CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2024-53071 – drm/panthor: Be stricter about IO mapping flags
https://notcve.org/view.php?id=CVE-2024-53071
19 Nov 2024 — In the Linux kernel, the following vulnerability has been resolved: drm/panthor: Be stricter about IO mapping flags The current panthor_device_mmap_io() implementation has two issues: 1. ... This is a classic Linux driver gotcha. ... In the Linux kernel, the following vulnerability has been resolved: drm/panthor: Be stricter about IO mapping flags The current panthor_device_mmap_io() implementation has two issues: 1. ... This is a classic Linux driver gotcha. • https://git.kernel.org/stable/c/5fe909cae118a757a77afb37174b99436a36d2e2 •
CVSS: 5.5EPSS: 0%CPEs: 4EXPL: 0CVE-2024-53070 – usb: dwc3: fix fault at system suspend if device was already runtime suspended
https://notcve.org/view.php?id=CVE-2024-53070
19 Nov 2024 — In the Linux kernel, the following vulnerability has been resolved: usb: dwc3: fix fault at system suspend if device was already runtime suspended If the device was already runtime suspended then during system suspend we cannot access the device registers else it will crash. In the Linux kernel, the following vulnerability has been resolved: usb: dwc3: fix fault at system suspend if device was already runtime suspended If the device was already runtime suspended then during system suspend we c... • https://git.kernel.org/stable/c/073530898ebf44a9418434e899cfa9ca86945333 •
CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 0CVE-2024-53069 – firmware: qcom: scm: fix a NULL-pointer dereference
https://notcve.org/view.php?id=CVE-2024-53069
19 Nov 2024 — In the Linux kernel, the following vulnerability has been resolved: firmware: qcom: scm: fix a NULL-pointer dereference Some SCM calls can be invoked with __scm being NULL (the driver may not have been and will not be probed as there's no SCM entry in device-tree). In the Linux kernel, the following vulnerability has been resolved: firmware: qcom: scm: fix a NULL-pointer dereference Some SCM calls can be invoked with __scm being NULL (the driver may not have been and will not be probed as ther... • https://git.kernel.org/stable/c/449d0d84bcd8246b508d07995326d13c54488b8c •
CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 0CVE-2024-53068 – firmware: arm_scmi: Fix slab-use-after-free in scmi_bus_notifier()
https://notcve.org/view.php?id=CVE-2024-53068
19 Nov 2024 — SA8775P Ride (DT) | Call trace: | dump_backtrace+0x94/0x114 | show_stack+0x18/0x24 | dump_stack_lvl+0x48/0x60 | print_report+0xf4/0x5b0 | kasan_report+0xa4/0xec | __asan_report_load1_noabort+0x20/0x2c | strncmp+0xe4/0xec | scmi_bus_notifier+0x5c/0x54c | notifier_call_chain+0xb4/0x31c | blocking_notifier_call_chain+0x68/0x9c | bus_notify+0x54/0x78 | device_del+0x1bc/0x840 | device_unregister+0x20/0xb4 | __scmi_device_destroy+0xac/0x280 | scmi_device_destroy+0x94/0xd0 | scmi_chan_setup+0x524/0x750 | scmi_prob... • https://git.kernel.org/stable/c/ee7a9c9f67c59008b330deff2762bd8cf1407eec •
CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 0CVE-2024-53067 – scsi: ufs: core: Start the RTC update work later
https://notcve.org/view.php?id=CVE-2024-53067
19 Nov 2024 — This patch fixes the following kernel crash: Internal error: Oops: 0000000096000006 [#1] PREEMPT SMP Workqueue: events ufshcd_rtc_work Call trace: _raw_spin_lock_irqsave+0x34/0x8c (P) pm_runtime_get_if_active+0x24/0x9c (L) pm_runtime_get_if_active+0x24/0x9c ufshcd_rtc_work+0x138/0x1b4 process_one_work+0x148/0x288 worker_thread+0x2cc/0x3d4 kthread+0x110/0x114 ret_from_fork+0x10/0x20 In the Linux kernel, the following vulnerability has been resolved: scsi: ufs: core: Start the RTC update work later The... • https://git.kernel.org/stable/c/6bf999e0eb41850d5c857102535d5c53b2ede224 •
