CVE-2024-35247 – fpga: region: add owner module and take its refcount
https://notcve.org/view.php?id=CVE-2024-35247
In the Linux kernel, the following vulnerability has been resolved: fpga: region: add owner module and take its refcount The current implementation of the fpga region assumes that the low-level module registers a driver for the parent device and uses its owner pointer to take the module's refcount. • https://git.kernel.org/stable/c/0fa20cdfcc1f68847cdfc47824476301eedc8297 https://git.kernel.org/stable/c/26e6e25d742e29885cf44274fcf6b744366c4702 https://git.kernel.org/stable/c/9b4eee8572dcf82b2ed17d9a328c7fb87df2f0e8 https://git.kernel.org/stable/c/75a001914a8d2ccdcbe4b8cc7e94ac71d0e66093 https://git.kernel.org/stable/c/4d7d12b643c00e7eea51b49a60a2ead182633ec8 https://git.kernel.org/stable/c/2279c09c36165ccded4d506d11a7714e13b56019 https://git.kernel.org/stable/c/b7c0e1ecee403a43abc89eb3e75672b01ff2ece9 •
CVE-2024-34030 – PCI: of_property: Return error for int_map allocation failure
https://notcve.org/view.php?id=CVE-2024-34030
In the Linux kernel, the following vulnerability has been resolved: PCI: of_property: Return error for int_map allocation failure Return -ENOMEM from of_pci_prop_intr_map() if kcalloc() fails to prevent a NULL pointer dereference in this case. [bhelgaas: commit log] En el kernel de Linux, se resolvió la siguiente vulnerabilidad: PCI: of_property: error de devolución por falla de asignación de int_map Devuelve -ENOMEM de of_pci_prop_intr_map() si kcalloc() no logra evitar una desreferencia de puntero NULL en este caso. • https://git.kernel.org/stable/c/407d1a51921e9f28c1bcec647c2205925bd1fdab https://git.kernel.org/stable/c/b5f31d1470c4fdfae368feeb389768ba8d24fb34 https://git.kernel.org/stable/c/598e4a37a2f8da9144ba1fab04320c32169b6d0d https://git.kernel.org/stable/c/e6f7d27df5d208b50cae817a91d128fb434bb12c • CWE-476: NULL Pointer Dereference •
CVE-2024-34027 – f2fs: compress: fix to cover {reserve,release}_compress_blocks() w/ cp_rwsem lock
https://notcve.org/view.php?id=CVE-2024-34027
In the Linux kernel, the following vulnerability has been resolved: f2fs: compress: fix to cover {reserve,release}_compress_blocks() w/ cp_rwsem lock It needs to cover {reserve,release}_compress_blocks() w/ cp_rwsem lock to avoid racing with checkpoint, otherwise, filesystem metadata including blkaddr in dnode, inode fields and .total_valid_block_count may be corrupted after SPO case. • https://git.kernel.org/stable/c/c75488fb4d82b697f381f855bf5b16779df440aa https://git.kernel.org/stable/c/a6e1f7744e9b84f86a629a76024bba8468aa153b https://git.kernel.org/stable/c/b5bac43875aa27ec032dbbb86173baae6dce6182 https://git.kernel.org/stable/c/5d47d63883735718825ca2efc4fca6915469774f https://git.kernel.org/stable/c/329edb7c9e3b6ca27e6ca67ab1cdda1740fb3a2b https://git.kernel.org/stable/c/69136304fd144144a4828c7b7b149d0f80321ba4 https://git.kernel.org/stable/c/0a4ed2d97cb6d044196cc3e726b6699222b41019 •
CVE-2024-33847 – f2fs: compress: don't allow unaligned truncation on released compress inode
https://notcve.org/view.php?id=CVE-2024-33847
In the Linux kernel, the following vulnerability has been resolved: f2fs: compress: don't allow unaligned truncation on released compress inode f2fs image may be corrupted after below testcase: - mkfs.f2fs -O extra_attr,compression -f /dev/vdb - mount /dev/vdb /mnt/f2fs - touch /mnt/f2fs/file - f2fs_io setflags compression /mnt/f2fs/file - dd if=/dev/zero of=/mnt/f2fs/file bs=4k count=4 - f2fs_io release_cblocks /mnt/f2fs/file - truncate -s 8192 /mnt/f2fs/file - umount /mnt/f2fs - fsck.f2fs /dev/vdb [ASSERT] (fsck_chk_inode_blk:1256) --> ino: 0x5 has i_blocks: 0x00000002, but has 0x3 blocks [FSCK] valid_block_count matching with CP [Fail] [0x4, 0x5] [FSCK] other corrupted bugs [Fail] The reason is: partial truncation assume compressed inode has reserved blocks, after partial truncation, valid block count may change w/o .i_blocks and .total_valid_block_count update, result in corruption. This patch only allow cluster size aligned truncation on released compress inode for fixing. • https://git.kernel.org/stable/c/c61404153eb683da9c35aad133131554861ed561 https://git.kernel.org/stable/c/8acae047215024d1ac499b3c8337ef1b952f160b https://git.kernel.org/stable/c/3ccf5210dc941a7aa0180596ac021568be4d35ec https://git.kernel.org/stable/c/9f9341064a9b5246a32a7fe56b9f80c6f7f3c62d https://git.kernel.org/stable/c/5268241b41b1c5d0acca75e9b97d4fd719251c8c https://git.kernel.org/stable/c/29ed2b5dd521ce7c5d8466cd70bf0cc9d07afeee https://git.kernel.org/stable/c/b8962cf98595d1ec62f40f23667de830567ec8bc •
CVE-2024-32936 – media: ti: j721e-csi2rx: Fix races while restarting DMA
https://notcve.org/view.php?id=CVE-2024-32936
In the Linux kernel, the following vulnerability has been resolved: media: ti: j721e-csi2rx: Fix races while restarting DMA After the frame is submitted to DMA, it may happen that the submitted list is not updated soon enough, and the DMA callback is triggered before that. This can lead to kernel crashes, so move everything in a single lock/unlock section to prevent such races. • https://git.kernel.org/stable/c/b4a3d877dc92963a4db16ddb71df3d333c0d40bd https://git.kernel.org/stable/c/80a8b92950f8ee96582dba6187e3c2deca3569ea https://git.kernel.org/stable/c/ad79c9ecea5baa7b4f19677e4b1c881ed89b0c3b •