CVSS: 7.8EPSS: 0%CPEs: 5EXPL: 0CVE-2024-39463 – 9p: add missing locking around taking dentry fid list
https://notcve.org/view.php?id=CVE-2024-39463
25 Jun 2024 — An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the handling of the p9_fid object. ... An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of the kernel. ... A local attacker could use this to cause a denial of service or possibly execute arbitrary code. • https://git.kernel.org/stable/c/154372e67d4053e56591245eb413686621941333 • CWE-416: Use After Free •
CVSS: 9.8EPSS: 0%CPEs: 3EXPL: 0CVE-2024-39462 – clk: bcm: dvp: Assign ->num before accessing ->hws
https://notcve.org/view.php?id=CVE-2024-39462
25 Jun 2024 — A local attacker could use this to cause a denial of service or possibly execute arbitrary code. • https://git.kernel.org/stable/c/f316cdff8d677db9ad9c90acb44c4cd535b0ee27 • CWE-400: Uncontrolled Resource Consumption •
CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 0CVE-2024-39461 – clk: bcm: rpi: Assign ->num before accessing ->hws
https://notcve.org/view.php?id=CVE-2024-39461
25 Jun 2024 — A local attacker could use this to cause a denial of service or possibly execute arbitrary code. • https://git.kernel.org/stable/c/f316cdff8d677db9ad9c90acb44c4cd535b0ee27 •
CVSS: 5.5EPSS: 0%CPEs: 4EXPL: 0CVE-2024-39371 – io_uring: check for non-NULL file pointer in io_file_can_poll()
https://notcve.org/view.php?id=CVE-2024-39371
25 Jun 2024 — The trace leading to that looks as follows: BUG: kernel NULL pointer dereference, address: 00000000000000b0 PGD 0 P4D 0 Oops: 0000 [#1] PREEMPT SMP CPU: 67 PID: 1633 Comm: buf-ring-invali Not tainted 6.8.0-rc3+ #1 Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS unknown 2/2/2022 RIP: 0010:io_buffer_select+0xc3/0x210 Code: 00 00 48 39 d1 0f 82 ae 00 00 00 48 81 4b 48 00 00 01 00 48 89 73 70 0f b7 50 0c 66 89 53 42 85 ed 0f 85 d2 00 00 00 48 8b 13 <48> 8b 92 b0 00 00 00 48 83 7a 40 00 0f 84 ... • https://git.kernel.org/stable/c/a76c0b31eef50fdb8b21d53a6d050f59241fb88e •
CVSS: 7.0EPSS: 0%CPEs: 4EXPL: 0CVE-2024-39298 – mm/memory-failure: fix handling of dissolved but not taken off from buddy pages
https://notcve.org/view.php?id=CVE-2024-39298
25 Jun 2024 — A local attacker could use this to cause a denial of service or possibly execute arbitrary code. • https://git.kernel.org/stable/c/ceaf8fbea79a854373b9fc03c9fde98eb8712725 • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •
CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 0CVE-2024-39296 – bonding: fix oops during rmmod
https://notcve.org/view.php?id=CVE-2024-39296
25 Jun 2024 — Here are the relevant functions being called: bonding_exit() bond_destroy_debugfs() debugfs_remove_recursive(bonding_debug_root); bonding_debug_root = NULL; <--------- SET TO NULL HERE bond_netlink_fini() rtnl_link_unregister() __rtnl_link_unregister() unregister_netdevice_many_notify() bond_uninit() bond_debug_unregister() (commit removed check for bonding_debug_root == NULL) debugfs_remove() simple_recursive_removal() down_write() -> OOPS However, reverting the bad commit does not solve the problem comple... • https://git.kernel.org/stable/c/cc317ea3d9272fab4f6fef527c865f30ca479394 •
CVSS: 5.5EPSS: 0%CPEs: 10EXPL: 0CVE-2024-39276 – ext4: fix mb_cache_entry's e_refcnt leak in ext4_xattr_block_cache_find()
https://notcve.org/view.php?id=CVE-2024-39276
25 Jun 2024 — A local attacker could use this to cause a denial of service or possibly execute arbitrary code. • https://git.kernel.org/stable/c/b878c8a7f08f0c225b6a46ba1ac867e9c5d17807 • CWE-402: Transmission of Private Resources into a New Sphere ('Resource Leak') •
CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 0CVE-2024-38385 – genirq/irqdesc: Prevent use-after-free in irq_find_at_or_after()
https://notcve.org/view.php?id=CVE-2024-38385
25 Jun 2024 — A local attacker could use this to cause a denial of service or possibly execute arbitrary code. • https://git.kernel.org/stable/c/721255b9826bd11c7a38b585905fc2dd0fb94e52 •
CVSS: 7.0EPSS: 0%CPEs: 2EXPL: 0CVE-2024-38306 – btrfs: protect folio::private when attaching extent buffer folios
https://notcve.org/view.php?id=CVE-2024-38306
25 Jun 2024 — [FIX] Move all the code requiring i_private_lock into attach_eb_folio_to_filemap(), so that everything is done with proper lock protection. [FIX] Move all the code requiring i_private_lock into attach_eb_folio_to_filemap(), so that everything is done with proper lock protection. ... To reproducer that is able to hit the race (takes a few minutes with instrumented code inserting delays to alloc_extent_buffer()): #!... To reproducer that is able to hit the race (takes a few minutes with i... • https://git.kernel.org/stable/c/09e6cef19c9fc0e10547135476865b5272aa0406 •
CVSS: 6.1EPSS: 0%CPEs: 4EXPL: 0CVE-2024-37354 – btrfs: fix crash on racing fsync and size-extending write into prealloc
https://notcve.org/view.php?id=CVE-2024-37354
25 Jun 2024 — A local attacker could use this to cause a denial of service or possibly execute arbitrary code. • https://git.kernel.org/stable/c/1ff2bd566fbcefcb892be85c493bdb92b911c428 •