CVE-2024-56742 – vfio/mlx5: Fix an unwind issue in mlx5vf_add_migration_pages()
https://notcve.org/view.php?id=CVE-2024-56742
In the Linux kernel, the following vulnerability has been resolved: vfio/mlx5: Fix an unwind issue in mlx5vf_add_migration_pages() Fix an unwind issue in mlx5vf_add_migration_pages(). If a set of pages is allocated but fails to be added to the SG table, they need to be freed to prevent a memory leak. Any pages successfully added to the SG table will be freed as part of mlx5vf_free_data_buffer(). • https://git.kernel.org/stable/c/6fadb021266d03c5fd7bca2cfa1607efd246dad1 https://git.kernel.org/stable/c/769fe4ce444b646b0bf6ac308de80686c730c7df https://git.kernel.org/stable/c/c44f1b2ddfa81c8d7f8e9b6bc76c427bc00e69d5 https://git.kernel.org/stable/c/22e87bf3f77c18f5982c19ffe2732ef0c7a25f16 •
CVE-2024-56741 – apparmor: test: Fix memory leak for aa_unpack_strdup()
https://notcve.org/view.php?id=CVE-2024-56741
In the Linux kernel, the following vulnerability has been resolved: apparmor: test: Fix memory leak for aa_unpack_strdup() The string allocated by kmemdup() in aa_unpack_strdup() is not freed and cause following memory leaks, free them to fix it. unreferenced object 0xffffff80c6af8a50 (size 8): comm "kunit_try_catch", pid 225, jiffies 4294894407 hex dump (first 8 bytes): 74 65 73 74 69 6e 67 00 testing. backtrace (crc 5eab668b): [<0000000001e3714d>] kmemleak_alloc+0x34/0x40 [<000000006e6c7776>] __kmalloc_node_track_caller_noprof+0x300/0x3e0 [<000000006870467c>] kmemdup_noprof+0x34/0x60 [<000000001176bb03>] aa_unpack_strdup+0xd0/0x18c [<000000008ecde918>] policy_unpack_test_unpack_strdup_with_null_name+0xf8/0x3ec [<0000000032ef8f77>] kunit_try_run_case+0x13c/0x3ac [<00000000f3edea23>] kunit_generic_run_threadfn_adapter+0x80/0xec [<00000000adf936cf>] kthread+0x2e8/0x374 [<0000000041bb1628>] ret_from_fork+0x10/0x20 unreferenced object 0xffffff80c2a29090 (size 8): comm "kunit_try_catch", pid 227, jiffies 4294894409 hex dump (first 8 bytes): 74 65 73 74 69 6e 67 00 testing. backtrace (crc 5eab668b): [<0000000001e3714d>] kmemleak_alloc+0x34/0x40 [<000000006e6c7776>] __kmalloc_node_track_caller_noprof+0x300/0x3e0 [<000000006870467c>] kmemdup_noprof+0x34/0x60 [<000000001176bb03>] aa_unpack_strdup+0xd0/0x18c [<0000000046a45c1a>] policy_unpack_test_unpack_strdup_with_name+0xd0/0x3c4 [<0000000032ef8f77>] kunit_try_run_case+0x13c/0x3ac [<00000000f3edea23>] kunit_generic_run_threadfn_adapter+0x80/0xec [<00000000adf936cf>] kthread+0x2e8/0x374 [<0000000041bb1628>] ret_from_fork+0x10/0x20 • https://git.kernel.org/stable/c/4d944bcd4e731ab7bfe8d01a7041ea0ebdc090f1 https://git.kernel.org/stable/c/f856246ff6da25c4f8fdd73a9c875e878b085e9f https://git.kernel.org/stable/c/5354599855a9b5568e05ce686119ee3ff8b19bd5 https://git.kernel.org/stable/c/89265f88701e54dde255ddf862093baeca57548c https://git.kernel.org/stable/c/2a9b68f2dc6812bd1b8880b5c00e60203d6f61f6 https://git.kernel.org/stable/c/59a149e7c38e7b76616c8b333fc6aa5b6fb2293c https://git.kernel.org/stable/c/d62ee5739a66644b0e7f11e657d562458cdcdea3 https://git.kernel.org/stable/c/7290f59231910ccba427d441a6e8b8c6f •
