CVSS: 5.5EPSS: 0%CPEs: 4EXPL: 0CVE-2024-40940 – net/mlx5: Fix tainted pointer delete is case of flow rules creation fail
https://notcve.org/view.php?id=CVE-2024-40940
12 Jul 2024 — In the Linux kernel, the following vulnerability has been resolved: net/mlx5: Fix tainted pointer delete is case of flow rules creation fail In case of flow rule creation fail in mlx5_lag_create_port_sel_table(), instead of previously created rules, the tainted pointer is deleted deveral times. In the Linux kernel, the following vulnerability has been resolved: net/mlx5: Fix tainted pointer delete is case of flow rules creation fail In case of flow rule creation fail in mlx5_lag_create_port_se... • https://git.kernel.org/stable/c/352899f384d4aefa77ede6310d08c1b515612a8f • CWE-99: Improper Control of Resource Identifiers ('Resource Injection') •
CVSS: 4.6EPSS: 0%CPEs: 4EXPL: 0CVE-2024-40939 – net: wwan: iosm: Fix tainted pointer delete is case of region creation fail
https://notcve.org/view.php?id=CVE-2024-40939
12 Jul 2024 — In the Linux kernel, the following vulnerability has been resolved: net: wwan: iosm: Fix tainted pointer delete is case of region creation fail In case of region creation fail in ipc_devlink_create_region(), previously created regions delete process starts from tainted pointer which actually holds error code value. In the Linux kernel, the following vulnerability has been resolved: net: wwan: iosm: Fix tainted pointer delete is case of region creation fail In case of region creation fail in ip... • https://git.kernel.org/stable/c/4dcd183fbd67b105decc8be262311937730ccdbf • CWE-99: Improper Control of Resource Identifiers ('Resource Injection') •
CVSS: 5.5EPSS: 0%CPEs: 4EXPL: 0CVE-2024-40938 – landlock: Fix d_parent walk
https://notcve.org/view.php?id=CVE-2024-40938
12 Jul 2024 — In the Linux kernel, the following vulnerability has been resolved: landlock: Fix d_parent walk The WARN_ON_ONCE() in collect_domain_accesses() can be triggered when trying to link a root mount point. ... [mic: Fix commit message] In the Linux kernel, the following vulnerability has been resolved: landlock: Fix d_parent walk The WARN_ON_ONCE() in collect_domain_accesses() can be triggered when trying to link a root mount point. ... [mic: Fix commit message] Chenyuan Yang discovered that the CE... • https://git.kernel.org/stable/c/b91c3e4ea756b12b7d992529226edce1cfd854d7 •
CVSS: 7.8EPSS: 0%CPEs: 5EXPL: 0CVE-2024-40937 – gve: Clear napi->skb before dev_kfree_skb_any()
https://notcve.org/view.php?id=CVE-2024-40937
12 Jul 2024 — In the Linux kernel, the following vulnerability has been resolved: gve: Clear napi->skb before dev_kfree_skb_any() gve_rx_free_skb incorrectly leaves napi->skb referencing an skb after it is freed with dev_kfree_skb_any(). In the Linux kernel, the following vulnerability has been resolved: gve: Clear napi->skb before dev_kfree_skb_any() gve_rx_free_skb incorrectly leaves napi->skb referencing an skb after it is freed with dev_kfree_skb_any(). ... • https://git.kernel.org/stable/c/9b8dd5e5ea48bbb7532d20c4093a79d8283e4029 •
CVSS: 9.0EPSS: 0%CPEs: 3EXPL: 0CVE-2024-40936 – cxl/region: Fix memregion leaks in devm_cxl_add_region()
https://notcve.org/view.php?id=CVE-2024-40936
12 Jul 2024 — In the Linux kernel, the following vulnerability has been resolved: cxl/region: Fix memregion leaks in devm_cxl_add_region() Move the mode verification to __create_region() before allocating the memregion to avoid the memregion leaks. In the Linux kernel, the following vulnerability has been resolved: cxl/region: Fix memregion leaks in devm_cxl_add_region() Move the mode verification to __create_region() before allocating the memregion to avoid the memregion leaks. • https://git.kernel.org/stable/c/6e099264185d05f50400ea494f5029264a4fe995 • CWE-402: Transmission of Private Resources into a New Sphere ('Resource Leak') •
