CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 0CVE-2024-27409 – dmaengine: dw-edma: HDMA: Add sync read before starting the DMA transfer in remote setup
https://notcve.org/view.php?id=CVE-2024-27409
17 May 2024 — In the Linux kernel, the following vulnerability has been resolved: dmaengine: dw-edma: HDMA: Add sync read before starting the DMA transfer in remote setup The Linked list element and pointer are not stored in the same memory as the HDMA controller register. In the Linux kernel, the following vulnerability has been resolved: dmaengine: dw-edma: HDMA: Add sync read before starting the DMA transfer in remote setup The Linked list element and pointer are not stored in the same memory as the HDMA... • https://git.kernel.org/stable/c/e74c39573d35e9ac441090ff8183aa3dc2540649 •
CVSS: 2.5EPSS: 0%CPEs: 3EXPL: 0CVE-2024-27408 – dmaengine: dw-edma: eDMA: Add sync read before starting the DMA transfer in remote setup
https://notcve.org/view.php?id=CVE-2024-27408
17 May 2024 — In the Linux kernel, the following vulnerability has been resolved: dmaengine: dw-edma: eDMA: Add sync read before starting the DMA transfer in remote setup The Linked list element and pointer are not stored in the same memory as the eDMA controller register. In the Linux kernel, the following vulnerability has been resolved: dmaengine: dw-edma: eDMA: Add sync read before starting the DMA transfer in remote setup The Linked list element and pointer are not stored in the same memory as the eDMA... • https://git.kernel.org/stable/c/7e4b8a4fbe2cecab0959e862604803d063f50029 •
CVSS: 5.5EPSS: 0%CPEs: 5EXPL: 0CVE-2023-52657 – Revert "drm/amd/pm: resolve reboot exception for si oland"
https://notcve.org/view.php?id=CVE-2023-52657
17 May 2024 — In the Linux kernel, the following vulnerability has been resolved: Revert "drm/amd/pm: resolve reboot exception for si oland" This reverts commit e490d60a2f76bff636c68ce4fe34c1b6c34bbd86. In the Linux kernel, the following vulnerability has been resolved: Revert "drm/amd/pm: resolve reboot exception for si oland" This reverts commit e490d60a2f76bff636c68ce4fe34c1b6c34bbd86. ... En el kernel de Linux, se resolvió la siguiente vulnerabilidad: Revertir "drm/amd/pm: resolve reboot exceptio... • https://git.kernel.org/stable/c/0f8f233ed76754b0c9262eb2e82f8529da0bef16 •
CVSS: 8.4EPSS: 0%CPEs: 4EXPL: 0CVE-2024-27407 – fs/ntfs3: Fixed overflow check in mi_enum_attr()
https://notcve.org/view.php?id=CVE-2024-27407
17 May 2024 — In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: Fixed overflow check in mi_enum_attr() En el kernel de Linux se ha resuelto la siguiente vulnerabilidad: fs/ntfs3: Se corrigió la verificación de desbordamiento en mi_enum_attr() • https://git.kernel.org/stable/c/4534a70b7056fd4b9a1c6db5a4ce3c98546b291e • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 0CVE-2024-27406 – lib/Kconfig.debug: TEST_IOV_ITER depends on MMU
https://notcve.org/view.php?id=CVE-2024-27406
17 May 2024 — In the Linux kernel, the following vulnerability has been resolved: lib/Kconfig.debug: TEST_IOV_ITER depends on MMU Trying to run the iov_iter unit test on a nommu system such as the qemu kc705-nommu emulation results in a crash. In the Linux kernel, the following vulnerability has been resolved: lib/Kconfig.debug: TEST_IOV_ITER depends on MMU Trying to run the iov_iter unit test on a nommu system such as the qemu kc705-nommu emulation results in a crash. ... En el kernel de Linux, se r... • https://git.kernel.org/stable/c/2d71340ff1d41a5b9fc1b30ded12d638b2e2ae96 •
CVSS: 7.5EPSS: 0%CPEs: 8EXPL: 0CVE-2024-27405 – usb: gadget: ncm: Avoid dropping datagrams of properly parsed NTBs
https://notcve.org/view.php?id=CVE-2024-27405
