CVSS: 5.5EPSS: %CPEs: 7EXPL: 0CVE-2024-43098 – i3c: Use i3cdev->desc->info instead of calling i3c_device_get_info() to avoid deadlock
https://notcve.org/view.php?id=CVE-2024-43098
11 Jan 2025 — In the Linux kernel, the following vulnerability has been resolved: i3c: Use i3cdev->desc->info instead of calling i3c_device_get_info() to avoid deadlock A deadlock may happen since the i3c_master_register() acquires &i3cbus->lock twice. See the log below. Use i3cdev->desc->info instead of calling i3c_device_info() to avoid acquiring the lock twice. v2: - Modified the title and commit message ============================================ WARNING: possible recursive locking detected 6.11.0-mainline ---------... • https://git.kernel.org/stable/c/9a2173660ee53d5699744f02e6ab7bf89fcd0b1a •
CVSS: 7.1EPSS: %CPEs: 3EXPL: 0CVE-2024-41935 – f2fs: fix to shrink read extent node in batches
https://notcve.org/view.php?id=CVE-2024-41935
11 Jan 2025 — In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to shrink read extent node in batches We use rwlock to protect core structure data of extent tree during its shrink, however, if there is a huge number of extent nodes in extent tree, during shrink of extent tree, it may hold rwlock for a very long time, which may trigger kernel hang issue. This patch fixes to shrink read extent node in batches, so that, critical region of the rwlock can be shrunk to avoid its extreme long time ho... • https://git.kernel.org/stable/c/295b50e95e900da31ff237e46e04525fa799b2cf •
CVSS: 4.7EPSS: %CPEs: 2EXPL: 0CVE-2024-41932 – sched: fix warning in sched_setaffinity
https://notcve.org/view.php?id=CVE-2024-41932
11 Jan 2025 — In the Linux kernel, the following vulnerability has been resolved: sched: fix warning in sched_setaffinity Commit 8f9ea86fdf99b added some logic to sched_setaffinity that included a WARN when a per-task affinity assignment races with a cpuset update. Specifically, we can have a race where a cpuset update results in the task affinity no longer being a subset of the cpuset. That's fine; we have a fallback to instead use the cpuset mask. However, we have a WARN set up that will trigger if the cpuset mask has ... • https://git.kernel.org/stable/c/8f9ea86fdf99b81458cc21fc1c591fcd4a0fa1f4 •
CVSS: 7.1EPSS: 0%CPEs: 5EXPL: 0CVE-2024-56787 – soc: imx8m: Probe the SoC driver as platform driver
https://notcve.org/view.php?id=CVE-2024-56787
08 Jan 2025 — In the Linux kernel, the following vulnerability has been resolved: soc: imx8m: Probe the SoC driver as platform driver With driver_async_probe=* on kernel command line, the following trace is produced because on i.MX8M Plus hardware because the soc-imx8m.c driver calls of_clk_get_by_name() which returns -EPROBE_DEFER because the clock driver is not yet probed. This was not detected during regular testing without driver_async_probe. Convert the SoC code to platform driver and instantiate a platform device i... • https://git.kernel.org/stable/c/e497edb8f31ec2c2b6f4ce930e175aa2da8be334 •
CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 0CVE-2024-56786 – bpf: put bpf_link's program when link is safe to be deallocated
https://notcve.org/view.php?id=CVE-2024-56786
08 Jan 2025 — In the Linux kernel, the following vulnerability has been resolved: bpf: put bpf_link's program when link is safe to be deallocated In general, BPF link's underlying BPF program should be considered to be reachable through attach hook -> link -> prog chain, and, pessimistically, we have to assume that as long as link's memory is not safe to free, attach hook's code might hold a pointer to BPF program and use it. As such, it's not (generally) correct to put link's program early before waiting for RCU GPs to ... • https://git.kernel.org/stable/c/5fe23c57abadfd46a7a66e81f3536e4757252a0b •
