CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 0CVE-2024-53076 – iio: gts-helper: Fix memory leaks for the error path of iio_gts_build_avail_scale_table()
https://notcve.org/view.php?id=CVE-2024-53076
19 Nov 2024 — In the Linux kernel, the following vulnerability has been resolved: iio: gts-helper: Fix memory leaks for the error path of iio_gts_build_avail_scale_table() If per_time_scales[i] or per_time_gains[i] kcalloc fails in the for loop of iio_gts_build_avail_scale_table(), the err_free_out will fail to call kfree() each time when i is reduced to 0, so all the per_time_scales[0] and per_time_gains[0] will not be freed, which will cause memory leaks. Fix it by checking if i >= 0. In the Linux kernel, the following... • https://git.kernel.org/stable/c/38416c28e16890b52fdd5eb73479299ec3f062f3 •
CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 0CVE-2024-53075 – riscv: Prevent a bad reference count on CPU nodes
https://notcve.org/view.php?id=CVE-2024-53075
19 Nov 2024 — In the Linux kernel, the following vulnerability has been resolved: riscv: Prevent a bad reference count on CPU nodes When populating cache leaves we previously fetched the CPU device node at the very beginning. But when ACPI is enabled we go through a specific branch which returns early and does not call 'of_node_put' for the node that was acquired. Since we are not using a CPU device node for the ACPI code anyways, we can simply move the initialization of it just passed the ACPI block, and we are guarante... • https://git.kernel.org/stable/c/604f32ea6909b0ebb8ab0bf1ab7dc66ee3dc8955 •
CVSS: 7.1EPSS: 0%CPEs: 2EXPL: 0CVE-2024-53074 – wifi: iwlwifi: mvm: don't leak a link on AP removal
https://notcve.org/view.php?id=CVE-2024-53074
19 Nov 2024 — In the Linux kernel, the following vulnerability has been resolved: wifi: iwlwifi: mvm: don't leak a link on AP removal Release the link mapping resource in AP removal. This impacted devices that do not support the MLD API (9260 and down). On those devices, we couldn't start the AP again after the AP has been already started and stopped. In the Linux kernel, the following vulnerability has been resolved: wifi: iwlwifi: mvm: don't leak a link on AP removal Release the link mapping resource in AP removal. Thi... • https://git.kernel.org/stable/c/a8b5d4809b503da668966a8187b9872e6c85291c •
CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 0CVE-2024-53073 – NFSD: Never decrement pending_async_copies on error
https://notcve.org/view.php?id=CVE-2024-53073
19 Nov 2024 — In the Linux kernel, the following vulnerability has been resolved: NFSD: Never decrement pending_async_copies on error The error flow in nfsd4_copy() calls cleanup_async_copy(), which already decrements nn->pending_async_copies. In the Linux kernel, the following vulnerability has been resolved: NFSD: Never decrement pending_async_copies on error The error flow in nfsd4_copy() calls cleanup_async_copy(), which already decrements nn->pending_async_copies. • https://git.kernel.org/stable/c/6a488ad7745b8f64625c6d3a24ce7e448e83f11b •
CVSS: 5.5EPSS: 0%CPEs: 4EXPL: 0CVE-2024-53072 – platform/x86/amd/pmc: Detect when STB is not available
https://notcve.org/view.php?id=CVE-2024-53072
19 Nov 2024 — In the Linux kernel, the following vulnerability has been resolved: platform/x86/amd/pmc: Detect when STB is not available Loading the amd_pmc module as: amd_pmc enable_stb=1 ...can result in the following messages in the kernel ring buffer: amd_pmc AMDI0009:00: SMU cmd failed. err: 0xff ioremap on RAM at 0x0000000000000000 - 0x0000000000ffffff WARNING: CPU: 10 PID: 2151 at arch/x86/mm/ioremap.c:217 __ioremap_caller+0x2cd/0x340 Further debugging reveals that this occurs when the requests for S2D_PHYS_ADDR_L... • https://git.kernel.org/stable/c/3d7d407dfb05b257e15cb0c6b056428a4a8c2e5d •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2024-53071 – drm/panthor: Be stricter about IO mapping flags
