CVSS: 5.6EPSS: 0%CPEs: 2EXPL: 0CVE-2024-53086 – drm/xe: Drop VM dma-resv lock on xe_sync_in_fence_get failure in exec IOCTL
https://notcve.org/view.php?id=CVE-2024-53086
19 Nov 2024 — In the Linux kernel, the following vulnerability has been resolved: drm/xe: Drop VM dma-resv lock on xe_sync_in_fence_get failure in exec IOCTL Upon failure all locks need to be dropped before returning to the user. (cherry picked from commit 7d1a4258e602ffdce529f56686925034c1b3b095) • https://git.kernel.org/stable/c/58480c1c912ff8146d067301a0d04cca318b4a66 •
CVSS: 5.5EPSS: 0%CPEs: 5EXPL: 0CVE-2024-53085 – tpm: Lock TPM chip in tpm_pm_suspend() first
https://notcve.org/view.php?id=CVE-2024-53085
19 Nov 2024 — In the Linux kernel, the following vulnerability has been resolved: tpm: Lock TPM chip in tpm_pm_suspend() first Setting TPM_CHIP_FLAG_SUSPENDED in the end of tpm_pm_suspend() can be racy according, as this leaves window for tpm_hwrng_read() to be called while the operation is in progress. The recent bug report gives also evidence of this behaviour. Aadress this by locking the TPM chip before checking any chip->flags both in tpm_pm_suspend() and tpm_hwrng_read(). Move TPM_CHIP_FLAG_SUSPENDED check inside tp... • https://git.kernel.org/stable/c/99d46450625590d410f86fe4660a5eff7d3b8343 •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2024-53084 – drm/imagination: Break an object reference loop
https://notcve.org/view.php?id=CVE-2024-53084
19 Nov 2024 — In the Linux kernel, the following vulnerability has been resolved: drm/imagination: Break an object reference loop When remaining resources are being cleaned up on driver close, outstanding VM mappings may result in resources being leaked, due to an object reference loop, as shown below, with each object (or set of objects) referencing the object below it: PVR GEM Object GPU scheduler "finished" fence GPU scheduler “scheduled” fence PVR driver “done” fence PVR Context PVR VM Context PVR VM Mappings PVR GEM... • https://git.kernel.org/stable/c/4babef0708656c54e67ee0ee3994ee98898f51d1 •
CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 0CVE-2024-53083 – usb: typec: qcom-pmic: init value of hdr_len/txbuf_len earlier
https://notcve.org/view.php?id=CVE-2024-53083
19 Nov 2024 — In the Linux kernel, the following vulnerability has been resolved: usb: typec: qcom-pmic: init value of hdr_len/txbuf_len earlier If the read of USB_PDPHY_RX_ACKNOWLEDGE_REG failed, then hdr_len and txbuf_len are uninitialized. This commit stops to print uninitialized value and misleading/false data. In the Linux kernel, the following vulnerability has been resolved: usb: typec: qcom-pmic: init value of hdr_len/txbuf_len earlier If the read of USB_PDPHY_RX_ACKNOWLEDGE_REG failed, then hdr_len and txbuf_len... • https://git.kernel.org/stable/c/a4422ff221429c600c3dc5d0394fb3738b89d040 •
CVSS: 7.1EPSS: 0%CPEs: 4EXPL: 0CVE-2024-53082 – virtio_net: Add hash_key_length check
https://notcve.org/view.php?id=CVE-2024-53082
19 Nov 2024 — In the Linux kernel, the following vulnerability has been resolved: virtio_net: Add hash_key_length check Add hash_key_length check in virtnet_probe() to avoid possible out of bound errors when setting/reading the hash key. In the Linux kernel, the following vulnerability has been resolved: virtio_net: Add hash_key_length check Add hash_key_length check in virtnet_probe() to avoid possible out of bound errors when setting/reading the hash key. • https://git.kernel.org/stable/c/c7114b1249fa3b5f3a434606ba4cc89c4a27d618 •
CVSS: 5.5EPSS: 0%CPEs: 4EXPL: 0CVE-2024-53081 – media: ar0521: don't overflow when checking PLL values
https://notcve.org/view.php?id=CVE-2024-53081
