CVE-2024-56723 – mfd: intel_soc_pmic_bxtwc: Use IRQ domain for PMIC devices
https://notcve.org/view.php?id=CVE-2024-56723
In the Linux kernel, the following vulnerability has been resolved: mfd: intel_soc_pmic_bxtwc: Use IRQ domain for PMIC devices While design wise the idea of converting the driver to use the hierarchy of the IRQ chips is correct, the implementation has (inherited) flaws. This was unveiled when platform_get_irq() had started WARN() on IRQ 0 that is supposed to be a Linux IRQ number (also known as vIRQ). Rework the driver to respect IRQ domain when creating each MFD device separately, as the domain is not the same for all of them. • https://git.kernel.org/stable/c/57129044f5044dcd73c22d91491906104bd331fd https://git.kernel.org/stable/c/6ea17c03edc7ed0aabb1431eb26e2f94849af68a https://git.kernel.org/stable/c/61d590d7076b50b6ebdea1f3b83bb041c01fc482 https://git.kernel.org/stable/c/bb6642d4b3136359b5b620049f76515876e6127e https://git.kernel.org/stable/c/7ba45b8bc62e64da524d45532107ae93eb33c93c https://git.kernel.org/stable/c/d4cc78bd6a25accb7ae2ac9fc445d1e1deda4a62 https://git.kernel.org/stable/c/897713c9d24f6ec394585abfcf259a6e5cad22c8 https://git.kernel.org/stable/c/b3d45c19bcffb9a9a821df759f60be39d •
CVE-2024-56722 – RDMA/hns: Fix cpu stuck caused by printings during reset
https://notcve.org/view.php?id=CVE-2024-56722
In the Linux kernel, the following vulnerability has been resolved: RDMA/hns: Fix cpu stuck caused by printings during reset During reset, cmd to destroy resources such as qp, cq, and mr may fail, and error logs will be printed. When a large number of resources are destroyed, there will be lots of printings, and it may lead to a cpu stuck. Delete some unnecessary printings and replace other printing functions in these paths with the ratelimited version. • https://git.kernel.org/stable/c/9a4435375cd151e07c0c38fa601b00115986091b https://git.kernel.org/stable/c/31c6fe9b79ed42440094f2367897aea0c0ce96ec https://git.kernel.org/stable/c/b4ba31e5aaffbda9b22d9a35c40b16dc39e475a6 https://git.kernel.org/stable/c/a0e4c78770faa0d56d47391476fe1d827e72eded https://git.kernel.org/stable/c/e2e64f9c42c717beb459ab209ec1c4baa73d3760 https://git.kernel.org/stable/c/323275ac2ff15b2b7b3eac391ae5d8c5a3c3a999 •
CVE-2024-56720 – bpf, sockmap: Several fixes to bpf_msg_pop_data
https://notcve.org/view.php?id=CVE-2024-56720
In the Linux kernel, the following vulnerability has been resolved: bpf, sockmap: Several fixes to bpf_msg_pop_data Several fixes to bpf_msg_pop_data, 1. In sk_msg_shift_left, we should put_page 2. if (len == 0), return early is better 3. pop the entire sk_msg (last == msg->sg.size) should be supported 4. Fix for the value of variable "a" 5. In sk_msg_shift_left, after shifting, i has already pointed to the next element. Addtional sk_msg_iter_var_next may result in BUG. • https://git.kernel.org/stable/c/7246d8ed4dcce23f7509949a77be15fa9f0e3d28 https://git.kernel.org/stable/c/d3f5763b3062514a234114e97bbde74d8d702449 https://git.kernel.org/stable/c/d26d977633d1d0b8bf9407278189bd0a8d973323 https://git.kernel.org/stable/c/e1f54c61c4c9a5244eb8159dce60d248f7d97b32 https://git.kernel.org/stable/c/f58d3aa457e77a3d9b3df2ab081dcf9950f6029f https://git.kernel.org/stable/c/98c7ea7d11f2588e8197db042e0291e4ac8f8346 https://git.kernel.org/stable/c/785180bed9879680d8e5c5e1b54c8ae8d948f4c8 https://git.kernel.org/stable/c/275a9f3ef8fabb0cb282a62b9e164dedb •
