CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 0CVE-2024-50152 – smb: client: fix possible double free in smb2_set_ea()
https://notcve.org/view.php?id=CVE-2024-50152
07 Nov 2024 — In the Linux kernel, the following vulnerability has been resolved: smb: client: fix possible double free in smb2_set_ea() Clang static checker(scan-build) warning: fs/smb/client/smb2ops.c:1304:2: Attempt to free released memory. In the Linux kernel, the following vulnerability has been resolved: smb: client: fix possible double free in smb2_set_ea() Clang static checker(scan-build) warning: fs/smb/client/smb2ops.c:1304:2: Attempt to free released memory. • https://git.kernel.org/stable/c/433042a91f9373241307725b52de573933ffedbf •
CVSS: 7.8EPSS: 0%CPEs: 7EXPL: 0CVE-2024-50151 – smb: client: fix OOBs when building SMB2_IOCTL request
https://notcve.org/view.php?id=CVE-2024-50151
07 Nov 2024 — In the Linux kernel, the following vulnerability has been resolved: smb: client: fix OOBs when building SMB2_IOCTL request When using encryption, either enforced by the server or when using 'seal' mount option, the client will squash all compound request buffers down for encryption into a single iov in smb2_set_next_command(). ... strncpy_from_user+0xaa/0x160 __x64_sys_symlinkat+0xb9/0xf0 do_syscall_64+0xbb/0x1d0 entry_SYSCALL_64_after_hwframe+0x77/0x7f RIP: 0033:0x7f08d75c13bb En el kernel de Lin... • https://git.kernel.org/stable/c/e77fe73c7e38c36145825d84cfe385d400aba4fd •
CVSS: -EPSS: 0%CPEs: 8EXPL: 0CVE-2024-50150 – usb: typec: altmode should keep reference to parent
https://notcve.org/view.php?id=CVE-2024-50150
07 Nov 2024 — __pfx_kthread+0x10/0x10 [ 46.625532] ret_from_fork_asm+0x1a/0x30 [ 46.625805] [ 46.625953] [ 46.626056] Allocated by task 678: [ 46.626287] kasan_save_stack+0x24/0x44 [ 46.626555] kasan_save_track+0x14/0x2d [ 46.626811] __kasan_kmalloc+0x3f/0x4d [ 46.627049] __kmalloc_noprof+0x1bf/0x1f0 [ 46.627362] typec_register_port+0x23/0x491 [ 46.627698] cros_typec_probe+0x634/0xbb6 [ 46.628026] platform_probe+0x47/0x8c [ 46.628311] really_probe+0x20a/0x47d [ 46.628605] device_driver_attach+0x39/0x72 [ 46.62894... • https://git.kernel.org/stable/c/8a37d87d72f0c69f837229c04d2fcd7117ea57e7 •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2024-50149 – drm/xe: Don't free job in TDR
https://notcve.org/view.php?id=CVE-2024-50149
07 Nov 2024 — In the Linux kernel, the following vulnerability has been resolved: drm/xe: Don't free job in TDR Freeing job in TDR is not safe as TDR can pass the run_job thread resulting in UAF. ... (cherry picked from commit ea2f6a77d0c40d97f4a4dc93fee4afe15d94926d) En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: drm/xe: No liberar trabajo en TDR Liberar trabajo en TDR no es seguro, ya que TDR puede pasar el subproceso run_job, lo que genera una UAF. ... (seleccionado de el commit ea2f6... • https://git.kernel.org/stable/c/e275d61c5f3ffc250b2a9601d36fbd11b4db774b • CWE-416: Use After Free •
CVSS: 5.5EPSS: 0%CPEs: 8EXPL: 0CVE-2024-50148 – Bluetooth: bnep: fix wild-memory-access in proto_unregister
https://notcve.org/view.php?id=CVE-2024-50148
07 Nov 2024 — In the Linux kernel, the following vulnerability has been resolved: Bluetooth: bnep: fix wild-memory-access in proto_unregister There's issue as follows: KASAN: maybe wild-memory-access in range [0xdead...108-0xdead...10f] CPU: 3 UID: 0 PID: 2805 Comm: rmmod Tainted: G W RIP: 0010:proto_unregister+0xee/0x400 Call Trace:
CVSS: 7.1EPSS: 0%CPEs: 4EXPL: 0CVE-2024-50147 – net/mlx5: Fix command bitmask initialization
