CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 0CVE-2024-35942 – pmdomain: imx8mp-blk-ctrl: imx8mp_blk: Add fdcc clock to hdmimix domain
https://notcve.org/view.php?id=CVE-2024-35942
19 May 2024 — In the Linux kernel, the following vulnerability has been resolved: pmdomain: imx8mp-blk-ctrl: imx8mp_blk: Add fdcc clock to hdmimix domain According to i.MX8MP RM and HDMI ADD, the fdcc clock is part of hdmi rx verification IP that should not enable for HDMI TX. But actually if the clock is disabled before HDMI/LCDIF probe, LCDIF will not get pixel clock from HDMI PHY and print the error logs: [CRTC:39:crtc-2] vblank wait timed out WARNING: CPU: 2 PID: 9 at drivers/gpu/drm/drm_atomic_helper.c:1634 drm_a... • https://git.kernel.org/stable/c/9d3f959b426635c4da50dfc7b1306afd84d23e7c •
CVSS: 5.5EPSS: 0%CPEs: 6EXPL: 0CVE-2024-35940 – pstore/zone: Add a null pointer check to the psz_kmsg_read
https://notcve.org/view.php?id=CVE-2024-35940
19 May 2024 — In the Linux kernel, the following vulnerability has been resolved: pstore/zone: Add a null pointer check to the psz_kmsg_read kasprintf() returns a pointer to dynamically allocated memory which can be NULL upon failure. Ensure the allocation was successful by checking the pointer validity. En el kernel de Linux, se resolvió la siguiente vulnerabilidad: pstore/zone: agregue una verificación de puntero null a psz_kmsg_read kasprintf() devuelve un puntero a la memoria asignada dinámicamente que puede ser NU... • https://git.kernel.org/stable/c/98e2b97acb875d65bdfc75fc408e67975cef3041 • CWE-476: NULL Pointer Dereference •
CVSS: 5.5EPSS: 0%CPEs: 4EXPL: 0CVE-2024-35939 – dma-direct: Leak pages on dma_set_decrypted() failure
https://notcve.org/view.php?id=CVE-2024-35939
19 May 2024 — In the Linux kernel, the following vulnerability has been resolved: dma-direct: Leak pages on dma_set_decrypted() failure On TDX it is possible for the untrusted host to cause set_memory_encrypted() or set_memory_decrypted() to fail such that an error is returned and the resulting memory is shared. Callers need to take care to handle these errors to avoid returning decrypted (shared) memory to the page allocator, which could lead to functional or security issues. DMA could free decrypted/shared pages if ... • https://git.kernel.org/stable/c/4e0cfb25d49da2e6261ad582f58ffa5b5dd8c8e9 •
CVSS: 5.8EPSS: 0%CPEs: 4EXPL: 0CVE-2024-35937 – wifi: cfg80211: check A-MSDU format more carefully
https://notcve.org/view.php?id=CVE-2024-35937
19 May 2024 — In the Linux kernel, the following vulnerability has been resolved: wifi: cfg80211: check A-MSDU format more carefully If it looks like there's another subframe in the A-MSDU but the header isn't fully there, we can end up reading data out of bounds, only to discard later. Make this a bit more careful and check if the subframe header can even be present. En el kernel de Linux se ha resuelto la siguiente vulnerabilidad: wifi: cfg80211: comprueba más detenidamente el formato A-MSDU Si parece que hay otra su... • https://git.kernel.org/stable/c/9eb3bc0973d084423a6df21cf2c74692ff05647e •
CVSS: -EPSS: 0%CPEs: 8EXPL: 0CVE-2024-35936 – btrfs: handle chunk tree lookup error in btrfs_relocate_sys_chunks()
https://notcve.org/view.php?id=CVE-2024-35936
19 May 2024 — In the Linux kernel, the following vulnerability has been resolved: btrfs: handle chunk tree lookup error in btrfs_relocate_sys_chunks() The unhandled case in btrfs_relocate_sys_chunks() loop is a corruption, as it could be caused only by two impossible conditions: - at first the search key is set up to look for a chunk tree item, with offset -1, this is an inexact search and the key->offset will contain the correct offset upon a successful search, a valid chunk tree item cannot have an offset -1 ... • https://git.kernel.org/stable/c/bebd9e0ff90034875c5dfe4bd514fd7055fc7a89 •
