CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 0CVE-2024-50112 – x86/lam: Disable ADDRESS_MASKING in most cases
https://notcve.org/view.php?id=CVE-2024-50112
05 Nov 2024 — In the Linux kernel, the following vulnerability has been resolved: x86/lam: Disable ADDRESS_MASKING in most cases Linear Address Masking (LAM) has a weakness related to transient execution as described in the SLAM paper[1]. ... There are no processors in market that support LAM yet, so currently nobody is affected by this issue. [1] SLAM: https://download.vusec.net/papers/slam_sp24.pdf [2] LASS: https://lore.kernel.org/lkml/20230609183632.48706-1-alexander.shishkin@linux.intel.com/ [ dhansen: update... • https://git.kernel.org/stable/c/60a5ba560f296ad8da153f6ad3f70030bfa3958f •
CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 0CVE-2024-50111 – LoongArch: Enable IRQ if do_ale() triggered in irq-enabled context
https://notcve.org/view.php?id=CVE-2024-50111
05 Nov 2024 — In the Linux kernel, the following vulnerability has been resolved: LoongArch: Enable IRQ if do_ale() triggered in irq-enabled context Unaligned access exception can be triggered in irq-enabled context such as user mode, in this case do_ale() may call get_user() which may cause sleep. In the Linux kernel, the following vulnerability has been resolved: LoongArch: Enable IRQ if do_ale() triggered in irq-enabled context Unaligned access exception can be triggered in irq-enabled context such as us... • https://git.kernel.org/stable/c/fa96b57c149061f71a70bd6582d995f6424fbbf4 •
CVSS: 7.1EPSS: 0%CPEs: 5EXPL: 0CVE-2024-50110 – xfrm: fix one more kernel-infoleak in algo dumping
https://notcve.org/view.php?id=CVE-2024-50110
05 Nov 2024 — A similar issue was resolved in the commit 8222d5910dae ("xfrm: Zero padding when dumping algos and encap") Found by Linux Verification Center (linuxtesting.org) with Syzkaller. A similar issue was resolved in the commit 8222d5910dae ("xfrm: Zero padding when dumping algos and encap") Found by Linux Verification Center (linuxtesting.org) with Syzkaller. En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: xfrm: corrige una fuga de información del kernel más en el volcado d... • https://git.kernel.org/stable/c/c7a5899eb26e2a4d516d53f65b6dd67be2228041 • CWE-908: Use of Uninitialized Resource •
CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 0CVE-2024-50109 – md/raid10: fix null ptr dereference in raid10_size()
https://notcve.org/view.php?id=CVE-2024-50109
05 Nov 2024 — In the Linux kernel, the following vulnerability has been resolved: md/raid10: fix null ptr dereference in raid10_size() In raid10_run() if raid10_set_queue_limits() succeed, the return value is set to zero, and if following procedures failed raid10_run() will return zero while mddev->private is still NULL, causing null ptr dereference in raid10_size(). In the Linux kernel, the following vulnerability has been resolved: md/raid10: fix null ptr dereference in raid10_size() In raid10_run() if ra... • https://git.kernel.org/stable/c/3d8466ba68d444f5528dcbff106e8bf5c7d51aa0 •
CVSS: 6.6EPSS: 0%CPEs: 4EXPL: 0CVE-2024-50108 – drm/amd/display: Disable PSR-SU on Parade 08-01 TCON too
https://notcve.org/view.php?id=CVE-2024-50108
05 Nov 2024 — In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Disable PSR-SU on Parade 08-01 TCON too Stuart Hayhurst has found that both at bootup and fullscreen VA-API video is leading to black screens for around 1 second and kernel WARNING [1] traces when calling dmub_psr_enable() with Parade 08-01 TCON. ... (cherry picked from commit afb634a6823d8d9db23c5fb04f79c5549349628b) En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: drm/amd/display: Deshabili... • https://git.kernel.org/stable/c/5660bcc4dd533005248577d5042f1c48cce2b443 •
CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 0CVE-2024-50107 – platform/x86/intel/pmc: Fix pmc_core_iounmap to call iounmap for valid addresses
https://notcve.org/view.php?id=CVE-2024-50107
05 Nov 2024 — In the Linux kernel, the following vulnerability has been resolved: platform/x86/intel/pmc: Fix pmc_core_iounmap to call iounmap for valid addresses Commit 50c6dbdfd16e ("x86/ioremap: Improve iounmap() address range checks") introduces a WARN when adrress ranges of iounmap are invalid. ... __pfx_init_module_from_file+0x10/0 ---truncated--- En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: platform/x86/intel/pmc: Corregir pmc_core_iounmap para llamar a iounmap para direcciones ... • https://git.kernel.org/stable/c/a01486dc4bb17de976c6d0a4b1ad5f8106525dfb •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2024-50106 – nfsd: fix race between laundromat and free_stateid
https://notcve.org/view.php?id=CVE-2024-50106
05 Nov 2024 — In the Linux kernel, the following vulnerability has been resolved: nfsd: fix race between laundromat and free_stateid There is a race between laundromat handling of revoked delegations and a client sending free_stateid operation. In the Linux kernel, the following vulnerability has been resolved: nfsd: fix race between laundromat and free_stateid There is a race between laundromat handling of revoked delegations and a client sending free_stateid operation. ... En el kernel de Linux, se... • https://git.kernel.org/stable/c/83e733161fde43e2f99cefa68e369944460fce39 • CWE-416: Use After Free •
CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 0CVE-2024-50105 – ASoC: qcom: sc7280: Fix missing Soundwire runtime stream alloc
https://notcve.org/view.php?id=CVE-2024-50105
05 Nov 2024 — In the Linux kernel, the following vulnerability has been resolved: ASoC: qcom: sc7280: Fix missing Soundwire runtime stream alloc Commit 15c7fab0e047 ("ASoC: qcom: Move Soundwire runtime stream alloc to soundcards") moved the allocation of Soundwire stream runtime from the Qualcomm Soundwire driver to each individual machine sound card driver, except that it forgot to update SC7280 card. In the Linux kernel, the following vulnerability has been resolved: ASoC: qcom: sc7280: Fix missing Soundw... • https://git.kernel.org/stable/c/15c7fab0e0477d7d7185eac574ca43c15b59b015 •
CVSS: 7.1EPSS: 0%CPEs: 2EXPL: 0CVE-2024-50104 – ASoC: qcom: sdm845: add missing soundwire runtime stream alloc
https://notcve.org/view.php?id=CVE-2024-50104
05 Nov 2024 — In the Linux kernel, the following vulnerability has been resolved: ASoC: qcom: sdm845: add missing soundwire runtime stream alloc During the migration of Soundwire runtime stream allocation from the Qualcomm Soundwire controller to SoC's soundcard drivers the sdm845 soundcard was forgotten. ... <-- offset 0x44 ^^^ This is 0x6108 + offset 0x44 from the beginning of sdw_stream_add_slave() where data abort happens. wsa881x_hw_params() is called with stream = NULL and passes it further in register x4 (5... • https://git.kernel.org/stable/c/15c7fab0e0477d7d7185eac574ca43c15b59b015 •
CVSS: 5.5EPSS: 0%CPEs: 6EXPL: 0CVE-2024-50103 – ASoC: qcom: Fix NULL Dereference in asoc_qcom_lpass_cpu_platform_probe()
https://notcve.org/view.php?id=CVE-2024-50103
05 Nov 2024 — In the Linux kernel, the following vulnerability has been resolved: ASoC: qcom: Fix NULL Dereference in asoc_qcom_lpass_cpu_platform_probe() A devm_kzalloc() in asoc_qcom_lpass_cpu_platform_probe() could possibly return NULL pointer. In the Linux kernel, the following vulnerability has been resolved: ASoC: qcom: Fix NULL Dereference in asoc_qcom_lpass_cpu_platform_probe() A devm_kzalloc() in asoc_qcom_lpass_cpu_platform_probe() could possibly return NULL pointer. ... En el kernel de Linux