5.5
CVE-2024-46803 - drm/amdkfd: Check debug trap enable before write dbg_ev_file
In the Linux kernel, the following vulnerability has been resolved: drm/amdkfd: Check debug trap enable before write dbg_ev_file In interrupt context, write dbg_ev_file will be run by work queue. It will cause write dbg_ev_file execution after debug_trap_disable, which will cause NULL pointer accβ¦
5.5
CVE-2024-46864 - x86/hyperv: fix kexec crash due to VP assist page corruption
In the Linux kernel, the following vulnerability has been resolved: x86/hyperv: fix kexec crash due to VP assist page corruption commit 9636be85cc5b ("x86/hyperv: Fix hyperv_pcpu_input_arg handling when CPUs go online/offline") introduces a new cpuhp state for hyperv initialization. cpuhp_setup_β¦
7.8
CVE-2024-46813 - drm/amd/display: Check link_index before accessing dc->links[]
In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Check link_index before accessing dc->links[] [WHY & HOW] dc->links[] has max size of MAX_LINKS and NULL is return when trying to access with out-of-bound index. This fixes 3 OVERRUN and 1 RESOURCE_LEAK issues rβ¦
5.5
CVE-2024-46860 - wifi: mt76: mt7921: fix NULL pointer access in mt7921_ipv6_addr_change
In the Linux kernel, the following vulnerability has been resolved: wifi: mt76: mt7921: fix NULL pointer access in mt7921_ipv6_addr_change When disabling wifi mt7921_ipv6_addr_change() is called as a notifier. At this point mvif->phy is already NULL so we cannot use it here.
7.3
CVE-2024-40509 -
Cross Site Scripting vulnerability in openPetra v.2023.02 allows a remote attacker to obtain sensitive information via the serverMFinDev.asmx function.
5.5
CVE-2024-46839 - kernel: workqueue: Improve scalability of workqueue watchdog touch
This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.
5.5
CVE-2024-46838 - userfaultfd: don't BUG_ON() if khugepaged yanks our page table
In the Linux kernel, the following vulnerability has been resolved: userfaultfd: don't BUG_ON() if khugepaged yanks our page table Since khugepaged was changed to allow retracting page tables in file mappings without holding the mmap lock, these BUG_ON()s are wrong - get rid of them. We could alβ¦
5.5
CVE-2024-46840 - btrfs: clean up our handling of refs == 0 in snapshot delete
In the Linux kernel, the following vulnerability has been resolved: btrfs: clean up our handling of refs == 0 in snapshot delete In reada we BUG_ON(refs == 0), which could be unkind since we aren't holding a lock on the extent leaf and thus could get a transient incorrect answer. In walk_down_prβ¦
5.5
CVE-2024-46834 - ethtool: fail closed if we can't get max channel used in indirection tables
In the Linux kernel, the following vulnerability has been resolved: ethtool: fail closed if we can't get max channel used in indirection tables Commit 0d1b7d6c9274 ("bnxt: fix crashes when reducing ring count with active RSS contexts") proves that allowing indirection table to contain channels wiβ¦
5.5
CVE-2024-46810 - drm/bridge: tc358767: Check if fully initialized before signalling HPD event via IRQ
In the Linux kernel, the following vulnerability has been resolved: drm/bridge: tc358767: Check if fully initialized before signalling HPD event via IRQ Make sure the connector is fully initialized before signalling any HPD events via drm_kms_helper_hotplug_event(), otherwise this may lead to NULβ¦