CVSS: 5.5EPSS: 0%CPEs: 7EXPL: 0CVE-2024-50233 – staging: iio: frequency: ad9832: fix division by zero in ad9832_calc_freqreg()
https://notcve.org/view.php?id=CVE-2024-50233
09 Nov 2024 — In the Linux kernel, the following vulnerability has been resolved: staging: iio: frequency: ad9832: fix division by zero in ad9832_calc_freqreg() In the ad9832_write_frequency() function, clk_get_rate() might return 0. This can lead to a division by zero when calling ad9832_calc_freqreg(). The check if (fout > (clk_get_rate(st->mclk) / 2)) does not protect against the case when fout is 0. The ad9832_write_frequency() function is called from ad9832_write(), and fout is derived from a text buffer, which can ... • https://git.kernel.org/stable/c/ea707584bac187c9c6c64c4eacd1c09bcc08f37b •
CVSS: 5.5EPSS: 0%CPEs: 5EXPL: 0CVE-2024-50232 – iio: adc: ad7124: fix division by zero in ad7124_set_channel_odr()
https://notcve.org/view.php?id=CVE-2024-50232
09 Nov 2024 — In the Linux kernel, the following vulnerability has been resolved: iio: adc: ad7124: fix division by zero in ad7124_set_channel_odr() In the ad7124_write_raw() function, parameter val can potentially be zero. This may lead to a division by zero when DIV_ROUND_CLOSEST() is called within ad7124_set_channel_odr(). The ad7124_write_raw() function is invoked through the sequence: iio_write_channel_raw() -> iio_write_channel_attribute() -> iio_channel_write(), with no checks in place to ensure val is non-zero. I... • https://git.kernel.org/stable/c/7b8d045e497a04dd88546da51f34fa3b102778d2 •
CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 0CVE-2024-50231 – iio: gts-helper: Fix memory leaks in iio_gts_build_avail_scale_table()
https://notcve.org/view.php?id=CVE-2024-50231
09 Nov 2024 — In the Linux kernel, the following vulnerability has been resolved: iio: gts-helper: Fix memory leaks in iio_gts_build_avail_scale_table() modprobe iio-test-gts and rmmod it, then the following memory leak occurs: unreferenced object 0xffffff80c810be00 (size 64): comm "kunit_try_catch", pid 1654, jiffies 4294913981 hex dump (first 32 bytes): 02 00 00 00 08 00 00 00 20 00 00 00 40 00 00 00 ........ ...@... 80 00 00 00 00 02 00 00 00 04 00 00 00 08 00 00 ................ backtrace (crc a63d875e): [<0000000028... • https://git.kernel.org/stable/c/38416c28e16890b52fdd5eb73479299ec3f062f3 •
CVSS: 7.1EPSS: 0%CPEs: 8EXPL: 0CVE-2024-50230 – nilfs2: fix kernel bug due to missing clearing of checked flag
https://notcve.org/view.php?id=CVE-2024-50230
09 Nov 2024 — In the Linux kernel, the following vulnerability has been resolved: nilfs2: fix kernel bug due to missing clearing of checked flag Syzbot reported that in directory operations after nilfs2 detects filesystem corruption and degrades to read-only, __block_write_begin_int(), which is called to prepare block writes, may fail the BUG_ON check for accesses exceeding the folio/page size, triggering a kernel bug. This was found to be because the "checked" flag of a page/folio was not cleared when it was discarded b... • https://git.kernel.org/stable/c/8c26c4e2694a163d525976e804d81cd955bbb40c •
CVSS: 5.5EPSS: 0%CPEs: 9EXPL: 0CVE-2024-50229 – nilfs2: fix potential deadlock with newly created symlinks
https://notcve.org/view.php?id=CVE-2024-50229
09 Nov 2024 — In the Linux kernel, the following vulnerability has been resolved: nilfs2: fix potential deadlock with newly created symlinks Syzbot reported that page_symlink(), called by nilfs_symlink(), triggers memory reclamation involving the filesystem layer, which can result in circular lock dependencies among the reader/writer semaphore nilfs->ns_segctor_sem, s_writers percpu_rwsem (intwrite) and the fs_reclaim pseudo lock. This is because after commit 21fc61c73c39 ("don't put symlink bodies in pagecache into high... • https://git.kernel.org/stable/c/21fc61c73c3903c4c312d0802da01ec2b323d174 •
