CVSS: 7.1EPSS: 0%CPEs: 2EXPL: 0CVE-2024-49932 – btrfs: don't readahead the relocation inode on RST
https://notcve.org/view.php?id=CVE-2024-49932
21 Oct 2024 — In the Linux kernel, the following vulnerability has been resolved: btrfs: don't readahead the relocation inode on RST On relocation we're doing readahead on the relocation inode, but if the filesystem is backed by a RAID stripe tree we can get ENOENT (e.g. due to preallocated extents not being mapped in the RST) from the lookup. But readahead doesn't handle the error and submits invalid reads to the device, causing an assertion in the scatter-gather list code: BTRFS info (device nvme1n1): balance: start -d... • https://git.kernel.org/stable/c/f7a1218a983ab98aba140dc20b25f60b39ee4033 •
CVSS: 5.5EPSS: 0%CPEs: 6EXPL: 0CVE-2024-49927 – x86/ioapic: Handle allocation failures gracefully
https://notcve.org/view.php?id=CVE-2024-49927
21 Oct 2024 — In the Linux kernel, the following vulnerability has been resolved: x86/ioapic: Handle allocation failures gracefully Breno observed panics when using failslab under certain conditions during runtime: can not alloc irq_pin_list (-1,0,20) Kernel panic - not syncing: IO-APIC: failed to add irq-pin. Can not proceed panic+0x4e9/0x590 mp_irqdomain_alloc+0x9ab/0xa80 irq_domain_alloc_irqs_locked+0x25d/0x8d0 __irq_domain_alloc_irqs+0x80/0x110 mp_map_pin_to_irq+0x645/0x890 acpi_register_gsi_ioapic+0xe6/0x150 hpet_op... • https://git.kernel.org/stable/c/e479cb835feeb2abff97f25766e23b96a6eabe28 • CWE-703: Improper Check or Handling of Exceptional Conditions •
CVSS: 5.5EPSS: 0%CPEs: 4EXPL: 0CVE-2024-49926 – rcu-tasks: Fix access non-existent percpu rtpcp variable in rcu_tasks_need_gpcb()
https://notcve.org/view.php?id=CVE-2024-49926
21 Oct 2024 — In the Linux kernel, the following vulnerability has been resolved: rcu-tasks: Fix access non-existent percpu rtpcp variable in rcu_tasks_need_gpcb() For kernels built with CONFIG_FORCE_NR_CPUS=y, the nr_cpu_ids is defined as NR_CPUS instead of the number of possible cpus, this will cause the following system panic: smpboot: Allowing 4 CPUs, 0 hotplug CPUs ... setup_percpu: NR_CPUS:512 nr_cpumask_bits:512 nr_cpu_ids:512 nr_node_ids:1 ... BUG: unable to handle page fault for address: ffffffff9911c8c8 Oops: 0... • https://git.kernel.org/stable/c/b3b2431ed27f4ebc28e26cdf005c1de42dc60bdf •
CVSS: 7.2EPSS: 0%CPEs: 9EXPL: 0CVE-2024-49924 – fbdev: pxafb: Fix possible use after free in pxafb_task()
https://notcve.org/view.php?id=CVE-2024-49924
21 Oct 2024 — In the Linux kernel, the following vulnerability has been resolved: fbdev: pxafb: Fix possible use after free in pxafb_task() In the pxafb_probe function, it calls the pxafb_init_fbinfo function, after which &fbi->task is associated with pxafb_task. Moreover, within this pxafb_init_fbinfo function, the pxafb_blank function within the &pxafb_ops struct is capable of scheduling work. If we remove the module which will call pxafb_remove to make cleanup, it will call unregister_framebuffer function which can ca... • https://git.kernel.org/stable/c/e657fa2df4429f3805a9b3e47fb1a4a1b02a72bd •
CVSS: 5.5EPSS: 0%CPEs: 4EXPL: 0CVE-2024-49923 – drm/amd/display: Pass non-null to dcn20_validate_apply_pipe_split_flags
https://notcve.org/view.php?id=CVE-2024-49923
21 Oct 2024 — In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Pass non-null to dcn20_validate_apply_pipe_split_flags [WHAT & HOW] "dcn20_validate_apply_pipe_split_flags" dereferences merge, and thus it cannot be a null pointer. Let's pass a valid pointer to avoid null dereference. This fixes 2 FORWARD_NULL issues reported by Coverity. In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Pass non-null to dcn20_validate_apply_pipe_split_flags [WHAT & HOW]... • https://git.kernel.org/stable/c/39a580cd15397e102aaec25986ae5acf492f8930 •
CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 0CVE-2024-49922 – drm/amd/display: Check null pointers before using them
https://notcve.org/view.php?id=CVE-2024-49922
21 Oct 2024 — In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Check null pointers before using them [WHAT & HOW] These pointers are null checked previously in the same function, indicating they might be null as reported by Coverity. As a result, they need to be checked when used again. This fixes 3 FORWARD_NULL issue reported by Coverity. In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Check null pointers before using them [WHAT & HOW] These pointe... • https://git.kernel.org/stable/c/65e1d2c291553ef3f433a0b7109cc3002a5f40ae •
CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 0CVE-2024-49921 – drm/amd/display: Check null pointers before used
https://notcve.org/view.php?id=CVE-2024-49921
21 Oct 2024 — In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Check null pointers before used [WHAT & HOW] Poniters, such as dc->clk_mgr, are null checked previously in the same function, so Coverity warns "implies that "dc->clk_mgr" might be null". As a result, these pointers need to be checked when used again. This fixes 10 FORWARD_NULL issues reported by Coverity. In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Check null pointers before used [W... • https://git.kernel.org/stable/c/5b35bf1a82eb29841b67ff5643ba83762250fc24 •
CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 0CVE-2024-49920 – drm/amd/display: Check null pointers before multiple uses
https://notcve.org/view.php?id=CVE-2024-49920
21 Oct 2024 — In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Check null pointers before multiple uses [WHAT & HOW] Poniters, such as stream_enc and dc->bw_vbios, are null checked previously in the same function, so Coverity warns "implies that stream_enc and dc->bw_vbios might be null". They are used multiple times in the subsequent code and need to be checked. This fixes 10 FORWARD_NULL issues reported by Coverity. In the Linux kernel, the following vulnerability has been resolved: ... • https://git.kernel.org/stable/c/26787fb6c2b2ee0d1a7e1574b36f4711ae40fe27 •
CVSS: 5.5EPSS: 0%CPEs: 4EXPL: 0CVE-2024-49919 – drm/amd/display: Add null check for head_pipe in dcn201_acquire_free_pipe_for_layer
https://notcve.org/view.php?id=CVE-2024-49919
21 Oct 2024 — In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Add null check for head_pipe in dcn201_acquire_free_pipe_for_layer This commit addresses a potential null pointer dereference issue in the `dcn201_acquire_free_pipe_for_layer` function. The issue could occur when `head_pipe` is null. The fix adds a check to ensure `head_pipe` is not null before asserting it. If `head_pipe` is null, the function returns NULL to prevent a potential null pointer dereference. Reported by smatch... • https://git.kernel.org/stable/c/16ce8fd94da8599bb6f0496895d392a69aead1c0 •
CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 0CVE-2024-49918 – drm/amd/display: Add null check for head_pipe in dcn32_acquire_idle_pipe_for_head_pipe_in_layer
https://notcve.org/view.php?id=CVE-2024-49918
21 Oct 2024 — In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Add null check for head_pipe in dcn32_acquire_idle_pipe_for_head_pipe_in_layer This commit addresses a potential null pointer dereference issue in the `dcn32_acquire_idle_pipe_for_head_pipe_in_layer` function. The issue could occur when `head_pipe` is null. The fix adds a check to ensure `head_pipe` is not null before asserting it. If `head_pipe` is null, the function returns NULL to prevent a potential null pointer derefer... • https://git.kernel.org/stable/c/4f47292f488fa7041284dca1f1244116c18721f1 •