
CVE-2024-36971 – Android Kernel Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2024-36971
10 Jun 2024 — In the Linux kernel, the following vulnerability has been resolved: net: fix __dst_negative_advice() race __dst_negative_advice() does not enforce proper RCU rules when sk->dst_cache must be cleared, leading to possible UAF. In the Linux kernel, the following vulnerability has been resolved: net: fix __dst_negative_advice() race __dst_negative_advice() does not enforce proper RCU rules when sk->dst_cache must be cleared, leading to possible UAF. ... A use-after-free flaw was found in the Li... • https://git.kernel.org/stable/c/a87cb3e48ee86d29868d3f59cfb9ce1a8fa63314 • CWE-416: Use After Free •

CVE-2024-36970 – wifi: iwlwifi: Use request_module_nowait
https://notcve.org/view.php?id=CVE-2024-36970
08 Jun 2024 — In the Linux kernel, the following vulnerability has been resolved: wifi: iwlwifi: Use request_module_nowait This appears to work around a deadlock regression that came in with the LED merge in 6.9. ... [also remove unnecessary "load_module" var and now-wrong comment] En el kernel de Linux, se resolvió la siguiente vulnerabilidad: wifi: iwlwifi: use request_module_nowait Esto parece solucionar una regresión de punto muerto que apareció con la combinación de LED en 6.9. ... [elimine también la ... • https://git.kernel.org/stable/c/f5c31bcf604db54470868f3118a60dc4a9ba8813 •

CVE-2024-36969 – drm/amd/display: Fix division by zero in setup_dsc_config
https://notcve.org/view.php?id=CVE-2024-36969
08 Jun 2024 — In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Fix division by zero in setup_dsc_config When slice_height is 0, the division by slice_height in the calculation of the number of slices will cause a division by zero driver crash. In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Fix division by zero in setup_dsc_config When slice_height is 0, the division by slice_height in the calculation of the number of slices will cause... • https://git.kernel.org/stable/c/4562236b3bc0a28aeb6ee93b2d8a849a4c4e1c7c • CWE-369: Divide By Zero •

CVE-2024-36968 – Bluetooth: L2CAP: Fix div-by-zero in l2cap_le_flowctl_init()
https://notcve.org/view.php?id=CVE-2024-36968
08 Jun 2024 — In the Linux kernel, the following vulnerability has been resolved: Bluetooth: L2CAP: Fix div-by-zero in l2cap_le_flowctl_init() l2cap_le_flowctl_init() can cause both div-by-zero and an integer overflow since hdev->le_mtu may not fall in the valid range. In the Linux kernel, the following vulnerability has been resolved: Bluetooth: L2CAP: Fix div-by-zero in l2cap_le_flowctl_init() l2cap_le_flowctl_init() can cause both div-by-zero and an integer overflow since hdev->le_mtu may not fall in the... • https://git.kernel.org/stable/c/6ed58ec520ad2b2fe3f955c8a5fd0eecafccebdf • CWE-190: Integer Overflow or Wraparound CWE-369: Divide By Zero •

CVE-2024-36967 – KEYS: trusted: Fix memory leak in tpm2_key_encode()
https://notcve.org/view.php?id=CVE-2024-36967
08 Jun 2024 — In the Linux kernel, the following vulnerability has been resolved: KEYS: trusted: Fix memory leak in tpm2_key_encode() 'scratch' is never freed. In the Linux kernel, the following vulnerability has been resolved: KEYS: trusted: Fix memory leak in tpm2_key_encode() 'scratch' is never freed. ... En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: KEYS: confiable: corrige la pérdida de memoria en tpm2_key_encode() 'scratch' nunca se libera. ... • https://git.kernel.org/stable/c/f2219745250f388edacabe6cca73654131c67d0a • CWE-401: Missing Release of Memory after Effective Lifetime •

CVE-2024-36966 – erofs: reliably distinguish block based and fscache mode
https://notcve.org/view.php?id=CVE-2024-36966
08 Jun 2024 — In the Linux kernel, the following vulnerability has been resolved: erofs: reliably distinguish block based and fscache mode When erofs_kill_sb() is called in block dev based mode, s_bdev may not have been initialised yet, and if CONFIG_EROFS_FS_ONDEMAND is enabled, it will be mistaken for fscache mode, and then attempt to free an anon_dev that has never been allocated, triggering the following warning: ============================================ ida_free called for id=0 which is not allocated. In t... • https://git.kernel.org/stable/c/aca740cecbe57b12bd9c1fc632092af5ebacda0c •

CVE-2024-36965 – remoteproc: mediatek: Make sure IPI buffer fits in L2TCM
https://notcve.org/view.php?id=CVE-2024-36965
08 Jun 2024 — In the Linux kernel, the following vulnerability has been resolved: remoteproc: mediatek: Make sure IPI buffer fits in L2TCM The IPI buffer location is read from the firmware that we load to the System Companion Processor, and it's not granted that both the SRAM (L2TCM) size that is defined in the devicetree node is large enough for that, and while this is especially true for multi-core SCP, it's still useful to check on single-core variants as well. In the Linux kernel, the following vulnerab... • https://git.kernel.org/stable/c/3efa0ea743b77d1611501f7d8b4f320d032d73ae •

CVE-2024-5629 – Out-of-bounds read in bson module of PyMongo
https://notcve.org/view.php?id=CVE-2024-5629
05 Jun 2024 — An out-of-bounds read in the 'bson' module of PyMongo 4.6.2 or earlier allows deserialization of malformed BSON provided by a Server to raise an exception which may contain arbitrary application memory. Una lectura fuera de los límites en el módulo 'bson' de PyMongo 4.6.2 o anterior permite la deserialización de BSON mal formado proporcionado por un servidor para generar una excepción que puede contener memoria de aplicación arbitraria. A flaw was found in the bson module contained in the python-pymongo pac... • https://jira.mongodb.org/browse/PYTHON-4305 • CWE-125: Out-of-bounds Read •

CVE-2024-36964 – fs/9p: only translate RWX permissions for plain 9P2000
https://notcve.org/view.php?id=CVE-2024-36964
03 Jun 2024 — In the Linux kernel, the following vulnerability has been resolved: fs/9p: only translate RWX permissions for plain 9P2000 Garbage in plain 9P2000's perm bits is allowed through, which causes it to be able to set (among others) the suid bit. In the Linux kernel, the following vulnerability has been resolved: fs/9p: only translate RWX permissions for plain 9P2000 Garbage in plain 9P2000's perm bits is allowed through, which causes it to be able to set (among others) the suid bit. ... En el kern... • https://git.kernel.org/stable/c/e90bc596a74bb905e0a45bf346038c3f9d1e868d •

CVE-2024-36963 – tracefs: Reset permissions on remount if permissions are options
https://notcve.org/view.php?id=CVE-2024-36963
03 Jun 2024 — In the Linux kernel, the following vulnerability has been resolved: tracefs: Reset permissions on remount if permissions are options There's an inconsistency with the way permissions are handled in tracefs. In the Linux kernel, the following vulnerability has been resolved: tracefs: Reset permissions on remount if permissions are options There's an inconsistency with the way permissions are handled in tracefs. • https://git.kernel.org/stable/c/628adb842bd5e1c2c598534a7a022b8235289de6 • CWE-863: Incorrect Authorization •