CVSS: -EPSS: 0%CPEs: 2EXPL: 0CVE-2024-53050 – drm/i915/hdcp: Add encoder check in hdcp2_get_capability
https://notcve.org/view.php?id=CVE-2024-53050
19 Nov 2024 — In the Linux kernel, the following vulnerability has been resolved: drm/i915/hdcp: Add encoder check in hdcp2_get_capability Add encoder check in intel_hdcp2_get_capability to avoid null pointer error. • https://git.kernel.org/stable/c/5b89dcf23575eb5bb95ce8d672cbc2232c2eb096 •
CVSS: -EPSS: 0%CPEs: 2EXPL: 0CVE-2024-53049 – slub/kunit: fix a WARNING due to unwrapped __kmalloc_cache_noprof
https://notcve.org/view.php?id=CVE-2024-53049
19 Nov 2024 — In the Linux kernel, the following vulnerability has been resolved: slub/kunit: fix a WARNING due to unwrapped __kmalloc_cache_noprof 'modprobe slub_kunit' will have a warning as shown below. The root cause is that __kmalloc_cache_noprof was directly used, which resulted in no alloc_tag being allocated. This caused current->alloc_tag to be null, leading to a warning in alloc_tag_add_check. Let's add an alloc_hook layer to __kmalloc_cache_noprof specifically within lib/slub_kunit.c, which is the only user... • https://git.kernel.org/stable/c/a0a44d9175b349df2462089140fb7f292100bd7c •
CVSS: -EPSS: 0%CPEs: 2EXPL: 0CVE-2024-53048 – ice: fix crash on probe for DPLL enabled E810 LOM
https://notcve.org/view.php?id=CVE-2024-53048
19 Nov 2024 — In the Linux kernel, the following vulnerability has been resolved: ice: fix crash on probe for DPLL enabled E810 LOM The E810 Lan On Motherboard (LOM) design is vendor specific. Intel provides the reference design, but it is up to vendor on the final product design. For some cases, like Linux DPLL support, the static values defined in the driver does not reflect the actual LOM design. Current implementation of dpll pins is causing the crash on probe of the ice driver for such DPLL enabled E810 LOM design... • https://git.kernel.org/stable/c/d7999f5ea64bb10d2857b8cbfe973be373bac7c9 •
CVSS: -EPSS: 0%CPEs: 3EXPL: 0CVE-2024-53047 – mptcp: init: protect sched with rcu_read_lock
https://notcve.org/view.php?id=CVE-2024-53047
19 Nov 2024 — In the Linux kernel, the following vulnerability has been resolved: mptcp: init: protect sched with rcu_read_lock Enabling CONFIG_PROVE_RCU_LIST with its dependence CONFIG_RCU_EXPERT creates this splat when an MPTCP socket is created: ============================= WARNING: suspicious RCU usage 6.12.0-rc2+ #11 Not tainted ----------------------------- net/mptcp/sched.c:44 RCU-list traversed in non-reader section!! other info that might help us debug this: rcu_scheduler_active = 2, debug_lo... • https://git.kernel.org/stable/c/1730b2b2c5a5a886007b247366aebe0976dc8881 •
CVSS: -EPSS: 0%CPEs: 3EXPL: 0CVE-2024-53046 – arm64: dts: imx8ulp: correct the flexspi compatible string
https://notcve.org/view.php?id=CVE-2024-53046
19 Nov 2024 — In the Linux kernel, the following vulnerability has been resolved: arm64: dts: imx8ulp: correct the flexspi compatible string The flexspi on imx8ulp only has 16 LUTs, and imx8mm flexspi has 32 LUTs, so correct the compatible string here, otherwise will meet below error: [ 1.119072] ------------[ cut here ]------------ [ 1.123926] WARNING: CPU: 0 PID: 1 at drivers/spi/spi-nxp-fspi.c:855 nxp_fspi_exec_op+0xb04/0xb64 [ 1.133239] Modules linked in: [ 1.136448] CPU: 0 UID: 0 PID: 1 Comm: swapper/... • https://git.kernel.org/stable/c/ef89fd56bdfcf5d8039bb64c76d2f8c9ac908ca7 •
CVSS: -EPSS: 0%CPEs: 2EXPL: 0CVE-2024-53045 – ASoC: dapm: fix bounds checker error in dapm_widget_list_create
