CVSS: -EPSS: 0%CPEs: 2EXPL: 0CVE-2024-56682 – irqchip/riscv-aplic: Prevent crash when MSI domain is missing
https://notcve.org/view.php?id=CVE-2024-56682
28 Dec 2024 — In the Linux kernel, the following vulnerability has been resolved: irqchip/riscv-aplic: Prevent crash when MSI domain is missing If the APLIC driver is probed before the IMSIC driver, the parent MSI domain will be missing, which causes a NULL pointer dereference in msi_create_device_irq_domain(). Avoid this by deferring probe until the parent MSI domain is available. Use dev_err_probe() to avoid printing an error message when returning -EPROBE_DEFER. • https://git.kernel.org/stable/c/ca8df97fe6798afbe395fc4a8e23bac0c7fbd248 •
CVSS: -EPSS: 0%CPEs: 9EXPL: 0CVE-2024-56681 – crypto: bcm - add error check in the ahash_hmac_init function
https://notcve.org/view.php?id=CVE-2024-56681
28 Dec 2024 — In the Linux kernel, the following vulnerability has been resolved: crypto: bcm - add error check in the ahash_hmac_init function The ahash_init functions may return fails. The ahash_hmac_init should not return ok when ahash_init returns error. For an example, ahash_init will return -ENOMEM when allocation memory is error. • https://git.kernel.org/stable/c/9d12ba86f818aa9cfe9f01b750336aa441f2ffa2 •
CVSS: -EPSS: 0%CPEs: 3EXPL: 0CVE-2024-56680 – media: intel/ipu6: do not handle interrupts when device is disabled
https://notcve.org/view.php?id=CVE-2024-56680
28 Dec 2024 — In the Linux kernel, the following vulnerability has been resolved: media: intel/ipu6: do not handle interrupts when device is disabled Some IPU6 devices have shared interrupts. We need to handle properly case when interrupt is triggered from other device on shared irq line and IPU6 itself disabled. In such case we get 0xffffffff from ISR_STATUS register and handle all irq's cases, for what we are not not prepared and usually hang the whole system. To avoid the issue use pm_runtime_get_if_active() to che... • https://git.kernel.org/stable/c/ab29a2478e709b8fbb4715c51709275907c185db •
CVSS: -EPSS: 0%CPEs: 6EXPL: 0CVE-2024-56679 – octeontx2-pf: handle otx2_mbox_get_rsp errors in otx2_common.c
https://notcve.org/view.php?id=CVE-2024-56679
28 Dec 2024 — In the Linux kernel, the following vulnerability has been resolved: octeontx2-pf: handle otx2_mbox_get_rsp errors in otx2_common.c Add error pointer check after calling otx2_mbox_get_rsp(). • https://git.kernel.org/stable/c/ab58a416c93f134b72ec7e10d8d74509c3985243 •
CVSS: -EPSS: 0%CPEs: 6EXPL: 0CVE-2024-56678 – powerpc/mm/fault: Fix kfence page fault reporting
https://notcve.org/view.php?id=CVE-2024-56678
28 Dec 2024 — In the Linux kernel, the following vulnerability has been resolved: powerpc/mm/fault: Fix kfence page fault reporting copy_from_kernel_nofault() can be called when doing read of /proc/kcore. /proc/kcore can have some unmapped kfence objects which when read via copy_from_kernel_nofault() can cause page faults. Since *_nofault() functions define their own fixup table for handling fault, use that instead of asking kfence to handle such faults. Hence we search the exception tables for the nip which generated... • https://git.kernel.org/stable/c/90cbac0e995dd92f7bcf82f74aa50250bf194a4a •
CVSS: -EPSS: 0%CPEs: 5EXPL: 0CVE-2024-56677 – powerpc/fadump: Move fadump_cma_init to setup_arch() after initmem_init()
https://notcve.org/view.php?id=CVE-2024-56677
