CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 0CVE-2024-46736 – smb: client: fix double put of @cfile in smb2_rename_path()
https://notcve.org/view.php?id=CVE-2024-46736
18 Sep 2024 — In the Linux kernel, the following vulnerability has been resolved: smb: client: fix double put of @cfile in smb2_rename_path() If smb2_set_path_attr() is called with a valid @cfile and returned -EINVAL, we need to call cifs_get_writable_path() again as the reference of @cfile was already dropped by previous smb2_compound_op() call. In the Linux kernel, the following vulnerability has been resolved: smb: client: fix double put of @cfile in smb2_rename_path() If smb2_set_path_attr() is called with a valid @c... • https://git.kernel.org/stable/c/1e60bc0e954389af82f1d9a85f13a63f6572350f •
CVSS: 5.5EPSS: 0%CPEs: 4EXPL: 0CVE-2024-46735 – ublk_drv: fix NULL pointer dereference in ublk_ctrl_start_recovery()
https://notcve.org/view.php?id=CVE-2024-46735
18 Sep 2024 — In the Linux kernel, the following vulnerability has been resolved: ublk_drv: fix NULL pointer dereference in ublk_ctrl_start_recovery() When two UBLK_CMD_START_USER_RECOVERY commands are submitted, the first one sets 'ubq->ubq_daemon' to NULL, and the second one triggers WARN in ublk_queue_reinit() and subsequently a NULL pointer dereference issue. Fix it by adding the check in ublk_ctrl_start_recovery() and return immediately in case of zero 'ub->nr_queues_ready'. BUG: kernel NULL pointer dereference, add... • https://git.kernel.org/stable/c/c732a852b419fa057b53657e2daaf9433940391c •
CVSS: 4.7EPSS: 0%CPEs: 4EXPL: 0CVE-2024-46734 – btrfs: fix race between direct IO write and fsync when using same fd
https://notcve.org/view.php?id=CVE-2024-46734
18 Sep 2024 — In the Linux kernel, the following vulnerability has been resolved: btrfs: fix race between direct IO write and fsync when using same fd If we have 2 threads that are using the same file descriptor and one of them is doing direct IO writes while the other is doing fsync, we have a race where we can end up either: 1) Attempt a fsync without holding the inode's lock, triggering an assertion failures when assertions are enabled; 2) Do an invalid memory access from the fsync task because the file private points... • https://git.kernel.org/stable/c/4e17707035a65f6e5b2a4d987a308cf8ed8c5ad1 •
CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 0CVE-2024-46733 – btrfs: fix qgroup reserve leaks in cow_file_range
https://notcve.org/view.php?id=CVE-2024-46733
18 Sep 2024 — In the Linux kernel, the following vulnerability has been resolved: btrfs: fix qgroup reserve leaks in cow_file_range In the buffered write path, the dirty page owns the qgroup reserve until it creates an ordered_extent. Therefore, any errors that occur before the ordered_extent is created must free that reservation, or else the space is leaked. The fstest generic/475 exercises various IO error paths, and is able to trigger errors in cow_file_range where we fail to get to allocating the ordered extent. Note... • https://git.kernel.org/stable/c/e42ef22bc10f0309c0c65d8d6ca8b4127a674b7f •
CVSS: 5.5EPSS: 0%CPEs: 5EXPL: 0CVE-2024-46732 – drm/amd/display: Assign linear_pitch_alignment even for VM
https://notcve.org/view.php?id=CVE-2024-46732
18 Sep 2024 — In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Assign linear_pitch_alignment even for VM [Description] Assign linear_pitch_alignment so we don't cause a divide by 0 error in VM environments In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Assign linear_pitch_alignment even for VM [Description] Assign linear_pitch_alignment so we don't cause a divide by 0 error in VM environments Ubuntu Security Notice 7144-1 - Supraja Sridhara, Benedi... • https://git.kernel.org/stable/c/4bd7710f2fecfc5fb2dda1ca2adc69db8a66b8b6 •
CVSS: 7.1EPSS: 0%CPEs: 6EXPL: 0CVE-2024-46731 – drm/amd/pm: fix the Out-of-bounds read warning
https://notcve.org/view.php?id=CVE-2024-46731
18 Sep 2024 — In the Linux kernel, the following vulnerability has been resolved: drm/amd/pm: fix the Out-of-bounds read warning using index i - 1U may beyond element index for mc_data[] when i = 0. In the Linux kernel, the following vulnerability has been resolved: drm/amd/pm: fix the Out-of-bounds read warning using index i - 1U may beyond element index for mc_data[] when i = 0. Ubuntu Security Notice 7156-1 - Chenyuan Yang discovered that the USB Gadget subsystem in the Linux kernel did not properly check for the devi... • https://git.kernel.org/stable/c/38e32a0d837443c91c4b615a067b976cfb925376 •
CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 0CVE-2024-46730 – drm/amd/display: Ensure array index tg_inst won't be -1
https://notcve.org/view.php?id=CVE-2024-46730
18 Sep 2024 — In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Ensure array index tg_inst won't be -1 [WHY & HOW] tg_inst will be a negative if timing_generator_count equals 0, which should be checked before used. This fixes 2 OVERRUN issues reported by Coverity. In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Ensure array index tg_inst won't be -1 [WHY & HOW] tg_inst will be a negative if timing_generator_count equals 0, which should be checked bef... • https://git.kernel.org/stable/c/a64284b9e1999ad5580debced4bc6d6adb28aad4 •
CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 0CVE-2024-46729 – drm/amd/display: Fix incorrect size calculation for loop
https://notcve.org/view.php?id=CVE-2024-46729
18 Sep 2024 — In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Fix incorrect size calculation for loop [WHY] fe_clk_en has size of 5 but sizeof(fe_clk_en) has byte size 20 which is lager than the array size. [HOW] Divide byte size 20 by its element size. This fixes 2 OVERRUN issues reported by Coverity. In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Fix incorrect size calculation for loop [WHY] fe_clk_en has size of 5 but sizeof(fe_clk_en) has byte... • https://git.kernel.org/stable/c/712be65b3b372a82bff0865b9c090147764bf1c4 •
CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 0CVE-2024-46728 – drm/amd/display: Check index for aux_rd_interval before using
https://notcve.org/view.php?id=CVE-2024-46728
18 Sep 2024 — In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Check index for aux_rd_interval before using aux_rd_interval has size of 7 and should be checked. This fixes 3 OVERRUN and 1 INTEGER_OVERFLOW issues reported by Coverity. Ubuntu Security Notice 7154-1 - Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. • https://git.kernel.org/stable/c/48e0b68e2360b16edf2a0bae05c0051c00fbb48a •
CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 0CVE-2024-46727 – drm/amd/display: Add otg_master NULL check within resource_log_pipe_topology_update
https://notcve.org/view.php?id=CVE-2024-46727
18 Sep 2024 — In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Add otg_master NULL check within resource_log_pipe_topology_update [Why] Coverity reports NULL_RETURN warning. [How] Add otg_master NULL check. In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Add otg_master NULL check within resource_log_pipe_topology_update [Why] Coverity reports NULL_RETURN warning. [How] Add otg_master NULL check. Ubuntu Security Notice 7156-1 - Chenyuan Yang discover... • https://git.kernel.org/stable/c/aad4d3d3d3b6a362bf5db11e1f28c4a60620900d •