CVSS: -EPSS: 0%CPEs: 4EXPL: 0CVE-2024-44959 – tracefs: Use generic inode RCU for synchronizing freeing
https://notcve.org/view.php?id=CVE-2024-44959
In the Linux kernel, the following vulnerability has been resolved: tracefs: Use generic inode RCU for synchronizing freeing With structure layout randomization enabled for 'struct inode' we need to avoid overlapping any of the RCU-used / initialized-only-once members, e.g. i_lru or i_sb_list to not corrupt related list traversals when making use of the rcu_head. For an unlucky structure layout of 'struct inode' we may end up with the following splat when running the ftrace selftests: [<...>] list_del corruption, ffff888103ee2cb0->next (tracefs_inode_cache+0x0/0x4e0 [slab object]) is NULL (prev is tracefs_inode_cache+0x78/0x4e0 [slab object]) [<...>] ------------[ cut here ]------------ [<...>] kernel BUG at lib/list_debug.c:54! • https://git.kernel.org/stable/c/5f91fc82794d4a6e41cdcd02d00baa377d94ca78 https://git.kernel.org/stable/c/baa23a8d4360d981a49913841a726edede5cdd54 https://git.kernel.org/stable/c/414fb08628143203d29ccd0264b5a83fb9523c03 https://git.kernel.org/stable/c/726f4c241e17be75a9cf6870d80cd7479dc89e8f https://git.kernel.org/stable/c/061da60716ce0cde99f62f31937b81e1c03acef6 https://git.kernel.org/stable/c/0b6743bd60a56a701070b89fb80c327a44b7b3e2 •
CVSS: -EPSS: 0%CPEs: 7EXPL: 0CVE-2024-44958 – sched/smt: Fix unbalance sched_smt_present dec/inc
https://notcve.org/view.php?id=CVE-2024-44958
In the Linux kernel, the following vulnerability has been resolved: sched/smt: Fix unbalance sched_smt_present dec/inc I got the following warn report while doing stress test: jump label: negative count! • https://git.kernel.org/stable/c/c5511d03ec090980732e929c318a7a6374b5550e https://git.kernel.org/stable/c/01659361c63fdc91c0af239d08cdd211d590a656 https://git.kernel.org/stable/c/a2c094816f894b7a265851fad858e994fa0f78b3 https://git.kernel.org/stable/c/2a3548c7ef2e135aee40e7e5e44e7d11b893e7c4 https://git.kernel.org/stable/c/2cf7665efe451e48d27953e6b5bc627d518c902b https://git.kernel.org/stable/c/65727331b60197b742089855ac09464c22b96f66 https://git.kernel.org/stable/c/d0c87a3c6be10a57aa3463c32c3fc6b2a47c3dab https://git.kernel.org/stable/c/e22f910a26cc2a3ac9c66b8e935ef2a7d •
CVSS: -EPSS: 0%CPEs: 3EXPL: 0CVE-2024-44957 – xen: privcmd: Switch from mutex to spinlock for irqfds
https://notcve.org/view.php?id=CVE-2024-44957
In the Linux kernel, the following vulnerability has been resolved: xen: privcmd: Switch from mutex to spinlock for irqfds irqfd_wakeup() gets EPOLLHUP, when it is called by eventfd_release() by way of wake_up_poll(&ctx->wqh, EPOLLHUP), which gets called under spin_lock_irqsave(). • https://git.kernel.org/stable/c/c2775ae4d9227729f8ca9ee2a068f62a00d5ea9c https://git.kernel.org/stable/c/49f2a5da6785b2dbde93e291cae037662440346e https://git.kernel.org/stable/c/1c682593096a487fd9aebc079a307ff7a6d054a3 •
CVSS: -EPSS: 0%CPEs: 2EXPL: 0CVE-2024-44956 – drm/xe/preempt_fence: enlarge the fence critical section
https://notcve.org/view.php?id=CVE-2024-44956
In the Linux kernel, the following vulnerability has been resolved: drm/xe/preempt_fence: enlarge the fence critical section It is really easy to introduce subtle deadlocks in preempt_fence_work_func() since we operate on single global ordered-wq for signalling our preempt fences behind the scenes, so even though we signal a particular fence, everything in the callback should be in the fence critical section, since blocking in the callback will prevent other published fences from signalling. • https://git.kernel.org/stable/c/458bb83119dfee5d14c677f7846dd9363817006f https://git.kernel.org/stable/c/3cd1585e57908b6efcd967465ef7685f40b2a294 •
CVSS: -EPSS: 0%CPEs: 2EXPL: 0CVE-2024-44955 – drm/amd/display: Don't refer to dc_sink in is_dsc_need_re_compute
https://notcve.org/view.php?id=CVE-2024-44955
In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Don't refer to dc_sink in is_dsc_need_re_compute [Why] When unplug one of monitors connected after mst hub, encounter null pointer dereference. It's due to dc_sink get released immediately in early_unregister() or detect_ctx(). • https://git.kernel.org/stable/c/39b217193729aa45eded8de24d9245468a0c0263 https://git.kernel.org/stable/c/fcf6a49d79923a234844b8efe830a61f3f0584e4 •