CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 0CVE-2024-50212 – lib: alloc_tag_module_unload must wait for pending kfree_rcu calls
https://notcve.org/view.php?id=CVE-2024-50212
09 Nov 2024 — [akpm@linux-foundation.org: add comment] In the Linux kernel, the following vulnerability has been resolved: lib: alloc_tag_module_unload must wait for pending kfree_rcu calls Ben Greear reports following splat: ------------[ cut here ]------------ net/netfilter/nf_nat_core.c:1114 module nf_nat func:nf_nat_register_fn has 256 allocated at module unload WARNING: CPU: 1 PID: 10421 at lib/alloc_tag.c:168 alloc_tag_module_unload+0x22b/0x3f0 Modules linked in: nf_nat(-) btrfs ufs qnx4 hfsplus hfs m... • https://git.kernel.org/stable/c/a473573964e51dcb6efc182f773cd3924be4a184 •
CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 0CVE-2024-50211 – udf: refactor inode_bmap() to handle error
https://notcve.org/view.php?id=CVE-2024-50211
08 Nov 2024 — In the Linux kernel, the following vulnerability has been resolved: udf: refactor inode_bmap() to handle error Refactor inode_bmap() to handle error since udf_next_aext() can return error now. ... In the Linux kernel, the following vulnerability has been resolved: udf: refactor inode_bmap() to handle error Refactor inode_bmap() to handle error since udf_next_aext() can return error now. • https://git.kernel.org/stable/c/493447dd8336607fce426f7879e581095f6c606e •
CVSS: -EPSS: 0%CPEs: 5EXPL: 0CVE-2024-50210 – posix-clock: posix-clock: Fix unbalanced locking in pc_clock_settime()
https://notcve.org/view.php?id=CVE-2024-50210
08 Nov 2024 — In the Linux kernel, the following vulnerability has been resolved: posix-clock: posix-clock: Fix unbalanced locking in pc_clock_settime() If get_clock_desc() succeeds, it calls fget() for the clockid's fd, and get the clk->rwsem read lock, so the error path should release the lock to make the lock balance and fput the clockid's fd to make the refcount balance and release the fd related resource. ... [pabeni@redhat.com: fixed commit message typo] In the Linux kernel, the following vulnerabilit... • https://git.kernel.org/stable/c/673a1c5a2998acbd429d6286e6cad10f17f4f073 •
CVSS: 5.5EPSS: 0%CPEs: 6EXPL: 0CVE-2024-50209 – RDMA/bnxt_re: Add a check for memory allocation
https://notcve.org/view.php?id=CVE-2024-50209
08 Nov 2024 — In the Linux kernel, the following vulnerability has been resolved: RDMA/bnxt_re: Add a check for memory allocation __alloc_pbl() can return error when memory allocation fails. Driver is not checking the status on one of the instances. In the Linux kernel, the following vulnerability has been resolved: RDMA/bnxt_re: Add a check for memory allocation __alloc_pbl() can return error when memory allocation fails. • https://git.kernel.org/stable/c/0c4dcd602817502bb3dced7a834a13ef717d65a4 •
CVSS: 7.1EPSS: 0%CPEs: 6EXPL: 0CVE-2024-50208 – RDMA/bnxt_re: Fix a bug while setting up Level-2 PBL pages
https://notcve.org/view.php?id=CVE-2024-50208
08 Nov 2024 — In the Linux kernel, the following vulnerability has been resolved: RDMA/bnxt_re: Fix a bug while setting up Level-2 PBL pages Avoid memory corruption while setting up Level-2 PBL pages for the non MR resources when num_pages > 256K. ... In the Linux kernel, the following vulnerability has been resolved: RDMA/bnxt_re: Fix a bug while setting up Level-2 PBL pages Avoid memory corruption while setting up Level-2 PBL pages for the non MR resources when num_pages > 256K. • https://git.kernel.org/stable/c/0c4dcd602817502bb3dced7a834a13ef717d65a4 • CWE-125: Out-of-bounds Read •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2024-50207 – ring-buffer: Fix reader locking when changing the sub buffer order
