CVSS: 5.5EPSS: 0%CPEs: 9EXPL: 0CVE-2024-27388 – SUNRPC: fix some memleaks in gssx_dec_option_array
https://notcve.org/view.php?id=CVE-2024-27388
01 May 2024 — In the Linux kernel, the following vulnerability has been resolved: SUNRPC: fix some memleaks in gssx_dec_option_array The creds and oa->data need to be freed in the error-handling paths after their allocation. So this patch add these deallocations in the corresponding paths. En el kernel de Linux, se resolvió la siguiente vulnerabilidad: SUNRPC: corrige algunas fugas de mem en gssx_dec_option_array Los creds y oa->data deben liberarse en las rutas de manejo de errores después de su asignación. Entonce... • https://git.kernel.org/stable/c/1d658336b05f8697d6445834f8867f8ad5e4f735 • CWE-401: Missing Release of Memory after Effective Lifetime •
CVSS: -EPSS: 0%CPEs: 4EXPL: 0CVE-2024-27080 – btrfs: fix race when detecting delalloc ranges during fiemap
https://notcve.org/view.php?id=CVE-2024-27080
01 May 2024 — In the Linux kernel, the following vulnerability has been resolved: btrfs: fix race when detecting delalloc ranges during fiemap For fiemap we recently stopped locking the target extent range for the whole duration of the fiemap call, in order to avoid a deadlock in a scenario where the fiemap buffer happens to be a memory mapped range of the same file. This use case is very unlikely to be useful in practice but it may be triggered by fuzz testing (syzbot, etc). This however introduced a race that makes ... • https://git.kernel.org/stable/c/ded566b4637f1b6b4c9ba74e7d0b8493e93f19cf •
CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 0CVE-2024-27079 – iommu/vt-d: Fix NULL domain on device release
https://notcve.org/view.php?id=CVE-2024-27079
01 May 2024 — In the Linux kernel, the following vulnerability has been resolved: iommu/vt-d: Fix NULL domain on device release In the kdump kernel, the IOMMU operates in deferred_attach mode. In this mode, info->domain may not yet be assigned by the time the release_device function is called. It leads to the following crash in the crash kernel: BUG: kernel NULL pointer dereference, address: 000000000000003c ... RIP: 0010:do_raw_spin_lock+0xa/0xa0 ... _raw_spin_lock_irqsave+0x1b/0x30 intel_iomm... • https://git.kernel.org/stable/c/586081d3f6b13ec9dfdfdf3d7842a688b376fa5e •
CVSS: -EPSS: 0%CPEs: 9EXPL: 0CVE-2024-27078 – media: v4l2-tpg: fix some memleaks in tpg_alloc
https://notcve.org/view.php?id=CVE-2024-27078
01 May 2024 — In the Linux kernel, the following vulnerability has been resolved: media: v4l2-tpg: fix some memleaks in tpg_alloc In tpg_alloc, resources should be deallocated in each and every error-handling paths, since they are allocated in for statements. Otherwise there would be memleaks because tpg_free is called only when tpg_alloc return 0. En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: medio: v4l2-tpg: corrige algunas fugas de memoria en tpg_alloc En tpg_alloc, los recursos deben desasignar... • https://git.kernel.org/stable/c/63881df94d3ecbb0deafa0b77da62ff2f32961c4 •
CVSS: -EPSS: 0%CPEs: 9EXPL: 0CVE-2024-27077 – media: v4l2-mem2mem: fix a memleak in v4l2_m2m_register_entity
https://notcve.org/view.php?id=CVE-2024-27077
01 May 2024 — In the Linux kernel, the following vulnerability has been resolved: media: v4l2-mem2mem: fix a memleak in v4l2_m2m_register_entity The entity->name (i.e. name) is allocated in v4l2_m2m_register_entity but isn't freed in its following error-handling paths. This patch adds such deallocation to prevent memleak of entity->name. En el kernel de Linux, se resolvió la siguiente vulnerabilidad: medio: v4l2-mem2mem: corrige una fuga de mem en v4l2_m2m_register_entity La entidad->nombre (es decir, nombre) se asi... • https://git.kernel.org/stable/c/be2fff656322e82f215730839063c2c2ca73d14b •
