CVSS: -EPSS: 0%CPEs: 9EXPL: 0CVE-2024-56532 – ALSA: us122l: Use snd_card_free_when_closed() at disconnection
https://notcve.org/view.php?id=CVE-2024-56532
27 Dec 2024 — In the Linux kernel, the following vulnerability has been resolved: ALSA: us122l: Use snd_card_free_when_closed() at disconnection The USB disconnect callback is supposed to be short and not too-long waiting. OTOH, the current code uses snd_card_free() at disconnection, but this waits for the close of all used fds, hence it can take long. It eventually blocks the upper layer USB ioctls, which may trigger a soft lockup. An easy workaround is to replace snd_card_free() with snd_card_free_when_closed(). ... • https://git.kernel.org/stable/c/030a07e441296c372f946cd4065b5d831d8dc40c •
CVSS: -EPSS: 0%CPEs: 9EXPL: 0CVE-2024-56531 – ALSA: caiaq: Use snd_card_free_when_closed() at disconnection
https://notcve.org/view.php?id=CVE-2024-56531
27 Dec 2024 — In the Linux kernel, the following vulnerability has been resolved: ALSA: caiaq: Use snd_card_free_when_closed() at disconnection The USB disconnect callback is supposed to be short and not too-long waiting. OTOH, the current code uses snd_card_free() at disconnection, but this waits for the close of all used fds, hence it can take long. It eventually blocks the upper layer USB ioctls, which may trigger a soft lockup. An easy workaround is to replace snd_card_free() with snd_card_free_when_closed(). T... • https://git.kernel.org/stable/c/523f1dce37434a9a6623bf46e7893e2b4b10ac3c •
CVSS: -EPSS: 0%CPEs: 9EXPL: 0CVE-2024-53239 – ALSA: 6fire: Release resources at card release
https://notcve.org/view.php?id=CVE-2024-53239
27 Dec 2024 — In the Linux kernel, the following vulnerability has been resolved: ALSA: 6fire: Release resources at card release The current 6fire code tries to release the resources right after the call of usb6fire_chip_abort(). But at this moment, the card object might be still in use (as we're calling snd_card_free_when_closed()). For avoid potential UAFs, move the release of resources to the card's private_free instead of the manual call of usb6fire_chip_destroy() at the USB disconnect callback. • https://git.kernel.org/stable/c/c6d43ba816d1cf1d125bfbfc938f2a28a87facf9 •
CVSS: -EPSS: 0%CPEs: 9EXPL: 0CVE-2024-53227 – scsi: bfa: Fix use-after-free in bfad_im_module_exit()
https://notcve.org/view.php?id=CVE-2024-53227
27 Dec 2024 — In the Linux kernel, the following vulnerability has been resolved: scsi: bfa: Fix use-after-free in bfad_im_module_exit() BUG: KASAN: slab-use-after-free in __lock_acquire+0x2aca/0x3a20 Read of size 8 at addr ffff8881082d80c8 by task modprobe/25303 Call Trace:
CVSS: -EPSS: 0%CPEs: 4EXPL: 0CVE-2024-53224 – RDMA/mlx5: Move events notifier registration to be after device registration
https://notcve.org/view.php?id=CVE-2024-53224
27 Dec 2024 — In the Linux kernel, the following vulnerability has been resolved: RDMA/mlx5: Move events notifier registration to be after device registration Move pkey change work initialization and cleanup from device resources stage to notifier stage, since this is the stage which handles this work events. Fix a race between the device deregistration and pkey change work by moving MLX5_IB_STAGE_DEVICE_NOTIFIER to be after MLX5_IB_STAGE_IB_REG in order to ensure that the notifier is deregistered before the device du... • https://git.kernel.org/stable/c/7722f47e71e58592a2ba4437d27c802ba1c64e08 •
CVSS: -EPSS: 0%CPEs: 9EXPL: 0CVE-2024-53217 – NFSD: Prevent NULL dereference in nfsd4_process_cb_update()
https://notcve.org/view.php?id=CVE-2024-53217
27 Dec 2024 — In the Linux kernel, the following vulnerability has been resolved: NFSD: Prevent NULL dereference in nfsd4_process_cb_update() @ses is initialized to NULL. If __nfsd4_find_backchannel() finds no available backchannel session, setup_callback_client() will try to dereference @ses and segfault. • https://git.kernel.org/stable/c/dcbeaa68dbbdacbbb330a86c7fc95a28473fc209 •
CVSS: -EPSS: 0%CPEs: 9EXPL: 0CVE-2024-53214 – vfio/pci: Properly hide first-in-list PCIe extended capability
https://notcve.org/view.php?id=CVE-2024-53214
27 Dec 2024 — In the Linux kernel, the following vulnerability has been resolved: vfio/pci: Properly hide first-in-list PCIe extended capability There are cases where a PCIe extended capability should be hidden from the user. For example, an unknown capability (i.e., capability with ID greater than PCI_EXT_CAP_ID_MAX) or a capability that is intentionally chosen to be hidden from the user. Hiding a capability is done by virtualizing and modifying the 'Next Capability Offset' field of the previous capability so it poin... • https://git.kernel.org/stable/c/89e1f7d4c66d85f42c3d52ea3866eb10cadf6153 •
CVSS: -EPSS: 0%CPEs: 5EXPL: 0CVE-2024-53210 – s390/iucv: MSG_PEEK causes memory leak in iucv_sock_destruct()
https://notcve.org/view.php?id=CVE-2024-53210
27 Dec 2024 — In the Linux kernel, the following vulnerability has been resolved: s390/iucv: MSG_PEEK causes memory leak in iucv_sock_destruct() Passing MSG_PEEK flag to skb_recv_datagram() increments skb refcount (skb->users) and iucv_sock_recvmsg() does not decrement skb refcount at exit. This results in skb memory leak in skb_queue_purge() and WARN_ON in iucv_sock_destruct() during socket close. To fix this decrease skb refcount by one if MSG_PEEK is set in order to prevent memory leak and WARN_ON. WARNING: CPU: 2 ... • https://git.kernel.org/stable/c/eac3731bd04c7131478722a3c148b78774553116 •
CVSS: -EPSS: 0%CPEs: 8EXPL: 0CVE-2024-53198 – xen: Fix the issue of resource not being properly released in xenbus_dev_probe()
https://notcve.org/view.php?id=CVE-2024-53198
27 Dec 2024 — In the Linux kernel, the following vulnerability has been resolved: xen: Fix the issue of resource not being properly released in xenbus_dev_probe() This patch fixes an issue in the function xenbus_dev_probe(). In the xenbus_dev_probe() function, within the if (err) branch at line 313, the program incorrectly returns err directly without releasing the resources allocated by err = drv->probe(dev, id). As the return value is non-zero, the upper layers assume the processing logic has failed. However, the pro... • https://git.kernel.org/stable/c/4bac07c993d03434ea902d3d4290d9e45944b66c •
CVSS: -EPSS: 0%CPEs: 9EXPL: 0CVE-2024-53197 – ALSA: usb-audio: Fix potential out-of-bound accesses for Extigy and Mbox devices
https://notcve.org/view.php?id=CVE-2024-53197
27 Dec 2024 — In the Linux kernel, the following vulnerability has been resolved: ALSA: usb-audio: Fix potential out-of-bound accesses for Extigy and Mbox devices A bogus device can provide a bNumConfigurations value that exceeds the initial value used in usb_get_configuration for allocating dev->config. This can lead to out-of-bounds accesses later, e.g. in usb_destroy_configuration. • https://git.kernel.org/stable/c/1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 •