CVSS: -EPSS: 0%CPEs: 10EXPL: 0CVE-2024-38602 – ax25: Fix reference count leak issues of ax25_dev
https://notcve.org/view.php?id=CVE-2024-38602
In the Linux kernel, the following vulnerability has been resolved: ax25: Fix reference count leak issues of ax25_dev The ax25_addr_ax25dev() and ax25_dev_device_down() exist a reference count leak issue of the object "ax25_dev". Memory leak issue in ax25_addr_ax25dev(): The reference count of the object "ax25_dev" can be increased multiple times in ax25_addr_ax25dev(). ... En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: ax25: soluciona problemas de pérdida de recuento de referencias de ax25_dev. • https://git.kernel.org/stable/c/d01ffb9eee4af165d83b08dd73ebdf9fe94a519b https://git.kernel.org/stable/c/ef0a2a0565727a48f2e36a2c461f8b1e3a61922d https://git.kernel.org/stable/c/e2b558fe507a1ed4c43db2b0057fc6e41f20a14c https://git.kernel.org/stable/c/418993bbaafb0cd48f904ba68eeda052d624c821 https://git.kernel.org/stable/c/5ea00fc60676c0eebfa8560ec461209d638bca9d https://git.kernel.org/stable/c/9af0fd5c4453a44c692be0cbb3724859b75d739b https://git.kernel.org/stable/c/ae467750a3765dd1092eb29f58247950a2f9b60c https://git.kernel.org/stable/c/38eb01edfdaa1562fa00429be2e33f453 •
CVSS: 4.1EPSS: 0%CPEs: 9EXPL: 0CVE-2024-38601 – ring-buffer: Fix a race between readers and resize checks
https://notcve.org/view.php?id=CVE-2024-38601
In the Linux kernel, the following vulnerability has been resolved: ring-buffer: Fix a race between readers and resize checks The reader code in rb_get_reader_page() swaps a new reader page into the ring buffer by doing cmpxchg on old->list.prev->next to point it to the new page. ... ret) goto spin; for (unsigned i = 0; i < 1U << 26; i++) /* inserted delay loop */ __asm__ __volatile__ ("" : : : "memory"); rb_list_head(reader->list.next)->prev = &cpu_buffer->reader_page->list; .. ---truncated--- En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: ring-buffer: corrige una ejecución entre lectores y cambia el tamaño de las comprobaciones. • https://git.kernel.org/stable/c/659f451ff21315ebfeeb46b9adccee8ce1b52c25 https://git.kernel.org/stable/c/b50932ea673b5a089a4bb570a8a868d95c72854e https://git.kernel.org/stable/c/c68b7a442ee61d04ca58b2b5cb5ea7cb8230f84a https://git.kernel.org/stable/c/1e160196042cac946798ac192a0bc3398f1aa66b https://git.kernel.org/stable/c/595363182f28786d641666a09e674b852c83b4bb https://git.kernel.org/stable/c/54c64967ba5f8658ae7da76005024ebd3d9d8f6e https://git.kernel.org/stable/c/af3274905b3143ea23142bbf77bd9b610c54e533 https://git.kernel.org/stable/c/5ef9e330406d3fb4f4b2c8bca2c6b8a93 • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •
CVSS: -EPSS: 0%CPEs: 6EXPL: 0CVE-2024-38600 – ALSA: Fix deadlocks with kctl removals at disconnection
https://notcve.org/view.php?id=CVE-2024-38600
In the Linux kernel, the following vulnerability has been resolved: ALSA: Fix deadlocks with kctl removals at disconnection In snd_card_disconnect(), we set card->shutdown flag at the beginning, call callbacks and do sync for card->power_ref_sleep waiters at the end. ... En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: ALSA: soluciona interbloqueos con eliminaciones de kctl al desconectar fin. • https://git.kernel.org/stable/c/ff80185e7b7b547a0911fcfc8aefc61c3e8304d7 https://git.kernel.org/stable/c/c2fb439f4f1425a961d20bec818fed2c2d9ef70a https://git.kernel.org/stable/c/2f103287ef7960854808930499d1181bd0145d68 https://git.kernel.org/stable/c/88ce3fe255d58a93624b467af036dc3519f309c7 https://git.kernel.org/stable/c/6b55e879e7bd023a03888fc6c8339edf82f576f4 https://git.kernel.org/stable/c/87988a534d8e12f2e6fc01fe63e6c1925dc5307c •
