CVSS: -EPSS: 0%CPEs: 8EXPL: 0CVE-2022-49035 – media: s5p_cec: limit msg.len to CEC_MAX_MSG_SIZE
https://notcve.org/view.php?id=CVE-2022-49035
02 Jan 2025 — In the Linux kernel, the following vulnerability has been resolved: media: s5p_cec: limit msg.len to CEC_MAX_MSG_SIZE I expect that the hardware will have limited this to 16, but just in case it hasn't, check for this corner case. • https://git.kernel.org/stable/c/7ccb40f26cbefa1c6dfd3418bea54c9518cdbd8a •
CVSS: -EPSS: 0%CPEs: 8EXPL: 0CVE-2024-56756 – nvme-pci: fix freeing of the HMB descriptor table
https://notcve.org/view.php?id=CVE-2024-56756
29 Dec 2024 — In the Linux kernel, the following vulnerability has been resolved: nvme-pci: fix freeing of the HMB descriptor table The HMB descriptor table is sized to the maximum number of descriptors that could be used for a given device, but __nvme_alloc_host_mem could break out of the loop earlier on memory allocation failure and end up using less descriptors than planned for, which leads to an incorrect size passed to dma_free_coherent. In practice this was not showing up because the number of descriptors tends ... • https://git.kernel.org/stable/c/87ad72a59a38d1df217cfd95bc222a2edfe5d399 •
CVSS: -EPSS: 0%CPEs: 7EXPL: 0CVE-2024-56754 – crypto: caam - Fix the pointer passed to caam_qi_shutdown()
https://notcve.org/view.php?id=CVE-2024-56754
29 Dec 2024 — In the Linux kernel, the following vulnerability has been resolved: crypto: caam - Fix the pointer passed to caam_qi_shutdown() The type of the last parameter given to devm_add_action_or_reset() is "struct caam_drv_private *", but in caam_qi_shutdown(), it is casted to "struct device *". Pass the correct parameter to devm_add_action_or_reset() so that the resources are released as expected. • https://git.kernel.org/stable/c/f414de2e2fffd89c8a4e5b5e06b0eba5f9d8b1eb •
CVSS: -EPSS: 0%CPEs: 5EXPL: 0CVE-2024-56751 – ipv6: release nexthop on device removal
https://notcve.org/view.php?id=CVE-2024-56751
29 Dec 2024 — In the Linux kernel, the following vulnerability has been resolved: ipv6: release nexthop on device removal The CI is hitting some aperiodic hangup at device removal time in the pmtu.sh self-test: unregister_netdevice: waiting for veth_A-R1 to become free. Usage count = 6 ref_tracker: veth_A-R1@ffff888013df15d8 has 1/5 users at dst_init+0x84/0x4a0 dst_alloc+0x97/0x150 ip6_dst_alloc+0x23/0x90 ip6_rt_pcpu_alloc+0x1e6/0x520 ip6_pol_route+0x56f/0x840 fib6_rule_lookup+0x334/0x630 ip6_route_output_flags... • https://git.kernel.org/stable/c/f88d8ea67fbdbac7a64bfa6ed9a2ba27bb822f74 •
CVSS: -EPSS: 0%CPEs: 8EXPL: 0CVE-2024-56748 – scsi: qedf: Fix a possible memory leak in qedf_alloc_and_init_sb()
https://notcve.org/view.php?id=CVE-2024-56748
29 Dec 2024 — In the Linux kernel, the following vulnerability has been resolved: scsi: qedf: Fix a possible memory leak in qedf_alloc_and_init_sb() Hook "qed_ops->common->sb_init = qed_sb_init" does not release the DMA memory sb_virt when it fails. Add dma_free_coherent() to free it. This is the same way as qedr_alloc_mem_sb() and qede_alloc_mem_sb(). • https://git.kernel.org/stable/c/61d8658b4a435eac729966cc94cdda077a8df5cd •
CVSS: -EPSS: 0%CPEs: 9EXPL: 0CVE-2024-56747 – scsi: qedi: Fix a possible memory leak in qedi_alloc_and_init_sb()