CVE-2024-56739 – rtc: check if __rtc_read_time was successful in rtc_timer_do_work()
https://notcve.org/view.php?id=CVE-2024-56739
In the Linux kernel, the following vulnerability has been resolved: rtc: check if __rtc_read_time was successful in rtc_timer_do_work() If the __rtc_read_time call fails,, the struct rtc_time tm; may contain uninitialized data, or an illegal date/time read from the RTC hardware. When calling rtc_tm_to_ktime later, the result may be a very large value (possibly KTIME_MAX). If there are periodic timers in rtc->timerqueue, they will continually expire, may causing kernel softlockup. • https://git.kernel.org/stable/c/6610e0893b8bc6f59b14fed7f089c5997f035f88 https://git.kernel.org/stable/c/39ad0a1ae17b54509cd9e93dcd8cec16e7c12d3f https://git.kernel.org/stable/c/44b3257ff705d63d5f00ef8ed314a0eeb7ec37f2 https://git.kernel.org/stable/c/0d68e8514d9040108ff7d1b37ca71096674b6efe https://git.kernel.org/stable/c/246f621d363988e7040f4546d20203dc713fa3e1 https://git.kernel.org/stable/c/fde56535505dde3336df438e949ef4742b6d6d6e https://git.kernel.org/stable/c/dd4b1cbcc916fad5d10c2662b62def9f05e453d4 https://git.kernel.org/stable/c/a1f0b4af90cc18b10261ecde56c6a56b2 •
CVE-2024-56729 – smb: Initialize cfid->tcon before performing network ops
https://notcve.org/view.php?id=CVE-2024-56729
In the Linux kernel, the following vulnerability has been resolved: smb: Initialize cfid->tcon before performing network ops Avoid leaking a tcon ref when a lease break races with opening the cached directory. Processing the leak break might take a reference to the tcon in cached_dir_lease_break() and then fail to release the ref in cached_dir_offload_close, since cfid->tcon is still NULL. • https://git.kernel.org/stable/c/ebe98f1447bbccf8228335c62d86af02a0ed23f7 https://git.kernel.org/stable/c/625e2357c8fcfae6e66dcc667dc656fe390bab15 https://git.kernel.org/stable/c/4b216c8f9c7d84ef7de33ca60b97e08e03ef3292 https://git.kernel.org/stable/c/1b9ab6b648f89441c8a13cb3fd8ca83ffebc5262 https://git.kernel.org/stable/c/c353ee4fb119a2582d0e011f66a76a38f5cf984d •
CVE-2024-56728 – octeontx2-pf: handle otx2_mbox_get_rsp errors in otx2_ethtool.c
https://notcve.org/view.php?id=CVE-2024-56728
In the Linux kernel, the following vulnerability has been resolved: octeontx2-pf: handle otx2_mbox_get_rsp errors in otx2_ethtool.c Add error pointer check after calling otx2_mbox_get_rsp(). • https://git.kernel.org/stable/c/75f36270990c7875c0091afb961ca37f52b6bc55 https://git.kernel.org/stable/c/5ff9de1f2712cbca53da2e37d831eea7ffcb43b6 https://git.kernel.org/stable/c/55c41b97001a09bb490ffa2e667e251d75d15ab1 https://git.kernel.org/stable/c/05a6ce174c0c724e5914e1e5efd826bab8f382b4 https://git.kernel.org/stable/c/c0f64fd73b60aee85f88c270c9d714ead27a7b7a https://git.kernel.org/stable/c/6cda142cee032b8fe65ee11f78721721c3988feb https://git.kernel.org/stable/c/2db2194727b1f49a5096c1c3981adef1b7638733 https://git.kernel.org/stable/c/e26f8eac6bb20b20fdb8f7dc695711ebc •