CVSS: -EPSS: %CPEs: 6EXPL: 0CVE-2024-56708 – EDAC/igen6: Avoid segmentation fault on module unload
https://notcve.org/view.php?id=CVE-2024-56708
In the Linux kernel, the following vulnerability has been resolved: EDAC/igen6: Avoid segmentation fault on module unload The segmentation fault happens because: During modprobe: 1. In igen6_probe(), igen6_pvt will be allocated with kzalloc() 2. In igen6_register_mci(), mci->pvt_info will point to &igen6_pvt->imc[mc] During rmmod: 1. In mci_release() in edac_mc.c, it will kfree(mci->pvt_info) 2. In igen6_remove(), it will kfree(igen6_pvt); Fix this issue by setting mci->pvt_info to NULL to avoid the double kfree. • https://git.kernel.org/stable/c/10590a9d4f23e0a519730d79d39331df60ad2079 https://git.kernel.org/stable/c/029ac07bb92d2f7502d47a4916f197a8445d83bf https://git.kernel.org/stable/c/2a80e710bbc088a2511c159ee4d910456c5f0832 https://git.kernel.org/stable/c/830cabb61113d92a425dd3038ccedbdfb3c8d079 https://git.kernel.org/stable/c/e5c7052664b61f9e2f896702d20552707d0ef60a https://git.kernel.org/stable/c/db60326f2c47b079e36785ace621eb3002db2088 https://git.kernel.org/stable/c/fefaae90398d38a1100ccd73b46ab55ff4610fba •
CVSS: -EPSS: %CPEs: 7EXPL: 0CVE-2024-56705 – media: atomisp: Add check for rgby_data memory allocation failure
https://notcve.org/view.php?id=CVE-2024-56705
In the Linux kernel, the following vulnerability has been resolved: media: atomisp: Add check for rgby_data memory allocation failure In ia_css_3a_statistics_allocate(), there is no check on the allocation result of the rgby_data memory. If rgby_data is not successfully allocated, it may trigger the assert(host_stats->rgby_data) assertion in ia_css_s3a_hmem_decode(). Adding a check to fix this potential issue. • https://git.kernel.org/stable/c/a49d25364dfb9f8a64037488a39ab1f56c5fa419 https://git.kernel.org/stable/c/0c24b82bc4d12c6a58ceacbf2598cd4df63abf9a https://git.kernel.org/stable/c/4676e50444046b498555b849e6080a5c78cdda9b https://git.kernel.org/stable/c/02a97d9d7ff605fa4a1f908d1bd3ad8573234b61 https://git.kernel.org/stable/c/8066badaf7463194473fb4be19dbe50b11969aa0 https://git.kernel.org/stable/c/74aa783682c4d78c69d87898e40c78df1fec204e https://git.kernel.org/stable/c/0c25ab93f2878cab07d37ca5afd302283201e5af https://git.kernel.org/stable/c/ed61c59139509f76d3592683c90dc3fdc •
CVSS: -EPSS: %CPEs: 9EXPL: 0CVE-2024-56704 – 9p/xen: fix release of IRQ
https://notcve.org/view.php?id=CVE-2024-56704
In the Linux kernel, the following vulnerability has been resolved: 9p/xen: fix release of IRQ Kernel logs indicate an IRQ was double-freed. Pass correct device ID during IRQ release. [Dominique: remove confusing variable reset to 0] • https://git.kernel.org/stable/c/71ebd71921e451f0f942ddfe85d01e31ddc6eb88 https://git.kernel.org/stable/c/692eb06703afc3e24d889d77e94a0e20229f6a4a https://git.kernel.org/stable/c/d74b4b297097bd361b8a9abfde9b521ff464ea9c https://git.kernel.org/stable/c/7f5a2ed5c1810661e6b03f5a4ebf17682cdea850 https://git.kernel.org/stable/c/4950408793b118cb8075bcee1f033b543fb719fa https://git.kernel.org/stable/c/b9e26059664bd9ebc64a0e8f5216266fc9f84265 https://git.kernel.org/stable/c/2bb3ee1bf237557daea1d58007d2e1d4a6502ccf https://git.kernel.org/stable/c/d888f5f5d76b2722c267e6bdf51d445d6 •
CVSS: -EPSS: %CPEs: 3EXPL: 0CVE-2024-56703 – ipv6: Fix soft lockups in fib6_select_path under high next hop churn
