CVSS: -EPSS: 0%CPEs: 8EXPL: 0CVE-2024-56723 – mfd: intel_soc_pmic_bxtwc: Use IRQ domain for PMIC devices
https://notcve.org/view.php?id=CVE-2024-56723
29 Dec 2024 — In the Linux kernel, the following vulnerability has been resolved: mfd: intel_soc_pmic_bxtwc: Use IRQ domain for PMIC devices While design wise the idea of converting the driver to use the hierarchy of the IRQ chips is correct, the implementation has (inherited) flaws. This was unveiled when platform_get_irq() had started WARN() on IRQ 0 that is supposed to be a Linux IRQ number (also known as vIRQ). Rework the driver to respect IRQ domain when creating each MFD device separately, as the domain is not t... • https://git.kernel.org/stable/c/57129044f5044dcd73c22d91491906104bd331fd •
CVSS: -EPSS: 0%CPEs: 5EXPL: 0CVE-2024-56722 – RDMA/hns: Fix cpu stuck caused by printings during reset
https://notcve.org/view.php?id=CVE-2024-56722
29 Dec 2024 — In the Linux kernel, the following vulnerability has been resolved: RDMA/hns: Fix cpu stuck caused by printings during reset During reset, cmd to destroy resources such as qp, cq, and mr may fail, and error logs will be printed. When a large number of resources are destroyed, there will be lots of printings, and it may lead to a cpu stuck. Delete some unnecessary printings and replace other printing functions in these paths with the ratelimited version. • https://git.kernel.org/stable/c/9a4435375cd151e07c0c38fa601b00115986091b •
CVSS: -EPSS: 0%CPEs: 8EXPL: 0CVE-2024-56720 – bpf, sockmap: Several fixes to bpf_msg_pop_data
https://notcve.org/view.php?id=CVE-2024-56720
29 Dec 2024 — In the Linux kernel, the following vulnerability has been resolved: bpf, sockmap: Several fixes to bpf_msg_pop_data Several fixes to bpf_msg_pop_data, 1. In sk_msg_shift_left, we should put_page 2. if (len == 0), return early is better 3. pop the entire sk_msg (last == msg->sg.size) should be supported 4. Fix for the value of variable "a" 5. In sk_msg_shift_left, after shifting, i has already pointed to the next element. Addtional sk_msg_iter_var_next may result in BUG. • https://git.kernel.org/stable/c/7246d8ed4dcce23f7509949a77be15fa9f0e3d28 •
CVSS: -EPSS: 0%CPEs: 6EXPL: 0CVE-2024-56719 – net: stmmac: fix TSO DMA API usage causing oops
https://notcve.org/view.php?id=CVE-2024-56719
29 Dec 2024 — In the Linux kernel, the following vulnerability has been resolved: net: stmmac: fix TSO DMA API usage causing oops Commit 66600fac7a98 ("net: stmmac: TSO: Fix unbalanced DMA map/unmap for non-paged SKB data") moved the assignment of tx_skbuff_dma[]'s members to be later in stmmac_tso_xmit(). The buf (dma cookie) and len stored in this structure are passed to dma_unmap_single() by stmmac_tx_clean(). The DMA API requires that the dma cookie passed to dma_unmap_single() is the same as the value returned fr... • https://git.kernel.org/stable/c/07c9c26e37542486e34d767505e842f48f29c3f6 •
CVSS: -EPSS: 0%CPEs: 4EXPL: 0CVE-2024-56718 – net/smc: protect link down work from execute after lgr freed
https://notcve.org/view.php?id=CVE-2024-56718
29 Dec 2024 — In the Linux kernel, the following vulnerability has been resolved: net/smc: protect link down work from execute after lgr freed link down work may be scheduled before lgr freed but execute after lgr freed, which may result in crash. So it is need to hold a reference before shedule link down work, and put the reference after work executed or canceled. The relevant crash call stack as follows: list_del corruption. prev->next should be ffffb638c9c0fe20, but was 0000000000000000 ------------[ cut here... • https://git.kernel.org/stable/c/541afa10c126b6c22c2a805a559c70cc41fd156e •
