CVSS: 5.5EPSS: 0%CPEs: 8EXPL: 0CVE-2024-35805 – dm snapshot: fix lockup in dm_exception_table_exit
https://notcve.org/view.php?id=CVE-2024-35805
17 May 2024 — In the Linux kernel, the following vulnerability has been resolved: dm snapshot: fix lockup in dm_exception_table_exit There was reported lockup when we exit a snapshot with many exceptions. In the Linux kernel, the following vulnerability has been resolved: dm snapshot: fix lockup in dm_exception_table_exit There was reported lockup when we exit a snapshot with many exceptions. Fix this by adding "cond_resched" to the loop that frees the exceptions. En el kernel de Linux, se resolvió l... • https://git.kernel.org/stable/c/e7d4cff57c3c43fdd72342c78d4138f509c7416e •
CVSS: 5.5EPSS: 0%CPEs: 7EXPL: 0CVE-2024-35804 – KVM: x86: Mark target gfn of emulated atomic instruction as dirty
https://notcve.org/view.php?id=CVE-2024-35804
17 May 2024 — In the Linux kernel, the following vulnerability has been resolved: KVM: x86: Mark target gfn of emulated atomic instruction as dirty When emulating an atomic access on behalf of the guest, mark the target gfn dirty if the CMPXCHG by KVM is attempted and doesn't fault. ... Huge kudos to the folks on the Cc list (and many others), who did all the actual work of triaging and debugging. base-commit: 6769ea8da8a93ed4630f1ce64df6aafcaabfce64 En el kernel de Linux, se ha resuelto la siguiente vulner... • https://git.kernel.org/stable/c/d97c0667c1e61ded6639117b4b9584a9c12b7e66 •
CVSS: 7.0EPSS: 0%CPEs: 5EXPL: 0CVE-2024-35803 – x86/efistub: Call mixed mode boot services on the firmware's stack
https://notcve.org/view.php?id=CVE-2024-35803
17 May 2024 — In the Linux kernel, the following vulnerability has been resolved: x86/efistub: Call mixed mode boot services on the firmware's stack Normally, the EFI stub calls into the EFI boot services using the stack that was live when the stub was entered. In the Linux kernel, the following vulnerability has been resolved: x86/efistub: Call mixed mode boot services on the firmware's stack Normally, the EFI stub calls into the EFI boot services using the stack that was live when the stub was entered. • https://git.kernel.org/stable/c/2149f8a56e2ed345c7a4d022a79f6b8fc53ae926 •
CVSS: 7.8EPSS: 0%CPEs: 5EXPL: 0CVE-2024-35801 – x86/fpu: Keep xfd_state in sync with MSR_IA32_XFD
https://notcve.org/view.php?id=CVE-2024-35801
17 May 2024 — In the Linux kernel, the following vulnerability has been resolved: x86/fpu: Keep xfd_state in sync with MSR_IA32_XFD Commit 672365477ae8 ("x86/fpu: Update XFD state where required") and commit 8bf26758ca96 ("x86/fpu: Add XFD state to fpstate") introduced a per CPU variable xfd_state to keep the MSR_IA32_XFD value cached, in order to avoid unnecessary writes to the MSR. In the Linux kernel, the following vulnerability has been resolved: x86/fpu: Keep xfd_state in sync with MSR_IA32_XFD Commit ... • https://git.kernel.org/stable/c/672365477ae8afca5a1cca98c1deb733235e4525 • CWE-416: Use After Free •
CVSS: 5.5EPSS: 0%CPEs: 5EXPL: 0CVE-2024-35800 – efi: fix panic in kdump kernel
https://notcve.org/view.php?id=CVE-2024-35800
17 May 2024 — In the Linux kernel, the following vulnerability has been resolved: efi: fix panic in kdump kernel Check if get_next_variable() is actually valid pointer before calling it. ... En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: efi: arreglado el pánico en el kernel kdump. ... In the Linux kernel, the following vulnerability has been resolved: efi: fix panic in kdump kernel Check if get_next_variable() is actually valid pointer before calling it. • https://git.kernel.org/stable/c/a8901f331b8b7f95a7315d033a22bc84c8365f35 •