CVSS: 5.5EPSS: 0%CPEs: 4EXPL: 0CVE-2024-40935 – cachefiles: flush all requests after setting CACHEFILES_DEAD
https://notcve.org/view.php?id=CVE-2024-40935
12 Jul 2024 — In the Linux kernel, the following vulnerability has been resolved: cachefiles: flush all requests after setting CACHEFILES_DEAD In ondemand mode, when the daemon is processing an open request, if the kernel flags the cache as CACHEFILES_DEAD, the cachefiles_daemon_write() will always return -EIO, so the daemon can't pass the copen to the kernel. In the Linux kernel, the following vulnerability has been resolved: cachefiles: flush all requests after setting CACHEFILES_DEAD In ondemand mode, wh... • https://git.kernel.org/stable/c/c8383054506c77b814489c09877b5db83fd4abf2 •
CVSS: 5.5EPSS: 0%CPEs: 9EXPL: 0CVE-2024-40934 – HID: logitech-dj: Fix memory leak in logi_dj_recv_switch_to_dj_mode()
https://notcve.org/view.php?id=CVE-2024-40934
12 Jul 2024 — In the Linux kernel, the following vulnerability has been resolved: HID: logitech-dj: Fix memory leak in logi_dj_recv_switch_to_dj_mode() Fix a memory leak on logi_dj_recv_send_report() error path. ... Gui-Dong Han discovered that the software RAID driver in the Linux kernel contained a race condition, leading to an integer overflow vulnerability. • https://git.kernel.org/stable/c/cf48a7ba5c095f76bb9c1951f120fa048442422f •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2024-40933 – iio: temperature: mlx90635: Fix ERR_PTR dereference in mlx90635_probe()
https://notcve.org/view.php?id=CVE-2024-40933
12 Jul 2024 — In the Linux kernel, the following vulnerability has been resolved: iio: temperature: mlx90635: Fix ERR_PTR dereference in mlx90635_probe() When devm_regmap_init_i2c() fails, regmap_ee could be error pointer, instead of checking for IS_ERR(regmap_ee), regmap is checked which looks like a copy paste error. In the Linux kernel, the following vulnerability has been resolved: iio: temperature: mlx90635: Fix ERR_PTR dereference in mlx90635_probe() When devm_regmap_init_i2c() fails, regmap_ee could ... • https://git.kernel.org/stable/c/a1d1ba5e1c28b9887be1bdb3630caf0b532ec980 •
CVSS: 5.5EPSS: 0%CPEs: 8EXPL: 0CVE-2024-40932 – drm/exynos/vidi: fix memory leak in .get_modes()
https://notcve.org/view.php?id=CVE-2024-40932
12 Jul 2024 — In the Linux kernel, the following vulnerability has been resolved: drm/exynos/vidi: fix memory leak in .get_modes() The duplicated EDID is never freed. ... Gui-Dong Han discovered that the software RAID driver in the Linux kernel contained a race condition, leading to an integer overflow vulnerability. • https://git.kernel.org/stable/c/540ca99729e28dbe902b01039a3b4bd74520a819 •
CVSS: 9.4EPSS: 0%CPEs: 6EXPL: 0CVE-2024-40931 – mptcp: ensure snd_una is properly initialized on connect
https://notcve.org/view.php?id=CVE-2024-40931
12 Jul 2024 — In the Linux kernel, the following vulnerability has been resolved: mptcp: ensure snd_una is properly initialized on connect This is strictly related to commit fb7a0d334894 ("mptcp: ensure snd_nxt is properly initialized on connect"). In the Linux kernel, the following vulnerability has been resolved: mptcp: ensure snd_una is properly initialized on connect This is strictly related to commit fb7a0d334894 ("mptcp: ensure snd_nxt is properly initialized on connect"). ... A vulnerability was foun... • https://git.kernel.org/stable/c/8fd738049ac3d67a937d36577763b47180aae1ad • CWE-400: Uncontrolled Resource Consumption •