19 Nov 2024 — In the Linux kernel, the following vulnerability has been resolved: media: ar0521: don't overflow when checking PLL values The PLL checks are comparing 64 bit integers with 32 bit ones, as reported by Coverity. Depending on the values of the variables, this may underflow. Fix it ensuring that both sides of the expression are u64. In the Linux kernel, the following vulnerability has been resolved: media: ar0521: don't overflow when checking PLL values The PLL checks are comparing 64 bit integers with 32 bit ... • https://git.kernel.org/stable/c/852b50aeed153b513c0b36298559114fab0fab80 •
CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 1CVE-2024-53080 – drm/panthor: Lock XArray when getting entries for the VM
https://notcve.org/view.php?id=CVE-2024-53080
19 Nov 2024 — In the Linux kernel, the following vulnerability has been resolved: drm/panthor: Lock XArray when getting entries for the VM Similar to commit cac075706f29 ("drm/panthor: Fix race when converting group handle to group object") we need to use the XArray's internal locking when retrieving a vm pointer from there. v2: Removed part of the patch that was trying to protect fetching the heap pointer from XArray, as that operation is protected by the @pool->lock. In the Linux kernel, the following vulnerability has... • https://packetstorm.news/files/id/183177 •
CVSS: 2.1EPSS: 0%CPEs: 3EXPL: 0CVE-2024-53079 – mm/thp: fix deferred split unqueue naming and locking
https://notcve.org/view.php?id=CVE-2024-53079
19 Nov 2024 — In the Linux kernel, the following vulnerability has been resolved: mm/thp: fix deferred split unqueue naming and locking Recent changes are putting more pressure on THP deferred split queues: under load revealing long-standing races, causing list_del corruptions, "Bad page state"s and worse (I keep BUGs in both of those, so usually don't get to see how badly they end up without). The relevant recent changes being 6.8's mTHP, 6.10's mTHP swapout, and 6.12's mTHP swapin, improved swap allocation, and underus... • https://git.kernel.org/stable/c/87eaceb3faa59b9b4d940ec9554ce251325d83fe •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2024-53078 – drm/tegra: Fix NULL vs IS_ERR() check in probe()
https://notcve.org/view.php?id=CVE-2024-53078
19 Nov 2024 — In the Linux kernel, the following vulnerability has been resolved: drm/tegra: Fix NULL vs IS_ERR() check in probe() The iommu_paging_domain_alloc() function doesn't return NULL pointers, it returns error pointers. Update the check to match. In the Linux kernel, the following vulnerability has been resolved: drm/tegra: Fix NULL vs IS_ERR() check in probe() The iommu_paging_domain_alloc() function doesn't return NULL pointers, it returns error pointers. Update the check to match. • https://git.kernel.org/stable/c/45c690aea8ee5b7d012cd593bd288540a4bfdbf0 •
CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 0CVE-2024-53077 – rpcrdma: Always release the rpcrdma_device's xa_array
https://notcve.org/view.php?id=CVE-2024-53077
19 Nov 2024 — In the Linux kernel, the following vulnerability has been resolved: rpcrdma: Always release the rpcrdma_device's xa_array Dai pointed out that the xa_init_flags() in rpcrdma_add_one() needs to have a matching xa_destroy() in rpcrdma_remove_one() to release underlying memory that the xarray might have accrued during operation. In the Linux kernel, the following vulnerability has been resolved: rpcrdma: Always release the rpcrdma_device's xa_array Dai pointed out that the xa_init_flags() in rpcrdma_add_one() ... • https://git.kernel.org/stable/c/7e86845a0346efc95fddaa97ce5cd6a8bda8c71c •