CVSS: 5.5EPSS: 0%CPEs: 7EXPL: 0CVE-2024-56781 – powerpc/prom_init: Fixup missing powermac #size-cells
https://notcve.org/view.php?id=CVE-2024-56781
08 Jan 2025 — In the Linux kernel, the following vulnerability has been resolved: powerpc/prom_init: Fixup missing powermac #size-cells On some powermacs `escc` nodes are missing `#size-cells` properties, which is deprecated and now triggers a warning at boot since commit 045b14ca5c36 ("of: WARN on deprecated #address-cells/#size-cells handling"). For example: Missing '#size-cells' in /pci@f2000000/mac-io@c/escc@13000 WARNING: CPU: 0 PID: 0 at drivers/of/base.c:133 of_bus_n_size_cells+0x98/0x108 Hardware name: PowerMac3,... • https://git.kernel.org/stable/c/0b94d838018fb0a824e0cd3149034928c99fb1b7 •
CVSS: 5.5EPSS: 0%CPEs: 10EXPL: 0CVE-2024-56780 – quota: flush quota_release_work upon quota writeback
https://notcve.org/view.php?id=CVE-2024-56780
08 Jan 2025 — In the Linux kernel, the following vulnerability has been resolved: quota: flush quota_release_work upon quota writeback One of the paths quota writeback is called from is: freeze_super() sync_filesystem() ext4_sync_fs() dquot_writeback_dquots() Since we currently don't always flush the quota_release_work queue in this path, we can end up with the following race: 1. dquot are added to releasing_dquots list during regular operations. 2. FS Freeze starts, however, this does not flush the quota_release_work qu... • https://git.kernel.org/stable/c/d40c192e119892799dd4ddf94f5cea6fa93775ef •
CVSS: 5.5EPSS: 0%CPEs: 7EXPL: 0CVE-2024-56779 – nfsd: fix nfs4_openowner leak when concurrent nfsd4_open occur
https://notcve.org/view.php?id=CVE-2024-56779
08 Jan 2025 — In the Linux kernel, the following vulnerability has been resolved: nfsd: fix nfs4_openowner leak when concurrent nfsd4_open occur The action force umount(umount -f) will attempt to kill all rpc_task even umount operation may ultimately fail if some files remain open. Consequently, if an action attempts to open a file, it can potentially send two rpc_task to nfs server. NFS CLIENT thread1 thread2 open("file") ... nfs4_do_open _nfs4_do_open _nfs4_open_and_get_state _nfs4_proc_open nfs4_run_open_task /* rpc_t... • https://git.kernel.org/stable/c/a85364f0d30dee01c5d5b4afa55a9629a8f36d8e •
CVSS: 5.5EPSS: 0%CPEs: 5EXPL: 0CVE-2024-56778 – drm/sti: avoid potential dereference of error pointers in sti_hqvdp_atomic_check
https://notcve.org/view.php?id=CVE-2024-56778
08 Jan 2025 — In the Linux kernel, the following vulnerability has been resolved: drm/sti: avoid potential dereference of error pointers in sti_hqvdp_atomic_check The return value of drm_atomic_get_crtc_state() needs to be checked. To avoid use of error pointer 'crtc_state' in case of the failure. In the Linux kernel, the following vulnerability has been resolved: drm/sti: avoid potential dereference of error pointers in sti_hqvdp_atomic_check The return value of drm_atomic_get_crtc_state() needs to be checked. To avoid ... • https://git.kernel.org/stable/c/dd86dc2f9ae1102f46115be1f1422265c15540f1 •
CVSS: 5.5EPSS: 0%CPEs: 5EXPL: 0CVE-2024-56777 – drm/sti: avoid potential dereference of error pointers in sti_gdp_atomic_check
https://notcve.org/view.php?id=CVE-2024-56777
08 Jan 2025 — In the Linux kernel, the following vulnerability has been resolved: drm/sti: avoid potential dereference of error pointers in sti_gdp_atomic_check The return value of drm_atomic_get_crtc_state() needs to be checked. To avoid use of error pointer 'crtc_state' in case of the failure. In the Linux kernel, the following vulnerability has been resolved: drm/sti: avoid potential dereference of error pointers in sti_gdp_atomic_check The return value of drm_atomic_get_crtc_state() needs to be checked. To avoid use ... • https://git.kernel.org/stable/c/dd86dc2f9ae1102f46115be1f1422265c15540f1 •