CVSS: -EPSS: 0%CPEs: 9EXPL: 0CVE-2024-38599 – jffs2: prevent xattr node from overflowing the eraseblock
https://notcve.org/view.php?id=CVE-2024-38599
In the Linux kernel, the following vulnerability has been resolved: jffs2: prevent xattr node from overflowing the eraseblock Add a check to make sure that the requested xattr node size is no larger than the eraseblock minus the cleanmarker. Unlike the usual inode nodes, the xattr nodes aren't split into parts and spread across multiple eraseblocks, which means that a xattr node must not occupy more than one eraseblock. ... entry_SYSCALL_64_after_hwframe+0x76/0x7e [...] Found by Linux Verification Center (linuxtesting.org) with Syzkaller. En el kernel de Linux, se resolvió la siguiente vulnerabilidad: jffs2: evita que el nodo xattr desborde el bloque de borrado. ... Esto rompe el sistema de archivos y puede provocar fallas de KASAN como: ERROR: KASAN: losa fuera de los límites en jffs2_sum_add_kvec+0x125e/0x15d0 Lectura de tamaño 4 en addr ffff88802c31e914 por tarea repro/830 CPU: 0 PID: 830 Comm: repro Not tainted 6.9.0-rc3+ #1 Nombre de hardware: PC estándar QEMU (i440FX + PIIX, 1996), BIOS Arch Linux 1.16.3-1-1 01/04/2014 Seguimiento de llamadas: dump_stack_lvl+0xc6/0x120 print_report+0xc4/0x620 ? ... Encontrado por el Centro de verificación de Linux (linuxtesting.org) con Syzkaller. • https://git.kernel.org/stable/c/aa98d7cf59b5b0764d3502662053489585faf2fe https://git.kernel.org/stable/c/2904e1d9b64f72d291095e3cbb31634f08788b11 https://git.kernel.org/stable/c/526235dffcac74c7823ed504dfac4f88d84ba5df https://git.kernel.org/stable/c/f0eea095ce8c959b86e1e57fe36ca4fea5ae54f8 https://git.kernel.org/stable/c/a1d21bcd78cf4a4353e1e835789429c6b76aca8b https://git.kernel.org/stable/c/f06969df2e40ab1dc8f4364a5de967830c74a098 https://git.kernel.org/stable/c/af82d8d2179b7277ad627c39e7e0778f1c86ccdb https://git.kernel.org/stable/c/8d431391320c5c5398ff966fb3a95e68a •
CVSS: 5.5EPSS: 0%CPEs: 11EXPL: 0CVE-2024-38598 – md: fix resync softlockup when bitmap size is less than array size
https://notcve.org/view.php?id=CVE-2024-38598
In the Linux kernel, the following vulnerability has been resolved: md: fix resync softlockup when bitmap size is less than array size Is is reported that for dm-raid10, lvextend + lvchange --syncaction will trigger following softlockup: kernel:watchdog: BUG: soft lockup - CPU#3 stuck for 26s! ... En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: md: corrige el bloqueo suave de resincronización cuando el tamaño del mapa de bits es menor que el tamaño de la matriz. • https://git.kernel.org/stable/c/374fb914304d9b500721007f3837ea8f1f9a2418 https://git.kernel.org/stable/c/b0b971fe7d61411ede63c3291764dbde1577ef2c https://git.kernel.org/stable/c/39fa14e824acfd470db4f42c354297456bd82b53 https://git.kernel.org/stable/c/a134dd582c0d5b6068efa308bd485cf1d00b3f65 https://git.kernel.org/stable/c/be1a3ec63a840cc9e59a033acf154f56255699a1 https://git.kernel.org/stable/c/301867b1c16805aebbc306aafa6ecdc68b73c7e5 https://git.kernel.org/stable/c/152bb26796ff054af50b2ee1b3ca56e364e4f61b https://git.kernel.org/stable/c/bea301c046110bf421a3ce153fb868cb8 • CWE-667: Improper Locking •