CVE-2024-56718 – net/smc: protect link down work from execute after lgr freed
https://notcve.org/view.php?id=CVE-2024-56718
In the Linux kernel, the following vulnerability has been resolved: net/smc: protect link down work from execute after lgr freed link down work may be scheduled before lgr freed but execute after lgr freed, which may result in crash. So it is need to hold a reference before shedule link down work, and put the reference after work executed or canceled. The relevant crash call stack as follows: list_del corruption. prev->next should be ffffb638c9c0fe20, but was 0000000000000000 ------------[ cut here ]------------ kernel BUG at lib/list_debug.c:51! invalid opcode: 0000 [#1] SMP NOPTI CPU: 6 PID: 978112 Comm: kworker/6:119 Kdump: loaded Tainted: G #1 Hardware name: Alibaba Cloud Alibaba Cloud ECS, BIOS 2221b89 04/01/2014 Workqueue: events smc_link_down_work [smc] RIP: 0010:__list_del_entry_valid.cold+0x31/0x47 RSP: 0018:ffffb638c9c0fdd8 EFLAGS: 00010086 RAX: 0000000000000054 RBX: ffff942fb75e5128 RCX: 0000000000000000 RDX: ffff943520930aa0 RSI: ffff94352091fc80 RDI: ffff94352091fc80 RBP: 0000000000000000 R08: 0000000000000000 R09: ffffb638c9c0fc38 R10: ffffb638c9c0fc30 R11: ffffffffa015eb28 R12: 0000000000000002 R13: ffffb638c9c0fe20 R14: 0000000000000001 R15: ffff942f9cd051c0 FS: 0000000000000000(0000) GS:ffff943520900000(0000) knlGS:0000000000000000 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: 00007f4f25214000 CR3: 000000025fbae004 CR4: 00000000007706e0 DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 PKRU: 55555554 Call Trace: rwsem_down_write_slowpath+0x17e/0x470 smc_link_down_work+0x3c/0x60 [smc] process_one_work+0x1ac/0x350 worker_thread+0x49/0x2f0 ? rescuer_thread+0x360/0x360 kthread+0x118/0x140 ? __kthread_bind_mask+0x60/0x60 ret_from_fork+0x1f/0x30 • https://git.kernel.org/stable/c/541afa10c126b6c22c2a805a559c70cc41fd156e https://git.kernel.org/stable/c/bec2f52866d511e94c1c37cd962e4382b1b1a299 https://git.kernel.org/stable/c/2627c3e8646932dfc7b9722c88c2e1ffcf7a9fb2 https://git.kernel.org/stable/c/841b1824750d3b8d1dc0a96b14db4418b952abbc https://git.kernel.org/stable/c/2b33eb8f1b3e8c2f87cfdbc8cc117f6bdfabc6ec •
CVE-2024-56716 – netdevsim: prevent bad user input in nsim_dev_health_break_write()
https://notcve.org/view.php?id=CVE-2024-56716
In the Linux kernel, the following vulnerability has been resolved: netdevsim: prevent bad user input in nsim_dev_health_break_write() If either a zero count or a large one is provided, kernel can crash. • https://git.kernel.org/stable/c/82c93a87bf8bc0cdb5ec2ab99da7d87715ff889f https://git.kernel.org/stable/c/d10321be26ff9e9e912697e9e8448099654ff561 https://git.kernel.org/stable/c/470c5ecbac2f19b1cdee2a6ce8d5650c3295c94b https://git.kernel.org/stable/c/8e9ef6bdf71bf25f4735e0230ce1919de8985835 https://git.kernel.org/stable/c/ee76746387f6233bdfa93d7406990f923641568f •