CVSS: 5.5EPSS: 0%CPEs: 9EXPL: 0CVE-2024-27410 – wifi: nl80211: reject iftype change with mesh ID change
https://notcve.org/view.php?id=CVE-2024-27410
17 May 2024 — In the Linux kernel, the following vulnerability has been resolved: wifi: nl80211: reject iftype change with mesh ID change It's currently possible to change the mesh ID when the interface isn't yet in mesh mode, at the same time as changing it into mesh mode. This leads to an overwrite of data in the wdev->u union for the interface type it currently has, causing cfg80211_change_iface() to do wrong things when switching. We could probably allow setting an interface to mesh while setting the mesh ID at th... • https://git.kernel.org/stable/c/7b0a0e3c3a88260b6fcb017e49f198463aa62ed1 •
CVSS: -EPSS: 0%CPEs: 3EXPL: 0CVE-2024-27409 – dmaengine: dw-edma: HDMA: Add sync read before starting the DMA transfer in remote setup
https://notcve.org/view.php?id=CVE-2024-27409
17 May 2024 — In the Linux kernel, the following vulnerability has been resolved: dmaengine: dw-edma: HDMA: Add sync read before starting the DMA transfer in remote setup The Linked list element and pointer are not stored in the same memory as the HDMA controller register. If the doorbell register is toggled before the full write of the linked list a race condition error will occur. In remote setup we can only use a readl to the memory to assure the full write has occurred. En el kernel de Linux, se resolvió la siguien... • https://git.kernel.org/stable/c/e74c39573d35e9ac441090ff8183aa3dc2540649 •
CVSS: -EPSS: 0%CPEs: 3EXPL: 0CVE-2024-27408 – dmaengine: dw-edma: eDMA: Add sync read before starting the DMA transfer in remote setup
https://notcve.org/view.php?id=CVE-2024-27408
17 May 2024 — In the Linux kernel, the following vulnerability has been resolved: dmaengine: dw-edma: eDMA: Add sync read before starting the DMA transfer in remote setup The Linked list element and pointer are not stored in the same memory as the eDMA controller register. If the doorbell register is toggled before the full write of the linked list a race condition error will occur. In remote setup we can only use a readl to the memory to assure the full write has occurred. En el kernel de Linux, se resolvió la siguien... • https://git.kernel.org/stable/c/7e4b8a4fbe2cecab0959e862604803d063f50029 •
CVSS: -EPSS: 0%CPEs: 5EXPL: 0CVE-2023-52657 – Revert "drm/amd/pm: resolve reboot exception for si oland"
https://notcve.org/view.php?id=CVE-2023-52657
17 May 2024 — In the Linux kernel, the following vulnerability has been resolved: Revert "drm/amd/pm: resolve reboot exception for si oland" This reverts commit e490d60a2f76bff636c68ce4fe34c1b6c34bbd86. This causes hangs on SI when DC is enabled and errors on driver reboot and power off cycles. En el kernel de Linux, se resolvió la siguiente vulnerabilidad: Revertir "drm/amd/pm: resolve reboot exception for si oland" Esto revierte la confirmación e490d60a2f76bff636c68ce4fe34c1b6c34bbd86. Esto provoca bloqueos en SI cu... • https://git.kernel.org/stable/c/0f8f233ed76754b0c9262eb2e82f8529da0bef16 •
CVSS: 8.4EPSS: 0%CPEs: 4EXPL: 0CVE-2024-27407 – fs/ntfs3: Fixed overflow check in mi_enum_attr()
https://notcve.org/view.php?id=CVE-2024-27407
17 May 2024 — In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: Fixed overflow check in mi_enum_attr() En el kernel de Linux se ha resuelto la siguiente vulnerabilidad: fs/ntfs3: Se corrigió la verificación de desbordamiento en mi_enum_attr() • https://git.kernel.org/stable/c/4534a70b7056fd4b9a1c6db5a4ce3c98546b291e • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: -EPSS: 0%CPEs: 3EXPL: 0CVE-2024-27406 – lib/Kconfig.debug: TEST_IOV_ITER depends on MMU
