5.5
CVE-2024-56584 - io_uring/tctx: work around xa_store() allocation error issue
In the Linux kernel, the following vulnerability has been resolved: io_uring/tctx: work around xa_store() allocation error issue syzbot triggered the following WARN_ON: WARNING: CPU: 0 PID: 16 at io_uring/tctx.c:51 __io_uring_free+0xfa/0x140 io_uring/tctx.c:51 which is the WARN_ON_ONCE(!xa_empβ¦
5.5
CVE-2024-56533 - ALSA: usx2y: Use snd_card_free_when_closed() at disconnection
In the Linux kernel, the following vulnerability has been resolved: ALSA: usx2y: Use snd_card_free_when_closed() at disconnection The USB disconnect callback is supposed to be short and not too-long waiting. OTOH, the current code uses snd_card_free() at disconnection, but this waits for the cloβ¦
7.5
CVE-2024-56522 -
An issue was discovered in TCPDF before 6.8.0. unserializeTCPDFtag uses != (aka loose comparison) and does not use a constant-time function to compare TCPDF tag hashes.
5.5
CVE-2024-53229 - RDMA/rxe: Fix the qp flush warnings in req
In the Linux kernel, the following vulnerability has been resolved: RDMA/rxe: Fix the qp flush warnings in req When the qp is in error state, the status of WQEs in the queue should be set to error. Or else the following will appear. [ 920.617269] WARNING: CPU: 1 PID: 21 at drivers/infiniband/swβ¦
4.4
CVE-2024-56571 - kernel: media: uvcvideo: Require entities to have a non-zero unique ID
This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.
5.5
CVE-2024-53223 - clk: ralink: mtmips: fix clocks probe order in oldest ralink SoCs
In the Linux kernel, the following vulnerability has been resolved: clk: ralink: mtmips: fix clocks probe order in oldest ralink SoCs Base clocks are the first in being probed and are real dependencies of the rest of fixed, factor and peripheral clocks. For old ralink SoCs RT2880, RT305x and RT38β¦
5.5
CVE-2024-53222 - zram: fix NULL pointer in comp_algorithm_show()
In the Linux kernel, the following vulnerability has been resolved: zram: fix NULL pointer in comp_algorithm_show() LTP reported a NULL pointer dereference as followed: CPU: 7 UID: 0 PID: 5995 Comm: cat Kdump: loaded Not tainted 6.12.0-rc6+ #3 Hardware name: QEMU KVM Virtual Machine, BIOS 0.0.β¦
7.5
CVE-2024-56527 -
An issue was discovered in TCPDF before 6.8.0. The Error function lacks an htmlspecialchars call for the error message.
5.5
CVE-2024-53210 - s390/iucv: MSG_PEEK causes memory leak in iucv_sock_destruct()
In the Linux kernel, the following vulnerability has been resolved: s390/iucv: MSG_PEEK causes memory leak in iucv_sock_destruct() Passing MSG_PEEK flag to skb_recv_datagram() increments skb refcount (skb->users) and iucv_sock_recvmsg() does not decrement skb refcount at exit. This results in skbβ¦
7.8
CVE-2024-56609 - wifi: rtw88: use ieee80211_purge_tx_queue() to purge TX skb
In the Linux kernel, the following vulnerability has been resolved: wifi: rtw88: use ieee80211_purge_tx_queue() to purge TX skb When removing kernel modules by: rmmod rtw88_8723cs rtw88_8703b rtw88_8723x rtw88_sdio rtw88_core Driver uses skb_queue_purge() to purge TX skb, but not report tx stβ¦