CVSS: -EPSS: 0%CPEs: 9EXPL: 0CVE-2024-53103 – hv_sock: Initializing vsk->trans to NULL to prevent a dangling pointer
https://notcve.org/view.php?id=CVE-2024-53103
In the Linux kernel, the following vulnerability has been resolved: hv_sock: Initializing vsk->trans to NULL to prevent a dangling pointer When hvs is released, there is a possibility that vsk->trans may not be initialized to NULL, which could lead to a dangling pointer. This issue is resolved by initializing vsk->trans to NULL. En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: hv_sock: inicialización de vsk->trans en NULL para evitar un puntero colgante. Cuando se lanza hvs, existe la posibilidad de que vsk->trans no se inicialice en NULL, lo que podría provocar un puntero colgante. Este problema se resuelve inicializando vsk->trans en NULL. • https://git.kernel.org/stable/c/ae0078fcf0a5eb3a8623bfb5f988262e0911fdb9 https://git.kernel.org/stable/c/285266ef92f7b4bf7d26e1e95e215ce6a6badb4a https://git.kernel.org/stable/c/4fe1d42f2acc463b733bb42e3f8e67dbc2a0eb2d https://git.kernel.org/stable/c/414476c4fb11be070c09ab8f3e75c9ee324a108a https://git.kernel.org/stable/c/7cf25987820350cb950856c71b409e5b6eed52bd https://git.kernel.org/stable/c/98d8dde9232250a57ad5ef16479bf6a349e09b80 https://git.kernel.org/stable/c/4bdc5a62c6e50600d8a1c3e18fd6dce0c27c9497 https://git.kernel.org/stable/c/e0fe3392371293175f25028020ded5267 •
CVSS: -EPSS: 0%CPEs: 8EXPL: 0CVE-2024-53101 – fs: Fix uninitialized value issue in from_kuid and from_kgid
https://notcve.org/view.php?id=CVE-2024-53101
In the Linux kernel, the following vulnerability has been resolved: fs: Fix uninitialized value issue in from_kuid and from_kgid ocfs2_setattr() uses attr->ia_mode, attr->ia_uid and attr->ia_gid in a trace point even though ATTR_MODE, ATTR_UID and ATTR_GID aren't set. Initialize all fields of newattrs to avoid uninitialized variables, by checking if ATTR_MODE, ATTR_UID, ATTR_GID are initialized, otherwise 0. • https://git.kernel.org/stable/c/a0c77e5e3dcbffc7c6080ccc89c037f0c86496cf https://git.kernel.org/stable/c/17ecb40c5cc7755a321fb6148cba5797431ee5b8 https://git.kernel.org/stable/c/9db25c2b41c34963c3ccf473b08171f87670652e https://git.kernel.org/stable/c/b3e612bd8f64ce62e731e95f635e06a2efe3c80c https://git.kernel.org/stable/c/5a72b0d3497b818d8f000c347a7c11801eb27bfc https://git.kernel.org/stable/c/1cb5bfc5bfc651982b6203c224d49b7ddacf28bc https://git.kernel.org/stable/c/1c28bca1256aecece6e94b26b85cd07e08b0dc90 https://git.kernel.org/stable/c/15f34347481648a567db67fb473c23bef •
CVSS: -EPSS: 0%CPEs: 4EXPL: 0CVE-2024-53100 – nvme: tcp: avoid race between queue_lock lock and destroy
https://notcve.org/view.php?id=CVE-2024-53100
In the Linux kernel, the following vulnerability has been resolved: nvme: tcp: avoid race between queue_lock lock and destroy Commit 76d54bf20cdc ("nvme-tcp: don't access released socket during error recovery") added a mutex_lock() call for the queue->queue_lock in nvme_tcp_get_address(). However, the mutex_lock() races with mutex_destroy() in nvme_tcp_free_queue(), and causes the WARN below. DEBUG_LOCKS_WARN_ON(lock->magic != lock) WARNING: CPU: 3 PID: 34077 at kernel/locking/mutex.c:587 __mutex_lock+0xcf0/0x1220 Modules linked in: nvmet_tcp nvmet nvme_tcp nvme_fabrics iw_cm ib_cm ib_core pktcdvd nft_fib_inet nft_fib_ipv4 nft_fib_ipv6 