https://notcve.org/view.php?id=CVE-2024-53071
19 Nov 2024 — In the Linux kernel, the following vulnerability has been resolved: drm/panthor: Be stricter about IO mapping flags The current panthor_device_mmap_io() implementation has two issues: 1. For mapping DRM_PANTHOR_USER_FLUSH_ID_MMIO_OFFSET, panthor_device_mmap_io() bails if VM_WRITE is set, but does not clear VM_MAYWRITE. That means userspace can use mprotect() to make the mapping writable later on. This is a classic Linux driver gotcha. I don't think this actually has any impact in practice: When the GPU is p... • https://git.kernel.org/stable/c/5fe909cae118a757a77afb37174b99436a36d2e2 •
CVSS: 5.5EPSS: 0%CPEs: 4EXPL: 0CVE-2024-53070 – usb: dwc3: fix fault at system suspend if device was already runtime suspended
https://notcve.org/view.php?id=CVE-2024-53070
19 Nov 2024 — In the Linux kernel, the following vulnerability has been resolved: usb: dwc3: fix fault at system suspend if device was already runtime suspended If the device was already runtime suspended then during system suspend we cannot access the device registers else it will crash. Also we cannot access any registers after dwc3_core_exit() on some platforms so move the dwc3_enable_susphy() call to the top. In the Linux kernel, the following vulnerability has been resolved: usb: dwc3: fix fault at system suspend if... • https://git.kernel.org/stable/c/073530898ebf44a9418434e899cfa9ca86945333 •
CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 0CVE-2024-53069 – firmware: qcom: scm: fix a NULL-pointer dereference
https://notcve.org/view.php?id=CVE-2024-53069
19 Nov 2024 — In the Linux kernel, the following vulnerability has been resolved: firmware: qcom: scm: fix a NULL-pointer dereference Some SCM calls can be invoked with __scm being NULL (the driver may not have been and will not be probed as there's no SCM entry in device-tree). Make sure we don't dereference a NULL pointer. In the Linux kernel, the following vulnerability has been resolved: firmware: qcom: scm: fix a NULL-pointer dereference Some SCM calls can be invoked with __scm being NULL (the driver may not have be... • https://git.kernel.org/stable/c/449d0d84bcd8246b508d07995326d13c54488b8c •
CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 0CVE-2024-53068 – firmware: arm_scmi: Fix slab-use-after-free in scmi_bus_notifier()
https://notcve.org/view.php?id=CVE-2024-53068
19 Nov 2024 — In the Linux kernel, the following vulnerability has been resolved: firmware: arm_scmi: Fix slab-use-after-free in scmi_bus_notifier() The scmi_dev->name is released prematurely in __scmi_device_destroy(), which causes slab-use-after-free when accessing scmi_dev->name in scmi_bus_notifier(). So move the release of scmi_dev->name to scmi_device_release() to avoid slab-use-after-free. | BUG: KASAN: slab-use-after-free in strncmp+0xe4/0xec | Read of size 1 at addr ffffff80a482bcc0 by task swapper/0/1 | | CPU: ... • https://git.kernel.org/stable/c/ee7a9c9f67c59008b330deff2762bd8cf1407eec •
CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 0CVE-2024-53067 – scsi: ufs: core: Start the RTC update work later
https://notcve.org/view.php?id=CVE-2024-53067
19 Nov 2024 — In the Linux kernel, the following vulnerability has been resolved: scsi: ufs: core: Start the RTC update work later The RTC update work involves runtime resuming the UFS controller. Hence, only start the RTC update work after runtime power management in the UFS driver has been fully initialized. This patch fixes the following kernel crash: Internal error: Oops: 0000000096000006 [#1] PREEMPT SMP Workqueue: events ufshcd_rtc_work Call trace: _raw_spin_lock_irqsave+0x34/0x8c (P) pm_runtime_get_if_active+0x24/... • https://git.kernel.org/stable/c/6bf999e0eb41850d5c857102535d5c53b2ede224 •