CVSS: 5.5EPSS: 0%CPEs: 5EXPL: 0CVE-2024-56776 – drm/sti: avoid potential dereference of error pointers
https://notcve.org/view.php?id=CVE-2024-56776
08 Jan 2025 — In the Linux kernel, the following vulnerability has been resolved: drm/sti: avoid potential dereference of error pointers The return value of drm_atomic_get_crtc_state() needs to be checked. To avoid use of error pointer 'crtc_state' in case of the failure. In the Linux kernel, the following vulnerability has been resolved: drm/sti: avoid potential dereference of error pointers The return value of drm_atomic_get_crtc_state() needs to be checked. To avoid use of error pointer 'crtc_state' in case of the fai... • https://git.kernel.org/stable/c/dd86dc2f9ae1102f46115be1f1422265c15540f1 •
CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 0CVE-2024-56775 – drm/amd/display: Fix handling of plane refcount
https://notcve.org/view.php?id=CVE-2024-56775
08 Jan 2025 — In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Fix handling of plane refcount [Why] The mechanism to backup and restore plane states doesn't maintain refcount, which can cause issues if the refcount of the plane changes in between backup and restore operations, such as memory leaks if the refcount was supposed to go down, or double frees / invalid memory accesses if the refcount was supposed to go up. [How] Cache and re-apply current refcount when restoring plane states... • https://git.kernel.org/stable/c/8cb2f6793845f135b28361ba8e96901cae3e5790 •
CVSS: 10.0EPSS: 0%CPEs: 7EXPL: 0CVE-2024-56770 – net/sched: netem: account for backlog updates from child qdisc
https://notcve.org/view.php?id=CVE-2024-56770
08 Jan 2025 — In the Linux kernel, the following vulnerability has been resolved: net/sched: netem: account for backlog updates from child qdisc In general, 'qlen' of any classful qdisc should keep track of the number of packets that the qdisc itself and all of its children holds. In case of netem, 'qlen' only accounts for the packets in its internal tfifo. When netem is used with a child qdisc, the child qdisc can use 'qdisc_tree_reduce_backlog' to inform its parent, netem, about created or dropped SKBs. This function u... • https://git.kernel.org/stable/c/50612537e9ab29693122fab20fc1eed235054ffe •
CVSS: 7.2EPSS: 0%CPEs: 7EXPL: 0CVE-2024-56769 – media: dvb-frontends: dib3000mb: fix uninit-value in dib3000_write_reg
https://notcve.org/view.php?id=CVE-2024-56769
06 Jan 2025 — In the Linux kernel, the following vulnerability has been resolved: media: dvb-frontends: dib3000mb: fix uninit-value in dib3000_write_reg Syzbot reports [1] an uninitialized value issue found by KMSAN in dib3000_read_reg(). Local u8 rb[2] is used in i2c_transfer() as a read buffer; in case that call fails, the buffer may end up with some undefined values. Since no elaborate error handling is expected in dib3000_write_reg(), simply zero out rb buffer to mitigate the problem. [1] Syzkaller report dvb-usb: bu... • https://git.kernel.org/stable/c/74340b0a8bc60b400c7e5fe4950303aa6f914d16 •
CVSS: 5.5EPSS: 0%CPEs: 7EXPL: 0CVE-2024-56767 – dmaengine: at_xdmac: avoid null_prt_deref in at_xdmac_prep_dma_memset
https://notcve.org/view.php?id=CVE-2024-56767
06 Jan 2025 — In the Linux kernel, the following vulnerability has been resolved: dmaengine: at_xdmac: avoid null_prt_deref in at_xdmac_prep_dma_memset The at_xdmac_memset_create_desc may return NULL, which will lead to a null pointer dereference. For example, the len input is error, or the atchan->free_descs_list is empty and memory is exhausted. Therefore, add check to avoid this. En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: dmaengine: at_xdmac: evitar null_prt_deref en at_xdmac_prep_dma_memset El... • https://git.kernel.org/stable/c/b206d9a23ac71cb905f5fb6e0cd813406f89b678 •