CVSS: 5.5EPSS: 0%CPEs: 8EXPL: 0CVE-2024-42309 – drm/gma500: fix null pointer dereference in psb_intel_lvds_get_modes
https://notcve.org/view.php?id=CVE-2024-42309
17 Aug 2024 — In the Linux kernel, the following vulnerability has been resolved: drm/gma500: fix null pointer dereference in psb_intel_lvds_get_modes In psb_intel_lvds_get_modes(), the return value of drm_mode_duplicate() is assigned to mode, which will lead to a possible NULL pointer dereference on failure of drm_mode_duplicate(). In the Linux kernel, the following vulnerability has been resolved: drm/gma500: fix null pointer dereference in psb_intel_lvds_get_modes In psb_intel_lvds_get_modes(), the retur... • https://git.kernel.org/stable/c/89c78134cc54dff016c83367912eb055637fa50c •
CVSS: 5.5EPSS: 0%CPEs: 5EXPL: 0CVE-2024-42307 – cifs: fix potential null pointer use in destroy_workqueue in init_cifs error path
https://notcve.org/view.php?id=CVE-2024-42307
17 Aug 2024 — In the Linux kernel, the following vulnerability has been resolved: cifs: fix potential null pointer use in destroy_workqueue in init_cifs error path Dan Carpenter reported a Smack static checker warning: fs/smb/client/cifsfs.c:1981 init_cifs() error: we previously assumed 'serverclose_wq' could be null (see line 1895) The patch which introduced the serverclose workqueue used the wrong oredering in error paths in init_cifs() for freeing it on errors. In the Linux kernel, the following vulnerab... • https://git.kernel.org/stable/c/8c99dfb49bdc17edffc7ff3d46b400c8c291686c •
CVSS: 5.5EPSS: 0%CPEs: 9EXPL: 0CVE-2024-42306 – udf: Avoid using corrupted block bitmap buffer
https://notcve.org/view.php?id=CVE-2024-42306
17 Aug 2024 — In the Linux kernel, the following vulnerability has been resolved: udf: Avoid using corrupted block bitmap buffer When the filesystem block bitmap is corrupted, we detect the corruption while loading the bitmap and fail the allocation with error. In the Linux kernel, the following vulnerability has been resolved: udf: Avoid using corrupted block bitmap buffer When the filesystem block bitmap is corrupted, we detect the corruption while loading the bitmap and fail the allocation with error. • https://git.kernel.org/stable/c/7648ea9896b31aff38830d81188f5b7a1773e4a8 •
CVSS: 7.1EPSS: 0%CPEs: 8EXPL: 0CVE-2024-42305 – ext4: check dot and dotdot of dx_root before making dir indexed
https://notcve.org/view.php?id=CVE-2024-42305
17 Aug 2024 — In the Linux kernel, the following vulnerability has been resolved: ext4: check dot and dotdot of dx_root before making dir indexed Syzbot reports a issue as follows: ============================================ BUG: unable to handle page fault for address: ffffed11022e24fe PGD 23ffee067 P4D 23ffee067 PUD 0 Oops: Oops: 0000 [#1] PREEMPT SMP KASAN PTI CPU: 0 PID: 5079 Comm: syz-executor306 Not tainted 6.10.0-rc5-g55027e689933 #0 Call Trace:
CVSS: 5.5EPSS: 0%CPEs: 12EXPL: 0CVE-2024-42304 – ext4: make sure the first directory block is not a hole
https://notcve.org/view.php?id=CVE-2024-42304
17 Aug 2024 — In the Linux kernel, the following vulnerability has been resolved: ext4: make sure the first directory block is not a hole The syzbot constructs a directory that has no dirblock but is non-inline, i.e. In the Linux kernel, the following vulnerability has been resolved: ext4: make sure the first directory block is not a hole The syzbot constructs a directory that has no dirblock but is non-inline, i.e. the first directory block is a hole. ... • https://git.kernel.org/stable/c/3a17ca864baffc0c6f6e8aad525aa4365775a193 •
CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 0CVE-2024-42303 – media: imx-pxp: Fix ERR_PTR dereference in pxp_probe()
https://notcve.org/view.php?id=CVE-2024-42303
17 Aug 2024 — In the Linux kernel, the following vulnerability has been resolved: media: imx-pxp: Fix ERR_PTR dereference in pxp_probe() devm_regmap_init_mmio() can fail, add a check and bail out in case of error. In the Linux kernel, the following vulnerability has been resolved: media: imx-pxp: Fix ERR_PTR dereference in pxp_probe() devm_regmap_init_mmio() can fail, add a check and bail out in case of error. • https://git.kernel.org/stable/c/4e5bd3fdbeb3100d1f120999130afb2a7d41d82a •
CVSS: 7.8EPSS: 0%CPEs: 7EXPL: 0CVE-2024-42302 – PCI/DPC: Fix use-after-free on concurrent DPC and hot-removal
https://notcve.org/view.php?id=CVE-2024-42302
17 Aug 2024 — In the Linux kernel, the following vulnerability has been resolved: PCI/DPC: Fix use-after-free on concurrent DPC and hot-removal Keith reports a use-after-free when a DPC event occurs concurrently to hot-removal of the same portion of the hierarchy: The dpc_handler() awaits readiness of the secondary bus below the Downstream Port where the DPC event occurred. In the Linux kernel, the following vulnerability has been resolved: PCI/DPC: Fix use-after-free on concurrent DPC and hot-removal Keith... • https://git.kernel.org/stable/c/d0292124bb5787a2f1ab1316509e801ca89c10fb •
CVSS: 7.8EPSS: 0%CPEs: 8EXPL: 0CVE-2024-42301 – dev/parport: fix the array out-of-bounds risk
https://notcve.org/view.php?id=CVE-2024-42301
17 Aug 2024 — In the Linux kernel, the following vulnerability has been resolved: dev/parport: fix the array out-of-bounds risk Fixed array out-of-bounds issues caused by sprintf by replacing it with snprintf for safer data copying, ensuring the destination buffer is not overflowed. In the Linux kernel, the following vulnerability has been resolved: dev/parport: fix the array out-of-bounds risk Fixed array out-of-bounds issues caused by sprintf by replacing it with snprintf for safer data copying, ensuring ... • https://git.kernel.org/stable/c/166a0bddcc27de41fe13f861c8348e8e53e988c8 •
CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 0CVE-2024-42300 – erofs: fix race in z_erofs_get_gbuf()
https://notcve.org/view.php?id=CVE-2024-42300
17 Aug 2024 — In the Linux kernel, the following vulnerability has been resolved: erofs: fix race in z_erofs_get_gbuf() In z_erofs_get_gbuf(), the current task may be migrated to another CPU between `z_erofs_gbuf_id()` and `spin_lock(&gbuf->lock)`. ... In the Linux kernel, the following vulnerability has been resolved: erofs: fix race in z_erofs_get_gbuf() In z_erofs_get_gbuf(), the current task may be migrated to another CPU between `z_erofs_gbuf_id()` and `spin_lock(&gbuf->lock)`. • https://git.kernel.org/stable/c/f36f3010f67611a45d66e773bc91e4c66a9abab5 •
CVSS: 5.5EPSS: 0%CPEs: 5EXPL: 0CVE-2024-42299 – fs/ntfs3: Update log->page_{mask,bits} if log->page_size changed
https://notcve.org/view.php?id=CVE-2024-42299
17 Aug 2024 — In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: Update log->page_{mask,bits} if log->page_size changed If an NTFS file system is mounted to another system with different PAGE_SIZE from the original system, log->page_size will change in log_replay(), but log->page_{mask,bits} don't change correspondingly. In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: Update log->page_{mask,bits} if log->page_size changed If an NTFS file system is mou... • https://git.kernel.org/stable/c/b46acd6a6a627d876898e1c84d3f84902264b445 •