CVSS: 4.9EPSS: 0%CPEs: 5EXPL: 0CVE-2024-58071 – team: prevent adding a device which is already a team device lower
https://notcve.org/view.php?id=CVE-2024-58071
06 Mar 2025 — In the Linux kernel, the following vulnerability has been resolved: team: prevent adding a device which is already a team device lower Prevent adding a device which is already a team device lower, e.g. adding veth0 if vlan1 was already added and veth0 is a lower of vlan1. This is not useful in practice and can lead to recursive locking: $ ip link add veth0 type veth peer name veth1 $ ip link set veth0 up $ ip link set veth1 up $ ip link add link veth0 name veth0.1 type vlan protocol 802.1Q id 1 $ ip link ad... • https://git.kernel.org/stable/c/3d249d4ca7d0ed6629a135ea1ea21c72286c0d80 •
CVSS: 9.8EPSS: 0%CPEs: 4EXPL: 0CVE-2024-58070 – bpf: bpf_local_storage: Always use bpf_mem_alloc in PREEMPT_RT
https://notcve.org/view.php?id=CVE-2024-58070
06 Mar 2025 — In the Linux kernel, the following vulnerability has been resolved: bpf: bpf_local_storage: Always use bpf_mem_alloc in PREEMPT_RT In PREEMPT_RT, kmalloc(GFP_ATOMIC) is still not safe in non preemptible context. bpf_mem_alloc must be used in PREEMPT_RT. This patch is to enforce bpf_mem_alloc in the bpf_local_storage when CONFIG_PREEMPT_RT is enabled. [ 35.118559] BUG: sleeping function called from invalid context at kernel/locking/spinlock_rt.c:48 [ 35.118566] in_atomic(): 1, irqs_disabled(): 0, non_block: ... • https://git.kernel.org/stable/c/08a7ce384e33e53e0732c500a8af67a73f8fceca •
CVSS: 9.8EPSS: 0%CPEs: 5EXPL: 0CVE-2024-58069 – rtc: pcf85063: fix potential OOB write in PCF85063 NVMEM read
https://notcve.org/view.php?id=CVE-2024-58069
06 Mar 2025 — In the Linux kernel, the following vulnerability has been resolved: rtc: pcf85063: fix potential OOB write in PCF85063 NVMEM read The nvmem interface supports variable buffer sizes, while the regmap interface operates with fixed-size storage. If an nvmem client uses a buffer size less than 4 bytes, regmap_read will write out of bounds as it expects the buffer to point at an unsigned int. Fix this by using an intermediary unsigned int to hold the value. In the Linux kernel, the following vulnerability has be... • https://git.kernel.org/stable/c/fadfd092ee9138825d8c2a4f95719d2e2e3202b9 •
CVSS: 5.5EPSS: 0%CPEs: 5EXPL: 0CVE-2024-58068 – OPP: fix dev_pm_opp_find_bw_*() when bandwidth table not initialized
https://notcve.org/view.php?id=CVE-2024-58068
06 Mar 2025 — In the Linux kernel, the following vulnerability has been resolved: OPP: fix dev_pm_opp_find_bw_*() when bandwidth table not initialized If a driver calls dev_pm_opp_find_bw_ceil/floor() the retrieve bandwidth from the OPP table but the bandwidth table was not created because the interconnect properties were missing in the OPP consumer node, the kernel will crash with: Unable to handle kernel NULL pointer dereference at virtual address 0000000000000004 ... pc : _read_bw+0x8/0x10 lr : _opp_table_find_key+0x9... • https://git.kernel.org/stable/c/add1dc094a7456d3c56782b7478940b6a550c7ed •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2024-58067 – clk: mmp: pxa1908-mpmu: Fix a NULL vs IS_ERR() check
https://notcve.org/view.php?id=CVE-2024-58067
06 Mar 2025 — In the Linux kernel, the following vulnerability has been resolved: clk: mmp: pxa1908-mpmu: Fix a NULL vs IS_ERR() check The devm_kzalloc() function returns NULL on error, not error pointers. Update the check to match. In the Linux kernel, the following vulnerability has been resolved: clk: mmp: pxa1908-mpmu: Fix a NULL vs IS_ERR() check The devm_kzalloc() function returns NULL on error, not error pointers. Update the check to match. • https://git.kernel.org/stable/c/ebac87cdd230685fc5245a61bde79c9100ac348a •
CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 0CVE-2024-58066 – clk: mmp: pxa1908-apbcp: Fix a NULL vs IS_ERR() check
https://notcve.org/view.php?id=CVE-2024-58066
06 Mar 2025 — In the Linux kernel, the following vulnerability has been resolved: clk: mmp: pxa1908-apbcp: Fix a NULL vs IS_ERR() check The devm_kzalloc() function doesn't return error pointers, it returns NULL on error. Update the check to match. In the Linux kernel, the following vulnerability has been resolved: clk: mmp: pxa1908-apbcp: Fix a NULL vs IS_ERR() check The devm_kzalloc() function doesn't return error pointers, it returns NULL on error. Update the check to match. • https://git.kernel.org/stable/c/a89233dbd4df521094caa0dbcd03338259f8ead6 •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2024-58065 – clk: mmp: pxa1908-apbc: Fix NULL vs IS_ERR() check
https://notcve.org/view.php?id=CVE-2024-58065
06 Mar 2025 — In the Linux kernel, the following vulnerability has been resolved: clk: mmp: pxa1908-apbc: Fix NULL vs IS_ERR() check The devm_kzalloc() function returns NULL on error, not error pointers. Fix the check. In the Linux kernel, the following vulnerability has been resolved: clk: mmp: pxa1908-apbc: Fix NULL vs IS_ERR() check The devm_kzalloc() function returns NULL on error, not error pointers. Fix the check. • https://git.kernel.org/stable/c/51ce5591927389985451c0875f576701664f0a38 •
CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 0CVE-2024-58064 – wifi: cfg80211: tests: Fix potential NULL dereference in test_cfg80211_parse_colocated_ap()
https://notcve.org/view.php?id=CVE-2024-58064
06 Mar 2025 — In the Linux kernel, the following vulnerability has been resolved: wifi: cfg80211: tests: Fix potential NULL dereference in test_cfg80211_parse_colocated_ap() kunit_kzalloc() may return NULL, dereferencing it without NULL check may lead to NULL dereference. Add a NULL check for ies. In the Linux kernel, the following vulnerability has been resolved: wifi: cfg80211: tests: Fix potential NULL dereference in test_cfg80211_parse_colocated_ap() kunit_kzalloc() may return NULL, dereferencing it without NULL chec... • https://git.kernel.org/stable/c/45d43937a44c806b8649323b8f5d9f42ae838b0e •
CVSS: 5.5EPSS: 0%CPEs: 5EXPL: 0CVE-2024-58063 – wifi: rtlwifi: fix memory leaks and invalid access at probe error path
https://notcve.org/view.php?id=CVE-2024-58063
06 Mar 2025 — In the Linux kernel, the following vulnerability has been resolved: wifi: rtlwifi: fix memory leaks and invalid access at probe error path Deinitialize at reverse order when probe fails. When init_sw_vars fails, rtl_deinit_core should not be called, specially now that it destroys the rtl_wq workqueue. And call rtl_pci_deinit and deinit_sw_vars, otherwise, memory will be leaked. Remove pci_set_drvdata call as it will already be cleaned up by the core driver code and could lead to memory leaks too. cf. commit... • https://git.kernel.org/stable/c/0c8173385e549f95cd80c3fff5aab87b4f881d8d •
CVSS: 9.8EPSS: 0%CPEs: 3EXPL: 0CVE-2024-58062 – wifi: iwlwifi: mvm: avoid NULL pointer dereference
https://notcve.org/view.php?id=CVE-2024-58062
06 Mar 2025 — In the Linux kernel, the following vulnerability has been resolved: wifi: iwlwifi: mvm: avoid NULL pointer dereference When iterating over the links of a vif, we need to make sure that the pointer is valid (in other words - that the link exists) before dereferncing it. Use for_each_vif_active_link that also does the check. In the Linux kernel, the following vulnerability has been resolved: wifi: iwlwifi: mvm: avoid NULL pointer dereference When iterating over the links of a vif, we need to make sure that th... • https://git.kernel.org/stable/c/2b7ee1a10a72ef8f3df621133ac04e80e8214037 •