CVSS: 4.4EPSS: 0%CPEs: 5EXPL: 0CVE-2024-36952 – scsi: lpfc: Move NPIV's transport unregistration to after resource clean up
https://notcve.org/view.php?id=CVE-2024-36952
In the Linux kernel, the following vulnerability has been resolved: scsi: lpfc: Move NPIV's transport unregistration to after resource clean up There are cases after NPIV deletion where the fabric switch still believes the NPIV is logged into the fabric. This occurs when a vport is unregistered before the Remove All DA_ID CT and LOGO ELS are sent to the fabric. Currently fc_remove_host(), which calls dev_loss_tmo for all D_IDs including the fabric D_ID, removes the last ndlp reference and frees the ndlp rport object. This sometimes causes the race condition where the final DA_ID and LOGO are skipped from being sent to the fabric switch. Fix by moving the fc_remove_host() and scsi_remove_host() calls after DA_ID and LOGO are sent. En el kernel de Linux, se resolvió la siguiente vulnerabilidad: scsi: lpfc: Mover la anulación del registro de transporte de NPIV a después de la limpieza de recursos. Hay casos después de la eliminación de NPIV en los que el conmutador de tejido todavía cree que el NPIV está registrado en el tejido. • https://git.kernel.org/stable/c/f2c7f029051edc4b394bb48edbe2297575abefe0 https://git.kernel.org/stable/c/0936809d968ecf81e0726fbd02ff2a5732d960c3 https://git.kernel.org/stable/c/76337eb8daee32bcc67742efab3168ed4ca299d0 https://git.kernel.org/stable/c/718602cd15f4c5710850090ea3066a89eeb46278 https://git.kernel.org/stable/c/4ddf01f2f1504fa08b766e8cfeec558e9f8eef6c https://access.redhat.com/security/cve/CVE-2024-36952 https://bugzilla.redhat.com/show_bug.cgi?id=2284598 • CWE-459: Incomplete Cleanup •
CVSS: -EPSS: 0%CPEs: 3EXPL: 0CVE-2024-36951 – drm/amdkfd: range check cp bad op exception interrupts
https://notcve.org/view.php?id=CVE-2024-36951
In the Linux kernel, the following vulnerability has been resolved: drm/amdkfd: range check cp bad op exception interrupts Due to a CP interrupt bug, bad packet garbage exception codes are raised. Do a range check so that the debugger and runtime do not receive garbage codes. Update the user api to guard exception code type checking as well. En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: drm/amdkfd: interrupciones de excepción de operación incorrecta de cp de verificación de rango debido a un error de interrupción de CP, se generan códigos de excepción de basura de paquetes incorrectos. Realice una verificación de rango para que el depurador y el tiempo de ejecución no reciban códigos basura. Actualice la API del usuario para proteger también la verificación del tipo de código de excepción. • https://git.kernel.org/stable/c/41dc6791596656dd41100b85647ed489e1d5c2f2 https://git.kernel.org/stable/c/b6735bfe941486c5dfc9c3085d2d75d4923f9449 https://git.kernel.org/stable/c/0cac183b98d8a8c692c98e8dba37df15a9e9210d •
CVSS: 4.4EPSS: 0%CPEs: 8EXPL: 0CVE-2024-36950 – firewire: ohci: mask bus reset interrupts between ISR and bottom half
https://notcve.org/view.php?id=CVE-2024-36950
In the Linux kernel, the following vulnerability has been resolved: firewire: ohci: mask bus reset interrupts between ISR and bottom half In the FireWire OHCI interrupt handler, if a bus reset interrupt has occurred, mask bus reset interrupts until bus_reset_work has serviced and cleared the interrupt. Normally, we always leave bus reset interrupts masked. We infer the bus reset from the self-ID interrupt that happens shortly thereafter. A scenario where we unmask bus reset interrupts was introduced in 2008 in a007bb857e0b26f5d8b73c2ff90782d9c0972620: If OHCI_PARAM_DEBUG_BUSRESETS (8) is set in the debug