CVSS: 5.5EPSS: 0%CPEs: 5EXPL: 0CVE-2024-56722 – RDMA/hns: Fix cpu stuck caused by printings during reset
https://notcve.org/view.php?id=CVE-2024-56722
29 Dec 2024 — In the Linux kernel, the following vulnerability has been resolved: RDMA/hns: Fix cpu stuck caused by printings during reset During reset, cmd to destroy resources such as qp, cq, and mr may fail, and error logs will be printed. In the Linux kernel, the following vulnerability has been resolved: RDMA/hns: Fix cpu stuck caused by printings during reset During reset, cmd to destroy resources such as qp, cq, and mr may fail, and error logs will be printed. ... • https://git.kernel.org/stable/c/9a4435375cd151e07c0c38fa601b00115986091b • CWE-770: Allocation of Resources Without Limits or Throttling •
CVSS: 7.1EPSS: 0%CPEs: 3EXPL: 0CVE-2024-56721 – x86/CPU/AMD: Terminate the erratum_1386_microcode array
https://notcve.org/view.php?id=CVE-2024-56721
29 Dec 2024 — In the Linux kernel, the following vulnerability has been resolved: x86/CPU/AMD: Terminate the erratum_1386_microcode array The erratum_1386_microcode array requires an empty entry at the end. In the Linux kernel, the following vulnerability has been resolved: x86/CPU/AMD: Terminate the erratum_1386_microcode array The erratum_1386_microcode array requires an empty entry at the end. Otherwise x86_match_cpu_with_stepping() will continue iterate the array after it ended. ... A flaw was found in ... • https://git.kernel.org/stable/c/29ba89f1895285f06c333546882e0c5ae9a6df23 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-125: Out-of-bounds Read •
CVSS: 5.5EPSS: 0%CPEs: 8EXPL: 0CVE-2024-56720 – bpf, sockmap: Several fixes to bpf_msg_pop_data
https://notcve.org/view.php?id=CVE-2024-56720
29 Dec 2024 — In the Linux kernel, the following vulnerability has been resolved: bpf, sockmap: Several fixes to bpf_msg_pop_data Several fixes to bpf_msg_pop_data, 1. In the Linux kernel, the following vulnerability has been resolved: bpf, sockmap: Several fixes to bpf_msg_pop_data Several fixes to bpf_msg_pop_data, 1. ... In the Linux kernel, the following vulnerability has been resolved: bpf, sockmap: Several fixes to bpf_msg_pop_data Several fixes to bpf_msg_pop_data, 1. ... Michael Randriananten... • https://git.kernel.org/stable/c/7246d8ed4dcce23f7509949a77be15fa9f0e3d28 • CWE-401: Missing Release of Memory after Effective Lifetime •
CVSS: 7.1EPSS: 0%CPEs: 6EXPL: 0CVE-2024-56719 – net: stmmac: fix TSO DMA API usage causing oops
https://notcve.org/view.php?id=CVE-2024-56719
29 Dec 2024 — Full details of the crashes can be found at: https://lore.kernel.org/all/d8112193-0386-4e14-b516-37c2d838171a@nvidia.com/ https://lore.kernel.org/all/klkzp5yn5kq5efgtrow6wbvnc46bcqfxs65nz3qy77ujr5turc@bwwhelz2l4dw/ In the Linux kernel, the following vulnerability has been resolved: net: stmmac: fix TSO DMA API usage causing oops Commit 66600fac7a98 ("net: stmmac: TSO: Fix unbalanced DMA map/unmap for non-paged SKB data") moved the assignment of tx_skbuff_dma[]'s members to be later in stmmac_tso_xmit... • https://git.kernel.org/stable/c/07c9c26e37542486e34d767505e842f48f29c3f6 •
CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 0CVE-2024-56718 – net/smc: protect link down work from execute after lgr freed
https://notcve.org/view.php?id=CVE-2024-56718
29 Dec 2024 — In the Linux kernel, the following vulnerability has been resolved: net/smc: protect link down work from execute after lgr freed link down work may be scheduled before lgr freed but execute after lgr freed, which may result in crash. ... __kthread_bind_mask+0x60/0x60 ret_from_fork+0x1f/0x30 In the Linux kernel, the following vulnerability has been resolved: net/smc: protect link down work from execute after lgr freed link down work may be scheduled before lgr freed but execute after lgr freed,... • https://git.kernel.org/stable/c/541afa10c126b6c22c2a805a559c70cc41fd156e •