17 May 2024 — In the Linux kernel, the following vulnerability has been resolved: usb: gadget: ncm: Avoid dropping datagrams of properly parsed NTBs It is observed sometimes when tethering is used over NCM with Windows 11 as host, at some instances, the gadget_giveback has one byte appended at the end of a proper NTB. In the Linux kernel, the following vulnerability has been resolved: usb: gadget: ncm: Avoid dropping datagrams of properly parsed NTBs It is observed sometimes when tethering is used over NCM ... • https://git.kernel.org/stable/c/9f6ce4240a2bf456402c15c06768059e5973f28c • CWE-476: NULL Pointer Dereference •
CVSS: 5.8EPSS: 0%CPEs: 4EXPL: 0CVE-2024-27404 – mptcp: fix data races on remote_id
https://notcve.org/view.php?id=CVE-2024-27404
17 May 2024 — In the Linux kernel, the following vulnerability has been resolved: mptcp: fix data races on remote_id Similar to the previous patch, address the data race on remote_id, adding the suitable ONCE annotations. In the Linux kernel, the following vulnerability has been resolved: mptcp: fix data races on remote_id Similar to the previous patch, address the data race on remote_id, adding the suitable ONCE annotations. En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: mptcp: c... • https://git.kernel.org/stable/c/bedee0b561138346967cf1443f2afd1b48b3148f •
CVSS: 5.5EPSS: 0%CPEs: 5EXPL: 0CVE-2024-27403 – netfilter: nft_flow_offload: reset dst in route object after setting up flow
https://notcve.org/view.php?id=CVE-2024-27403
17 May 2024 — In the Linux kernel, the following vulnerability has been resolved: netfilter: nft_flow_offload: reset dst in route object after setting up flow dst is transferred to the flow object, route object does not own it anymore. In the Linux kernel, the following vulnerability has been resolved: netfilter: nft_flow_offload: reset dst in route object after setting up flow dst is transferred to the flow object, route object does not own it anymore. ... En el kernel de Linux, se resolvió la sigui... • https://git.kernel.org/stable/c/a3c90f7a2323b331ae816d5b0633e68148e25d04 •
CVSS: 5.8EPSS: 0%CPEs: 4EXPL: 0CVE-2024-27402 – phonet/pep: fix racy skb_queue_empty() use
https://notcve.org/view.php?id=CVE-2024-27402
17 May 2024 — In the Linux kernel, the following vulnerability has been resolved: phonet/pep: fix racy skb_queue_empty() use The receive queues are protected by their respective spin-lock, not the socket lock. In the Linux kernel, the following vulnerability has been resolved: phonet/pep: fix racy skb_queue_empty() use The receive queues are protected by their respective spin-lock, not the socket lock. ... En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: phonet/pep: corrige el uso p... • https://git.kernel.org/stable/c/9641458d3ec42def729fde64669abf07f3220cd5 •
CVSS: 9.0EPSS: 0%CPEs: 7EXPL: 56CVE-2024-32002 – Git's recursive clones on case-insensitive filesystems that support symlinks are susceptible to Remote Code Execution
https://notcve.org/view.php?id=CVE-2024-32002
14 May 2024 — Git is a revision control system. Prior to versions 2.45.1, 2.44.1, 2.43.4, 2.42.2, 2.41.1, 2.40.2, and 2.39.4, repositories with submodules can be crafted in a way that exploits a bug in Git whereby it can be fooled into writing files not into the submodule's worktree but into a `.git/` directory. This allows writing a hook that will be executed while the clone operation is still running, giving the user no opportunity to inspect the code that is being executed. The problem has been patched in versions 2.4... • https://github.com/10cks/CVE-2024-32002-linux-hulk • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') CWE-59: Improper Link Resolution Before File Access ('Link Following') CWE-434: Unrestricted Upload of File with Dangerous Type •