parameter bitmask, we will unmask bus reset interrupts so we can log them. irq_handler logs the bus reset interrupt. However, we can't clear the bus reset event flag in irq_handler, because we won't service the event until later. irq_handler exits with the event flag still set. If the corresponding interrupt is still unmasked, the first bus reset will usually freeze the system due to irq_handler being called again each time it exits. • https://git.kernel.org/stable/c/b3948c69d60279fce5b2eeda92a07d66296c8130 https://git.kernel.org/stable/c/31279bbca40d2f40cb3bbb6d538ec9620a645dec https://git.kernel.org/stable/c/fa273f312334246c909475c5868e6daab889cc8c https://git.kernel.org/stable/c/4f9cc355c328fc4f41cbd9c4cd58b235184fa420 https://git.kernel.org/stable/c/6fafe3661712b143d9c69a7322294bd53f559d5d https://git.kernel.org/stable/c/5982887de60c1b84f9c0ca07c835814d07fd1da0 https://git.kernel.org/stable/c/8643332aac0576581cfdf01798ea3e4e0d624b61 https://git.kernel.org/stable/c/752e3c53de0fa3b7d817a83050b6699b8 • CWE-99: Improper Control of Resource Identifiers ('Resource Injection') •
CVSS: -EPSS: 0%CPEs: 3EXPL: 0CVE-2024-36949 – amd/amdkfd: sync all devices to wait all processes being evicted
https://notcve.org/view.php?id=CVE-2024-36949
In the Linux kernel, the following vulnerability has been resolved: amd/amdkfd: sync all devices to wait all processes being evicted If there are more than one device doing reset in parallel, the first device will call kfd_suspend_all_processes() to evict all processes on all devices, this call takes time to finish. other device will start reset and recover without waiting. if the process has not been evicted before doing recover, it will be restored, then caused page fault. En el kernel de Linux, se resolvió la siguiente vulnerabilidad: amd/amdkfd: sincroniza todos los dispositivos para esperar a que se desalojen todos los procesos. Si hay más de un dispositivo reiniciando en paralelo, el primer dispositivo llamará a kfd_suspend_all_processes() para desalojar todos los procesos en todos los dispositivos, esta llamada tarda un tiempo en finalizar. El otro dispositivo comenzará a restablecerse y recuperarse sin esperar. Si el proceso no ha sido desalojado antes de realizar la recuperación, se restaurará y luego provocará un error de página. • https://git.kernel.org/stable/c/b6f6626528fe724b512c34f3fb5946c36a135f58 https://git.kernel.org/stable/c/ed28ef3840bbf93a64376ea7814ce39f86352e14 https://git.kernel.org/stable/c/d06af584be5a769d124b7302b32a033e9559761d •
CVSS: -EPSS: 0%CPEs: 2EXPL: 0CVE-2024-36948 – drm/xe/xe_migrate: Cast to output precision before multiplying operands
https://notcve.org/view.php?id=CVE-2024-36948
In the Linux kernel, the following vulnerability has been resolved: drm/xe/xe_migrate: Cast to output precision before multiplying operands Addressing potential overflow in result of multiplication of two lower precision (u32) operands before widening it to higher precision (u64). -v2 Fix commit message and description. (Rodrigo) (cherry picked from commit 34820967ae7b45411f8f4f737c2d63b0c608e0d7) En el kernel de Linux, se resolvió la siguiente vulnerabilidad: drm/xe/xe_migrate: conversión a precisión de salida antes de multiplicar operandos. Abordar el posible desbordamiento como resultado de la multiplicación de dos operandos de menor precisión (u32) antes de ampliarlo a mayor precisión (u64). -v2 Corregir mensaje de commit y descripción. (Rodrigo) (cereza escogida del commit 34820967ae7b45411f8f4f737c2d63b0c608e0d7) • https://git.kernel.org/stable/c/e23a904dfeb5a9e3d4ec527a365e962478cccf05 https://git.kernel.org/stable/c/9cb46b31f3d08ed3fce86349e8c12f96d7c88717 •