CVSS: -EPSS: 0%CPEs: 7EXPL: 0CVE-2024-56603 – net: af_can: do not leave a dangling sk pointer in can_create()
https://notcve.org/view.php?id=CVE-2024-56603
27 Dec 2024 — In the Linux kernel, the following vulnerability has been resolved: net: af_can: do not leave a dangling sk pointer in can_create() On error can_create() frees the allocated sk object, but sock_init_data() has already attached it to the provided sock object. This will leave a dangling sk pointer in the sock object and may cause use-after-free later. • https://git.kernel.org/stable/c/884ae8bcee749be43a071d6ed2d89058dbd2425c •
CVSS: -EPSS: 0%CPEs: 7EXPL: 0CVE-2024-56602 – net: ieee802154: do not leave a dangling sk pointer in ieee802154_create()
https://notcve.org/view.php?id=CVE-2024-56602
27 Dec 2024 — In the Linux kernel, the following vulnerability has been resolved: net: ieee802154: do not leave a dangling sk pointer in ieee802154_create() sock_init_data() attaches the allocated sk object to the provided sock object. If ieee802154_create() fails later, the allocated sk object is freed, but the dangling pointer remains in the provided sock object, which may allow use-after-free. Clear the sk pointer in the sock object on error. • https://git.kernel.org/stable/c/1d5fe782c0ff068d80933f9cfd0fd39d5434bbc9 •
CVSS: -EPSS: 0%CPEs: 7EXPL: 0CVE-2024-56601 – net: inet: do not leave a dangling sk pointer in inet_create()
https://notcve.org/view.php?id=CVE-2024-56601
27 Dec 2024 — In the Linux kernel, the following vulnerability has been resolved: net: inet: do not leave a dangling sk pointer in inet_create() sock_init_data() attaches the allocated sk object to the provided sock object. If inet_create() fails later, the sk object is freed, but the sock object retains the dangling pointer, which may create use-after-free later. Clear the sk pointer in the sock object on error. • https://git.kernel.org/stable/c/f8a3f255f7509a209292871715cda03779640c8d •
CVSS: -EPSS: 0%CPEs: 7EXPL: 0CVE-2024-56600 – net: inet6: do not leave a dangling sk pointer in inet6_create()
https://notcve.org/view.php?id=CVE-2024-56600
27 Dec 2024 — In the Linux kernel, the following vulnerability has been resolved: net: inet6: do not leave a dangling sk pointer in inet6_create() sock_init_data() attaches the allocated sk pointer to the provided sock object. If inet6_create() fails later, the sk object is released, but the sock object retains the dangling sk pointer, which may cause use-after-free later. Clear the sock sk pointer on error. • https://git.kernel.org/stable/c/f2709d1271cfdf55c670ab5c5982139ab627ddc7 •
CVSS: -EPSS: 0%CPEs: 2EXPL: 0CVE-2024-56599 – wifi: ath10k: avoid NULL pointer error during sdio remove
https://notcve.org/view.php?id=CVE-2024-56599
27 Dec 2024 — In the Linux kernel, the following vulnerability has been resolved: wifi: ath10k: avoid NULL pointer error during sdio remove When running 'rmmod ath10k', ath10k_sdio_remove() will free sdio workqueue by destroy_workqueue(). But if CONFIG_INIT_ON_FREE_DEFAULT_ON is set to yes, kernel panic will happen: Call trace: destroy_workqueue+0x1c/0x258 ath10k_sdio_remove+0x84/0x94 sdio_bus_remove+0x50/0x16c device_release_driver_internal+0x188/0x25c device_driver_detach+0x20/0x2c This is because during 'rmmod... • https://git.kernel.org/stable/c/543c0924d446b21f35701ca084d7feca09511220 •
CVSS: -EPSS: 0%CPEs: 7EXPL: 0CVE-2024-56598 – jfs: array-index-out-of-bounds fix in dtReadFirst
https://notcve.org/view.php?id=CVE-2024-56598
27 Dec 2024 — In the Linux kernel, the following vulnerability has been resolved: jfs: array-index-out-of-bounds fix in dtReadFirst The value of stbl can be sometimes out of bounds due to a bad filesystem. Added a check with appopriate return of error code in that case. • https://git.kernel.org/stable/c/25f1e673ef61d6bf9a6022e27936785896d74948 •
CVSS: -EPSS: 0%CPEs: 7EXPL: 0CVE-2024-56597 – jfs: fix shift-out-of-bounds in dbSplit
https://notcve.org/view.php?id=CVE-2024-56597
27 Dec 2024 — In the Linux kernel, the following vulnerability has been resolved: jfs: fix shift-out-of-bounds in dbSplit When dmt_budmin is less than zero, it causes errors in the later stages. Added a check to return an error beforehand in dbAllocCtl itself. • https://git.kernel.org/stable/c/bbb24ce7f06ef9b7c05beb9340787cbe9fd3d08e •
CVSS: -EPSS: 0%CPEs: 7EXPL: 0CVE-2024-56596 – jfs: fix array-index-out-of-bounds in jfs_readdir
https://notcve.org/view.php?id=CVE-2024-56596
27 Dec 2024 — In the Linux kernel, the following vulnerability has been resolved: jfs: fix array-index-out-of-bounds in jfs_readdir The stbl might contain some invalid values. Added a check to return error code in that case. • https://git.kernel.org/stable/c/b62f41aeec9d250144c53875b507c1d45ae8c8fc •
CVSS: -EPSS: 0%CPEs: 7EXPL: 0CVE-2024-56595 – jfs: add a check to prevent array-index-out-of-bounds in dbAdjTree
https://notcve.org/view.php?id=CVE-2024-56595
27 Dec 2024 — In the Linux kernel, the following vulnerability has been resolved: jfs: add a check to prevent array-index-out-of-bounds in dbAdjTree When the value of lp is 0 at the beginning of the for loop, it will become negative in the next assignment and we should bail out. • https://git.kernel.org/stable/c/b15000bcbecf27e0f7c0f149a409e5b865e28ca2 •
CVSS: -EPSS: 0%CPEs: 7EXPL: 0CVE-2024-56594 – drm/amdgpu: set the right AMDGPU sg segment limitation
https://notcve.org/view.php?id=CVE-2024-56594
27 Dec 2024 — In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: set the right AMDGPU sg segment limitation The driver needs to set the correct max_segment_size; otherwise debug_dma_map_sg() will complain about the over-mapping of the AMDGPU sg length as following: WARNING: CPU: 6 PID: 1964 at kernel/dma/debug.c:1178 debug_dma_map_sg+0x2dc/0x370 [ 364.049444] Modules linked in: veth amdgpu(OE) amdxcp drm_exec gpu_sched drm_buddy drm_ttm_helper ttm(OE) drm_suballoc_helper drm_display_helpe... • https://git.kernel.org/stable/c/b5807a08954fdf914ef80b49aaa6cda965ecc95c •