CVSS: 6.3EPSS: 0%CPEs: 6EXPL: 0CVE-2024-42161 – bpf: Avoid uninitialized value in BPF_CORE_READ_BITFIELD
https://notcve.org/view.php?id=CVE-2024-42161
30 Jul 2024 — In the Linux kernel, the following vulnerability has been resolved: bpf: Avoid uninitialized value in BPF_CORE_READ_BITFIELD [Changes from V1: - Use a default branch in the switch statement to initialize `val'.] GCC warns that `val' may be used uninitialized in the BPF_CRE_READ_BITFIELD macro, defined in bpf_core_read.h as: [...] unsigned long long val; \ [...] \ switch (__CORE_RELO(s, field, BYTE_SIZE)) { \ case 1: val = *(const unsigned char *)p; break; \ case 2: val = *(const unsigned short *)p; break; \... • https://git.kernel.org/stable/c/b694989bb13ed5f166e633faa1eb0f21c6d261a6 •
CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 0CVE-2024-42160 – f2fs: check validation of fault attrs in f2fs_build_fault_attr()
https://notcve.org/view.php?id=CVE-2024-42160
30 Jul 2024 — In the Linux kernel, the following vulnerability has been resolved: f2fs: check validation of fault attrs in f2fs_build_fault_attr() - It missed to check validation of fault attrs in parse_options(), let's fix to add check condition in f2fs_build_fault_attr(). - Use f2fs_build_fault_attr() in __sbi_store() to clean up code. In the Linux kernel, the following vulnerability has been resolved: f2fs: check validation of fault attrs in f2fs_build_fault_attr() - It missed to check validation of fault attrs in par... • https://git.kernel.org/stable/c/bc84dd2c33e0c10fd90d60f0cfc0bfb504d4692d •
CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 0CVE-2024-42159 – scsi: mpi3mr: Sanitise num_phys
https://notcve.org/view.php?id=CVE-2024-42159
30 Jul 2024 — In the Linux kernel, the following vulnerability has been resolved: scsi: mpi3mr: Sanitise num_phys Information is stored in mr_sas_port->phy_mask, values larger then size of this field shouldn't be allowed. A vulnerability was found in the Linux kernel's mpi3mr driver in the mpi3mr_sas_port_add() function, where a lack of proper checks could lead to values that are larger than what the defined size of the num_phys field in the mr_sas_node structure being inserted, causing the field to be overwritten and po... • https://git.kernel.org/stable/c/b869ec89d2ee923d46608b76e54c006680c9b4df • CWE-787: Out-of-bounds Write •
CVSS: 5.5EPSS: 0%CPEs: 8EXPL: 0CVE-2024-42153 – i2c: pnx: Fix potential deadlock warning from del_timer_sync() call in isr
https://notcve.org/view.php?id=CVE-2024-42153
30 Jul 2024 — In the Linux kernel, the following vulnerability has been resolved: i2c: pnx: Fix potential deadlock warning from del_timer_sync() call in isr When del_timer_sync() is called in an interrupt context it throws a warning because of potential deadlock. The timer is used only to exit from wait_for_completion() after a timeout so replacing the call with wait_for_completion_timeout() allows to remove the problematic timer and its related functions altogether. In the Linux kernel, the following vulnerability has b... • https://git.kernel.org/stable/c/41561f28e76a47dc6de0a954da85d0b5c42874eb •
CVSS: 4.7EPSS: 0%CPEs: 6EXPL: 0CVE-2024-42152 – nvmet: fix a possible leak when destroy a ctrl during qp establishment
https://notcve.org/view.php?id=CVE-2024-42152
30 Jul 2024 — In the Linux kernel, the following vulnerability has been resolved: nvmet: fix a possible leak when destroy a ctrl during qp establishment In nvmet_sq_destroy we capture sq->ctrl early and if it is non-NULL we know that a ctrl was allocated (in the admin connect request handler) and we need to release pending AERs, clear ctrl->sqs and sq->ctrl (for nvme-loop primarily), and drop the final reference on the ctrl. However, a small window is possible where nvmet_sq_destroy starts (as a result of the client givi... • https://git.kernel.org/stable/c/2f3c22b1d3d7e86712253244797a651998c141fa • CWE-404: Improper Resource Shutdown or Release •
CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 0CVE-2024-42151 – bpf: mark bpf_dummy_struct_ops.test_1 parameter as nullable
https://notcve.org/view.php?id=CVE-2024-42151
30 Jul 2024 — In the Linux kernel, the following vulnerability has been resolved: bpf: mark bpf_dummy_struct_ops.test_1 parameter as nullable Test case dummy_st_ops/dummy_init_ret_value passes NULL as the first parameter of the test_1() function. Mark this parameter as nullable to make verifier aware of such possibility. Otherwise, NULL check in the test_1() code: SEC("struct_ops/test_1") int BPF_PROG(test_1, struct bpf_dummy_ops_state *state) { if (!state) return ...; ... access state ... } Might be removed by verifier,... • https://git.kernel.org/stable/c/7f79097b0de97a486b137b750d7dd7b20b519d23 •
CVSS: 7.8EPSS: 0%CPEs: 8EXPL: 0CVE-2024-42148 – bnx2x: Fix multiple UBSAN array-index-out-of-bounds
https://notcve.org/view.php?id=CVE-2024-42148
30 Jul 2024 — In the Linux kernel, the following vulnerability has been resolved: bnx2x: Fix multiple UBSAN array-index-out-of-bounds Fix UBSAN warnings that occur when using a system with 32 physical cpu cores or more, or when the user defines a number of Ethernet queues greater than or equal to FP_SB_MAX_E1x using the num_queues module parameter. Currently there is a read/write out of bounds that occurs on the array "struct stats_query_entry query" present inside the "bnx2x_fw_stats_req" struct in "drivers/net/ethernet... • https://git.kernel.org/stable/c/50f0a562f8cc9ed9d9f7f7380434c3c8646172d5 •
CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 0CVE-2024-42147 – crypto: hisilicon/debugfs - Fix debugfs uninit process issue
https://notcve.org/view.php?id=CVE-2024-42147
30 Jul 2024 — In the Linux kernel, the following vulnerability has been resolved: crypto: hisilicon/debugfs - Fix debugfs uninit process issue During the zip probe process, the debugfs failure does not stop the probe. When debugfs initialization fails, jumping to the error branch will also release regs, in addition to its own rollback operation. As a result, it may be released repeatedly during the regs uninit process. Therefore, the null check needs to be added to the regs uninit process. In the Linux kernel, the follow... • https://git.kernel.org/stable/c/eda60520cfe3aba9f088c68ebd5bcbca9fc6ac3c •
CVSS: 5.5EPSS: 0%CPEs: 8EXPL: 0CVE-2024-42145 – IB/core: Implement a limit on UMAD receive List
https://notcve.org/view.php?id=CVE-2024-42145
30 Jul 2024 — In the Linux kernel, the following vulnerability has been resolved: IB/core: Implement a limit on UMAD receive List The existing behavior of ib_umad, which maintains received MAD packets in an unbounded list, poses a risk of uncontrolled growth. As user-space applications extract packets from this list, the rate of extraction may not match the rate of incoming packets, leading to potential list overflow. To address this, we introduce a limit to the size of the list. After considering typical scenarios, such... • https://git.kernel.org/stable/c/1288cf1cceb0e6df276e182f5412370fb4169bcb •
CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 0CVE-2024-42144 – thermal/drivers/mediatek/lvts_thermal: Check NULL ptr on lvts_data
https://notcve.org/view.php?id=CVE-2024-42144
30 Jul 2024 — In the Linux kernel, the following vulnerability has been resolved: thermal/drivers/mediatek/lvts_thermal: Check NULL ptr on lvts_data Verify that lvts_data is not NULL before using it. Ubuntu Security Notice 7156-1 - Chenyuan Yang discovered that the USB Gadget subsystem in the Linux kernel did not properly check for the device to be enabled before writing. A local attacker could possibly use this to cause a denial of service. Several security issues were discovered in the Linux kernel. An attacker could p... • https://git.kernel.org/stable/c/79ef1a5593fdb8aa4dbccf6085c48f1739338bc9 •