU=Radix S... • https://git.kernel.org/stable/c/a8ca9fc9134c1a43e6d4db7ff59496bbd7075def •
CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 0CVE-2024-26708 – mptcp: really cope with fastopen race
https://notcve.org/view.php?id=CVE-2024-26708
03 Apr 2024 — In the Linux kernel, the following vulnerability has been resolved: mptcp: really cope with fastopen race Fastopen and PM-trigger subflow shutdown can race, as reported by syzkaller. In my first attempt to close such race, I missed the fact that the subflow status can change again before the subflow_state_change callback is invoked. Address the issue additionally copying with all the states directly reachable from TCP_FIN_WAIT1. En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: mptcp: realm... • https://git.kernel.org/stable/c/1e777f39b4d75e599a3aac8e0f67d739474f198c • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •
CVSS: 7.8EPSS: 0%CPEs: 6EXPL: 0CVE-2024-26707 – net: hsr: remove WARN_ONCE() in send_hsr_supervision_frame()
https://notcve.org/view.php?id=CVE-2024-26707
03 Apr 2024 — In the Linux kernel, the following vulnerability has been resolved: net: hsr: remove WARN_ONCE() in send_hsr_supervision_frame() Syzkaller reported [1] hitting a warning after failing to allocate resources for skb in hsr_init_skb(). Since a WARN_ONCE() call will not help much in this case, it might be prudent to switch to netdev_warn_once(). At the very least it will suppress syzkaller reports such as [1]. Just in case, use netdev_warn_once() in send_prp_supervision_frame() for similar reasons. [1] HSR: Cou... • https://git.kernel.org/stable/c/121c33b07b3127f501b366bc23d2a590e2f2b8ef •
CVSS: 9.8EPSS: 0%CPEs: 4EXPL: 0CVE-2024-26706 – parisc: Fix random data corruption from exception handler
https://notcve.org/view.php?id=CVE-2024-26706
03 Apr 2024 — In the Linux kernel, the following vulnerability has been resolved: parisc: Fix random data corruption from exception handler The current exception handler implementation, which assists when accessing user space memory, may exhibit random data corruption if the compiler decides to use a different register than the specified register %r29 (defined in ASM_EXCEPTIONTABLE_REG) for the error code. If the compiler choose another register, the fault handler will nevertheless store -EFAULT into %r29 and thus trash ... • https://git.kernel.org/stable/c/23027309b099ffc4efca5477009a11dccbdae592 •
CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 0CVE-2024-26705 – parisc: BTLB: Fix crash when setting up BTLB at CPU bringup
https://notcve.org/view.php?id=CVE-2024-26705
03 Apr 2024 — In the Linux kernel, the following vulnerability has been resolved: parisc: BTLB: Fix crash when setting up BTLB at CPU bringup When using hotplug and bringing up a 32-bit CPU, ask the firmware about the BTLB information to set up the static (block) TLB entries. For that write access to the static btlb_info struct is needed, but since it is marked __ro_after_init the kernel segfaults with missing write permissions. Fix the crash by dropping the __ro_after_init annotation. En el kernel de Linux, se ha resuel... • https://git.kernel.org/stable/c/e5ef93d02d6c9cc3a14e7348481c9e41a528caa1 •