CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2024-58065 – clk: mmp: pxa1908-apbc: Fix NULL vs IS_ERR() check
https://notcve.org/view.php?id=CVE-2024-58065
06 Mar 2025 — In the Linux kernel, the following vulnerability has been resolved: clk: mmp: pxa1908-apbc: Fix NULL vs IS_ERR() check The devm_kzalloc() function returns NULL on error, not error pointers. Fix the check. In the Linux kernel, the following vulnerability has been resolved: clk: mmp: pxa1908-apbc: Fix NULL vs IS_ERR() check The devm_kzalloc() function returns NULL on error, not error pointers. Fix the check. • https://git.kernel.org/stable/c/51ce5591927389985451c0875f576701664f0a38 •
CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 0CVE-2024-58064 – wifi: cfg80211: tests: Fix potential NULL dereference in test_cfg80211_parse_colocated_ap()
https://notcve.org/view.php?id=CVE-2024-58064
06 Mar 2025 — In the Linux kernel, the following vulnerability has been resolved: wifi: cfg80211: tests: Fix potential NULL dereference in test_cfg80211_parse_colocated_ap() kunit_kzalloc() may return NULL, dereferencing it without NULL check may lead to NULL dereference. Add a NULL check for ies. In the Linux kernel, the following vulnerability has been resolved: wifi: cfg80211: tests: Fix potential NULL dereference in test_cfg80211_parse_colocated_ap() kunit_kzalloc() may return NULL, dereferencing it without NULL chec... • https://git.kernel.org/stable/c/45d43937a44c806b8649323b8f5d9f42ae838b0e •
CVSS: 5.5EPSS: 0%CPEs: 5EXPL: 0CVE-2024-58063 – wifi: rtlwifi: fix memory leaks and invalid access at probe error path
https://notcve.org/view.php?id=CVE-2024-58063
06 Mar 2025 — In the Linux kernel, the following vulnerability has been resolved: wifi: rtlwifi: fix memory leaks and invalid access at probe error path Deinitialize at reverse order when probe fails. When init_sw_vars fails, rtl_deinit_core should not be called, specially now that it destroys the rtl_wq workqueue. And call rtl_pci_deinit and deinit_sw_vars, otherwise, memory will be leaked. Remove pci_set_drvdata call as it will already be cleaned up by the core driver code and could lead to memory leaks too. cf. commit... • https://git.kernel.org/stable/c/0c8173385e549f95cd80c3fff5aab87b4f881d8d •
CVSS: 9.8EPSS: 0%CPEs: 3EXPL: 0CVE-2024-58062 – wifi: iwlwifi: mvm: avoid NULL pointer dereference
https://notcve.org/view.php?id=CVE-2024-58062
06 Mar 2025 — In the Linux kernel, the following vulnerability has been resolved: wifi: iwlwifi: mvm: avoid NULL pointer dereference When iterating over the links of a vif, we need to make sure that the pointer is valid (in other words - that the link exists) before dereferncing it. Use for_each_vif_active_link that also does the check. In the Linux kernel, the following vulnerability has been resolved: wifi: iwlwifi: mvm: avoid NULL pointer dereference When iterating over the links of a vif, we need to make sure that th... • https://git.kernel.org/stable/c/2b7ee1a10a72ef8f3df621133ac04e80e8214037 •
CVSS: 9.8EPSS: 0%CPEs: 5EXPL: 0CVE-2024-58061 – wifi: mac80211: prohibit deactivating all links
https://notcve.org/view.php?id=CVE-2024-58061
06 Mar 2025 — In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211: prohibit deactivating all links In the internal API this calls this is a WARN_ON, but that should remain since internally we want to know about bugs that may cause this. Prevent deactivating all links in the debugfs write directly. In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211: prohibit deactivating all links In the internal API this calls this is a WARN_ON, but that should remain since i... • https://git.kernel.org/stable/c/3d901102922723eedce6ef10ebd03315a7abb8a5 •
CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 0CVE-2024-58060 – bpf: Reject struct_ops registration that uses module ptr and the module btf_id is missing