CVSS: 7.8EPSS: 0%CPEs: 6EXPL: 0CVE-2024-56785 – MIPS: Loongson64: DTS: Really fix PCIe port nodes for ls7a
https://notcve.org/view.php?id=CVE-2024-56785
08 Jan 2025 — In the Linux kernel, the following vulnerability has been resolved: MIPS: Loongson64: DTS: Really fix PCIe port nodes for ls7a Fix the dtc warnings: arch/mips/boot/dts/loongson/ls7a-pch.dtsi:68.16-416.5: Warning (interrupt_provider): /bus@10000000/pci@1a000000: '#interrupt-cells' found, but node is not an interrupt provider arch/mips/boot/dts/loongson/ls7a-pch.dtsi:68.16-416.5: Warning (interrupt_provider): /bus@10000000/pci@1a000000: '#interrupt-cells' found, but node is not an interrupt provider arch/mips... • https://git.kernel.org/stable/c/5a2eaa3ad2b803c7ea442c6db7379466ee73c024 •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2024-56784 – drm/amd/display: Adding array index check to prevent memory corruption
https://notcve.org/view.php?id=CVE-2024-56784
08 Jan 2025 — In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Adding array index check to prevent memory corruption [Why & How] Array indices out of bound caused memory corruption. Adding checks to ensure that array index stays in bound. In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Adding array index check to prevent memory corruption [Why & How] Array indices out of bound caused memory corruption. Adding checks to ensure that array index stays ... • https://git.kernel.org/stable/c/dff526dc3e27f5484f5ba11471b9fbbe681467f2 •
CVSS: 5.5EPSS: 0%CPEs: 5EXPL: 0CVE-2024-56783 – netfilter: nft_socket: remove WARN_ON_ONCE on maximum cgroup level
https://notcve.org/view.php?id=CVE-2024-56783
08 Jan 2025 — In the Linux kernel, the following vulnerability has been resolved: netfilter: nft_socket: remove WARN_ON_ONCE on maximum cgroup level cgroup maximum depth is INT_MAX by default, there is a cgroup toggle to restrict this maximum depth to a more reasonable value not to harm performance. Remove unnecessary WARN_ON_ONCE which is reachable from userspace. In the Linux kernel, the following vulnerability has been resolved: netfilter: nft_socket: remove WARN_ON_ONCE on maximum cgroup level cgroup maximum depth is... • https://git.kernel.org/stable/c/ace0db36b4a1db07a48517c4f04488d1cd05e5f5 •
CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 0CVE-2024-56782 – ACPI: x86: Add adev NULL check to acpi_quirk_skip_serdev_enumeration()
https://notcve.org/view.php?id=CVE-2024-56782
08 Jan 2025 — In the Linux kernel, the following vulnerability has been resolved: ACPI: x86: Add adev NULL check to acpi_quirk_skip_serdev_enumeration() acpi_dev_hid_match() does not check for adev == NULL, dereferencing it unconditional. Add a check for adev being NULL before calling acpi_dev_hid_match(). At the moment acpi_quirk_skip_serdev_enumeration() is never called with a controller_parent without an ACPI companion, but better safe than sorry. In the Linux kernel, the following vulnerability has been resolved: ACP... • https://git.kernel.org/stable/c/e173bce05f7032a8b4964cfef82a4b7668f5f3af •
CVSS: 5.5EPSS: 0%CPEs: 7EXPL: 0CVE-2024-56781 – powerpc/prom_init: Fixup missing powermac #size-cells
https://notcve.org/view.php?id=CVE-2024-56781
08 Jan 2025 — In the Linux kernel, the following vulnerability has been resolved: powerpc/prom_init: Fixup missing powermac #size-cells On some powermacs `escc` nodes are missing `#size-cells` properties, which is deprecated and now triggers a warning at boot since commit 045b14ca5c36 ("of: WARN on deprecated #address-cells/#size-cells handling"). For example: Missing '#size-cells' in /pci@f2000000/mac-io@c/escc@13000 WARNING: CPU: 0 PID: 0 at drivers/of/base.c:133 of_bus_n_size_cells+0x98/0x108 Hardware name: PowerMac3,... • https://git.kernel.org/stable/c/0b94d838018fb0a824e0cd3149034928c99fb1b7 •