CVSS: -EPSS: 0%CPEs: 2EXPL: 0CVE-2024-56714 – ionic: no double destroy workqueue
https://notcve.org/view.php?id=CVE-2024-56714
29 Dec 2024 — In the Linux kernel, the following vulnerability has been resolved: ionic: no double destroy workqueue There are some FW error handling paths that can cause us to try to destroy the workqueue more than once, so let's be sure we're checking for that. The case where this popped up was in an AER event where the handlers got called in such a way that ionic_reset_prepare() and thus ionic_dev_teardown() got called twice in a row. The second time through the workqueue was already destroyed, and destroy_workqueu... • https://git.kernel.org/stable/c/9e25450da7006cd6f425248a5b38dad4adb3c981 •
CVSS: -EPSS: 0%CPEs: 2EXPL: 0CVE-2024-56713 – net: netdevsim: fix nsim_pp_hold_write()
https://notcve.org/view.php?id=CVE-2024-56713
29 Dec 2024 — In the Linux kernel, the following vulnerability has been resolved: net: netdevsim: fix nsim_pp_hold_write() nsim_pp_hold_write() has two problems: 1) It may return with rtnl held, as found by syzbot. 2) Its return value does not propagate an error if any. • https://git.kernel.org/stable/c/1580cbcbfe770b0a7fb76735c1a601483335c1c2 •
CVSS: -EPSS: 0%CPEs: 2EXPL: 0CVE-2024-56712 – udmabuf: fix memory leak on last export_udmabuf() error path
https://notcve.org/view.php?id=CVE-2024-56712
29 Dec 2024 — In the Linux kernel, the following vulnerability has been resolved: udmabuf: fix memory leak on last export_udmabuf() error path In export_udmabuf(), if dma_buf_fd() fails because the FD table is full, a dma_buf owning the udmabuf has already been created; but the error handling in udmabuf_create() will tear down the udmabuf without doing anything about the containing dma_buf. This leaves a dma_buf in memory that contains a dangling pointer; though that doesn't seem to lead to anything bad except a memor... • https://git.kernel.org/stable/c/fbb0de795078190a9834b3409e4b009cfb18a6d4 •
CVSS: -EPSS: 0%CPEs: 2EXPL: 0CVE-2024-56711 – drm/panel: himax-hx83102: Add a check to prevent NULL pointer dereference
https://notcve.org/view.php?id=CVE-2024-56711
29 Dec 2024 — In the Linux kernel, the following vulnerability has been resolved: drm/panel: himax-hx83102: Add a check to prevent NULL pointer dereference drm_mode_duplicate() could return NULL due to lack of memory, which will then call NULL pointer dereference. Add a check to prevent it. • https://git.kernel.org/stable/c/0ef94554dc40fbdb7e57ff90cd1e7fa71e1e89fd •
CVSS: -EPSS: 0%CPEs: 3EXPL: 0CVE-2024-56710 – ceph: fix memory leak in ceph_direct_read_write()
https://notcve.org/view.php?id=CVE-2024-56710
29 Dec 2024 — In the Linux kernel, the following vulnerability has been resolved: ceph: fix memory leak in ceph_direct_read_write() The bvecs array which is allocated in iter_get_bvecs_alloc() is leaked and pages remain pinned if ceph_alloc_sparse_ext_map() fails. There is no need to delay the allocation of sparse_ext map until after the bvecs array is set up, so fix this by moving sparse_ext allocation a bit earlier. Also, make a similar adjustment in __ceph_sync_read() for consistency (a leak of the same kind in __... • https://git.kernel.org/stable/c/03bc06c7b0bd8d86b9f17f459acaeb1283ba2700 •
CVSS: -EPSS: 0%CPEs: 4EXPL: 0CVE-2024-56709 – io_uring: check if iowq is killed before queuing
https://notcve.org/view.php?id=CVE-2024-56709
29 Dec 2024 — In the Linux kernel, the following vulnerability has been resolved: io_uring: check if iowq is killed before queuing task work can be executed after the task has gone through io_uring termination, whether it's the final task_work run or the fallback path. In this case, task work will find ->io_wq being already killed and null'ed, which is a problem if it then tries to forward the request to io_queue_iowq(). Make io_queue_iowq() fail requests in this case. Note that it also checks PF_KTHREAD, because the ... • https://git.kernel.org/stable/c/773af69121ecc6c53d192661af8d53bb3db028ae •
CVSS: -EPSS: 0%CPEs: 6EXPL: 0CVE-2024-56708 – EDAC/igen6: Avoid segmentation fault on module unload
https://notcve.org/view.php?id=CVE-2024-56708
28 Dec 2024 — In the Linux kernel, the following vulnerability has been resolved: EDAC/igen6: Avoid segmentation fault on module unload The segmentation fault happens because: During modprobe: 1. In igen6_probe(), igen6_pvt will be allocated with kzalloc() 2. In igen6_register_mci(), mci->pvt_info will point to &igen6_pvt->imc[mc] During rmmod: 1. In mci_release() in edac_mc.c, it will kfree(mci->pvt_info) 2. In igen6_remove(), it will kfree(igen6_pvt); Fix this issue by setting mci->pvt_info to NULL to avoid the... • https://git.kernel.org/stable/c/10590a9d4f23e0a519730d79d39331df60ad2079 •
CVSS: -EPSS: 0%CPEs: 5EXPL: 0CVE-2024-56707 – octeontx2-pf: handle otx2_mbox_get_rsp errors in otx2_dmac_flt.c
https://notcve.org/view.php?id=CVE-2024-56707
28 Dec 2024 — In the Linux kernel, the following vulnerability has been resolved: octeontx2-pf: handle otx2_mbox_get_rsp errors in otx2_dmac_flt.c Add error pointer checks after calling otx2_mbox_get_rsp(). • https://git.kernel.org/stable/c/79d2be385e9eabe4403eb85bcc7d3efc6b936a76 •
CVSS: -EPSS: 0%CPEs: 7EXPL: 0CVE-2024-56705 – media: atomisp: Add check for rgby_data memory allocation failure
https://notcve.org/view.php?id=CVE-2024-56705
28 Dec 2024 — In the Linux kernel, the following vulnerability has been resolved: media: atomisp: Add check for rgby_data memory allocation failure In ia_css_3a_statistics_allocate(), there is no check on the allocation result of the rgby_data memory. If rgby_data is not successfully allocated, it may trigger the assert(host_stats->rgby_data) assertion in ia_css_s3a_hmem_decode(). Adding a check to fix this potential issue. • https://git.kernel.org/stable/c/a49d25364dfb9f8a64037488a39ab1f56c5fa419 •
CVSS: -EPSS: 0%CPEs: 9EXPL: 0CVE-2024-56704 – 9p/xen: fix release of IRQ
https://notcve.org/view.php?id=CVE-2024-56704
28 Dec 2024 — In the Linux kernel, the following vulnerability has been resolved: 9p/xen: fix release of IRQ Kernel logs indicate an IRQ was double-freed. Pass correct device ID during IRQ release. [Dominique: remove confusing variable reset to 0] • https://git.kernel.org/stable/c/71ebd71921e451f0f942ddfe85d01e31ddc6eb88 •