https://notcve.org/view.php?id=CVE-2024-50147
07 Nov 2024 — In the Linux kernel, the following vulnerability has been resolved: net/mlx5: Fix command bitmask initialization Command bitmask have a dedicated bit for MANAGE_PAGES command, this bit isn't Initialize during command bitmask Initialization, only during MANAGE_PAGES. ... kthread_complete_and_exit+0x20/0x20 ret_from_fork_asm+0x11/0x20 En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: net/mlx5: Arreglar la inicialización de la máscara de bits del comando La máscara de bit... • https://git.kernel.org/stable/c/9b98d395b85dd042fe83fb696b1ac02e6c93a520 •
CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 0CVE-2024-50146 – net/mlx5e: Don't call cleanup on profile rollback failure
https://notcve.org/view.php?id=CVE-2024-50146
07 Nov 2024 — In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: Don't call cleanup on profile rollback failure When profile rollback fails in mlx5e_netdev_change_profile, the netdev profile var is left set to NULL. ... lockdep_hardirqs_on_prepare+0xe2/0x190 [ 745.564825] do_syscall_64+0x6d/0x140 [ 745.565223] entry_SYSCALL_64_after_hwframe+0x4b/0x53 [ 745.565725] RIP: 0033:0x7f1579b1288b En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: net/mlx5e: No llamar a cl... • https://git.kernel.org/stable/c/3ef14e463f6ed0218710f56b97e1a7d0448784d2 •
CVSS: 5.5EPSS: 0%CPEs: 4EXPL: 0CVE-2024-50145 – octeon_ep: Add SKB allocation failures handling in __octep_oq_process_rx()
https://notcve.org/view.php?id=CVE-2024-50145
07 Nov 2024 — In the Linux kernel, the following vulnerability has been resolved: octeon_ep: Add SKB allocation failures handling in __octep_oq_process_rx() build_skb() returns NULL in case of a memory allocation failure so handle it inside __octep_oq_process_rx() to avoid NULL pointer dereference. In the Linux kernel, the following vulnerability has been resolved: octeon_ep: Add SKB allocation failures handling in __octep_oq_process_rx() build_skb() returns NULL in case of a memory allocation failure so ha... • https://git.kernel.org/stable/c/37d79d0596062057f588bdbb2ebad5455a43d353 •
CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 0CVE-2024-50144 – drm/xe: fix unbalanced rpm put() with fence_fini()
https://notcve.org/view.php?id=CVE-2024-50144
07 Nov 2024 — In the Linux kernel, the following vulnerability has been resolved: drm/xe: fix unbalanced rpm put() with fence_fini() Currently we can call fence_fini() twice if something goes wrong when sending the GuC CT for the tlb request, since we signal the fence and return an error, leading to the caller also calling fini() on the error path in the case of stack version of the flow, which leads to an extra rpm put() which might later cause device to enter suspend when it shouldn't. ... • https://git.kernel.org/stable/c/f002702290fccbd473f5bb94e52f25c96917fff2 •
CVSS: 7.8EPSS: 0%CPEs: 7EXPL: 0CVE-2024-50143 – udf: fix uninit-value use in udf_get_fileshortad
https://notcve.org/view.php?id=CVE-2024-50143
07 Nov 2024 — In the Linux kernel, the following vulnerability has been resolved: udf: fix uninit-value use in udf_get_fileshortad Check for overflow when computing alen in udf_current_aext to mitigate later uninit-value use in udf_get_fileshortad KMSAN bug[1]. After applying the patch reproducer did not trigger any issue[2]. [1] https://syzkaller.appspot.com/bug?... x=10242227980000 En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: udf: se corrige el uso de un valor no inicializado en udf_... • https://git.kernel.org/stable/c/5eb76fb98b3335aa5cca6a7db2e659561c79c32b •