6.3
CVE-2024-26830 - i40e: Do not allow untrusted VF to remove administratively set MAC
In the Linux kernel, the following vulnerability has been resolved: i40e: Do not allow untrusted VF to remove administratively set MAC Currently when PF administratively sets VF's MAC address and the VF is put down (VF tries to delete all MACs) then the MAC is removed from MAC filters and primaryβ¦
7.3
CVE-2024-2961 - glibc: Out of bounds write in iconv may lead to remote code execution
The iconv() function in the GNU C Library versions 2.39 and older may overflow the output buffer passed to it by up to 4 bytes when converting strings to the ISO-2022-CN-EXT character set, which may be used to crash an application or overwrite a neighbouring variable.
5.5
CVE-2024-26904 - kernel: btrfs: fix data race at btrfs_use_block_rsv() when accessing block reserve
This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.
7
CVE-2024-26898 - aoe: fix the potential use-after-free problem in aoecmd_cfg_pkts
In the Linux kernel, the following vulnerability has been resolved: aoe: fix the potential use-after-free problem in aoecmd_cfg_pkts This patch is against CVE-2023-6270. The description of cve is: A flaw was found in the ATA over Ethernet (AoE) driver in the Linux kernel. The aoecmd_cfg_pktsβ¦
5.5
CVE-2024-26891 - iommu/vt-d: Don't issue ATS Invalidation request when device is disconnected
In the Linux kernel, the following vulnerability has been resolved: iommu/vt-d: Don't issue ATS Invalidation request when device is disconnected For those endpoint devices connect to system via hotplug capable ports, users could request a hot reset to the device by flapping device's link through β¦
4.4
CVE-2024-26874 - drm/mediatek: Fix a null pointer crash in mtk_drm_crtc_finish_page_flip
In the Linux kernel, the following vulnerability has been resolved: drm/mediatek: Fix a null pointer crash in mtk_drm_crtc_finish_page_flip It's possible that mtk_crtc->event is NULL in mtk_drm_crtc_finish_page_flip(). pending_needs_vblank value is set by mtk_crtc->event, but in mtk_drm_crtc_atoβ¦
5.5
CVE-2024-26871 - f2fs: fix NULL pointer dereference in f2fs_submit_page_write()
In the Linux kernel, the following vulnerability has been resolved: f2fs: fix NULL pointer dereference in f2fs_submit_page_write() BUG: kernel NULL pointer dereference, address: 0000000000000014 RIP: 0010:f2fs_submit_page_write+0x6cf/0x780 [f2fs] Call Trace: <TASK> ? show_regs+0x6e/0x80 ? __die+0β¦
5.5
CVE-2024-26863 - hsr: Fix uninit-value access in hsr_get_node()
In the Linux kernel, the following vulnerability has been resolved: hsr: Fix uninit-value access in hsr_get_node() KMSAN reported the following uninit-value access issue [1]: ===================================================== BUG: KMSAN: uninit-value in hsr_get_node+0xa2e/0xa40 net/hsr/hsr_frβ¦
5.5
CVE-2024-26824 - crypto: algif_hash - Remove bogus SGL free on zero-length error path
In the Linux kernel, the following vulnerability has been resolved: crypto: algif_hash - Remove bogus SGL free on zero-length error path When a zero-length message is hashed by algif_hash, and an error is triggered, it tries to free an SG list that was never allocated in the first place. Fix thiβ¦
5.5
CVE-2024-26873 - scsi: hisi_sas: Fix a deadlock issue related to automatic dump
In the Linux kernel, the following vulnerability has been resolved: scsi: hisi_sas: Fix a deadlock issue related to automatic dump If we issue a disabling PHY command, the device attached with it will go offline, if a 2 bit ECC error occurs at the same time, a hung task may be found: [ 4613.6523β¦