CVSS: 5.5EPSS: 0%CPEs: 7EXPL: 0CVE-2024-35852 – mlxsw: spectrum_acl_tcam: Fix memory leak when canceling rehash work
https://notcve.org/view.php?id=CVE-2024-35852
17 May 2024 — In the Linux kernel, the following vulnerability has been resolved: mlxsw: spectrum_acl_tcam: Fix memory leak when canceling rehash work The rehash delayed work is rescheduled with a delay if the number of credits at end of the work is not negative as supposedly it means that the migration ended. In the Linux kernel, the following vulnerability has been resolved: mlxsw: spectrum_acl_tcam: Fix memory leak when canceling rehash work The rehash delayed work is rescheduled with a delay if the numb... • https://git.kernel.org/stable/c/c9c9af91f1d9a636aecc55302c792538e549a430 •
CVSS: 5.5EPSS: 0%CPEs: 5EXPL: 0CVE-2024-35851 – Bluetooth: qca: fix NULL-deref on non-serdev suspend
https://notcve.org/view.php?id=CVE-2024-35851
17 May 2024 — In the Linux kernel, the following vulnerability has been resolved: Bluetooth: qca: fix NULL-deref on non-serdev suspend Qualcomm ROME controllers can be registered from the Bluetooth line discipline and in this case the HCI UART serdev pointer is NULL. In the Linux kernel, the following vulnerability has been resolved: Bluetooth: qca: fix NULL-deref on non-serdev suspend Qualcomm ROME controllers can be registered from the Bluetooth line discipline and in this case the HCI UART serdev pointer... • https://git.kernel.org/stable/c/c1a74160eaf1ac218733b371158432b52601beff •
CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 0CVE-2024-35850 – Bluetooth: qca: fix NULL-deref on non-serdev setup
https://notcve.org/view.php?id=CVE-2024-35850
17 May 2024 — In the Linux kernel, the following vulnerability has been resolved: Bluetooth: qca: fix NULL-deref on non-serdev setup Qualcomm ROME controllers can be registered from the Bluetooth line discipline and in this case the HCI UART serdev pointer is NULL. In the Linux kernel, the following vulnerability has been resolved: Bluetooth: qca: fix NULL-deref on non-serdev setup Qualcomm ROME controllers can be registered from the Bluetooth line discipline and in this case the HCI UART serdev pointer is ... • https://git.kernel.org/stable/c/e9b3e5b8c65733f626a7ee919c4bc895b51d7bb2 •
CVSS: 5.5EPSS: 0%CPEs: 8EXPL: 0CVE-2024-35849 – btrfs: fix information leak in btrfs_ioctl_logical_to_ino()
https://notcve.org/view.php?id=CVE-2024-35849
17 May 2024 — In the Linux kernel, the following vulnerability has been resolved: btrfs: fix information leak in btrfs_ioctl_logical_to_ino() Syzbot reported the following information leak for in btrfs_ioctl_logical_to_ino(): BUG: KMSAN: kernel-infoleak in instrument_copy_to_user include/linux/instrumented.h:114 [inline] BUG: KMSAN: kernel-infoleak in _copy_to_user+0xbc/0x110 lib/usercopy.c:40 instrument_copy_to_user include/linux/instrumented.h:114 [inline] _copy_to_user+0xbc/0x110 lib/usercopy.c:40... • https://git.kernel.org/stable/c/689efe22e9b5b7d9d523119a9a5c3c17107a0772 •
CVSS: 5.5EPSS: 0%CPEs: 6EXPL: 0CVE-2024-35848 – eeprom: at24: fix memory corruption race condition
https://notcve.org/view.php?id=CVE-2024-35848
17 May 2024 — In the Linux kernel, the following vulnerability has been resolved: eeprom: at24: fix memory corruption race condition If the eeprom is not accessible, an nvmem device will be registered, the read will fail, and the device will be torn down. In the Linux kernel, the following vulnerability has been resolved: eeprom: at24: fix memory corruption race condition If the eeprom is not accessible, an nvmem device will be registered, the read will fail, and the device will be torn down. ... En el kern... • https://git.kernel.org/stable/c/b20eb4c1f0261eebe6e1b9221c0d6e4048837778 •
