CVSS: 5.5EPSS: 0%CPEs: 6EXPL: 0CVE-2024-46832 – MIPS: cevt-r4k: Don't call get_c0_compare_int if timer irq is installed
https://notcve.org/view.php?id=CVE-2024-46832
27 Sep 2024 — In the Linux kernel, the following vulnerability has been resolved: MIPS: cevt-r4k: Don't call get_c0_compare_int if timer irq is installed This avoids warning: [ 0.118053] BUG: sleeping function called from invalid context at kernel/locking/mutex.c:283 Caused by get_c0_compare_int on secondary CPU. We also skipped saving IRQ number to struct clock_event_device *cd as it's never used by clockevent core, as per comments it's only meant for "non CPU local devices". In the Linux kernel, the following vulnerabi... • https://git.kernel.org/stable/c/d3ff0f98a52f0aafe35aa314d1c442f4318be3db •
CVSS: 5.5EPSS: 0%CPEs: 14EXPL: 0CVE-2024-46829 – rtmutex: Drop rt_mutex::wait_lock before scheduling
https://notcve.org/view.php?id=CVE-2024-46829
27 Sep 2024 — In the Linux kernel, the following vulnerability has been resolved: rtmutex: Drop rt_mutex::wait_lock before scheduling rt_mutex_handle_deadlock() is called with rt_mutex::wait_lock held. In the good case it returns with the lock held and in the deadlock case it emits a warning and goes into an endless scheduling loop with the lock held, which triggers the 'scheduling in atomic' warning. Unlock rt_mutex::wait_lock in the dead lock case before issuing the warning and dropping into the schedule for ever loop.... • https://git.kernel.org/stable/c/3d5c9340d1949733eb37616abd15db36aef9a57c •
CVSS: 5.5EPSS: 0%CPEs: 4EXPL: 0CVE-2024-46826 – ELF: fix kernel.randomize_va_space double read
https://notcve.org/view.php?id=CVE-2024-46826
27 Sep 2024 — In the Linux kernel, the following vulnerability has been resolved: ELF: fix kernel.randomize_va_space double read ELF loader uses "randomize_va_space" twice. It is sysctl and can change at any moment, so 2 loads could see 2 different values in theory with unpredictable consequences. Issue exactly one load for consistent value across one exec. In the Linux kernel, the following vulnerability has been resolved: ELF: fix kernel.randomize_va_space double read ELF loader uses "randomize_va_space" twice. It is s... • https://git.kernel.org/stable/c/1f81d51141a234ad0a3874b4d185dc27a521cd27 • CWE-20: Improper Input Validation •
CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 0CVE-2024-46825 – wifi: iwlwifi: mvm: use IWL_FW_CHECK for link ID check
https://notcve.org/view.php?id=CVE-2024-46825
27 Sep 2024 — In the Linux kernel, the following vulnerability has been resolved: wifi: iwlwifi: mvm: use IWL_FW_CHECK for link ID check The lookup function iwl_mvm_rcu_fw_link_id_to_link_conf() is normally called with input from the firmware, so it should use IWL_FW_CHECK() instead of WARN_ON(). In the Linux kernel, the following vulnerability has been resolved: wifi: iwlwifi: mvm: use IWL_FW_CHECK for link ID check The lookup function iwl_mvm_rcu_fw_link_id_to_link_conf() is normally called with input from the firmware... • https://git.kernel.org/stable/c/415f3634d53c7fb4cf07d2f5a0be7f2e15e6da33 •
CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 0CVE-2024-46823 – kunit/overflow: Fix UB in overflow_allocation_test
https://notcve.org/view.php?id=CVE-2024-46823
27 Sep 2024 — In the Linux kernel, the following vulnerability has been resolved: kunit/overflow: Fix UB in overflow_allocation_test The 'device_name' array doesn't exist out of the 'overflow_allocation_test' function scope. However, it is being used as a driver name when calling 'kunit_driver_create' from 'kunit_device_register'. It produces the kernel panic with KASAN enabled. Since this variable is used in one place only, remove it and pass the device name into kunit_device_register directly as an ascii string. In the... • https://git.kernel.org/stable/c/d1207f07decc66546a7fa463d2f335a856c986ef •
