CVE-2024-53077 – rpcrdma: Always release the rpcrdma_device's xa_array
https://notcve.org/view.php?id=CVE-2024-53077
In the Linux kernel, the following vulnerability has been resolved: rpcrdma: Always release the rpcrdma_device's xa_array Dai pointed out that the xa_init_flags() in rpcrdma_add_one() needs to have a matching xa_destroy() in rpcrdma_remove_one() to release underlying memory that the xarray might have accrued during operation. • https://git.kernel.org/stable/c/7e86845a0346efc95fddaa97ce5cd6a8bda8c71c https://git.kernel.org/stable/c/36b7f5a4f300d038270324640ff7c1399245159d https://git.kernel.org/stable/c/63a81588cd2025e75fbaf30b65930b76825c456f •
CVE-2024-53076 – iio: gts-helper: Fix memory leaks for the error path of iio_gts_build_avail_scale_table()
https://notcve.org/view.php?id=CVE-2024-53076
In the Linux kernel, the following vulnerability has been resolved: iio: gts-helper: Fix memory leaks for the error path of iio_gts_build_avail_scale_table() If per_time_scales[i] or per_time_gains[i] kcalloc fails in the for loop of iio_gts_build_avail_scale_table(), the err_free_out will fail to call kfree() each time when i is reduced to 0, so all the per_time_scales[0] and per_time_gains[0] will not be freed, which will cause memory leaks. Fix it by checking if i >= 0. • https://git.kernel.org/stable/c/38416c28e16890b52fdd5eb73479299ec3f062f3 https://git.kernel.org/stable/c/62c11896683129790b8f5ab6eb7e695818b0b723 https://git.kernel.org/stable/c/b304362ce836968b803e5d4c5f84dcb51a7bf0f2 https://git.kernel.org/stable/c/369f05688911b05216cfcd6ca74473bec87948d7 •
CVE-2024-53075 – riscv: Prevent a bad reference count on CPU nodes
https://notcve.org/view.php?id=CVE-2024-53075
In the Linux kernel, the following vulnerability has been resolved: riscv: Prevent a bad reference count on CPU nodes When populating cache leaves we previously fetched the CPU device node at the very beginning. But when ACPI is enabled we go through a specific branch which returns early and does not call 'of_node_put' for the node that was acquired. Since we are not using a CPU device node for the ACPI code anyways, we can simply move the initialization of it just passed the ACPI block, and we are guaranteed to have an 'of_node_put' call for the acquired node. This prevents a bad reference count of the CPU device node. Moreover, the previous function did not check for errors when acquiring the device node, so a return -ENOENT has been added for that case. • https://git.kernel.org/stable/c/604f32ea6909b0ebb8ab0bf1ab7dc66ee3dc8955 https://git.kernel.org/stable/c/303846a3dc275e35fbb556d72f1e356ba669e4f8 https://git.kernel.org/stable/c/37233169a6ea912020c572f870075a63293b786a •
CVE-2024-53074 – wifi: iwlwifi: mvm: don't leak a link on AP removal
https://notcve.org/view.php?id=CVE-2024-53074
In the Linux kernel, the following vulnerability has been resolved: wifi: iwlwifi: mvm: don't leak a link on AP removal Release the link mapping resource in AP removal. This impacted devices that do not support the MLD API (9260 and down). On those devices, we couldn't start the AP again after the AP has been already started and stopped. • https://git.kernel.org/stable/c/a8b5d4809b503da668966a8187b9872e6c85291c https://git.kernel.org/stable/c/70ddf9ce1894c48dbbf10b0de51a95e4fb3dd376 https://git.kernel.org/stable/c/3ed092997a004d68a3a5b0eeb94e71b69839d0f7 •
CVE-2024-53073 – NFSD: Never decrement pending_async_copies on error
https://notcve.org/view.php?id=CVE-2024-53073
In the Linux kernel, the following vulnerability has been resolved: NFSD: Never decrement pending_async_copies on error The error flow in nfsd4_copy() calls cleanup_async_copy(), which already decrements nn->pending_async_copies. • https://git.kernel.org/stable/c/6a488ad7745b8f64625c6d3a24ce7e448e83f11b https://git.kernel.org/stable/c/b4e21431a0db4854b5023cd5af001be557e6c3db https://git.kernel.org/stable/c/1421883aa30c5d26bc3370e2d19cb350f0d5ca28 https://git.kernel.org/stable/c/8286f8b622990194207df9ab852e0f87c60d35e9 •