CVSS: 5.5EPSS: 0%CPEs: 10EXPL: 0CVE-2024-56780 – quota: flush quota_release_work upon quota writeback
https://notcve.org/view.php?id=CVE-2024-56780
08 Jan 2025 — In the Linux kernel, the following vulnerability has been resolved: quota: flush quota_release_work upon quota writeback One of the paths quota writeback is called from is: freeze_super() sync_filesystem() ext4_sync_fs() dquot_writeback_dquots() Since we currently don't always flush the quota_release_work queue in this path, we can end up with the following race: 1. dquot are added to releasing_dquots list during regular operations. 2. FS Freeze starts, however, this does not flush the quota_release_work qu... • https://git.kernel.org/stable/c/d40c192e119892799dd4ddf94f5cea6fa93775ef •
CVSS: 5.5EPSS: 0%CPEs: 7EXPL: 0CVE-2024-56779 – nfsd: fix nfs4_openowner leak when concurrent nfsd4_open occur
https://notcve.org/view.php?id=CVE-2024-56779
08 Jan 2025 — In the Linux kernel, the following vulnerability has been resolved: nfsd: fix nfs4_openowner leak when concurrent nfsd4_open occur The action force umount(umount -f) will attempt to kill all rpc_task even umount operation may ultimately fail if some files remain open. Consequently, if an action attempts to open a file, it can potentially send two rpc_task to nfs server. NFS CLIENT thread1 thread2 open("file") ... nfs4_do_open _nfs4_do_open _nfs4_open_and_get_state _nfs4_proc_open nfs4_run_open_task /* rpc_t... • https://git.kernel.org/stable/c/a85364f0d30dee01c5d5b4afa55a9629a8f36d8e •
CVSS: 5.5EPSS: 0%CPEs: 5EXPL: 0CVE-2024-56778 – drm/sti: avoid potential dereference of error pointers in sti_hqvdp_atomic_check
https://notcve.org/view.php?id=CVE-2024-56778
08 Jan 2025 — In the Linux kernel, the following vulnerability has been resolved: drm/sti: avoid potential dereference of error pointers in sti_hqvdp_atomic_check The return value of drm_atomic_get_crtc_state() needs to be checked. To avoid use of error pointer 'crtc_state' in case of the failure. In the Linux kernel, the following vulnerability has been resolved: drm/sti: avoid potential dereference of error pointers in sti_hqvdp_atomic_check The return value of drm_atomic_get_crtc_state() needs to be checked. To avoid ... • https://git.kernel.org/stable/c/dd86dc2f9ae1102f46115be1f1422265c15540f1 •
CVSS: 5.5EPSS: 0%CPEs: 5EXPL: 0CVE-2024-56777 – drm/sti: avoid potential dereference of error pointers in sti_gdp_atomic_check
https://notcve.org/view.php?id=CVE-2024-56777
08 Jan 2025 — In the Linux kernel, the following vulnerability has been resolved: drm/sti: avoid potential dereference of error pointers in sti_gdp_atomic_check The return value of drm_atomic_get_crtc_state() needs to be checked. To avoid use of error pointer 'crtc_state' in case of the failure. In the Linux kernel, the following vulnerability has been resolved: drm/sti: avoid potential dereference of error pointers in sti_gdp_atomic_check The return value of drm_atomic_get_crtc_state() needs to be checked. To avoid use ... • https://git.kernel.org/stable/c/dd86dc2f9ae1102f46115be1f1422265c15540f1 •
CVSS: 5.5EPSS: 0%CPEs: 5EXPL: 0CVE-2024-56776 – drm/sti: avoid potential dereference of error pointers
https://notcve.org/view.php?id=CVE-2024-56776
08 Jan 2025 — In the Linux kernel, the following vulnerability has been resolved: drm/sti: avoid potential dereference of error pointers The return value of drm_atomic_get_crtc_state() needs to be checked. To avoid use of error pointer 'crtc_state' in case of the failure. In the Linux kernel, the following vulnerability has been resolved: drm/sti: avoid potential dereference of error pointers The return value of drm_atomic_get_crtc_state() needs to be checked. To avoid use of error pointer 'crtc_state' in case of the fai... • https://git.kernel.org/stable/c/dd86dc2f9ae1102f46115be1f1422265c15540f1 •
CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 0CVE-2024-56775 – drm/amd/display: Fix handling of plane refcount
https://notcve.org/view.php?id=CVE-2024-56775
08 Jan 2025 — In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Fix handling of plane refcount [Why] The mechanism to backup and restore plane states doesn't maintain refcount, which can cause issues if the refcount of the plane changes in between backup and restore operations, such as memory leaks if the refcount was supposed to go down, or double frees / invalid memory accesses if the refcount was supposed to go up. [How] Cache and re-apply current refcount when restoring plane states... • https://git.kernel.org/stable/c/8cb2f6793845f135b28361ba8e96901cae3e5790 •
CVSS: 7.2EPSS: 0%CPEs: 5EXPL: 0CVE-2024-56774 – btrfs: add a sanity check for btrfs root in btrfs_search_slot()
https://notcve.org/view.php?id=CVE-2024-56774
08 Jan 2025 — In the Linux kernel, the following vulnerability has been resolved: btrfs: add a sanity check for btrfs root in btrfs_search_slot() Syzbot reports a null-ptr-deref in btrfs_search_slot(). The reproducer is using rescue=ibadroots, and the extent tree root is corrupted thus the extent tree is NULL. When scrub tries to search the extent tree to gather the needed extent info, btrfs_search_slot() doesn't check if the target root is NULL or not, resulting the null-ptr-deref. Add sanity check for btrfs root before... • https://git.kernel.org/stable/c/42437a6386ffeaaf200731e73d723ea491f3fe7d •
CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 0CVE-2024-56773 – kunit: Fix potential null dereference in kunit_device_driver_test()
https://notcve.org/view.php?id=CVE-2024-56773
08 Jan 2025 — In the Linux kernel, the following vulnerability has been resolved: kunit: Fix potential null dereference in kunit_device_driver_test() kunit_kzalloc() may return a NULL pointer, dereferencing it without NULL check may lead to NULL dereference. Add a NULL check for test_state. In the Linux kernel, the following vulnerability has been resolved: kunit: Fix potential null dereference in kunit_device_driver_test() kunit_kzalloc() may return a NULL pointer, dereferencing it without NULL check may lead to NULL de... • https://git.kernel.org/stable/c/d03c720e03bd9bf0b784d80b5d3ede7e2daf3b6e •
CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 0CVE-2024-56772 – kunit: string-stream: Fix a UAF bug in kunit_init_suite()
https://notcve.org/view.php?id=CVE-2024-56772
08 Jan 2025 — In the Linux kernel, the following vulnerability has been resolved: kunit: string-stream: Fix a UAF bug in kunit_init_suite() In kunit_debugfs_create_suite(), if alloc_string_stream() fails in the kunit_suite_for_each_test_case() loop, the "suite->log = stream" has assigned before, and the error path only free the suite->log's stream memory but not set it to NULL, so the later string_stream_clear() of suite->log in kunit_init_suite() will cause below UAF bug. Set stream pointer to NULL after free to fix it.... • https://git.kernel.org/stable/c/a3fdf784780ccb0008d630e8722d1389c49c7499 •
CVSS: 2.1EPSS: 0%CPEs: 2EXPL: 0CVE-2024-56771 – mtd: spinand: winbond: Fix 512GW, 01GW, 01JW and 02JW ECC information
https://notcve.org/view.php?id=CVE-2024-56771
08 Jan 2025 — In the Linux kernel, the following vulnerability has been resolved: mtd: spinand: winbond: Fix 512GW, 01GW, 01JW and 02JW ECC information These four chips: * W25N512GW * W25N01GW * W25N01JW * W25N02JW all require a single bit of ECC strength and thus feature an on-die Hamming-like ECC engine. There is no point in filling a ->get_status() callback for them because the main ECC status bytes are located in standard places, and retrieving the number of bitflips in case of corrected chunk is both useless and uns... • https://git.kernel.org/stable/c/6a804fb72de56d6a99b799f565ae45f2cec7cd55 •