CVSS: 5.5EPSS: 0%CPEs: 7EXPL: 0CVE-2024-47735 – RDMA/hns: Fix spin_unlock_irqrestore() called with IRQs enabled
https://notcve.org/view.php?id=CVE-2024-47735
21 Oct 2024 — Call trace: warn_bogus_irq_restore+0x30/0x40 _raw_spin_unlock_irqrestore+0x84/0xc8 add_qp_to_list+0x11c/0x148 [hns_roce_hw_v2] hns_roce_create_qp_common.constprop.0+0x240/0x780 [hns_roce_hw_v2] hns_roce_create_qp+0x98/0x160 [hns_roce_hw_v2] create_qp+0x138/0x258 ib_create_qp_kernel+0x50/0xe8 create_mad_qp+0xa8/0x128 ib_mad_port_open+0x218/0x448 ib_mad_init_device+0x70/0x1f8 add_client_context+0xfc/0x220 enable_device_and_get+0xd0/0x140 ib_register_device.part.0+0xf4/0x1c8 ib_register_device+0x34/0x50 hns_ro... • https://git.kernel.org/stable/c/9a4435375cd151e07c0c38fa601b00115986091b •
CVSS: 8.5EPSS: 0%CPEs: 6EXPL: 0CVE-2024-47734 – bonding: Fix unnecessary warnings and logs from bond_xdp_get_xmit_slave()
https://notcve.org/view.php?id=CVE-2024-47734
21 Oct 2024 — [1] Steps to reproduce: # Needs tx_xdp with return XDP_TX; ip l add veth0 type veth peer veth1 ip l add veth3 type veth peer veth4 ip l add bond0 type bond mode 6 # BOND_MODE_ALB, unsupported by XDP ip l add bond1 type bond # BOND_MODE_ROUNDROBIN by default ip l set veth0 master bond1 ip l set bond1 up # Increases bpf_master_redirect_enabled_key ip l set dev bond1 xdpdrv object tx_xdp.o section xdp_tx ip l set veth3 master bond0 ip l set bond0 up ip l set veth4 up # Triggers WARN_ON_ONCE() from the xdp_mast... • https://git.kernel.org/stable/c/9e2ee5c7e7c35d195e2aa0692a7241d47a433d1e •
CVSS: 7.1EPSS: 0%CPEs: 3EXPL: 0CVE-2024-47733 – netfs: Delete subtree of 'fs/netfs' when netfs module exits
https://notcve.org/view.php?id=CVE-2024-47733
21 Oct 2024 — In the Linux kernel, the following vulnerability has been resolved: netfs: Delete subtree of 'fs/netfs' when netfs module exits In netfs_init() or fscache_proc_init(), we create dentry under 'fs/netfs', but in netfs_exit(), we only delete the proc entry of 'fs/netfs' without deleting its subtree. In the Linux kernel, the following vulnerability has been resolved: netfs: Delete subtree of 'fs/netfs' when netfs module exits In netfs_init() or fscache_proc_init(), we create dentry under 'fs/netfs... • https://git.kernel.org/stable/c/7eb5b3e3a0a55f2d166ca949ef47ca6e0c704aab •
CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 0CVE-2024-47732 – crypto: iaa - Fix potential use after free bug
https://notcve.org/view.php?id=CVE-2024-47732
21 Oct 2024 — In the Linux kernel, the following vulnerability has been resolved: crypto: iaa - Fix potential use after free bug The free_device_compression_mode(iaa_device, device_mode) function frees "device_mode" but it iss passed to iaa_compression_modes[i]->free() a few lines later resulting in a use after free. ... But, with this fix, when something does implement it, we'll be ready. :) In the Linux kernel, the following vulnerability has been resolved: crypto: iaa - Fix potential use after free bug T... • https://git.kernel.org/stable/c/b190447e0fa3ef7355480d641d078962e03768b4 •
CVSS: 5.5EPSS: 0%CPEs: 5EXPL: 0CVE-2024-47731 – drivers/perf: Fix ali_drw_pmu driver interrupt status clearing
https://notcve.org/view.php?id=CVE-2024-47731
21 Oct 2024 — In the Linux kernel, the following vulnerability has been resolved: drivers/perf: Fix ali_drw_pmu driver interrupt status clearing The alibaba_uncore_pmu driver forgot to clear all interrupt status in the interrupt processing function. In the Linux kernel, the following vulnerability has been resolved: drivers/perf: Fix ali_drw_pmu driver interrupt status clearing The alibaba_uncore_pmu driver forgot to clear all interrupt status in the interrupt processing function. ... • https://git.kernel.org/stable/c/cf7b61073e4526caa247616f6fbb174cbd2a5366 •