https://notcve.org/view.php?id=CVE-2024-53045
19 Nov 2024 — In the Linux kernel, the following vulnerability has been resolved: ASoC: dapm: fix bounds checker error in dapm_widget_list_create The widgets array in the snd_soc_dapm_widget_list has a __counted_by attribute attached to it, which points to the num_widgets variable. This attribute is used in bounds checking, and if it is not set before the array is filled, then the bounds sanitizer will issue a warning or a kernel panic if CONFIG_UBSAN_TRAP is set. This patch sets the size of the widgets list calculate... • https://git.kernel.org/stable/c/80e698e2df5ba2124bdeca37f1e589de58a4d514 •
CVSS: -EPSS: 0%CPEs: 2EXPL: 0CVE-2024-53044 – net/sched: sch_api: fix xa_insert() error path in tcf_block_get_ext()
https://notcve.org/view.php?id=CVE-2024-53044
19 Nov 2024 — In the Linux kernel, the following vulnerability has been resolved: net/sched: sch_api: fix xa_insert() error path in tcf_block_get_ext() This command: $ tc qdisc replace dev eth0 ingress_block 1 egress_block 1 clsact Error: block dev insert failed: -EBUSY. fails because user space requests the same block index to be set for both ingress and egress. [ side note, I don't think it even failed prior to commit 913b47d3424e ("net/sched: Introduce tc block netdev tracking infra"), because this is a comma... • https://git.kernel.org/stable/c/94e2557d086ad831027c54bc9c2130d337c72814 •
CVSS: -EPSS: 0%CPEs: 4EXPL: 0CVE-2024-53043 – mctp i2c: handle NULL header address
https://notcve.org/view.php?id=CVE-2024-53043
19 Nov 2024 — In the Linux kernel, the following vulnerability has been resolved: mctp i2c: handle NULL header address daddr can be NULL if there is no neighbour table entry present, in that case the tx packet should be dropped. saddr will usually be set by MCTP core, but check for NULL in case a packet is transmitted by a different protocol. • https://git.kernel.org/stable/c/f5b8abf9fc3dacd7529d363e26fe8230935d65f8 •
CVSS: -EPSS: 0%CPEs: 6EXPL: 0CVE-2024-53042 – ipv4: ip_tunnel: Fix suspicious RCU usage warning in ip_tunnel_init_flow()
https://notcve.org/view.php?id=CVE-2024-53042
19 Nov 2024 — In the Linux kernel, the following vulnerability has been resolved: ipv4: ip_tunnel: Fix suspicious RCU usage warning in ip_tunnel_init_flow() There are code paths from which the function is called without holding the RCU read lock, resulting in a suspicious RCU usage warning [1]. Fix by using l3mdev_master_upper_ifindex_by_index() which will acquire the RCU read lock before calling l3mdev_master_upper_ifindex_by_index_rcu(). [1] WARNING: suspicious RCU usage 6.12.0-rc3-custom-gac8f72681cf2 #141 Not tai... • https://git.kernel.org/stable/c/ab6c9463b137163ba53fc050bf2c72bed2c997b8 •
CVSS: -EPSS: 0%CPEs: 2EXPL: 0CVE-2024-50304 – ipv4: ip_tunnel: Fix suspicious RCU usage warning in ip_tunnel_find()
https://notcve.org/view.php?id=CVE-2024-50304
19 Nov 2024 — In the Linux kernel, the following vulnerability has been resolved: ipv4: ip_tunnel: Fix suspicious RCU usage warning in ip_tunnel_find() The per-netns IP tunnel hash table is protected by the RTNL mutex and ip_tunnel_find() is only called from the control path where the mutex is taken. Add a lockdep expression to hlist_for_each_entry_rcu() in ip_tunnel_find() in order to validate that the mutex is held and to silence the suspicious RCU usage warning [1]. [1] WARNING: suspicious RCU usage 6.12.0-rc3-cus... • https://git.kernel.org/stable/c/c54419321455631079c7d6e60bc732dd0c5914c5 •