https://notcve.org/view.php?id=CVE-2024-56703
In the Linux kernel, the following vulnerability has been resolved: ipv6: Fix soft lockups in fib6_select_path under high next hop churn Soft lockups have been observed on a cluster of Linux-based edge routers located in a highly dynamic environment. Using the `bird` service, these routers continuously update BGP-advertised routes due to frequently changing nexthop destinations, while also managing significant IPv6 traffic. The lockups occur during the traversal of the multipath circular linked-list in the `fib6_select_path` function, particularly while iterating through the siblings in the list. The issue typically arises when the nodes of the linked list are unexpectedly deleted concurrently on a different core—indicated by their 'next' and 'previous' elements pointing back to the node itself and their reference count dropping to zero. This results in an infinite loop, leading to a soft lockup that triggers a system panic via the watchdog timer. Apply RCU primitives in the problematic code sections to resolve the issue. • https://git.kernel.org/stable/c/66f5d6ce53e665477d2a33e8f539d4fa4ca81c83 https://git.kernel.org/stable/c/11edcd026012ac18acee0f1514db3ed1b160fc6f https://git.kernel.org/stable/c/34a949e7a0869dfa31a40416d2a56973fae1807b https://git.kernel.org/stable/c/d9ccb18f83ea2bb654289b6ecf014fd267cc988b •
CVSS: -EPSS: %CPEs: 7EXPL: 0CVE-2024-56701 – powerpc/pseries: Fix dtl_access_lock to be a rw_semaphore
https://notcve.org/view.php?id=CVE-2024-56701
In the Linux kernel, the following vulnerability has been resolved: powerpc/pseries: Fix dtl_access_lock to be a rw_semaphore The dtl_access_lock needs to be a rw_sempahore, a sleeping lock, because the code calls kmalloc() while holding it, which can sleep: # echo 1 > /proc/powerpc/vcpudispatch_stats BUG: sleeping function called from invalid context at include/linux/sched/mm.h:337 in_atomic(): 1, irqs_disabled(): 0, non_block: 0, pid: 199, name: sh preempt_count: 1, expected: 0 3 locks held by sh/199: #0: c00000000a0743f8 (sb_writers#3){.+.+}-{0:0}, at: vfs_write+0x324/0x438 #1: c0000000028c7058 (dtl_enable_mutex){+.+.}-{3:3}, at: vcpudispatch_stats_write+0xd4/0x5f4 #2: c0000000028c70b8 (dtl_access_lock){+.+.}-{2:2}, at: vcpudispatch_stats_write+0x220/0x5f4 CPU: 0 PID: 199 Comm: sh Not tainted 6.10.0-rc4 #152 Hardware name: IBM pSeries (emulated by qemu) POWER9 (raw) 0x4e1202 0xf000005 of:SLOF,HEAD hv:linux,kvm pSeries Call Trace: dump_stack_lvl+0x130/0x148 (unreliable) __might_resched+0x174/0x410 kmem_cache_alloc_noprof+0x340/0x3d0 alloc_dtl_buffers+0x124/0x1ac vcpudispatch_stats_write+0x2a8/0x5f4 proc_reg_write+0xf4/0x150 vfs_write+0xfc/0x438 ksys_write+0x88/0x148 system_call_exception+0x1c4/0x5a0 system_call_common+0xf4/0x258 • https://git.kernel.org/stable/c/06220d78f24a20549757be1014e57c382406cc92 https://git.kernel.org/stable/c/6956c0e7346ce1bbfc726755aa8da10d26e84276 https://git.kernel.org/stable/c/f6ec133668757f84e5143f1eb141fd0b83778b9e https://git.kernel.org/stable/c/fa5b5ea257135e771b489c83a2e93b5935d0108e https://git.kernel.org/stable/c/a246daa26b717e755ccc9061f47f7cd1c0b358dd https://git.kernel.org/stable/c/b125d0cf1adde7b2b47d7337fed7e9133eea3463 https://git.kernel.org/stable/c/525e18f1ba7c2b098c8ba587fb397efb34a6574c https://git.kernel.org/stable/c/cadae3a45d23aa4f6485938a67cbc47aa •