CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 0CVE-2024-35981 – virtio_net: Do not send RSS key if it is not supported
https://notcve.org/view.php?id=CVE-2024-35981
20 May 2024 — In the Linux kernel, the following vulnerability has been resolved: virtio_net: Do not send RSS key if it is not supported There is a bug when setting the RSS options in virtio_net that can break the whole machine, getting the kernel into an infinite loop. In the Linux kernel, the following vulnerability has been resolved: virtio_net: Do not send RSS key if it is not supported There is a bug when setting the RSS options in virtio_net that can break the whole machine, getting the kernel into an... • https://git.kernel.org/stable/c/c7114b1249fa3b5f3a434606ba4cc89c4a27d618 •
CVSS: 9.4EPSS: 0%CPEs: 3EXPL: 0CVE-2024-35980 – arm64: tlb: Fix TLBI RANGE operand
https://notcve.org/view.php?id=CVE-2024-35980
20 May 2024 — In the Linux kernel, the following vulnerability has been resolved: arm64: tlb: Fix TLBI RANGE operand KVM/arm64 relies on TLBI RANGE feature to flush TLBs when the dirty pages are collected by VMM and the page table entries become write protected during live migration. In the Linux kernel, the following vulnerability has been resolved: arm64: tlb: Fix TLBI RANGE operand KVM/arm64 relies on TLBI RANGE feature to flush TLBs when the dirty pages are collected by VMM and the page table entries be... • https://git.kernel.org/stable/c/117940aa6e5f8308f1529e1313660980f1dae771 •
CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 0CVE-2024-35979 – raid1: fix use-after-free for original bio in raid1_write_request()
https://notcve.org/view.php?id=CVE-2024-35979
20 May 2024 — In the Linux kernel, the following vulnerability has been resolved: raid1: fix use-after-free for original bio in raid1_write_request() r1_bio->bios[] is used to record new bios that will be issued to underlying disks, however, in raid1_write_request(), r1_bio->bios[] will set to the original bio temporarily. In the Linux kernel, the following vulnerability has been resolved: raid1: fix use-after-free for original bio in raid1_write_request() r1_bio->bios[] is used to record new bios that will... • https://git.kernel.org/stable/c/992db13a4aee766c8bfbf046ad15c2db5fa7cab8 •
CVSS: 5.5EPSS: 0%CPEs: 8EXPL: 0CVE-2024-35978 – Bluetooth: Fix memory leak in hci_req_sync_complete()
https://notcve.org/view.php?id=CVE-2024-35978
20 May 2024 — In the Linux kernel, the following vulnerability has been resolved: Bluetooth: Fix memory leak in hci_req_sync_complete() In 'hci_req_sync_complete()', always free the previous sync request state before assigning reference to a new one. In the Linux kernel, the following vulnerability has been resolved: Bluetooth: Fix memory leak in hci_req_sync_complete() In 'hci_req_sync_complete()', always free the previous sync request state before assigning reference to a new one. En el kernel de Linux... • https://git.kernel.org/stable/c/f60cb30579d3401cab1ed36b42df5c0568ae0ba7 • CWE-401: Missing Release of Memory after Effective Lifetime •
CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 0CVE-2024-35977 – platform/chrome: cros_ec_uart: properly fix race condition
https://notcve.org/view.php?id=CVE-2024-35977
20 May 2024 — In the Linux kernel, the following vulnerability has been resolved: platform/chrome: cros_ec_uart: properly fix race condition The cros_ec_uart_probe() function calls devm_serdev_device_open() before it calls serdev_device_set_client_ops(). In the Linux kernel, the following vulnerability has been resolved: platform/chrome: cros_ec_uart: properly fix race condition The cros_ec_uart_probe() function calls devm_serdev_device_open() before it calls serdev_device_set_client_ops(). ... En el kernel... • https://git.kernel.org/stable/c/01f95d42b8f4e88f20d68791b0a85dbb9e3d1ac9 •