CVSS: 9.4EPSS: 0%CPEs: 7EXPL: 0CVE-2024-47730 – crypto: hisilicon/qm - inject error before stopping queue
https://notcve.org/view.php?id=CVE-2024-47730
21 Oct 2024 — In the Linux kernel, the following vulnerability has been resolved: crypto: hisilicon/qm - inject error before stopping queue The master ooo cannot be completely closed when the accelerator core reports memory error. In the Linux kernel, the following vulnerability has been resolved: crypto: hisilicon/qm - inject error before stopping queue The master ooo cannot be completely closed when the accelerator core reports memory error. ... • https://git.kernel.org/stable/c/6c6dd5802c2d6769fa589c0e8de54299def199a7 •
CVSS: 7.1EPSS: 0%CPEs: 2EXPL: 0CVE-2024-47729 – drm/xe: Use reserved copy engine for user binds on faulting devices
https://notcve.org/view.php?id=CVE-2024-47729
21 Oct 2024 — In the Linux kernel, the following vulnerability has been resolved: drm/xe: Use reserved copy engine for user binds on faulting devices User binds map to engines with can fault, faults depend on user binds completion, thus we can deadlock. ... While we are here, normalize bind queue creation with a helper. v2: - Pass in extensions to bind queue creation (CI) v3: - s/resevered/reserved (Lucas) - Fix NULL hwe check (Jonathan) In the Linux kernel, the following vulnerability has been resolved: dr... • https://git.kernel.org/stable/c/dd08ebf6c3525a7ea2186e636df064ea47281987 •
CVSS: 5.5EPSS: 0%CPEs: 5EXPL: 0CVE-2024-47728 – bpf: Zero former ARG_PTR_TO_{LONG,INT} args in case of error
https://notcve.org/view.php?id=CVE-2024-47728
21 Oct 2024 — In the Linux kernel, the following vulnerability has been resolved: bpf: Zero former ARG_PTR_TO_{LONG,INT} args in case of error For all non-tracing helpers which formerly had ARG_PTR_TO_{LONG,INT} as input arguments, zero the value for the case of an error as otherwise it could leak memory. In the Linux kernel, the following vulnerability has been resolved: bpf: Zero former ARG_PTR_TO_{LONG,INT} args in case of error For all non-tracing helpers which formerly had ARG_PTR_TO_{LONG,INT} as inpu... • https://git.kernel.org/stable/c/d7a4cb9b6705a89937d12c8158a35a3145dc967a •
CVSS: 7.1EPSS: 0%CPEs: 5EXPL: 0CVE-2024-47727 – x86/tdx: Fix "in-kernel MMIO" check
https://notcve.org/view.php?id=CVE-2024-47727
21 Oct 2024 — In the Linux kernel, the following vulnerability has been resolved: x86/tdx: Fix "in-kernel MMIO" check TDX only supports kernel-initiated MMIO operations. In the Linux kernel, the following vulnerability has been resolved: x86/tdx: Fix "in-kernel MMIO" check TDX only supports kernel-initiated MMIO operations. ... In the Linux kernel, the following vulnerability has been resolved: x86/tdx: Fix "in-kernel MMIO" check TDX only supports kernel-initiated MMIO operations. ... Michael Randria... • https://git.kernel.org/stable/c/31d58c4e557d46fa7f8557714250fb6f89c941ae •
CVSS: 6.8EPSS: 0%CPEs: 6EXPL: 0CVE-2024-47726 – f2fs: fix to wait dio completion
https://notcve.org/view.php?id=CVE-2024-47726
21 Oct 2024 — In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to wait dio completion It should wait all existing dio write IOs before block removal, otherwise, previous direct write IO may overwrite data in the block which may be reused by other inode. In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to wait dio completion It should wait all existing dio write IOs before block removal, otherwise, previous direct write IO may overwrite data in the bl... • https://git.kernel.org/stable/c/98e4da8ca301e062d79ae168c67e56f3c3de3ce4 •