CVSS: 7.8EPSS: 0%CPEs: 8EXPL: 0CVE-2024-50273 – btrfs: reinitialize delayed ref list after deleting it from the list
https://notcve.org/view.php?id=CVE-2024-50273
19 Nov 2024 — In the Linux kernel, the following vulnerability has been resolved: btrfs: reinitialize delayed ref list after deleting it from the list At insert_delayed_ref() if we need to update the action of an existing ref to BTRFS_DROP_DELAYED_REF, we delete the ref from its ref head's ref_add_list using list_del(), which leaves the ref's add_list member not reinitialized, as list_del() sets the next and prev members of the list to LIST_POISON1 and LIST_POISON2, respectively. In the Linux kernel, the fo... • https://git.kernel.org/stable/c/1d57ee941692d0cc928526e21a1557b2ae3e11db •
CVSS: 5.5EPSS: 0%CPEs: 7EXPL: 0CVE-2024-50272 – filemap: Fix bounds checking in filemap_read()
https://notcve.org/view.php?id=CVE-2024-50272
19 Nov 2024 — In the Linux kernel, the following vulnerability has been resolved: filemap: Fix bounds checking in filemap_read() If the caller supplies an iocb->ki_pos value that is close to the filesystem upper limit, and an iterator with a count that causes us to overflow that limit, then filemap_read() enters an infinite loop. In the Linux kernel, the following vulnerability has been resolved: filemap: Fix bounds checking in filemap_read() If the caller supplies an iocb->ki_pos value that is close to the... • https://git.kernel.org/stable/c/c2a9737f45e27d8263ff9643f994bda9bac0b944 •
CVSS: 5.5EPSS: 0%CPEs: 4EXPL: 0CVE-2024-50271 – signal: restore the override_rlimit logic
https://notcve.org/view.php?id=CVE-2024-50271
19 Nov 2024 — In the Linux kernel, the following vulnerability has been resolved: signal: restore the override_rlimit logic Prior to commit d64696905554 ("Reimplement RLIMIT_SIGPENDING on top of ucounts") UCOUNT_RLIMIT_SIGPENDING rlimit was not enforced for a class of signals. In the Linux kernel, the following vulnerability has been resolved: signal: restore the override_rlimit logic Prior to commit d64696905554 ("Reimplement RLIMIT_SIGPENDING on top of ucounts") UCOUNT_RLIMIT_SIGPENDING rlimit was not enf... • https://git.kernel.org/stable/c/d64696905554e919321e31afc210606653b8f6a4 •
CVSS: 8.5EPSS: 0%CPEs: 2EXPL: 0CVE-2024-50270 – mm/damon/core: avoid overflow in damon_feed_loop_next_input()
https://notcve.org/view.php?id=CVE-2024-50270
19 Nov 2024 — In the Linux kernel, the following vulnerability has been resolved: mm/damon/core: avoid overflow in damon_feed_loop_next_input() damon_feed_loop_next_input() is inefficient and fragile to overflows. ... In the Linux kernel, the following vulnerability has been resolved: mm/damon/core: avoid overflow in damon_feed_loop_next_input() damon_feed_loop_next_input() is inefficient and fragile to overflows. • https://git.kernel.org/stable/c/9294a037c01564786abb15436529fae3863268a2 •
CVSS: 6.1EPSS: 0%CPEs: 11EXPL: 0CVE-2024-50269 – usb: musb: sunxi: Fix accessing an released usb phy
https://notcve.org/view.php?id=CVE-2024-50269
19 Nov 2024 — In the Linux kernel, the following vulnerability has been resolved: usb: musb: sunxi: Fix accessing an released usb phy Commit 6ed05c68cbca ("usb: musb: sunxi: Explicitly release USB PHY on exit") will cause that usb phy @glue->xceiv is accessed after released. In the Linux kernel, the following vulnerability has been resolved: usb: musb: sunxi: Fix accessing an released usb phy Commit 6ed05c68cbca ("usb: musb: sunxi: Explicitly release USB PHY on exit") will cause that usb phy @glue->xceiv is... • https://git.kernel.org/stable/c/6ed05c68cbcae42cd52b8e53b66952bfa9c002ce •
CVSS: 7.1EPSS: 0%CPEs: 6EXPL: 0CVE-2024-50268 – usb: typec: fix potential out of bounds in ucsi_ccg_update_set_new_cam_cmd()
