5.5
CVE-2024-56577 - media: mtk-jpeg: Fix null-ptr-deref during unload module
In the Linux kernel, the following vulnerability has been resolved: media: mtk-jpeg: Fix null-ptr-deref during unload module The workqueue should be destroyed in mtk_jpeg_core.c since commit 09aea13ecf6f ("media: mtk-jpeg: refactor some variables"), otherwise the below calltrace can be easily triβ¦
5.5
CVE-2024-53230 - cpufreq: CPPC: Fix possible null-ptr-deref for cppc_get_cpu_cost()
In the Linux kernel, the following vulnerability has been resolved: cpufreq: CPPC: Fix possible null-ptr-deref for cppc_get_cpu_cost() cpufreq_cpu_get_raw() may return NULL if the cpu is not in policy->cpus cpu mask and it will cause null pointer dereference, so check NULL for cppc_get_cpu_cost().
9.8
CVE-2024-50713 -
SmartAgent v1.1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /tests/interface.php.
7.8
CVE-2024-56581 - btrfs: ref-verify: fix use-after-free after invalid ref action
In the Linux kernel, the following vulnerability has been resolved: btrfs: ref-verify: fix use-after-free after invalid ref action At btrfs_ref_tree_mod() after we successfully inserted the new ref entry (local variable 'ref') into the respective block entry's rbtree (local variable 'be'), if we β¦
7.8
CVE-2024-56582 - btrfs: fix use-after-free in btrfs_encoded_read_endio()
In the Linux kernel, the following vulnerability has been resolved: btrfs: fix use-after-free in btrfs_encoded_read_endio() Shinichiro reported the following use-after free that sometimes is happening in our CI system when running fstests' btrfs/284 on a TCMU runner device: BUG: KASAN: slab-usβ¦
7.8
CVE-2024-53216 - nfsd: release svc_expkey/svc_export with rcu_work
In the Linux kernel, the following vulnerability has been resolved: nfsd: release svc_expkey/svc_export with rcu_work The last reference for `cache_head` can be reduced to zero in `c_show` and `e_show`(using `rcu_read_lock` and `rcu_read_unlock`). Consequently, `svc_export_put` and `expkey_put` wβ¦
7.8
CVE-2024-56602 - net: ieee802154: do not leave a dangling sk pointer in ieee802154_create()
In the Linux kernel, the following vulnerability has been resolved: net: ieee802154: do not leave a dangling sk pointer in ieee802154_create() sock_init_data() attaches the allocated sk object to the provided sock object. If ieee802154_create() fails later, the allocated sk object is freed, but tβ¦
5.5
CVE-2024-56567 - ad7780: fix division by zero in ad7780_write_raw()
In the Linux kernel, the following vulnerability has been resolved: ad7780: fix division by zero in ad7780_write_raw() In the ad7780_write_raw() , val2 can be zero, which might lead to a division by zero error in DIV_ROUND_CLOSEST(). The ad7780_write_raw() is based on iio_info's write_raw. While β¦
5.5
CVE-2024-56563 - ceph: fix cred leak in ceph_mds_check_access()
In the Linux kernel, the following vulnerability has been resolved: ceph: fix cred leak in ceph_mds_check_access() get_current_cred() increments the reference counter, but the put_cred() call was missing.
5.5
CVE-2024-53199 - ASoC: imx-audmix: Add NULL check in imx_audmix_probe
In the Linux kernel, the following vulnerability has been resolved: ASoC: imx-audmix: Add NULL check in imx_audmix_probe devm_kasprintf() can return a NULL pointer on failure,but this returned value in imx_audmix_probe() is not checked. Add NULL check in imx_audmix_probe(), to handle kernel NULL β¦