nft_fib nft_reject_inet nf_reject_ipv4 nf_reject_ipv6 nft_reject nft_ct nft_chain_nat nf_nat nf_conntrack nf_defrag_ipv6 nf_defrag_ipv4 ip_set nf_tables qrtr sunrpc ppdev 9pnet_virtio 9pnet pcspkr netfs parport_pc parport e1000 i2c_piix4 i2c_smbus loop fuse nfnetlink zram bochs drm_vram_helper drm_ttm_helper ttm drm_kms_helper xfs drm sym53c8xx floppy nvme scsi_transport_spi nvme_core nvme_auth serio_raw ata_generic pata_acpi dm_multipath qemu_fw_cfg [last unloaded: ib_uverbs] CPU: 3 UID: 0 PID: 34077 Comm: udisksd Not tainted 6.11.0-rc7 #319 Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.16.3-2.fc40 04/01/2014 RIP: 0010:__mutex_lock+0xcf0/0x1220 Code: 08 84 d2 0f 85 c8 04 00 00 8b 15 ef b6 c8 01 85 d2 0f 85 78 f4 ff ff 48 c7 c6 20 93 ee af 48 c7 c7 60 91 ee af e8 f0 a7 6d fd <0f> 0b e9 5e f4 ff ff 48 b8 00 00 00 00 00 fc ff df 4c 89 f2 48 c1 RSP: 0018:ffff88811305f760 EFLAGS: 00010286 RAX: 0000000000000000 RBX: ffff88812c652058 RCX: 0000000000000000 RDX: 0000000000000000 RSI: 0000000000000004 RDI: 0000000000000001 RBP: ffff88811305f8b0 R08: 0000000000000001 R09: ffffed1075c36341 R10: ffff8883ae1b1a0b R11: 0000000000010498 R12: 0000000000000000 R13: 0000000000000000 R14: dffffc0000000000 R15: ffff88812c652058 FS: 00007f9713ae4980(0000) GS:ffff8883ae180000(0000) knlGS:0000000000000000 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: 00007fcd78483c7c CR3: 0000000122c38000 CR4: 00000000000006f0 DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 Call Trace: <TASK> ? __warn.cold+0x5b/0x1af ? __mutex_lock+0xcf0/0x1220 ? • https://git.kernel.org/stable/c/4f946479b326a3cbb193f2b8368aed9269514c35 https://git.kernel.org/stable/c/975cb1d2121511584695d0e47fdb90e6782da007 https://git.kernel.org/stable/c/e15cebc1b21856944b387f4abd03b66bd3d4f027 https://git.kernel.org/stable/c/782373ba27660ba7d330208cf5509ece6feb4545 •
CVSS: -EPSS: 0%CPEs: 3EXPL: 0CVE-2024-53099 – bpf: Check validity of link->type in bpf_link_show_fdinfo()
https://notcve.org/view.php?id=CVE-2024-53099
In the Linux kernel, the following vulnerability has been resolved: bpf: Check validity of link->type in bpf_link_show_fdinfo() If a newly-added link type doesn't invoke BPF_LINK_TYPE(), accessing bpf_link_type_strs[link->type] may result in an out-of-bounds access. To spot such missed invocations early in the future, checking the validity of link->type in bpf_link_show_fdinfo() and emitting a warning when such invocations are missed. • https://git.kernel.org/stable/c/d5092b0a1aaf35d77ebd8d33384d7930bec5cb5d https://git.kernel.org/stable/c/b3eb1b6a9f745d6941b345f0fae014dc8bb06d36 https://git.kernel.org/stable/c/8421d4c8762bd022cb491f2f0f7019ef51b4f0a7 •
CVSS: -EPSS: 0%CPEs: 2EXPL: 0CVE-2024-53098 – drm/xe/ufence: Prefetch ufence addr to catch bogus address
https://notcve.org/view.php?id=CVE-2024-53098
In the Linux kernel, the following vulnerability has been resolved: drm/xe/ufence: Prefetch ufence addr to catch bogus address access_ok() only checks for addr overflow so also try to read the addr to catch invalid addr sent from userspace. (cherry picked from commit 9408c4508483ffc60811e910a93d6425b8e63928) • https://git.kernel.org/stable/c/dd08ebf6c3525a7ea2186e636df064ea47281987 https://git.kernel.org/stable/c/5d623ffbae96b23f1fc43a3d5a267aabdb07583d https://git.kernel.org/stable/c/9c1813b3253480b30604c680026c7dc721ce86d1 •