CVSS: 5.5EPSS: %CPEs: 6EXPL: 0CVE-2024-47143 – dma-debug: fix a possible deadlock on radix_lock
https://notcve.org/view.php?id=CVE-2024-47143
11 Jan 2025 — In the Linux kernel, the following vulnerability has been resolved: dma-debug: fix a possible deadlock on radix_lock radix_lock() shouldn't be held while holding dma_hash_entry[idx].lock otherwise, there's a possible deadlock scenario when dma debug API is called holding rq_lock(): CPU0 CPU1 CPU2 dma_free_attrs() check_unmap() add_dma_entry() __schedule() //out (A) rq_lock() get_hash_bucket() (A) dma_entry_hash check_sync() (A) radix_lock() (W) dma_entry_hash dma_entry_free() (W) radix_lock() // CPU2's one ... • https://git.kernel.org/stable/c/3ccce34a5c3f5c9541108a451657ade621524b32 •
CVSS: 5.5EPSS: %CPEs: 3EXPL: 0CVE-2024-47141 – pinmux: Use sequential access to access desc->pinmux data
https://notcve.org/view.php?id=CVE-2024-47141
11 Jan 2025 — In the Linux kernel, the following vulnerability has been resolved: pinmux: Use sequential access to access desc->pinmux data When two client of the same gpio call pinctrl_select_state() for the same functionality, we are seeing NULL pointer issue while accessing desc->mux_owner. Let's say two processes A, B executing in pin_request() for the same pin and process A updates the desc->mux_usecount but not yet updated the desc->mux_owner while process B see the desc->mux_usecount which got updated by A path an... • https://git.kernel.org/stable/c/2da32aed4a97ca1d70fb8b77926f72f30ce5fb4b •
CVSS: 7.1EPSS: %CPEs: 5EXPL: 0CVE-2024-45828 – i3c: mipi-i3c-hci: Mask ring interrupts before ring stop request
https://notcve.org/view.php?id=CVE-2024-45828
11 Jan 2025 — In the Linux kernel, the following vulnerability has been resolved: i3c: mipi-i3c-hci: Mask ring interrupts before ring stop request Bus cleanup path in DMA mode may trigger a RING_OP_STAT interrupt when the ring is being stopped. Depending on timing between ring stop request completion, interrupt handler removal and code execution this may lead to a NULL pointer dereference in hci_dma_irq_handler() if it gets to run after the io_data pointer is set to NULL in hci_dma_cleanup(). Prevent this my masking the ... • https://git.kernel.org/stable/c/a6cddf68b3405b272b5a3cad9657be0b02b34bf4 •
CVSS: 5.5EPSS: %CPEs: 7EXPL: 0CVE-2024-43098 – i3c: Use i3cdev->desc->info instead of calling i3c_device_get_info() to avoid deadlock
https://notcve.org/view.php?id=CVE-2024-43098
11 Jan 2025 — In the Linux kernel, the following vulnerability has been resolved: i3c: Use i3cdev->desc->info instead of calling i3c_device_get_info() to avoid deadlock A deadlock may happen since the i3c_master_register() acquires &i3cbus->lock twice. See the log below. Use i3cdev->desc->info instead of calling i3c_device_info() to avoid acquiring the lock twice. v2: - Modified the title and commit message ============================================ WARNING: possible recursive locking detected 6.11.0-mainline ---------... • https://git.kernel.org/stable/c/9a2173660ee53d5699744f02e6ab7bf89fcd0b1a •
CVSS: 7.1EPSS: %CPEs: 3EXPL: 0CVE-2024-41935 – f2fs: fix to shrink read extent node in batches
https://notcve.org/view.php?id=CVE-2024-41935
11 Jan 2025 — In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to shrink read extent node in batches We use rwlock to protect core structure data of extent tree during its shrink, however, if there is a huge number of extent nodes in extent tree, during shrink of extent tree, it may hold rwlock for a very long time, which may trigger kernel hang issue. This patch fixes to shrink read extent node in batches, so that, critical region of the rwlock can be shrunk to avoid its extreme long time ho... • https://git.kernel.org/stable/c/295b50e95e900da31ff237e46e04525fa799b2cf •