https://notcve.org/view.php?id=CVE-2024-50207
08 Nov 2024 — In the Linux kernel, the following vulnerability has been resolved: ring-buffer: Fix reader locking when changing the sub buffer order The function ring_buffer_subbuf_order_set() updates each ring_buffer_per_cpu and installs new sub buffers that match the requested page order. In the Linux kernel, the following vulnerability has been resolved: ring-buffer: Fix reader locking when changing the sub buffer order The function ring_buffer_subbuf_order_set() updates each ring_buffer_per_cpu and inst... • https://git.kernel.org/stable/c/8e7b58c27b3c567316a51079b375b846f9223bba •
CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 0CVE-2024-50206 – net: ethernet: mtk_eth_soc: fix memory corruption during fq dma init
https://notcve.org/view.php?id=CVE-2024-50206
08 Nov 2024 — In the Linux kernel, the following vulnerability has been resolved: net: ethernet: mtk_eth_soc: fix memory corruption during fq dma init The loop responsible for allocating up to MTK_FQ_DMA_LENGTH buffers must only touch as many descriptors, otherwise it ends up corrupting unrelated memory. In the Linux kernel, the following vulnerability has been resolved: net: ethernet: mtk_eth_soc: fix memory corruption during fq dma init The loop responsible for allocating up to MTK_FQ_DMA_LENGTH buffers m... • https://git.kernel.org/stable/c/c57e558194430d10d5e5f4acd8a8655b68dade13 •
CVSS: 5.5EPSS: 0%CPEs: 7EXPL: 0CVE-2024-50205 – ALSA: firewire-lib: Avoid division by zero in apply_constraint_to_size()
https://notcve.org/view.php?id=CVE-2024-50205
08 Nov 2024 — In the Linux kernel, the following vulnerability has been resolved: ALSA: firewire-lib: Avoid division by zero in apply_constraint_to_size() The step variable is initialized to zero. In the Linux kernel, the following vulnerability has been resolved: ALSA: firewire-lib: Avoid division by zero in apply_constraint_to_size() The step variable is initialized to zero. ... Found by Linux Verification Center (linuxtesting.org) with SVACE. Found by Linux Verification Center (linuxtesting... • https://git.kernel.org/stable/c/826b5de90c0bca4e9de6231da9e1730480621588 •
CVSS: 7.1EPSS: 0%CPEs: 2EXPL: 0CVE-2024-50204 – fs: don't try and remove empty rbtree node
https://notcve.org/view.php?id=CVE-2024-50204
08 Nov 2024 — In the Linux kernel, the following vulnerability has been resolved: fs: don't try and remove empty rbtree node When copying a namespace we won't have added the new copy into the namespace rbtree until after the copy succeeded. ... In the Linux kernel, the following vulnerability has been resolved: fs: don't try and remove empty rbtree node When copying a namespace we won't have added the new copy into the namespace rbtree until after the copy succeeded. • https://git.kernel.org/stable/c/1901c92497bd90caf608a474f1bf4d8795b372a2 •
CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 0CVE-2024-50203 – bpf, arm64: Fix address emission with tag-based KASAN enabled
https://notcve.org/view.php?id=CVE-2024-50203
08 Nov 2024 — In the Linux kernel, the following vulnerability has been resolved: bpf, arm64: Fix address emission with tag-based KASAN enabled When BPF_TRAMP_F_CALL_ORIG is enabled, the address of a bpf_tramp_image struct on the stack is passed during the size calculation pass and an address on the heap is passed during code generation. In the Linux kernel, the following vulnerability has been resolved: bpf, arm64: Fix address emission with tag-based KASAN enabled When BPF_TRAMP_F_CALL_ORIG is enabled, the... • https://git.kernel.org/stable/c/19d3c179a37730caf600a97fed3794feac2b197b •