https://notcve.org/view.php?id=CVE-2024-56747
29 Dec 2024 — In the Linux kernel, the following vulnerability has been resolved: scsi: qedi: Fix a possible memory leak in qedi_alloc_and_init_sb() Hook "qedi_ops->common->sb_init = qed_sb_init" does not release the DMA memory sb_virt when it fails. Add dma_free_coherent() to free it. This is the same way as qedr_alloc_mem_sb() and qede_alloc_mem_sb(). • https://git.kernel.org/stable/c/ace7f46ba5fde7273207c7122b0650ceb72510e0 •
CVSS: -EPSS: 0%CPEs: 9EXPL: 0CVE-2024-56746 – fbdev: sh7760fb: Fix a possible memory leak in sh7760fb_alloc_mem()
https://notcve.org/view.php?id=CVE-2024-56746
29 Dec 2024 — In the Linux kernel, the following vulnerability has been resolved: fbdev: sh7760fb: Fix a possible memory leak in sh7760fb_alloc_mem() When information such as info->screen_base is not ready, calling sh7760fb_free_mem() does not release memory correctly. Call dma_free_coherent() instead. • https://git.kernel.org/stable/c/4a25e41831ee851c1365d8b41decc22493b18e6d •
CVSS: -EPSS: 0%CPEs: 6EXPL: 0CVE-2024-56745 – PCI: Fix reset_method_store() memory leak
https://notcve.org/view.php?id=CVE-2024-56745
29 Dec 2024 — In the Linux kernel, the following vulnerability has been resolved: PCI: Fix reset_method_store() memory leak In reset_method_store(), a string is allocated via kstrndup() and assigned to the local "options". options is then used in with strsep() to find spaces: while ((name = strsep(&options, " ")) != NULL) { If there are no remaining spaces, then options is set to NULL by strsep(), so the subsequent kfree(options) doesn't free the memory allocated via kstrndup(). Fix by using a separate tmp_options... • https://git.kernel.org/stable/c/d88f521da3efd698e36d0d504a2abba6ac4f5ef8 •
CVSS: -EPSS: 0%CPEs: 7EXPL: 0CVE-2024-56741 – apparmor: test: Fix memory leak for aa_unpack_strdup()
https://notcve.org/view.php?id=CVE-2024-56741
29 Dec 2024 — In the Linux kernel, the following vulnerability has been resolved: apparmor: test: Fix memory leak for aa_unpack_strdup() The string allocated by kmemdup() in aa_unpack_strdup() is not freed and cause following memory leaks, free them to fix it. unreferenced object 0xffffff80c6af8a50 (size 8): comm "kunit_try_catch", pid 225, jiffies 4294894407 hex dump (first 8 bytes): 74 65 73 74 69 6e 67 00 testing. backtrace (crc 5eab668b): [<0000000001e3714d>] kmemleak_a... • https://git.kernel.org/stable/c/4d944bcd4e731ab7bfe8d01a7041ea0ebdc090f1 •
CVSS: -EPSS: 0%CPEs: 9EXPL: 0CVE-2024-56739 – rtc: check if __rtc_read_time was successful in rtc_timer_do_work()
https://notcve.org/view.php?id=CVE-2024-56739
29 Dec 2024 — In the Linux kernel, the following vulnerability has been resolved: rtc: check if __rtc_read_time was successful in rtc_timer_do_work() If the __rtc_read_time call fails,, the struct rtc_time tm; may contain uninitialized data, or an illegal date/time read from the RTC hardware. When calling rtc_tm_to_ktime later, the result may be a very large value (possibly KTIME_MAX). If there are periodic timers in rtc->timerqueue, they will continually expire, may causing kernel softlockup. • https://git.kernel.org/stable/c/6610e0893b8bc6f59b14fed7f089c5997f035f88 •