CVSS: -EPSS: 0%CPEs: 5EXPL: 0CVE-2024-42225 – wifi: mt76: replace skb_put with skb_put_zero
https://notcve.org/view.php?id=CVE-2024-42225
In the Linux kernel, the following vulnerability has been resolved: wifi: mt76: replace skb_put with skb_put_zero Avoid potentially reusing uninitialized data • https://git.kernel.org/stable/c/dc7f14d00d0c4c21898f3504607f4a31079065a2 https://git.kernel.org/stable/c/22ea2a7f0b64d323625950414a4496520fb33657 https://git.kernel.org/stable/c/ff6b26be13032c5fbd6b6a0b24358f8eaac4f3af https://git.kernel.org/stable/c/64f86337ccfe77fe3be5a9356b0dabde23fbb074 https://git.kernel.org/stable/c/7f819a2f4fbc510e088b49c79addcf1734503578 •
CVSS: -EPSS: 0%CPEs: 8EXPL: 0CVE-2024-42224 – net: dsa: mv88e6xxx: Correct check for empty list
https://notcve.org/view.php?id=CVE-2024-42224
In the Linux kernel, the following vulnerability has been resolved: net: dsa: mv88e6xxx: Correct check for empty list Since commit a3c53be55c95 ("net: dsa: mv88e6xxx: Support multiple MDIO busses") mv88e6xxx_default_mdio_bus() has checked that the return value of list_first_entry() is non-NULL. This appears to be intended to guard against the list chip->mdios being empty. However, it is not the correct check as the implementation of list_first_entry is not designed to return NULL for empty lists. Instead, use list_first_entry_or_null() which does return NULL if the list is empty. Flagged by Smatch. Compile tested only. • https://git.kernel.org/stable/c/47d28dde172696031c880c5778633cdca30394ee https://git.kernel.org/stable/c/3bf8d70e1455f87856640c3433b3660a31001618 https://git.kernel.org/stable/c/2a2fe25a103cef73cde356e6d09da10f607e93f5 https://git.kernel.org/stable/c/8c2c3cca816d074c75a2801d1ca0dea7b0148114 https://git.kernel.org/stable/c/aa03f591ef31ba603a4a99d05d25a0f21ab1cd89 https://git.kernel.org/stable/c/3f25b5f1635449036692a44b771f39f772190c1d https://git.kernel.org/stable/c/f75625db838ade28f032dacd0f0c8baca42ecde4 https://git.kernel.org/stable/c/4c7f3950a9fd53a62b156c0fe7c3a2c43 •
CVSS: -EPSS: 0%CPEs: 8EXPL: 0CVE-2024-42223 – media: dvb-frontends: tda10048: Fix integer overflow
https://notcve.org/view.php?id=CVE-2024-42223
In the Linux kernel, the following vulnerability has been resolved: media: dvb-frontends: tda10048: Fix integer overflow state->xtal_hz can be up to 16M, so it can overflow a 32 bit integer when multiplied by pll_mfactor. Create a new 64 bit variable to hold the calculations. • https://git.kernel.org/stable/c/8167e4d7dc086d4f7ca7897dcff3827e4d22c99a https://git.kernel.org/stable/c/5c72587d024f087aecec0221eaff2fe850d856ce https://git.kernel.org/stable/c/e1ba22618758e95e09c9fd30c69ccce38edf94c0 https://git.kernel.org/stable/c/bd5620439959a7e02012588c724c6ff5143b80af https://git.kernel.org/stable/c/1663e2474e4d777187d749a5c90ae83232db32bd https://git.kernel.org/stable/c/8ac224e9371dc3c4eb666033e6b42d05cf5184a1 https://git.kernel.org/stable/c/1121d8a5c6ed6b8fad492e43b63b386cb6a3a9d8 https://git.kernel.org/stable/c/1aa1329a67cc214c3b7bd2a14d1301a79 •
CVSS: -EPSS: 0%CPEs: 2EXPL: 0CVE-2024-42162 – gve: Account for stopped queues when reading NIC stats
https://notcve.org/view.php?id=CVE-2024-42162
In the Linux kernel, the following vulnerability has been resolved: gve: Account for stopped queues when reading NIC stats We now account for the fact that the NIC might send us stats for a subset of queues. Without this change, gve_get_ethtool_stats might make an invalid access on the priv->stats_report->stats array. • https://git.kernel.org/stable/c/32675d828c8a392e20d5b42375ed112c407e4b62 https://git.kernel.org/stable/c/af9bcf910b1f86244f39e15e701b2dc564b469a6 •
CVSS: -EPSS: 0%CPEs: 6EXPL: 0CVE-2024-42161 – bpf: Avoid uninitialized value in BPF_CORE_READ_BITFIELD
https://notcve.org/view.php?id=CVE-2024-42161
In the Linux kernel, the following vulnerability has been resolved: bpf: Avoid uninitialized value in BPF_CORE_READ_BITFIELD [Changes from V1: - Use a default branch in the switch statement to initialize `val'.] GCC warns that `val' may be used uninitialized in the BPF_CRE_READ_BITFIELD macro, defined in bpf_core_read.h as: [...] unsigned long long val; \ [...] \ switch (__CORE_RELO(s, field, BYTE_SIZE)) { \ case 1: val = *(const unsigned char *)p; break; \ case 2: val = *(const unsigned short *)p; break; \ case 4: val = *(const unsigned int *)p; break; \ case 8: val = *(const unsigned long long *)p; break; \ } \ [...] val; \ } \ This patch adds a default entry in the switch statement that sets `val' to zero in order to avoid the warning, and random values to be used in case __builtin_preserve_field_info returns unexpected values for BPF_FIELD_BYTE_SIZE. Tested in bpf-next master. No regressions. • https://git.kernel.org/stable/c/b694989bb13ed5f166e633faa1eb0f21c6d261a6 https://git.kernel.org/stable/c/3364c2ed1c241989847f19cf83e3db903ce689e3 https://git.kernel.org/stable/c/a21d76bd0b0d39518e9a4c19f6cf7c042a974aff https://git.kernel.org/stable/c/7e5471b5efebc30dd0bc035cda86693a5c73d45f https://git.kernel.org/stable/c/ff941a8449e712eaf7efca1a13bfb9afd3d99fc2 https://git.kernel.org/stable/c/009367099eb61a4fc2af44d4eb06b6b4de7de6db •