https://notcve.org/view.php?id=CVE-2024-50268
19 Nov 2024 — In the Linux kernel, the following vulnerability has been resolved: usb: typec: fix potential out of bounds in ucsi_ccg_update_set_new_cam_cmd() The "*cmd" variable can be controlled by the user via debugfs. ... The call tree is: ucsi_cmd() // val comes from simple_attr_write_xsigned() -> ucsi_send_command() -> ucsi_send_command_common() -> ucsi_run_command() // calls ucsi->ops->sync_control() -> ucsi_ccg_sync_control() In the Linux kernel, the following vulnerability has been resolved: usb: t... • https://git.kernel.org/stable/c/170a6726d0e266f2c8f306e3d61715c32f4ee41e •
CVSS: 7.8EPSS: 0%CPEs: 8EXPL: 0CVE-2024-50267 – USB: serial: io_edgeport: fix use after free in debug printk
https://notcve.org/view.php?id=CVE-2024-50267
19 Nov 2024 — In the Linux kernel, the following vulnerability has been resolved: USB: serial: io_edgeport: fix use after free in debug printk The "dev_dbg(&urb->dev->dev, ..." which happens after usb_free_urb(urb) is a use after free of the "urb" pointer. In the Linux kernel, the following vulnerability has been resolved: USB: serial: io_edgeport: fix use after free in debug printk The "dev_dbg(&urb->dev->dev, ..." which happens after usb_free_urb(urb) is a use after free of the "urb" pointer. ... • https://git.kernel.org/stable/c/984f68683298ba53af32f909de1f9452fbb37ccb • CWE-416: Use After Free •
CVSS: 7.1EPSS: 0%CPEs: 2EXPL: 0CVE-2024-50266 – clk: qcom: videocc-sm8350: use HW_CTRL_TRIGGER for vcodec GDSCs
https://notcve.org/view.php?id=CVE-2024-50266
19 Nov 2024 — In the Linux kernel, the following vulnerability has been resolved: clk: qcom: videocc-sm8350: use HW_CTRL_TRIGGER for vcodec GDSCs A recent change in the venus driver results in a stuck clock on the Lenovo ThinkPad X13s, for example, when streaming video in firefox: video_cc_mvs0_clk status stuck at 'off' WARNING: CPU: 6 PID: 2885 at drivers/clk/qcom/clk-branch.c:87 clk_branch_wait+0x144/0x15c ... In the Linux kernel, the following vulnerability has been resolved: clk: qcom: videocc-sm8350: u... • https://git.kernel.org/stable/c/ec9a652e514903df887791b669b70e86ab4e3ec5 •
CVSS: 9.0EPSS: 0%CPEs: 8EXPL: 0CVE-2024-50265 – ocfs2: remove entry once instead of null-ptr-dereference in ocfs2_xa_remove()
https://notcve.org/view.php?id=CVE-2024-50265
19 Nov 2024 — In the Linux kernel, the following vulnerability has been resolved: ocfs2: remove entry once instead of null-ptr-dereference in ocfs2_xa_remove() Syzkaller is able to provoke null-ptr-dereference in ocfs2_xa_remove(): [ 57.319872] (a.out,1161,7):ocfs2_xa_remove:2028 ERROR: status = -12 [ 57.320420] (a.out,1161,7):ocfs2_xa_cleanup_value_truncate:1999 ERROR: Partial truncate while removing xattr overlay.upper. In the Linux kernel, the following vulnerability has been resolved: ocfs2: remove entr... • https://git.kernel.org/stable/c/399ff3a748cf4c8c853e96dd477153202636527b •
CVSS: 7.8EPSS: 0%CPEs: 8EXPL: 0CVE-2024-50264 – vsock/virtio: Initialization of the dangling pointer occurring in vsk->trans
https://notcve.org/view.php?id=CVE-2024-50264
19 Nov 2024 — In the Linux kernel, the following vulnerability has been resolved: vsock/virtio: Initialization of the dangling pointer occurring in vsk->trans During loopback communication, a dangling pointer can be created in vsk->trans, potentially leading to a Use-After-Free condition. In the Linux kernel, the following vulnerability has been resolved: vsock/virtio: Initialization of the dangling pointer occurring in vsk->trans During loopback communication, a dangling pointer can be created in vsk->tran... • https://git.kernel.org/stable/c/06a8fc78367d070720af960dcecec917d3ae5f3b • CWE-416: Use After Free •