CVSS: 5.5EPSS: 0%CPEs: 8EXPL: 0CVE-2024-53066 – nfs: Fix KMSAN warning in decode_getfattr_attrs()
https://notcve.org/view.php?id=CVE-2024-53066
19 Nov 2024 — In the Linux kernel, the following vulnerability has been resolved: nfs: Fix KMSAN warning in decode_getfattr_attrs() Fix the following KMSAN warning: CPU: 1 UID: 0 PID: 7651 Comm: cp Tainted: G B Tainted: [B]=BAD_PAGE Hardware name: QEMU Standard PC (Q35 + ICH9, 2009) ===================================================== ===================================================== BUG: KMSAN: uninit-value in decode_getfattr_attrs+0x2d6d/0x2f90 decode_getfattr_attrs+0x2d6d/0x2f90 decode_getfattr_generic+0x8... • https://git.kernel.org/stable/c/88034c3d88c2c48b215f2cc5eb22e564aa817f9c •
CVSS: 6.6EPSS: 0%CPEs: 2EXPL: 0CVE-2024-53065 – mm/slab: fix warning caused by duplicate kmem_cache creation in kmem_buckets_create
https://notcve.org/view.php?id=CVE-2024-53065
19 Nov 2024 — In the Linux kernel, the following vulnerability has been resolved: mm/slab: fix warning caused by duplicate kmem_cache creation in kmem_buckets_create Commit b035f5a6d852 ("mm: slab: reduce the kmalloc() minimum alignment if DMA bouncing possible") reduced ARCH_KMALLOC_MINALIGN to 8 on arm64. However, with KASAN_HW_TAGS enabled, arch_slab_minalign() becomes 16. • https://git.kernel.org/stable/c/b32801d1255be1da62ea8134df3ed9f3331fba12 •
CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 0CVE-2024-53064 – idpf: fix idpf_vc_core_init error path
https://notcve.org/view.php?id=CVE-2024-53064
19 Nov 2024 — In the Linux kernel, the following vulnerability has been resolved: idpf: fix idpf_vc_core_init error path In an event where the platform running the device control plane is rebooted, reset is detected on the driver. ... In the Linux kernel, the following vulnerability has been resolved: idpf: fix idpf_vc_core_init error path In an event where the platform running the device control plane is rebooted, reset is detected on the driver. • https://git.kernel.org/stable/c/4930fbf419a72d7477426fd883bfc37e20a61a6e •
CVSS: 7.1EPSS: 0%CPEs: 8EXPL: 0CVE-2024-53063 – media: dvbdev: prevent the risk of out of memory access
https://notcve.org/view.php?id=CVE-2024-53063
19 Nov 2024 — In the Linux kernel, the following vulnerability has been resolved: media: dvbdev: prevent the risk of out of memory access The dvbdev contains a static variable used to store dvb minors. In the Linux kernel, the following vulnerability has been resolved: media: dvbdev: prevent the risk of out of memory access The dvbdev contains a static variable used to store dvb minors. ... • https://git.kernel.org/stable/c/5dd3f3071070f5a306bdf8d474c80062f5691cba •
CVSS: 7.1EPSS: 0%CPEs: 2EXPL: 0CVE-2024-53062 – media: mgb4: protect driver against spectre
https://notcve.org/view.php?id=CVE-2024-53062
19 Nov 2024 — In the Linux kernel, the following vulnerability has been resolved: media: mgb4: protect driver against spectre Frequency range is set from sysfs via frequency_range_store(), being vulnerable to spectre, as reported by smatch: drivers/media/pci/mgb4/mgb4_cmt.c:231 mgb4_cmt_set_vin_freq_range() warn: potential spectre issue 'cmt_vals_in' [r] drivers/media/pci/mgb4/mgb4_cmt.c:238 mgb4_cmt_set_vin_freq_range() warn: possible spectre second half. In the Linux kernel, the following vulnerability ha... • https://git.kernel.org/stable/c/0ab13674a9bd10514486cf1670d71dbd8afec421 •