CVSS: 7.8EPSS: 0%CPEs: 8EXPL: 0CVE-2024-50262 – bpf: Fix out-of-bounds write in trie_get_next_key()
https://notcve.org/view.php?id=CVE-2024-50262
09 Nov 2024 — In the Linux kernel, the following vulnerability has been resolved: bpf: Fix out-of-bounds write in trie_get_next_key() trie_get_next_key() allocates a node stack with size trie->max_prefixlen, while it writes (trie->max_prefixlen + 1) nodes to the stack when it has full paths from the root to leaves. In the Linux kernel, the following vulnerability has been resolved: bpf: Fix out-of-bounds write in trie_get_next_key() trie_get_next_key() allocates a node stack with size trie->max_prefixlen, w... • https://git.kernel.org/stable/c/b471f2f1de8b816f1e799b80aa92588f3566e4bd • CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 0CVE-2024-50261 – macsec: Fix use-after-free while sending the offloading packet
https://notcve.org/view.php?id=CVE-2024-50261
09 Nov 2024 — Workqueue: mld mld_ifc_work Call Trace:
CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 0CVE-2024-50260 – sock_map: fix a NULL pointer dereference in sock_map_link_update_prog()
https://notcve.org/view.php?id=CVE-2024-50260
09 Nov 2024 — In the Linux kernel, the following vulnerability has been resolved: sock_map: fix a NULL pointer dereference in sock_map_link_update_prog() The following race condition could trigger a NULL pointer dereference: sock_map_link_detach(): sock_map_link_update_prog(): mutex_lock(&sockmap_mutex); ... In the Linux kernel, the following vulnerability has been resolved: sock_map: fix a NULL pointer dereference in sock_map_link_update_prog() The following race condition could trigger a NULL pointer dere... • https://git.kernel.org/stable/c/699c23f02c65cbfc3e638f14ce0d70c23a2e1f02 •
CVSS: 5.5EPSS: 0%CPEs: 5EXPL: 0CVE-2024-50259 – netdevsim: Add trailing zero to terminate the string in nsim_nexthop_bucket_activity_write()
https://notcve.org/view.php?id=CVE-2024-50259
09 Nov 2024 — In the Linux kernel, the following vulnerability has been resolved: netdevsim: Add trailing zero to terminate the string in nsim_nexthop_bucket_activity_write() This was found by a static analyzer. In the Linux kernel, the following vulnerability has been resolved: netdevsim: Add trailing zero to terminate the string in nsim_nexthop_bucket_activity_write() This was found by a static analyzer. • https://git.kernel.org/stable/c/c6385c0b67c527b298111775bc89a7407ba1581e •
CVSS: 5.5EPSS: 0%CPEs: 5EXPL: 0CVE-2024-50258 – net: fix crash when config small gso_max_size/gso_ipv4_max_size
https://notcve.org/view.php?id=CVE-2024-50258
09 Nov 2024 — In the Linux kernel, the following vulnerability has been resolved: net: fix crash when config small gso_max_size/gso_ipv4_max_size Config a small gso_max_size/gso_ipv4_max_size will lead to an underflow in sk_dst_gso_max_size(), which may trigger a BUG_ON crash, because sk->sk_gso_max_size would be much bigger than device limits. In the Linux kernel, the following vulnerability has been resolved: net: fix crash when config small gso_max_size/gso_ipv4_max_size Config a small gso_max_size/gso_i... • https://git.kernel.org/stable/c/46e6b992c2502b094e61da6994f1363f3b7c1413 •
CVSS: 7.8EPSS: 0%CPEs: 5EXPL: 0CVE-2024-50257 – netfilter: Fix use-after-free in get_info()
https://notcve.org/view.php?id=CVE-2024-50257