CVSS: -EPSS: 0%CPEs: 8EXPL: 0CVE-2024-27076 – media: imx: csc/scaler: fix v4l2_ctrl_handler memory leak
https://notcve.org/view.php?id=CVE-2024-27076
01 May 2024 — In the Linux kernel, the following vulnerability has been resolved: media: imx: csc/scaler: fix v4l2_ctrl_handler memory leak Free the memory allocated in v4l2_ctrl_handler_init on release. En el kernel de Linux, se resolvió la siguiente vulnerabilidad: medios: imx: csc/scaler: corrige la pérdida de memoria v4l2_ctrl_handler Libere la memoria asignada en v4l2_ctrl_handler_init en el lanzamiento. • https://git.kernel.org/stable/c/a8ef0488cc592921a917362cca66af4a601987b9 •
CVSS: -EPSS: 0%CPEs: 13EXPL: 0CVE-2024-27075 – media: dvb-frontends: avoid stack overflow warnings with clang
https://notcve.org/view.php?id=CVE-2024-27075
01 May 2024 — In the Linux kernel, the following vulnerability has been resolved: media: dvb-frontends: avoid stack overflow warnings with clang A previous patch worked around a KASAN issue in stv0367, now a similar problem showed up with clang: drivers/media/dvb-frontends/stv0367.c:1222:12: error: stack frame size (3624) exceeds limit (2048) in 'stv0367ter_set_frontend' [-Werror,-Wframe-larger-than] 1214 | static int stv0367ter_set_frontend(struct dvb_frontend *fe) Rework the stv0367_writereg() function to be simpl... • https://git.kernel.org/stable/c/3cd890dbe2a4f14cc44c85bb6cf37e5e22d4dd0e •
CVSS: -EPSS: 0%CPEs: 9EXPL: 0CVE-2024-27074 – media: go7007: fix a memleak in go7007_load_encoder
https://notcve.org/view.php?id=CVE-2024-27074
01 May 2024 — In the Linux kernel, the following vulnerability has been resolved: media: go7007: fix a memleak in go7007_load_encoder In go7007_load_encoder, bounce(i.e. go->boot_fw), is allocated without a deallocation thereafter. After the following call chain: saa7134_go7007_init |-> go7007_boot_encoder |-> go7007_load_encoder |-> kfree(go) go is freed and thus bounce is leaked. En el kernel de Linux, se resolvió la siguiente vulnerabilidad: medios: go7007: corrige una fuga de memoria en go7007_load_en... • https://git.kernel.org/stable/c/95ef39403f890360a3e48fe550d8e8e5d088ad74 •
CVSS: 5.5EPSS: 0%CPEs: 8EXPL: 0CVE-2024-27073 – media: ttpci: fix two memleaks in budget_av_attach
https://notcve.org/view.php?id=CVE-2024-27073
01 May 2024 — In the Linux kernel, the following vulnerability has been resolved: media: ttpci: fix two memleaks in budget_av_attach When saa7146_register_device and saa7146_vv_init fails, budget_av_attach should free the resources it allocates, like the error-handling of ttpci_budget_init does. Besides, there are two fixme comment refers to such deallocations. En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: medios: ttpci: corrige dos fugas de mem en Budget_av_attach Cuando fallan saa7146_register_de... • https://git.kernel.org/stable/c/1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 •
CVSS: 5.5EPSS: 0%CPEs: 6EXPL: 0CVE-2024-27072 – media: usbtv: Remove useless locks in usbtv_video_free()
https://notcve.org/view.php?id=CVE-2024-27072
01 May 2024 — In the Linux kernel, the following vulnerability has been resolved: media: usbtv: Remove useless locks in usbtv_video_free() Remove locks calls in usbtv_video_free() because are useless and may led to a deadlock as reported here: https://syzkaller.appspot.com/x/bisect.txt?x=166dc872180000 Also remove usbtv_stop() call since it will be called when unregistering the device. Before 'c838530d230b' this issue would only be noticed if you disconnect while streaming and now it is noticeable even when disconnect... • https://git.kernel.org/stable/c/f3d27f34fdd7701e499617d2c1d94480a98f6d07 •