CVSS: 7.8EPSS: 0%CPEs: 7EXPL: 0CVE-2024-38577 – rcu-tasks: Fix show_rcu_tasks_trace_gp_kthread buffer overflow
https://notcve.org/view.php?id=CVE-2024-38577
19 Jun 2024 — An attacker with access to the VMM could use this to cause a denial of service or possibly execute arbitrary code. • https://git.kernel.org/stable/c/edf3775f0ad66879796f594983163f672c4bf1a2 •
CVSS: 7.1EPSS: 0%CPEs: 5EXPL: 0CVE-2024-38576 – rcu: Fix buffer overflow in print_cpu_stall_info()
https://notcve.org/view.php?id=CVE-2024-38576
19 Jun 2024 — This is intentional for debugging purposes, but it is not obvious from the code. ... This is intentional for debugging purposes, but it is not obvious from the code. ... A local attacker in control of the hypervisor could use this to expose sensitive information or possibly execute arbitrary code in the trusted execution environment. • https://git.kernel.org/stable/c/245a62982502255314b63dd2c4daaedd1cd595a6 • CWE-121: Stack-based Buffer Overflow •
CVSS: 4.6EPSS: 0%CPEs: 6EXPL: 0CVE-2024-38575 – wifi: brcmfmac: pcie: handle randbuf allocation failure
https://notcve.org/view.php?id=CVE-2024-38575
19 Jun 2024 — A local attacker in control of the hypervisor could use this to expose sensitive information or possibly execute arbitrary code in the trusted execution environment. • https://git.kernel.org/stable/c/c35105f375b530bc27e03ea9250b1c26dd4cae86 • CWE-476: NULL Pointer Dereference •
CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 0CVE-2024-38574 – libbpf: Prevent null-pointer dereference when prog to load has no BTF
https://notcve.org/view.php?id=CVE-2024-38574
19 Jun 2024 — A local attacker in control of the hypervisor could use this to expose sensitive information or possibly execute arbitrary code in the trusted execution environment. • https://git.kernel.org/stable/c/df7c3f7d3a3ddab31ca8cfa9b86a8729ec43fd2e •
CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 0CVE-2024-38570 – gfs2: Fix potential glock use-after-free on unmount
https://notcve.org/view.php?id=CVE-2024-38570
19 Jun 2024 — A local attacker in control of the hypervisor could use this to expose sensitive information or possibly execute arbitrary code in the trusted execution environment. • https://git.kernel.org/stable/c/fb6791d100d1bba20b5cdbc4912e1f7086ec60f8 • CWE-416: Use After Free •
CVSS: 7.8EPSS: 0%CPEs: 5EXPL: 0CVE-2024-38569 – drivers/perf: hisi_pcie: Fix out-of-bound access when valid event group
https://notcve.org/view.php?id=CVE-2024-38569
19 Jun 2024 — A local attacker in control of the hypervisor could use this to expose sensitive information or possibly execute arbitrary code in the trusted execution environment. • https://git.kernel.org/stable/c/8404b0fbc7fbd42e5c5d28cdedd450e70829c77a •
CVSS: 7.8EPSS: 0%CPEs: 5EXPL: 0CVE-2024-38568 – drivers/perf: hisi: hns3: Fix out-of-bound access when valid event group
https://notcve.org/view.php?id=CVE-2024-38568
19 Jun 2024 — A local attacker in control of the hypervisor could use this to expose sensitive information or possibly execute arbitrary code in the trusted execution environment. • https://git.kernel.org/stable/c/66637ab137b44914356a9dc7a9b3f8ebcf0b0695 •
CVSS: 5.5EPSS: 0%CPEs: 4EXPL: 0CVE-2024-38566 – bpf: Fix verifier assumptions about socket->sk
https://notcve.org/view.php?id=CVE-2024-38566
19 Jun 2024 — A local attacker in control of the hypervisor could use this to expose sensitive information or possibly execute arbitrary code in the trusted execution environment. • https://git.kernel.org/stable/c/6fcd486b3a0a628c41f12b3a7329a18a2c74b351 •
CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 0CVE-2024-38563 – wifi: mt76: mt7996: fix potential memory leakage when reading chip temperature
https://notcve.org/view.php?id=CVE-2024-38563
19 Jun 2024 — A local attacker in control of the hypervisor could use this to expose sensitive information or possibly execute arbitrary code in the trusted execution environment. • https://git.kernel.org/stable/c/6879b2e94172ed80394dd49d410814ad427d1ca0 •
CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 0CVE-2024-38562 – wifi: nl80211: Avoid address calculations via out of bounds array indexing
https://notcve.org/view.php?id=CVE-2024-38562
19 Jun 2024 — A local attacker in control of the hypervisor could use this to expose sensitive information or possibly execute arbitrary code in the trusted execution environment. • https://git.kernel.org/stable/c/e3eac9f32ec04112b39e01b574ac739382469bf9 • CWE-129: Improper Validation of Array Index CWE-787: Out-of-bounds Write •