5.5
CVE-2024-26709 - powerpc/iommu: Fix the missing iommu_group_put() during platform domain attach
In the Linux kernel, the following vulnerability has been resolved: powerpc/iommu: Fix the missing iommu_group_put() during platform domain attach The function spapr_tce_platform_iommu_attach_dev() is missing to call iommu_group_put() when the domain is already set. This refcount leak shows up wiβ¦
7.8
CVE-2024-26704 - ext4: fix double-free of blocks due to wrong extents moved_len
In the Linux kernel, the following vulnerability has been resolved: ext4: fix double-free of blocks due to wrong extents moved_len In ext4_move_extents(), moved_len is only updated when all moves are successfully executed, and only discards orig_inode and donor_inode preallocations when moved_lenβ¦
5.5
CVE-2024-26696 - nilfs2: fix hang in nilfs_lookup_dirty_data_buffers()
In the Linux kernel, the following vulnerability has been resolved: nilfs2: fix hang in nilfs_lookup_dirty_data_buffers() Syzbot reported a hang issue in migrate_pages_batch() called by mbind() and nilfs_lookup_dirty_data_buffers() called in the log writer of nilfs2. While migrate_pages_batch() β¦
5.5
CVE-2024-26695 - crypto: ccp - Fix null pointer dereference in __sev_platform_shutdown_locked
In the Linux kernel, the following vulnerability has been resolved: crypto: ccp - Fix null pointer dereference in __sev_platform_shutdown_locked The SEV platform device can be shutdown with a null psp_master, e.g., using DEBUG_TEST_DRIVER_REMOVE. Found using KASAN: [ 137.148210] ccp 0000:23:00β¦
5.5
CVE-2024-26775 - aoe: avoid potential deadlock at set_capacity
In the Linux kernel, the following vulnerability has been resolved: aoe: avoid potential deadlock at set_capacity Move set_capacity() outside of the section procected by (&d->lock). To avoid possible interrupt unsafe locking scenario: CPU0 CPU1 ---- β¦
5.5
CVE-2024-26685 - nilfs2: fix potential bug in end_buffer_async_write
In the Linux kernel, the following vulnerability has been resolved: nilfs2: fix potential bug in end_buffer_async_write According to a syzbot report, end_buffer_async_write(), which handles the completion of block device writes, may detect abnormal condition of the buffer async_write flag and cauβ¦
5.5
CVE-2024-26773 - ext4: avoid allocating blocks from corrupted group in ext4_mb_try_best_found()
In the Linux kernel, the following vulnerability has been resolved: ext4: avoid allocating blocks from corrupted group in ext4_mb_try_best_found() Determine if the group block bitmap is corrupted before using ac_b_ex in ext4_mb_try_best_found() to avoid allocating blocks from a group with a corruβ¦
5.5
CVE-2023-52638 - can: j1939: prevent deadlock by changing j1939_socks_lock to rwlock
In the Linux kernel, the following vulnerability has been resolved: can: j1939: prevent deadlock by changing j1939_socks_lock to rwlock The following 3 locks would race against each other, causing the deadlock situation in the Syzbot bug report: - j1939_socks_lock - active_session_list_lock - skβ¦
7.8
CVE-2024-26748 - usb: cdns3: fix memory double free when handle zero packet
In the Linux kernel, the following vulnerability has been resolved: usb: cdns3: fix memory double free when handle zero packet 829 if (request->complete) { 830 spin_unlock(&priv_dev->lock); 831 usb_gadget_giveback_request(&priv_ep->endpoint, 832 β¦
5.5
CVE-2024-26757 - md: Don't ignore read-only array in md_check_recovery()
In the Linux kernel, the following vulnerability has been resolved: md: Don't ignore read-only array in md_check_recovery() Usually if the array is not read-write, md_check_recovery() won't register new sync_thread in the first place. And if the array is read-write and sync_thread is registered, β¦