CVSS: 5.5EPSS: 0%CPEs: 7EXPL: 0CVE-2024-46822 – arm64: acpi: Harden get_cpu_for_acpi_id() against missing CPU entry
https://notcve.org/view.php?id=CVE-2024-46822
27 Sep 2024 — In the Linux kernel, the following vulnerability has been resolved: arm64: acpi: Harden get_cpu_for_acpi_id() against missing CPU entry In a review discussion of the changes to support vCPU hotplug where a check was added on the GICC being enabled if was online, it was noted that there is need to map back to the cpu and use that to index into a cpumask. As such, a valid ID is needed. If an MPIDR check fails in acpi_map_gic_cpu_interface() it is possible for the entry in cpu_madt_gicc[cpu] == NULL. This func... • https://git.kernel.org/stable/c/f57769ff6fa7f97f1296965f20e8a2bb3ee9fd0f •
CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 0CVE-2024-46821 – drm/amd/pm: Fix negative array index read
https://notcve.org/view.php?id=CVE-2024-46821
27 Sep 2024 — In the Linux kernel, the following vulnerability has been resolved: drm/amd/pm: Fix negative array index read Avoid using the negative values for clk_idex as an index into an array pptable->DpmDescriptor. V2: fix clk_index return check (Tim Huang) In the Linux kernel, the following vulnerability has been resolved: drm/amd/pm: Fix negative array index read Avoid using the negative values for clk_idex as an index into an array pptable->DpmDescriptor. V2: fix clk_index return check (Tim Huang) Ubuntu Security ... • https://git.kernel.org/stable/c/60f4a4bc3329e5cb8c4df0cc961f0d5ffd96e22d •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2024-46820 – drm/amdgpu/vcn: remove irq disabling in vcn 5 suspend
https://notcve.org/view.php?id=CVE-2024-46820
27 Sep 2024 — In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu/vcn: remove irq disabling in vcn 5 suspend We do not directly enable/disable VCN IRQ in vcn 5.0.0. And we do not handle the IRQ state as well. So the calls to disable IRQ and set state are removed. This effectively gets rid of the warining of "WARN_ON(!amdgpu_irq_enabled(adev, src, type))" in amdgpu_irq_put(). In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu/vcn: remove irq disabling in vcn 5 suspend... • https://git.kernel.org/stable/c/aa92264ba6fd4fb570002f69762634221316e7ae •
CVSS: 5.5EPSS: 0%CPEs: 6EXPL: 0CVE-2024-46819 – drm/amdgpu: the warning dereferencing obj for nbio_v7_4
https://notcve.org/view.php?id=CVE-2024-46819
27 Sep 2024 — In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: the warning dereferencing obj for nbio_v7_4 if ras_manager obj null, don't print NBIO err data Ubuntu Security Notice 7144-1 - Supraja Sridhara, Benedict Schlüter, Mark Kuhne, Andrin Bertschi, and Shweta Shinde discovered that the Confidential Computing framework in the Linux kernel for x86 platforms did not properly handle 32-bit emulation on TDX and SEV. An attacker with access to the VMM could use this to cause a denial of se... • https://git.kernel.org/stable/c/614564a5b28983de53b23a358ebe6c483a2aa21e •
CVSS: 7.8EPSS: 0%CPEs: 7EXPL: 0CVE-2024-46818 – drm/amd/display: Check gpio_id before used as array index
https://notcve.org/view.php?id=CVE-2024-46818
27 Sep 2024 — In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Check gpio_id before used as array index [WHY & HOW] GPIO_ID_UNKNOWN (-1) is not a valid value for array index and therefore should be checked in advance. This fixes 5 OVERRUN issues reported by Coverity. In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Check gpio_id before used as array index [WHY & HOW] GPIO_ID_UNKNOWN (-1) is not a valid value for array index and therefore should be ch... • https://git.kernel.org/stable/c/8520fdc8ecc38f240a8e9e7af89cca6739c3e790 •