CVSS: 7.8EPSS: 0%CPEs: 8EXPL: 0CVE-2024-35847 – irqchip/gic-v3-its: Prevent double free on error
https://notcve.org/view.php?id=CVE-2024-35847
17 May 2024 — In the Linux kernel, the following vulnerability has been resolved: irqchip/gic-v3-its: Prevent double free on error The error handling path in its_vpe_irq_domain_alloc() causes a double free when its_vpe_init() fails after successfully allocating at least one interrupt. In the Linux kernel, the following vulnerability has been resolved: irqchip/gic-v3-its: Prevent double free on error The error handling path in its_vpe_irq_domain_alloc() causes a double free when its_vpe_init() fails after su... • https://git.kernel.org/stable/c/7d75bbb4bc1ad90386776459d37e4ddfe605671e •
CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 0CVE-2024-35846 – mm: zswap: fix shrinker NULL crash with cgroup_disable=memory
https://notcve.org/view.php?id=CVE-2024-35846
17 May 2024 — In the Linux kernel, the following vulnerability has been resolved: mm: zswap: fix shrinker NULL crash with cgroup_disable=memory Christian reports a NULL deref in zswap that he bisected down to the zswap shrinker. ... id=2275252 En el kernel de Linux, se resolvió la siguiente vulnerabilidad: mm: zswap: corrige el bloqueo NULL del reductor con cgroup_disable=memory. ... id=2275252 In the Linux kernel, the following vulnerability has been resolved: mm: zswap: fix shrinker NULL crash with... • https://git.kernel.org/stable/c/b5ba474f3f518701249598b35c581b92a3c95b48 •
CVSS: 9.1EPSS: 0%CPEs: 7EXPL: 0CVE-2024-35845 – wifi: iwlwifi: dbg-tlv: ensure NUL termination
https://notcve.org/view.php?id=CVE-2024-35845
17 May 2024 — In the Linux kernel, the following vulnerability has been resolved: wifi: iwlwifi: dbg-tlv: ensure NUL termination The iwl_fw_ini_debug_info_tlv is used as a string, so we must ensure the string is terminated correctly before using it. In the Linux kernel, the following vulnerability has been resolved: wifi: iwlwifi: dbg-tlv: ensure NUL termination The iwl_fw_ini_debug_info_tlv is used as a string, so we must ensure the string is terminated correctly before using it. En el kernel de Linux
CVSS: 7.0EPSS: 0%CPEs: 6EXPL: 0CVE-2024-35844 – f2fs: compress: fix reserve_cblocks counting error when out of space
https://notcve.org/view.php?id=CVE-2024-35844
17 May 2024 — In the Linux kernel, the following vulnerability has been resolved: f2fs: compress: fix reserve_cblocks counting error when out of space When a file only needs one direct_node, performing the following operations will cause the file to be unrepairable: unisoc # .... /f2fs_io reserve_cblocks test.apk 924 En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: f2fs: compress: corrige el error de conteo de reserve_cblocks cuando no hay espacio. ... /f2fs_io reserve_cblocks test.apk 924... • https://git.kernel.org/stable/c/c75488fb4d82b697f381f855bf5b16779df440aa •
CVSS: 6.8EPSS: 0%CPEs: 2EXPL: 0CVE-2024-35843 – iommu/vt-d: Use device rbtree in iopf reporting path
https://notcve.org/view.php?id=CVE-2024-35843
17 May 2024 — In the Linux kernel, the following vulnerability has been resolved: iommu/vt-d: Use device rbtree in iopf reporting path The existing I/O page fault handler currently locates the PCI device by calling pci_get_domain_bus_and_slot(). In the Linux kernel, the following vulnerability has been resolved: iommu/vt-d: Use device rbtree in iopf reporting path The existing I/O page fault handler currently locates the PCI device by calling pci_get_domain_bus_and_slot(). ... En el kernel de Linux, ... • https://git.kernel.org/stable/c/3d39238991e745c5df85785604f037f35d9d1b15 • CWE-416: Use After Free •