CVSS: -EPSS: 0%CPEs: 4EXPL: 0CVE-2024-27068 – thermal/drivers/mediatek/lvts_thermal: Fix a memory leak in an error handling path
https://notcve.org/view.php?id=CVE-2024-27068
In the Linux kernel, the following vulnerability has been resolved: thermal/drivers/mediatek/lvts_thermal: Fix a memory leak in an error handling path If devm_krealloc() fails, then 'efuse' is leaking. So free it to avoid a leak. En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: Thermal/drivers/mediatek/lvts_thermal: corrige una pérdida de memoria en una ruta de manejo de errores. Si devm_krealloc() falla, entonces 'efuse' tiene una fuga. Así que libérelo para evitar una fuga. • https://git.kernel.org/stable/c/f5f633b18234cecb0e6ee6e5fbb358807dda15c3 https://git.kernel.org/stable/c/2db869da91afd48e5b9ec76814709be49662b07d https://git.kernel.org/stable/c/a37f3652bee468f879d35fe2da9ede3f1dcbb7be https://git.kernel.org/stable/c/9b02197596671800dd934609384b1aca7c6ad218 https://git.kernel.org/stable/c/ca93bf607a44c1f009283dac4af7df0d9ae5e357 •
CVSS: -EPSS: 0%CPEs: 4EXPL: 0CVE-2024-27067 – xen/evtchn: avoid WARN() when unbinding an event channel
https://notcve.org/view.php?id=CVE-2024-27067
In the Linux kernel, the following vulnerability has been resolved: xen/evtchn: avoid WARN() when unbinding an event channel When unbinding a user event channel, the related handler might be called a last time in case the kernel was built with CONFIG_DEBUG_SHIRQ. This might cause a WARN() in the handler. Avoid that by adding an "unbinding" flag to struct user_event which will short circuit the handler. En el kernel de Linux, se resolvió la siguiente vulnerabilidad: xen/evtchn: evite WARN() al desvincular un canal de eventos Al desvincular un canal de eventos de usuario, es posible que se llame al controlador relacionado por última vez en caso de que el kernel se haya compilado con CONFIG_DEBUG_SHIRQ. Esto podría provocar un WARN() en el controlador. Evite esto agregando un indicador de "desvinculación" a la estructura user_event que provocará un cortocircuito en el controlador. • https://git.kernel.org/stable/c/3c8f5965a99397368d3762a9814a21a3e442e1a4 https://git.kernel.org/stable/c/9e90e58c11b74c2bddac4b2702cf79d36b981278 https://git.kernel.org/stable/c/99e425032c6ec13584d3cd33846e0c7307501b47 https://git.kernel.org/stable/c/35485dad6e28f9b17884764d4692b1655cb848d0 https://git.kernel.org/stable/c/9e2d4b58c1da48a32905802aaeadba7084b46895 https://git.kernel.org/stable/c/51c23bd691c0f1fb95b29731c356c6fd69925d17 •
CVSS: -EPSS: 0%CPEs: 4EXPL: 0CVE-2024-27066 – virtio: packed: fix unmap leak for indirect desc table
https://notcve.org/view.php?id=CVE-2024-27066
In the Linux kernel, the following vulnerability has been resolved: virtio: packed: fix unmap leak for indirect desc table When use_dma_api and premapped are true, then the do_unmap is false. Because the do_unmap is false, vring_unmap_extra_packed is not called by detach_buf_packed. if (unlikely(vq->do_unmap)) { curr = id; for (i = 0; i < state->num; i++) { vring_unmap_extra_packed(vq, &vq->packed.desc_extra[curr]); curr = vq->packed.desc_extra[curr].next; } } So the indirect desc table is not unmapped. This causes the unmap leak. So here, we check vq->use_dma_api instead. Synchronously, dma info is updated based on use_dma_api judgment This bug does not occur, because no driver use the premapped with