https://notcve.org/view.php?id=CVE-2024-58060
06 Mar 2025 — In the Linux kernel, the following vulnerability has been resolved: bpf: Reject struct_ops registration that uses module ptr and the module btf_id is missing There is a UAF report in the bpf_struct_ops when CONFIG_MODULES=n. In particular, the report is on tcp_congestion_ops that has a "struct module *owner" member. For struct_ops that has a "struct module *owner" member, it can be extended either by the regular kernel module or by the bpf_struct_ops. bpf_try_module_get() will be used to do the refcounting ... • https://git.kernel.org/stable/c/1611603537a4b88cec7993f32b70c03113801a46 • CWE-416: Use After Free •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2024-58059 – media: uvcvideo: Fix deadlock during uvc_probe
https://notcve.org/view.php?id=CVE-2024-58059
06 Mar 2025 — In the Linux kernel, the following vulnerability has been resolved: media: uvcvideo: Fix deadlock during uvc_probe If uvc_probe() fails, it can end up calling uvc_status_unregister() before uvc_status_init() is called. Fix this by checking if dev->status is NULL or not in uvc_status_unregister(). In the Linux kernel, the following vulnerability has been resolved: media: uvcvideo: Fix deadlock during uvc_probe If uvc_probe() fails, it can end up calling uvc_status_unregister() before uvc_status_init() is cal... • https://git.kernel.org/stable/c/c5fe3ed618f995b4a903e574bf2e993cdebeefca •
CVSS: 5.5EPSS: 0%CPEs: 5EXPL: 0CVE-2024-58058 – ubifs: skip dumping tnc tree when zroot is null
https://notcve.org/view.php?id=CVE-2024-58058
06 Mar 2025 — In the Linux kernel, the following vulnerability has been resolved: ubifs: skip dumping tnc tree when zroot is null Clearing slab cache will free all znode in memory and make c->zroot.znode = NULL, then dumping tnc tree will access c->zroot.znode which cause null pointer dereference. In the Linux kernel, the following vulnerability has been resolved: ubifs: skip dumping tnc tree when zroot is null Clearing slab cache will free all znode in memory and make c->zroot.znode = NULL, then dumping tnc tree will ac... • https://git.kernel.org/stable/c/1e51764a3c2ac05a23a22b2a95ddee4d9bffb16d •
CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 0CVE-2024-58057 – idpf: convert workqueues to unbound
https://notcve.org/view.php?id=CVE-2024-58057
06 Mar 2025 — In the Linux kernel, the following vulnerability has been resolved: idpf: convert workqueues to unbound When a workqueue is created with `WQ_UNBOUND`, its work items are served by special worker-pools, whose host workers are not bound to any specific CPU. In the default configuration (i.e. when `queue_delayed_work` and friends do not specify which CPU to run the work item on), `WQ_UNBOUND` allows the work item to be executed on any CPU in the same node of the CPU it was enqueued on. While this solution pote... • https://git.kernel.org/stable/c/0fe45467a1041ea3657a7fa3a791c84c104fbd34 •
CVSS: 7.1EPSS: 0%CPEs: 5EXPL: 0CVE-2024-58056 – remoteproc: core: Fix ida_free call while not allocated
https://notcve.org/view.php?id=CVE-2024-58056
06 Mar 2025 — In the Linux kernel, the following vulnerability has been resolved: remoteproc: core: Fix ida_free call while not allocated In the rproc_alloc() function, on error, put_device(&rproc->dev) is called, leading to the call of the rproc_type_release() function. An error can occurs before ida_alloc is called. In such case in rproc_type_release(), the condition (rproc->index >= 0) is true as rproc->index has been initialized to 0. ida_free() is called reporting a warning: [ 4.181906] WARNING: CPU: 1 PID: 24 at li... • https://git.kernel.org/stable/c/08333b911f01862e71e51b7065fb4baca3cd2e67 •