09 Nov 2024 — In the Linux kernel, the following vulnerability has been resolved: netfilter: Fix use-after-free in get_info() ip6table_nat module unload has refcnt warning for UAF. In the Linux kernel, the following vulnerability has been resolved: netfilter: Fix use-after-free in get_info() ip6table_nat module unload has refcnt warning for UAF. • https://git.kernel.org/stable/c/fdacd57c79b79a03c7ca88f706ad9fb7b46831c1 • CWE-416: Use After Free •
CVSS: 5.8EPSS: 0%CPEs: 4EXPL: 0CVE-2024-50256 – netfilter: nf_reject_ipv6: fix potential crash in nf_send_reset6()
https://notcve.org/view.php?id=CVE-2024-50256
09 Nov 2024 — Oops: invalid opcode: 0000 [#1] PREEMPT SMP KASAN PTI CPU: 0 UID: 0 PID: 7373 Comm: syz.1.568 Not tainted 6.12.0-rc2-syzkaller-00631-g6d858708d465 #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 RIP: 0010:skb_panic net/core/skbuff.c:206 [inline] RIP: 0010:skb_under_panic+0x14b/0x150 net/core/skbuff.c:216 Code: 0d 8d 48 c7 c6 60 a6 29 8e 48 8b 54 24 08 8b 0c 24 44 8b 44 24 04 4d 89 e9 50 41 54 41 57 41 56 e8 ba 30 38 02 48 83 c4 20 90 <0f> 0b 0f 1f 00 90 90 90 90 ... • https://git.kernel.org/stable/c/c8d7b98bec43faaa6583c3135030be5eb4693acb • CWE-476: NULL Pointer Dereference •
CVSS: 7.3EPSS: 0%CPEs: 4EXPL: 0CVE-2024-50255 – Bluetooth: hci: fix null-ptr-deref in hci_read_supported_codecs
https://notcve.org/view.php?id=CVE-2024-50255
09 Nov 2024 — KASAN: null-ptr-deref in range [0x0000000000000070-0x0000000000000077] CPU: 1 PID: 2000 Comm: kworker/u9:5 Not tainted 6.9.0-ga6bcb805883c-dirty #10 Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.15.0-1 04/01/2014 Workqueue: hci7 hci_power_on RIP: 0010:hci_read_supported_codecs+0xb9/0x870 net/bluetooth/hci_codec.c:138 Code: 08 48 89 ef e8 b8 c1 8f fd 48 8b 75 00 e9 96 00 00 00 49 89 c6 48 ba 00 00 00 00 00 fc ff df 4c 8d 60 70 4c 89 e3 48 c1 eb 03 <0f> b6 04 13 84 c0 0f 85 82 06 00 00 41 83 3... • https://git.kernel.org/stable/c/abfeea476c68afea54c9c050a2d3b19d5d2ee873 • CWE-476: NULL Pointer Dereference •
CVSS: 7.2EPSS: 0%CPEs: 2EXPL: 0CVE-2024-50254 – bpf: Free dynamically allocated bits in bpf_iter_bits_destroy()
https://notcve.org/view.php?id=CVE-2024-50254
09 Nov 2024 — In the Linux kernel, the following vulnerability has been resolved: bpf: Free dynamically allocated bits in bpf_iter_bits_destroy() bpf_iter_bits_destroy() uses "kit->nr_bits <= 64" to check whether the bits are dynamically allocated. In the Linux kernel, the following vulnerability has been resolved: bpf: Free dynamically allocated bits in bpf_iter_bits_destroy() bpf_iter_bits_destroy() uses "kit->nr_bits <= 64" to check whether the bits are dynamically allocated. ... • https://git.kernel.org/stable/c/4665415975b0827e9646cab91c61d02a6b364d59 •
CVSS: 7.2EPSS: 0%CPEs: 2EXPL: 0CVE-2024-50253 – bpf: Check the validity of nr_words in bpf_iter_bits_new()
https://notcve.org/view.php?id=CVE-2024-50253
09 Nov 2024 — In the Linux kernel, the following vulnerability has been resolved: bpf: Check the validity of nr_words in bpf_iter_bits_new() Check the validity of nr_words in bpf_iter_bits_new(). In the Linux kernel, the following vulnerability has been resolved: bpf: Check the validity of nr_words in bpf_iter_bits_new() Check the validity of nr_words in bpf_iter_bits_new(). ... • https://git.kernel.org/stable/c/4665415975b0827e9646cab91c61d02a6b364d59 •