CVSS: 7.1EPSS: 0%CPEs: 2EXPL: 0CVE-2024-50227 – thunderbolt: Fix KASAN reported stack out-of-bounds read in tb_retimer_scan()
https://notcve.org/view.php?id=CVE-2024-50227
09 Nov 2024 — In the Linux kernel, the following vulnerability has been resolved: thunderbolt: Fix KASAN reported stack out-of-bounds read in tb_retimer_scan() KASAN reported following issue: BUG: KASAN: stack-out-of-bounds in tb_retimer_scan+0xffe/0x1550 [thunderbolt] Read of size 4 at addr ffff88810111fc1c by task kworker/u56:0/11 CPU: 0 UID: 0 PID: 11 Comm: kworker/u56:0 Tainted: G U 6.11.0+ #1387 Tainted: [U]=USER Workqueue: thunderbolt0 tb_handle_hotplug [thunderbolt] Call Trace:
CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 0CVE-2024-50226 – cxl/port: Fix use-after-free, permit out-of-order decoder shutdown
https://notcve.org/view.php?id=CVE-2024-50226
09 Nov 2024 — In the Linux kernel, the following vulnerability has been resolved: cxl/port: Fix use-after-free, permit out-of-order decoder shutdown In support of investigating an initialization failure report [1], cxl_test was updated to register mock memory-devices after the mock root-port/bus device had been registered. That led to cxl_test crashing with a use-after-free bug with the following signature: cxl_port_attach_region: cxl region3: cxl_host_bridge.0:port3 decoder3.0 add: mem0:decoder7.0 @ 0 next: cxl_switch_u... • https://git.kernel.org/stable/c/176baefb2eb5d7a3ddebe3ff803db1fce44574b5 • CWE-416: Use After Free •
CVSS: 7.1EPSS: 0%CPEs: 2EXPL: 0CVE-2024-50225 – btrfs: fix error propagation of split bios
https://notcve.org/view.php?id=CVE-2024-50225
09 Nov 2024 — In the Linux kernel, the following vulnerability has been resolved: btrfs: fix error propagation of split bios The purpose of btrfs_bbio_propagate_error() shall be propagating an error of split bio to its original btrfs_bio, and tell the error to the upper layer. However, it's not working well on some cases. * Case 1. Immediate (or quick) end_bio with an error When btrfs sends btrfs_bio to mirrored devices, btrfs calls btrfs_bio_end_io() when all the mirroring bios are completed. If that btrfs_bio was split... • https://git.kernel.org/stable/c/852eee62d31abd695cd43e1b875d664ed292a8ca •
CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 0CVE-2024-50224 – spi: spi-fsl-dspi: Fix crash when not using GPIO chip select
https://notcve.org/view.php?id=CVE-2024-50224
09 Nov 2024 — In the Linux kernel, the following vulnerability has been resolved: spi: spi-fsl-dspi: Fix crash when not using GPIO chip select Add check for the return value of spi_get_csgpiod() to avoid passing a NULL pointer to gpiod_direction_output(), preventing a crash when GPIO chip select is not used. Fix below crash: [ 4.251960] Unable to handle kernel NULL pointer dereference at virtual address 0000000000000000 [ 4.260762] Mem abort info: [ 4.263556] ESR = 0x0000000096000004 [ 4.267308] EC = 0x25: DABT (current ... • https://git.kernel.org/stable/c/9e264f3f85a56cc109cc2d6010a48aa89d5c1ff1 •
CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 0CVE-2024-50223 – sched/numa: Fix the potential null pointer dereference in task_numa_work()
https://notcve.org/view.php?id=CVE-2024-50223
09 Nov 2024 — In the Linux kernel, the following vulnerability has been resolved: sched/numa: Fix the potential null pointer dereference in task_numa_work() When running stress-ng-vm-segv test, we found a null pointer dereference error in task_numa_work(). Here is the backtrace: [323676.066985] Unable to handle kernel NULL pointer dereference at virtual address 0000000000000020 ...... [323676.067108] CPU: 35 PID: 2694524 Comm: stress-ng-vm-se ...... [323676.067113] pstate: 23401009 (nzCv daif +PAN -UAO +TCO +DIT +SSBS BT... • https://git.kernel.org/stable/c/214dbc4281374cbbd833edd502d0ed1fd1b0e243 • CWE-476: NULL Pointer Dereference •