CVSS: -EPSS: 0%CPEs: 4EXPL: 0CVE-2024-56715 – ionic: Fix netdev notifier unregister on failure
https://notcve.org/view.php?id=CVE-2024-56715
In the Linux kernel, the following vulnerability has been resolved: ionic: Fix netdev notifier unregister on failure If register_netdev() fails, then the driver leaks the netdev notifier. Fix this by calling ionic_lif_unregister() on register_netdev() failure. This will also call ionic_lif_unregister_phc() if it has already been registered. • https://git.kernel.org/stable/c/30b87ab4c0b30e0f681cb7dfaab6c642dd17e454 https://git.kernel.org/stable/c/da93a12876f8b969df7316dc93aac7e725f88252 https://git.kernel.org/stable/c/da5736f516a664a9e1ff74902663c64c423045d2 https://git.kernel.org/stable/c/ee2e931b2b46de9af7f681258e8ec8e2cd81cfc6 https://git.kernel.org/stable/c/9590d32e090ea2751e131ae5273859ca22f5ac14 •
CVSS: -EPSS: 0%CPEs: 2EXPL: 0CVE-2024-56712 – udmabuf: fix memory leak on last export_udmabuf() error path
https://notcve.org/view.php?id=CVE-2024-56712
In the Linux kernel, the following vulnerability has been resolved: udmabuf: fix memory leak on last export_udmabuf() error path In export_udmabuf(), if dma_buf_fd() fails because the FD table is full, a dma_buf owning the udmabuf has already been created; but the error handling in udmabuf_create() will tear down the udmabuf without doing anything about the containing dma_buf. This leaves a dma_buf in memory that contains a dangling pointer; though that doesn't seem to lead to anything bad except a memory leak. Fix it by moving the dma_buf_fd() call out of export_udmabuf() so that we can give it different error handling. Note that the shape of this code changed a lot in commit 5e72b2b41a21 ("udmabuf: convert udmabuf driver to use folios"); but the memory leak seems to have existed since the introduction of udmabuf. • https://git.kernel.org/stable/c/fbb0de795078190a9834b3409e4b009cfb18a6d4 https://git.kernel.org/stable/c/c9fc8428d4255c2128da9c4d5cd92e554d0150cf https://git.kernel.org/stable/c/f49856f525acd5bef52ae28b7da2e001bbe7439e •
CVSS: -EPSS: 0%CPEs: 7EXPL: 0CVE-2024-56705 – media: atomisp: Add check for rgby_data memory allocation failure
https://notcve.org/view.php?id=CVE-2024-56705
In the Linux kernel, the following vulnerability has been resolved: media: atomisp: Add check for rgby_data memory allocation failure In ia_css_3a_statistics_allocate(), there is no check on the allocation result of the rgby_data memory. If rgby_data is not successfully allocated, it may trigger the assert(host_stats->rgby_data) assertion in ia_css_s3a_hmem_decode(). Adding a check to fix this potential issue. • https://git.kernel.org/stable/c/a49d25364dfb9f8a64037488a39ab1f56c5fa419 https://git.kernel.org/stable/c/0c24b82bc4d12c6a58ceacbf2598cd4df63abf9a https://git.kernel.org/stable/c/4676e50444046b498555b849e6080a5c78cdda9b https://git.kernel.org/stable/c/02a97d9d7ff605fa4a1f908d1bd3ad8573234b61 https://git.kernel.org/stable/c/8066badaf7463194473fb4be19dbe50b11969aa0 https://git.kernel.org/stable/c/74aa783682c4d78c69d87898e40c78df1fec204e https://git.kernel.org/stable/c/0c25ab93f2878cab07d37ca5afd302283201e5af https://git.kernel.org/stable/c/ed61c59139509f76d3592683c90dc3fdc •
CVSS: -EPSS: 0%CPEs: 9EXPL: 0CVE-2024-56704 – 9p/xen: fix release of IRQ
https://notcve.org/view.php?id=CVE-2024-56704
In the Linux kernel, the following vulnerability has been resolved: 9p/xen: fix release of IRQ Kernel logs indicate an IRQ was double-freed. Pass correct device ID during IRQ release. [Dominique: remove confusing variable reset to 0] • https://git.kernel.org/stable/c/71ebd71921e451f0f942ddfe85d01e31ddc6eb88 https://git.kernel.org/stable/c/692eb06703afc3e24d889d77e94a0e20229f6a4a https://git.kernel.org/stable/c/d74b4b297097bd361b8a9abfde9b521ff464ea9c https://git.kernel.org/stable/c/7f5a2ed5c1810661e6b03f5a4ebf17682cdea850 https://git.kernel.org/stable/c/4950408793b118cb8075bcee1f033b543fb719fa https://git.kernel.org/stable/c/b9e26059664bd9ebc64a0e8f5216266fc9f84265 https://git.kernel.org/stable/c/2bb3ee1bf237557daea1d58007d2e1d4a6502ccf https://git.kernel.org/stable/c/d888f5f5d76b2722c267e6bdf51d445d6 •
CVSS: -EPSS: 0%CPEs: 3EXPL: 0CVE-2024-56703 – ipv6: Fix soft lockups in fib6_select_path under high next hop churn
https://notcve.org/view.php?id=CVE-2024-56703
In the Linux kernel, the following vulnerability has been resolved: ipv6: Fix soft lockups in fib6_select_path under high next hop churn Soft lockups have been observed on a cluster of Linux-based edge routers located in a highly dynamic environment. Using the `bird` service, these routers continuously update BGP-advertised routes due to frequently changing nexthop destinations, while also managing significant IPv6 traffic. The lockups occur during the traversal of the multipath circular linked-list in the `fib6_select_path` function, particularly while iterating through the siblings in the list. The issue typically arises when the nodes of the linked list are unexpectedly deleted concurrently on a different core—indicated by their 'next' and 'previous' elements pointing back to the node itself and their reference count dropping to zero. This results in an infinite loop, leading to a soft lockup that triggers a system panic via the watchdog timer. Apply RCU primitives in the problematic code sections to resolve the issue. • https://git.kernel.org/stable/c/66f5d6ce53e665477d2a33e8f539d4fa4ca81c83 https://git.kernel.org/stable/c/11edcd026012ac18acee0f1514db3ed1b160fc6f https://git.kernel.org/stable/c/34a949e7a0869dfa31a40416d2a56973fae1807b https://git.kernel.org/stable/c/d9ccb18f83ea2bb654289b6ecf014fd267cc988b •