CVSS: -EPSS: 0%CPEs: 5EXPL: 0CVE-2024-56717 – net: mscc: ocelot: fix incorrect IFH SRC_PORT field in ocelot_ifh_set_basic()
https://notcve.org/view.php?id=CVE-2024-56717
29 Dec 2024 — In the Linux kernel, the following vulnerability has been resolved: net: mscc: ocelot: fix incorrect IFH SRC_PORT field in ocelot_ifh_set_basic() Packets injected by the CPU should have a SRC_PORT field equal to the CPU port module index in the Analyzer block (ocelot->num_phys_ports). The blamed commit copied the ocelot_ifh_set_basic() call incorrectly from ocelot_xmit_common() in net/dsa/tag_ocelot.c. Instead of calling with "x", it calls with BIT_ULL(x), but the field is not a port mask, but rather a s... • https://git.kernel.org/stable/c/06bcb9032e05ad717f9fd0a6e2fd3ae7f430fa31 •
CVSS: -EPSS: 0%CPEs: 4EXPL: 0CVE-2024-56716 – netdevsim: prevent bad user input in nsim_dev_health_break_write()
https://notcve.org/view.php?id=CVE-2024-56716
29 Dec 2024 — In the Linux kernel, the following vulnerability has been resolved: netdevsim: prevent bad user input in nsim_dev_health_break_write() If either a zero count or a large one is provided, kernel can crash. • https://git.kernel.org/stable/c/82c93a87bf8bc0cdb5ec2ab99da7d87715ff889f •
CVSS: -EPSS: 0%CPEs: 4EXPL: 0CVE-2024-56715 – ionic: Fix netdev notifier unregister on failure
https://notcve.org/view.php?id=CVE-2024-56715
29 Dec 2024 — In the Linux kernel, the following vulnerability has been resolved: ionic: Fix netdev notifier unregister on failure If register_netdev() fails, then the driver leaks the netdev notifier. Fix this by calling ionic_lif_unregister() on register_netdev() failure. This will also call ionic_lif_unregister_phc() if it has already been registered. • https://git.kernel.org/stable/c/30b87ab4c0b30e0f681cb7dfaab6c642dd17e454 •
CVSS: -EPSS: 0%CPEs: 2EXPL: 0CVE-2024-56712 – udmabuf: fix memory leak on last export_udmabuf() error path
https://notcve.org/view.php?id=CVE-2024-56712
29 Dec 2024 — In the Linux kernel, the following vulnerability has been resolved: udmabuf: fix memory leak on last export_udmabuf() error path In export_udmabuf(), if dma_buf_fd() fails because the FD table is full, a dma_buf owning the udmabuf has already been created; but the error handling in udmabuf_create() will tear down the udmabuf without doing anything about the containing dma_buf. This leaves a dma_buf in memory that contains a dangling pointer; though that doesn't seem to lead to anything bad except a memor... • https://git.kernel.org/stable/c/fbb0de795078190a9834b3409e4b009cfb18a6d4 •
CVSS: -EPSS: 0%CPEs: 3EXPL: 0CVE-2024-56710 – ceph: fix memory leak in ceph_direct_read_write()
https://notcve.org/view.php?id=CVE-2024-56710
29 Dec 2024 — In the Linux kernel, the following vulnerability has been resolved: ceph: fix memory leak in ceph_direct_read_write() The bvecs array which is allocated in iter_get_bvecs_alloc() is leaked and pages remain pinned if ceph_alloc_sparse_ext_map() fails. There is no need to delay the allocation of sparse_ext map until after the bvecs array is set up, so fix this by moving sparse_ext allocation a bit earlier. Also, make a similar adjustment in __ceph_sync_read() for consistency (a leak of the same kind in __... • https://git.kernel.org/stable/c/03bc06c7b0bd8d86b9f17f459acaeb1283ba2700 •