CVSS: 5.6EPSS: 0%CPEs: 5EXPL: 0CVE-2024-56717 – net: mscc: ocelot: fix incorrect IFH SRC_PORT field in ocelot_ifh_set_basic()
https://notcve.org/view.php?id=CVE-2024-56717
29 Dec 2024 — In the Linux kernel, the following vulnerability has been resolved: net: mscc: ocelot: fix incorrect IFH SRC_PORT field in ocelot_ifh_set_basic() Packets injected by the CPU should have a SRC_PORT field equal to the CPU port module index in the Analyzer block (ocelot->num_phys_ports). In the Linux kernel, the following vulnerability has been resolved: net: mscc: ocelot: fix incorrect IFH SRC_PORT field in ocelot_ifh_set_basic() Packets injected by the CPU should have a SRC_PORT field equal to ... • https://git.kernel.org/stable/c/06bcb9032e05ad717f9fd0a6e2fd3ae7f430fa31 •
CVSS: 5.5EPSS: 0%CPEs: 6EXPL: 0CVE-2024-56716 – netdevsim: prevent bad user input in nsim_dev_health_break_write()
https://notcve.org/view.php?id=CVE-2024-56716
29 Dec 2024 — In the Linux kernel, the following vulnerability has been resolved: netdevsim: prevent bad user input in nsim_dev_health_break_write() If either a zero count or a large one is provided, kernel can crash. Attila Szász discovered that the HFS+ file system implementation in the Linux Kernel contained a heap overflow vulnerability. ... Several security issues were discovered in the Linux kernel. • https://git.kernel.org/stable/c/82c93a87bf8bc0cdb5ec2ab99da7d87715ff889f • CWE-1284: Improper Validation of Specified Quantity in Input •
CVSS: 5.5EPSS: 0%CPEs: 5EXPL: 0CVE-2024-56715 – ionic: Fix netdev notifier unregister on failure
https://notcve.org/view.php?id=CVE-2024-56715
29 Dec 2024 — In the Linux kernel, the following vulnerability has been resolved: ionic: Fix netdev notifier unregister on failure If register_netdev() fails, then the driver leaks the netdev notifier. In the Linux kernel, the following vulnerability has been resolved: ionic: Fix netdev notifier unregister on failure If register_netdev() fails, then the driver leaks the netdev notifier. Fix this by calling ionic_lif_unregister() on register_netdev() failure. ... • https://git.kernel.org/stable/c/30b87ab4c0b30e0f681cb7dfaab6c642dd17e454 • CWE-401: Missing Release of Memory after Effective Lifetime •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2024-56714 – ionic: no double destroy workqueue
https://notcve.org/view.php?id=CVE-2024-56714
29 Dec 2024 — In the Linux kernel, the following vulnerability has been resolved: ionic: no double destroy workqueue There are some FW error handling paths that can cause us to try to destroy the workqueue more than once, so let's be sure we're checking for that. In the Linux kernel, the following vulnerability has been resolved: ionic: no double destroy workqueue There are some FW error handling paths that can cause us to try to destroy the workqueue more than once, so let's be sure we're checking for that... • https://git.kernel.org/stable/c/9e25450da7006cd6f425248a5b38dad4adb3c981 •
CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 0CVE-2024-56713 – net: netdevsim: fix nsim_pp_hold_write()
https://notcve.org/view.php?id=CVE-2024-56713
29 Dec 2024 — In the Linux kernel, the following vulnerability has been resolved: net: netdevsim: fix nsim_pp_hold_write() nsim_pp_hold_write() has two problems: 1) It may return with rtnl held, as found by syzbot. 2) Its return value does not propagate an error if any. Attila Szász discovered that the HFS+ file system implementation in the Linux Kernel contained a heap overflow vulnerability. ... Several security issues were discovered in the Linux kernel. • https://git.kernel.org/stable/c/1580cbcbfe770b0a7fb76735c1a601483335c1c2 •