https://notcve.org/view.php?id=CVE-2024-27406
17 May 2024 — In the Linux kernel, the following vulnerability has been resolved: lib/Kconfig.debug: TEST_IOV_ITER depends on MMU Trying to run the iov_iter unit test on a nommu system such as the qemu kc705-nommu emulation results in a crash. KTAP version 1 # Subtest: iov_iter # module: kunit_iov_iter 1..9 BUG: failure at mm/nommu.c:318/vmap()! Kernel panic - not syncing: BUG! The test calls vmap() directly, but vmap() is not supported on nommu systems, causing the crash. TEST_IOV_ITER therefore nee... • https://git.kernel.org/stable/c/2d71340ff1d41a5b9fc1b30ded12d638b2e2ae96 •
CVSS: 7.5EPSS: 0%CPEs: 8EXPL: 0CVE-2024-27405 – usb: gadget: ncm: Avoid dropping datagrams of properly parsed NTBs
https://notcve.org/view.php?id=CVE-2024-27405
17 May 2024 — In the Linux kernel, the following vulnerability has been resolved: usb: gadget: ncm: Avoid dropping datagrams of properly parsed NTBs It is observed sometimes when tethering is used over NCM with Windows 11 as host, at some instances, the gadget_giveback has one byte appended at the end of a proper NTB. When the NTB is parsed, unwrap call looks for any leftover bytes in SKB provided by u_ether and if there are any pending bytes, it treats them as a separate NTB and parses it. But in case the second NTB (... • https://git.kernel.org/stable/c/9f6ce4240a2bf456402c15c06768059e5973f28c • CWE-476: NULL Pointer Dereference •
CVSS: 5.5EPSS: 0%CPEs: 4EXPL: 0CVE-2024-27404 – mptcp: fix data races on remote_id
https://notcve.org/view.php?id=CVE-2024-27404
17 May 2024 — In the Linux kernel, the following vulnerability has been resolved: mptcp: fix data races on remote_id Similar to the previous patch, address the data race on remote_id, adding the suitable ONCE annotations. En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: mptcp: corrige carreras de datos en remote_id Similar al parche anterior, aborda la carrera de datos en remote_id, agregando las anotaciones ONCE adecuadas. A race condition vulnerability was found in the Linux kernel remote_id functio... • https://git.kernel.org/stable/c/bedee0b561138346967cf1443f2afd1b48b3148f •
CVSS: 5.5EPSS: 0%CPEs: 5EXPL: 0CVE-2024-27403 – netfilter: nft_flow_offload: reset dst in route object after setting up flow
https://notcve.org/view.php?id=CVE-2024-27403
17 May 2024 — In the Linux kernel, the following vulnerability has been resolved: netfilter: nft_flow_offload: reset dst in route object after setting up flow dst is transferred to the flow object, route object does not own it anymore. Reset dst in route object, otherwise if flow_offload_add() fails, error path releases dst twice, leading to a refcount underflow. En el kernel de Linux, se resolvió la siguiente vulnerabilidad: netfilter: nft_flow_offload: restablece dst en el objeto de ruta después de configurar el flu... • https://git.kernel.org/stable/c/a3c90f7a2323b331ae816d5b0633e68148e25d04 •
CVSS: 5.8EPSS: 0%CPEs: 4EXPL: 0CVE-2024-27402 – phonet/pep: fix racy skb_queue_empty() use
https://notcve.org/view.php?id=CVE-2024-27402
17 May 2024 — In the Linux kernel, the following vulnerability has been resolved: phonet/pep: fix racy skb_queue_empty() use The receive queues are protected by their respective spin-lock, not the socket lock. This could lead to skb_peek() unexpectedly returning NULL or a pointer to an already dequeued socket buffer. En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: phonet/pep: corrige el uso picante de skb_queue_empty() Las colas de recepción están protegidas por sus respectivos spin-lock, no por el s... • https://git.kernel.org/stable/c/9641458d3ec42def729fde64669abf07f3220cd5 •