CVSS: 7.1EPSS: 0%CPEs: 5EXPL: 0CVE-2024-56787 – soc: imx8m: Probe the SoC driver as platform driver
https://notcve.org/view.php?id=CVE-2024-56787
08 Jan 2025 — In the Linux kernel, the following vulnerability has been resolved: soc: imx8m: Probe the SoC driver as platform driver With driver_async_probe=* on kernel command line, the following trace is produced because on i.MX8M Plus hardware because the soc-imx8m.c driver calls of_clk_get_by_name() which returns -EPROBE_DEFER because the clock driver is not yet probed. This was not detected during regular testing without driver_async_probe. Convert the SoC code to platform driver and instantiate a platform device i... • https://git.kernel.org/stable/c/e497edb8f31ec2c2b6f4ce930e175aa2da8be334 •
CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 0CVE-2024-56786 – bpf: put bpf_link's program when link is safe to be deallocated
https://notcve.org/view.php?id=CVE-2024-56786
08 Jan 2025 — In the Linux kernel, the following vulnerability has been resolved: bpf: put bpf_link's program when link is safe to be deallocated In general, BPF link's underlying BPF program should be considered to be reachable through attach hook -> link -> prog chain, and, pessimistically, we have to assume that as long as link's memory is not safe to free, attach hook's code might hold a pointer to BPF program and use it. As such, it's not (generally) correct to put link's program early before waiting for RCU GPs to ... • https://git.kernel.org/stable/c/5fe23c57abadfd46a7a66e81f3536e4757252a0b •
CVSS: 7.8EPSS: 0%CPEs: 6EXPL: 0CVE-2024-56785 – MIPS: Loongson64: DTS: Really fix PCIe port nodes for ls7a
https://notcve.org/view.php?id=CVE-2024-56785
08 Jan 2025 — In the Linux kernel, the following vulnerability has been resolved: MIPS: Loongson64: DTS: Really fix PCIe port nodes for ls7a Fix the dtc warnings: arch/mips/boot/dts/loongson/ls7a-pch.dtsi:68.16-416.5: Warning (interrupt_provider): /bus@10000000/pci@1a000000: '#interrupt-cells' found, but node is not an interrupt provider arch/mips/boot/dts/loongson/ls7a-pch.dtsi:68.16-416.5: Warning (interrupt_provider): /bus@10000000/pci@1a000000: '#interrupt-cells' found, but node is not an interrupt provider arch/mips... • https://git.kernel.org/stable/c/5a2eaa3ad2b803c7ea442c6db7379466ee73c024 •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2024-56784 – drm/amd/display: Adding array index check to prevent memory corruption
https://notcve.org/view.php?id=CVE-2024-56784
08 Jan 2025 — In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Adding array index check to prevent memory corruption [Why & How] Array indices out of bound caused memory corruption. Adding checks to ensure that array index stays in bound. In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Adding array index check to prevent memory corruption [Why & How] Array indices out of bound caused memory corruption. Adding checks to ensure that array index stays ... • https://git.kernel.org/stable/c/dff526dc3e27f5484f5ba11471b9fbbe681467f2 •
CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 0CVE-2024-56782 – ACPI: x86: Add adev NULL check to acpi_quirk_skip_serdev_enumeration()
https://notcve.org/view.php?id=CVE-2024-56782
08 Jan 2025 — In the Linux kernel, the following vulnerability has been resolved: ACPI: x86: Add adev NULL check to acpi_quirk_skip_serdev_enumeration() acpi_dev_hid_match() does not check for adev == NULL, dereferencing it unconditional. Add a check for adev being NULL before calling acpi_dev_hid_match(). At the moment acpi_quirk_skip_serdev_enumeration() is never called with a controller_parent without an ACPI companion, but better safe than sorry. In the Linux kernel, the following vulnerability has been resolved: ACP... • https://git.kernel.org/stable/c/e173bce05f7032a8b4964cfef82a4b7668f5f3af •