CVE-2024-46865 – fou: fix initialization of grc
https://notcve.org/view.php?id=CVE-2024-46865
In the Linux kernel, the following vulnerability has been resolved: fou: fix initialization of grc The grc must be initialize first. There can be a condition where if fou is NULL, goto out will be executed and grc would be used uninitialized. • https://git.kernel.org/stable/c/231c235d2f7a66f018f172e26ffd47c363f244ef https://git.kernel.org/stable/c/4494bccb52ffda22ce5a1163a776d970e6229e08 https://git.kernel.org/stable/c/d7567f098f54cb53ee3cee1c82e3d0ed9698b6b3 https://git.kernel.org/stable/c/1df42be305fe478ded1ee0c1d775f4ece713483b https://git.kernel.org/stable/c/c46cd6aaca81040deaea3500ba75126963294bd9 https://git.kernel.org/stable/c/392f6a97fcbecc64f0c00058b2db5bb0e4b8cc3e https://git.kernel.org/stable/c/16ff0895283058b0f96d4fe277aa25ee096f0ea8 https://git.kernel.org/stable/c/5d537b8d900514509622ce92330b70d2e •
CVE-2024-46864 – x86/hyperv: fix kexec crash due to VP assist page corruption
https://notcve.org/view.php?id=CVE-2024-46864
In the Linux kernel, the following vulnerability has been resolved: x86/hyperv: fix kexec crash due to VP assist page corruption commit 9636be85cc5b ("x86/hyperv: Fix hyperv_pcpu_input_arg handling when CPUs go online/offline") introduces a new cpuhp state for hyperv initialization. cpuhp_setup_state() returns the state number if state is CPUHP_AP_ONLINE_DYN or CPUHP_BP_PREPARE_DYN and 0 for all other states. For the hyperv case, since a new cpuhp state was introduced it would return 0. However, in hv_machine_shutdown(), the cpuhp_remove_state() call is conditioned upon "hyperv_init_cpuhp > 0". This will never be true and so hv_cpu_die() won't be called on all CPUs. This means the VP assist page won't be reset. When the kexec kernel tries to setup the VP assist page again, the hypervisor corrupts the memory region of the old VP assist page causing a panic in case the kexec kernel is using that memory elsewhere. This was originally fixed in commit dfe94d4086e4 ("x86/hyperv: Fix kexec panic/hang issues"). Get rid of hyperv_init_cpuhp entirely since we are no longer using a dynamic cpuhp state and use CPUHP_AP_HYPERV_ONLINE directly with cpuhp_remove_state(). • https://git.kernel.org/stable/c/9636be85cc5bdd8b7a7f6a53405cbcc52161c93c https://git.kernel.org/stable/c/2ae1beb3ab4f28868cc5d1541d05e1fbee3ad825 https://git.kernel.org/stable/c/d6f018a3b49d0a94ddbd0e479c2af6b19724e434 https://git.kernel.org/stable/c/b9af6418279c4cf73ca073f8ea024992b38be8ab •
CVE-2024-46863 – ASoC: Intel: soc-acpi-intel-lnl-match: add missing empty item
https://notcve.org/view.php?id=CVE-2024-46863
In the Linux kernel, the following vulnerability has been resolved: ASoC: Intel: soc-acpi-intel-lnl-match: add missing empty item There is no links_num in struct snd_soc_acpi_mach {}, and we test !link->num_adr as a condition to end the loop in hda_sdw_machine_select(). So an empty item in struct snd_soc_acpi_link_adr array is required. • https://git.kernel.org/stable/c/dd3bd9dc47084195fcb3c1b371cb03046abb13ab https://git.kernel.org/stable/c/8eb57389d8ad91c67bf844f5aae4caef74b9091b https://git.kernel.org/stable/c/c4246f1fe9f24f8dcd97887ed67d8fcfd91f4796 •
CVE-2024-46862 – ASoC: Intel: soc-acpi-intel-mtl-match: add missing empty item
https://notcve.org/view.php?id=CVE-2024-46862
In the Linux kernel, the following vulnerability has been resolved: ASoC: Intel: soc-acpi-intel-mtl-match: add missing empty item There is no links_num in struct snd_soc_acpi_mach {}, and we test !link->num_adr as a condition to end the loop in hda_sdw_machine_select(). So an empty item in struct snd_soc_acpi_link_adr array is required. • https://git.kernel.org/stable/c/f77ae7fcdc47630eb7653983f3c57ac44103aebc https://git.kernel.org/stable/c/01281a9e8275946aa725db0919769b8d35af3a11 https://git.kernel.org/stable/c/bf6d7a44a144aa9c476dee83c23faf3151181bab •
CVE-2024-46861 – usbnet: ipheth: do not stop RX on failing RX callback
https://notcve.org/view.php?id=CVE-2024-46861
In the Linux kernel, the following vulnerability has been resolved: usbnet: ipheth: do not stop RX on failing RX callback RX callbacks can fail for multiple reasons: * Payload too short * Payload formatted incorrecly (e.g. bad NCM framing) * Lack of memory None of these should cause the driver to seize up. Make such failures non-critical and continue processing further incoming URBs. • https://git.kernel.org/stable/c/4d1cfa3afb8627435744ecdc6d8b58bc72ee0f4c https://git.kernel.org/stable/c/08ca800b0cd56d5e26722f68b18bbbf6840bf44b https://git.kernel.org/stable/c/74efed51e0a4d62f998f806c307778b47fc73395 •