indirect. En el kernel de Linux, se resolvió la siguiente vulnerabilidad: virtio: empaquetado: corrige la fuga de desasignación para la tabla desc indirecta Cuando use_dma_api y premapped son verdaderos, entonces do_unmap es falso. Debido a que do_unmap es falso, detach_buf_packed no llama a vring_unmap_extra_packed. if (improbable(vq->do_unmap)) { curr = id; for (i = 0; i < estado->num; i++) { vring_unmap_extra_packed(vq, &vq->packed.desc_extra[curr]); curr = vq->packed.desc_extra[curr].next; } } Por lo tanto, la tabla de descripción indirecta no está desasignada. • https://git.kernel.org/stable/c/b319940f83c21bb4c1fabffe68a862be879a6193 https://git.kernel.org/stable/c/e142169aca5546ae6619c39a575cda8105362100 https://git.kernel.org/stable/c/75450ff8c6fe8755bf5b139b238eaf9739cfd64e https://git.kernel.org/stable/c/51bacd9d29bf98c3ebc65e4a0477bb86306b4140 https://git.kernel.org/stable/c/d5c0ed17fea60cca9bc3bf1278b49ba79242bbcd •
CVSS: 4.7EPSS: 0%CPEs: 8EXPL: 0CVE-2024-27065 – netfilter: nf_tables: do not compare internal table flags on updates
https://notcve.org/view.php?id=CVE-2024-27065
In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: do not compare internal table flags on updates Restore skipping transaction if table update does not modify flags. En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: netfilter: nf_tables: no comparar indicadores de tablas internas en las actualizaciones Restaurar la transacción omitida si la actualización de la tabla no modifica los indicadores. • https://git.kernel.org/stable/c/e10f661adc556c4969c70ddaddf238bffdaf1e87 https://git.kernel.org/stable/c/d9c4da8cb74e8ee6e58a064a3573aa37acf6c935 https://git.kernel.org/stable/c/179d9ba5559a756f4322583388b3213fe4e391b0 https://git.kernel.org/stable/c/2531f907d3e40a6173090f10670ae76d117ab27b https://git.kernel.org/stable/c/fcf32a5bfcb8a57ac0ce717fcfa4d688c91f1005 https://git.kernel.org/stable/c/640dbf688ba955e83e03de84fbdda8e570b7cce4 https://git.kernel.org/stable/c/9683cb6c2c6c0f45537bf0b8868b5d38fcb63fc7 https://git.kernel.org/stable/c/4d37f12707ee965d338028732575f0b85 •
CVSS: -EPSS: 0%CPEs: 5EXPL: 0CVE-2024-27064 – netfilter: nf_tables: Fix a memory leak in nf_tables_updchain
https://notcve.org/view.php?id=CVE-2024-27064
In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: Fix a memory leak in nf_tables_updchain If nft_netdev_register_hooks() fails, the memory associated with nft_stats is not freed, causing a memory leak. This patch fixes it by moving nft_stats_alloc() down after nft_netdev_register_hooks() succeeds. En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: netfilter: nf_tables: corrige una pérdida de memoria en nf_tables_updchain Si nft_netdev_register_hooks() falla, la memoria asociada con nft_stats no se libera, lo que provoca una pérdida de memoria. Este parche lo soluciona moviendo nft_stats_alloc() hacia abajo después de que nft_netdev_register_hooks() tenga éxito. • https://git.kernel.org/stable/c/b9703ed44ffbfba85c103b9de01886a225e14b38 https://git.kernel.org/stable/c/d131ce7a319d3bff68d5a9d5509bb22e4ce33946 https://git.kernel.org/stable/c/79846fdcc548d617b0b321addc6a3821d3b75b20 https://git.kernel.org/stable/c/4e4623a4f6e133e671f65f9ac493bddaaf63e250 https://git.kernel.org/stable/c/e77a6b53a3a547b6dedfc40c37cee4f310701090 https://git.kernel.org/stable/c/7eaf837a4eb5f74561e2486972e7f5184b613f6e •