CVSS: 6.7EPSS: 0%CPEs: 8EXPL: 0CVE-2024-35976 – xsk: validate user input for XDP_{UMEM|COMPLETION}_FILL_RING
https://notcve.org/view.php?id=CVE-2024-35976
20 May 2024 — [1] BUG: KASAN: slab-out-of-bounds in copy_from_sockptr_offset include/linux/sockptr.h:49 [inline] BUG: KASAN: slab-out-of-bounds in copy_from_sockptr include/linux/sockptr.h:55 [inline] BUG: KASAN: slab-out-of-bounds in xsk_setsockopt+0x909/0xa40 net/xdp/xsk.c:1420 Read of size 4 at addr ffff888028c6cde3 by task syz-executor.0/7549 CPU: 0 PID: 7549 Comm: syz-executor.0 Not tainted 6.8.0-syzkaller-08951-gfe46a7dd189e #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Go... • https://git.kernel.org/stable/c/423f38329d267969130fb6f2c685f73d72687558 • CWE-787: Out-of-bounds Write •
CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 0CVE-2024-35975 – octeontx2-pf: Fix transmit scheduler resource leak
https://notcve.org/view.php?id=CVE-2024-35975
20 May 2024 — In the Linux kernel, the following vulnerability has been resolved: octeontx2-pf: Fix transmit scheduler resource leak Inorder to support shaping and scheduling, Upon class creation Netdev driver allocates trasmit schedulers. In the Linux kernel, the following vulnerability has been resolved: octeontx2-pf: Fix transmit scheduler resource leak Inorder to support shaping and scheduling, Upon class creation Netdev driver allocates trasmit schedulers. ... En el kernel de Linux, se resolvió ... • https://git.kernel.org/stable/c/47a9656f168a4b76a1e069ed8a67924ea8c1ac43 •
CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 0CVE-2024-35974 – block: fix q->blkg_list corruption during disk rebind
https://notcve.org/view.php?id=CVE-2024-35974
20 May 2024 — In the Linux kernel, the following vulnerability has been resolved: block: fix q->blkg_list corruption during disk rebind Multiple gendisk instances can allocated/added for single request queue in case of disk rebind. In the Linux kernel, the following vulnerability has been resolved: block: fix q->blkg_list corruption during disk rebind Multiple gendisk instances can allocated/added for single request queue in case of disk rebind. • https://git.kernel.org/stable/c/1059699f87eb0b3aa9d574b91a572d534897134a •
CVSS: 5.5EPSS: 0%CPEs: 10EXPL: 0CVE-2024-35973 – geneve: fix header validation in geneve[6]_xmit_skb
https://notcve.org/view.php?id=CVE-2024-35973
20 May 2024 — In the Linux kernel, the following vulnerability has been resolved: geneve: fix header validation in geneve[6]_xmit_skb syzbot is able to trigger an uninit-value in geneve_xmit() [1] Problem : While most ip tunnel helpers (like ip_tunnel_get_dsfield()) uses skb_protocol(skb, true), pskb_inet_may_pull() is only using skb->protocol. ... Use this in geneve for the moment, I suspect we need to adopt this more broadly. • https://git.kernel.org/stable/c/35385daa8db320d2d9664930c28e732578b0d7de •
CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 0CVE-2024-35972 – bnxt_en: Fix possible memory leak in bnxt_rdma_aux_device_init()
https://notcve.org/view.php?id=CVE-2024-35972
20 May 2024 — In the Linux kernel, the following vulnerability has been resolved: bnxt_en: Fix possible memory leak in bnxt_rdma_aux_device_init() If ulp = kzalloc() fails, the allocated edev will leak because it is not properly assigned and the cleanup path will not be able to free it. In the Linux kernel, the following vulnerability has been resolved: bnxt_en: Fix possible memory leak in bnxt_rdma_aux_device_init() If ulp = kzalloc() fails, the allocated edev will leak because it is not properly assigned ... • https://git.kernel.org/stable/c/30343221132430c24b468493c861f71e2bad131f • CWE-401: Missing Release of Memory after Effective Lifetime •