9.6
CVE-2024-40086 -
A Buffer Overflow vulnerability in the local_app_set_router_wifi_SSID_PWD function of Vilo 5 Mesh WiFi System <= 5.16.1.33 allows remote, unauthenticated attackers to execute arbitrary code via a password field larger than 64 bytes in length.
5.5
CVE-2024-47746 - fuse: use exclusive lock when FUSE_I_CACHE_IO_MODE is set
In the Linux kernel, the following vulnerability has been resolved: fuse: use exclusive lock when FUSE_I_CACHE_IO_MODE is set This may be a typo. The comment has said shared locks are not allowed when this bit is set. If using shared lock, the wait in `fuse_file_cached_io_open` may be forever.
5.5
CVE-2024-47705 - block: fix potential invalid pointer dereference in blk_add_partition
In the Linux kernel, the following vulnerability has been resolved: block: fix potential invalid pointer dereference in blk_add_partition The blk_add_partition() function initially used a single if-condition (IS_ERR(part)) to check for errors when adding a partition. This was modified to handle tβ¦
0.0
CVE-2022-48993 - kernel: fbcon: Use kzalloc() in fbcon_prepare_logo()
This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.
5.5
CVE-2024-49897 - drm/amd/display: Check phantom_stream before it is used
In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Check phantom_stream before it is used dcn32_enable_phantom_stream can return null, so returned value must be checked before used. This fixes 1 NULL_RETURNS issue reported by Coverity.
5.5
CVE-2024-49879 - drm: omapdrm: Add missing check for alloc_ordered_workqueue
In the Linux kernel, the following vulnerability has been resolved: drm: omapdrm: Add missing check for alloc_ordered_workqueue As it may return NULL pointer and cause NULL pointer dereference. Add check for the return value of alloc_ordered_workqueue.
5.5
CVE-2024-50019 - kthread: unpark only parked kthread
In the Linux kernel, the following vulnerability has been resolved: kthread: unpark only parked kthread Calling into kthread unparking unconditionally is mostly harmless when the kthread is already unparked. The wake up is then simply ignored because the target is not in TASK_PARKED state. Howevβ¦
5.5
CVE-2024-47702 - bpf: Fail verification for sign-extension of packet data/data_end/data_meta
In the Linux kernel, the following vulnerability has been resolved: bpf: Fail verification for sign-extension of packet data/data_end/data_meta syzbot reported a kernel crash due to commit 1f1e864b6555 ("bpf: Handle sign-extenstin ctx member accesses"). The reason is due to sign-extension of 32β¦
7.8
CVE-2022-48980 - net: dsa: sja1105: avoid out of bounds access in sja1105_init_l2_policing()
In the Linux kernel, the following vulnerability has been resolved: net: dsa: sja1105: avoid out of bounds access in sja1105_init_l2_policing() The SJA1105 family has 45 L2 policing table entries (SJA1105_MAX_L2_POLICING_COUNT) and SJA1110 has 110 (SJA1110_MAX_L2_POLICING_COUNT). Keeping the tablβ¦
5.5
CVE-2024-50031 - drm/v3d: Stop the active perfmon before being destroyed
In the Linux kernel, the following vulnerability has been resolved: drm/v3d: Stop the active perfmon before being destroyed When running `kmscube` with one or more performance monitors enabled via `GALLIUM_HUD`, the following kernel panic can occur: [ 55.008324] Unable to handle kernel paging β¦