28 Dec 2024 — In the Linux kernel, the following vulnerability has been resolved: powerpc/fadump: Move fadump_cma_init to setup_arch() after initmem_init() During early init CMA_MIN_ALIGNMENT_BYTES can be PAGE_SIZE, since pageblock_order is still zero and it gets initialized later during initmem_init() e.g. setup_arch() -> initmem_init() -> sparse_init() -> set_pageblock_order() One such use case where this causes issue is - early_setup() -> early_init_devtree() -> fadump_reserve_mem() -> fadump_cma_init() This cause... • https://git.kernel.org/stable/c/11ac3e87ce09c27f4587a8c4fe0829d814021a82 •
CVSS: -EPSS: 0%CPEs: 4EXPL: 0CVE-2024-56675 – bpf: Fix UAF via mismatching bpf_prog/attachment RCU flavors
https://notcve.org/view.php?id=CVE-2024-56675
27 Dec 2024 — In the Linux kernel, the following vulnerability has been resolved: bpf: Fix UAF via mismatching bpf_prog/attachment RCU flavors Uprobes always use bpf_prog_run_array_uprobe() under tasks-trace-RCU protection. But it is possible to attach a non-sleepable BPF program to a uprobe, and non-sleepable BPF programs are freed via normal RCU (see __bpf_prog_put_noref()). This leads to UAF of the bpf_prog because a normal RCU grace period does not imply a tasks-trace-RCU grace period. Fix it by explicitly waiting... • https://git.kernel.org/stable/c/8c7dcb84e3b744b2b70baa7a44a9b1881c33a9c9 •
CVSS: -EPSS: 0%CPEs: 2EXPL: 0CVE-2024-56674 – virtio_net: correct netdev_tx_reset_queue() invocation point
https://notcve.org/view.php?id=CVE-2024-56674
27 Dec 2024 — In the Linux kernel, the following vulnerability has been resolved: virtio_net: correct netdev_tx_reset_queue() invocation point When virtnet_close is followed by virtnet_open, some TX completions can possibly remain unconsumed, until they are finally processed during the first NAPI poll after the netdev_tx_reset_queue(), resulting in a crash [1]. Commit b96ed2c97c79 ("virtio_net: move netdev_tx_reset_queue() call before RX napi enable") was not sufficient to eliminate all BQL crash cases for virtio-net. ... • https://git.kernel.org/stable/c/c8bd1f7f3e61fc6c562c806045f3ccd2cc819c01 •
CVSS: -EPSS: 0%CPEs: 2EXPL: 0CVE-2024-56673 – riscv: mm: Do not call pmd dtor on vmemmap page table teardown
https://notcve.org/view.php?id=CVE-2024-56673
27 Dec 2024 — In the Linux kernel, the following vulnerability has been resolved: riscv: mm: Do not call pmd dtor on vmemmap page table teardown The vmemmap's, which is used for RV64 with SPARSEMEM_VMEMMAP, page tables are populated using pmd (page middle directory) hugetables. However, the pmd allocation is not using the generic mechanism used by the VMA code (e.g. pmd_alloc()), or the RISC-V specific create_pgd_mapping()/alloc_pmd_late(). Instead, the vmemmap page table code allocates a page, and calls vmemmap_set_pm... • https://git.kernel.org/stable/c/c75a74f4ba19c904c0ae1e011ae2568449409ae4 •
CVSS: -EPSS: 0%CPEs: 4EXPL: 0CVE-2024-56672 – blk-cgroup: Fix UAF in blkcg_unpin_online()
https://notcve.org/view.php?id=CVE-2024-56672
27 Dec 2024 — In the Linux kernel, the following vulnerability has been resolved: blk-cgroup: Fix UAF in blkcg_unpin_online() blkcg_unpin_online() walks up the blkcg hierarchy putting the online pin. To walk up, it uses blkcg_parent(blkcg) but it was calling that after blkcg_destroy_blkgs(blkcg) which could free the blkcg, leading to the following UAF: ================================================================== BUG: KASAN: slab-use-after-free in blkcg_unpin_online+0x15a/0x270 Read of size 8 at addr ffff88... • https://git.kernel.org/stable/c/4308a434e5e08c78676aa66bc626ef78cbef0883 •