CVSS: -EPSS: 0%CPEs: 8EXPL: 0CVE-2024-35935 – btrfs: send: handle path ref underflow in header iterate_inode_ref()
https://notcve.org/view.php?id=CVE-2024-35935
19 May 2024 — In the Linux kernel, the following vulnerability has been resolved: btrfs: send: handle path ref underflow in header iterate_inode_ref() Change BUG_ON to proper error handling if building the path buffer fails. The pointers are not printed so we don't accidentally leak kernel addresses. En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: btrfs: enviar: manejar el desbordamiento de la referencia de ruta en el encabezado iterate_inode_ref() Cambie BUG_ON al manejo adecuado de errores si falla... • https://git.kernel.org/stable/c/be2b6bcc936ae17f42fff6494106a5660b35d8d3 •
CVSS: -EPSS: 0%CPEs: 6EXPL: 0CVE-2024-35934 – net/smc: reduce rtnl pressure in smc_pnet_create_pnetids_list()
https://notcve.org/view.php?id=CVE-2024-35934
19 May 2024 — In the Linux kernel, the following vulnerability has been resolved: net/smc: reduce rtnl pressure in smc_pnet_create_pnetids_list() Many syzbot reports show extreme rtnl pressure, and many of them hint that smc acquires rtnl in netns creation for no good reason [1] This patch returns early from smc_pnet_net_init() if there is no netdevice yet. I am not even sure why smc_pnet_create_pnetids_list() even exists, because smc_pnet_netdev_event() is also calling smc_pnet_add_base_pnetid() when handling NETDEV... • https://git.kernel.org/stable/c/bc4d1ebca11b4f194e262326bd45938e857c59d2 •
CVSS: -EPSS: 0%CPEs: 8EXPL: 0CVE-2024-35933 – Bluetooth: btintel: Fix null ptr deref in btintel_read_version
https://notcve.org/view.php?id=CVE-2024-35933
19 May 2024 — In the Linux kernel, the following vulnerability has been resolved: Bluetooth: btintel: Fix null ptr deref in btintel_read_version If hci_cmd_sync_complete() is triggered and skb is NULL, then hdev->req_skb is NULL, which will cause this issue. En el kernel de Linux, se resolvió la siguiente vulnerabilidad: Bluetooth: btintel: corrija el ptr deref nulo en btintel_read_version Si se activa hci_cmd_sync_complete() y skb es NULL, entonces hdev->req_skb es NULL, lo que causará este problema. • https://git.kernel.org/stable/c/ec2049fb2b8be3e108fe2ef1f1040f91e72c9990 •
CVSS: -EPSS: 0%CPEs: 4EXPL: 0CVE-2024-35932 – drm/vc4: don't check if plane->state->fb == state->fb
https://notcve.org/view.php?id=CVE-2024-35932
19 May 2024 — In the Linux kernel, the following vulnerability has been resolved: drm/vc4: don't check if plane->state->fb == state->fb Currently, when using non-blocking commits, we can see the following kernel warning: [ 110.908514] ------------[ cut here ]------------ [ 110.908529] refcount_t: underflow; use-after-free. [ 110.908620] WARNING: CPU: 0 PID: 1866 at lib/refcount.c:87 refcount_dec_not_one+0xb8/0xc0 [ 110.908664] Modules linked in: rfcomm snd_seq_dummy snd_hrtimer snd_seq snd_seq_device cmac algif_ha... • https://git.kernel.org/stable/c/48bfb4b03c5ff6e1fa1dc73fb915e150b0968c40 •
CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 0CVE-2024-35931 – drm/amdgpu: Skip do PCI error slot reset during RAS recovery
https://notcve.org/view.php?id=CVE-2024-35931
19 May 2024 — In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Skip do PCI error slot reset during RAS recovery Why: The PCI error slot reset maybe triggered after inject ue to UMC multi times, this caused system hang. [ 557.371857] amdgpu 0000:af:00.0: amdgpu: GPU reset succeeded, trying to resume [ 557.373718] [drm] PCIE GART of 512M enabled. [ 557.373722] [drm] PTB located at 0x0000031FED700000 [ 557.373788] [drm] VRAM is lost due to GPU reset! [ 557.37... • https://git.kernel.org/stable/c/395ca1031acf89d8ecb26127c544a71688d96f35 •