CVSS: 6.2EPSS: 0%CPEs: 4EXPL: 0CVE-2024-35799 – drm/amd/display: Prevent crash when disable stream
https://notcve.org/view.php?id=CVE-2024-35799
17 May 2024 — In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Prevent crash when disable stream [Why] Disabling stream encoder invokes a function that no longer exists. In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Prevent crash when disable stream [Why] Disabling stream encoder invokes a function that no longer exists. ... En el kernel de Linux, se resolvió la siguiente vulnerabilidad: drm/amd/display: evita fallos al deshab... • https://git.kernel.org/stable/c/4356a2c3f296503c8b420ae8adece053960a9f06 • CWE-400: Uncontrolled Resource Consumption •
CVSS: 7.0EPSS: 0%CPEs: 4EXPL: 0CVE-2024-35798 – btrfs: fix race in read_extent_buffer_pages()
https://notcve.org/view.php?id=CVE-2024-35798
17 May 2024 — In the Linux kernel, the following vulnerability has been resolved: btrfs: fix race in read_extent_buffer_pages() There are reports from tree-checker that detects corrupted nodes, without any obvious pattern so possibly an overwrite in memory. After some debugging it turns out there's a race when reading an extent buffer the uptodate status can be missed. ... • https://git.kernel.org/stable/c/d7172f52e9933b6ec9305e7fe6e829e3939dba04 •
CVSS: 5.5EPSS: 0%CPEs: 4EXPL: 0CVE-2024-35797 – mm: cachestat: fix two shmem bugs
https://notcve.org/view.php?id=CVE-2024-35797
17 May 2024 — In the Linux kernel, the following vulnerability has been resolved: mm: cachestat: fix two shmem bugs When cachestat on shmem races with swapping and invalidation, there are two possible bugs: 1) A swapin error can have resulted in a poisoned swap entry in the shmem inode's xarray. In the Linux kernel, the following vulnerability has been resolved: mm: cachestat: fix two shmem bugs When cachestat on shmem races with swapping and invalidation, there are two possible bugs: 1) A swapin error can ... • https://git.kernel.org/stable/c/cf264e1329fb0307e044f7675849f9f38b44c11a • CWE-787: Out-of-bounds Write •
CVSS: 5.5EPSS: 0%CPEs: 8EXPL: 0CVE-2024-35796 – net: ll_temac: platform_get_resource replaced by wrong function
https://notcve.org/view.php?id=CVE-2024-35796
17 May 2024 — In the Linux kernel, the following vulnerability has been resolved: net: ll_temac: platform_get_resource replaced by wrong function The function platform_get_resource was replaced with devm_platform_ioremap_resource_byname and is called using 0 as name. In the Linux kernel, the following vulnerability has been resolved: net: ll_temac: platform_get_resource replaced by wrong function The function platform_get_resource was replaced with devm_platform_ioremap_resource_byname and is called using 0... • https://git.kernel.org/stable/c/bd69058f50d5ffa659423bcfa6fe6280ce9c760a •
CVSS: 5.5EPSS: 0%CPEs: 4EXPL: 0CVE-2024-35795 – drm/amdgpu: fix deadlock while reading mqd from debugfs
https://notcve.org/view.php?id=CVE-2024-35795
17 May 2024 — In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: fix deadlock while reading mqd from debugfs An errant disk backup on my desktop got into debugfs and triggered the following deadlock scenario in the amdgpu debugfs files. In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: fix deadlock while reading mqd from debugfs An errant disk backup on my desktop got into debugfs and triggered the following deadlock scenario in the amdgpu debugfs f... • https://git.kernel.org/stable/c/445d85e3c1dfd8c45b24be6f1527f1e117256d0e • CWE-400: Uncontrolled Resource Consumption •