5.5
CVE-2024-43913 - nvme: apple: fix device reference counting
In the Linux kernel, the following vulnerability has been resolved: nvme: apple: fix device reference counting Drivers must call nvme_uninit_ctrl after a successful nvme_init_ctrl. Split the allocation side out to make the error handling boundary easier to navigate. The apple driver had been doinβ¦
5.5
CVE-2024-43911 - wifi: mac80211: fix NULL dereference at band check in starting tx ba session
In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211: fix NULL dereference at band check in starting tx ba session In MLD connection, link_data/link_conf are dynamically allocated. They don't point to vif->bss_conf. So, there will be no chanreq assigned to vif->bss_cβ¦
5.5
CVE-2024-43897 - net: drop bad gso csum_start and offset in virtio_net_hdr
In the Linux kernel, the following vulnerability has been resolved: net: drop bad gso csum_start and offset in virtio_net_hdr Tighten csum_start and csum_offset checks in virtio_net_hdr_to_skb for GSO packets. The function already checks that a checksum requested with VIRTIO_NET_HDR_F_NEEDS_CSUMβ¦
5.5
CVE-2024-43896 - ASoC: cs-amp-lib: Fix NULL pointer crash if efi.get_variable is NULL
In the Linux kernel, the following vulnerability has been resolved: ASoC: cs-amp-lib: Fix NULL pointer crash if efi.get_variable is NULL Call efi_rt_services_supported() to check that efi.get_variable exists before calling it.
4.7
CVE-2024-43887 - net/tcp: Disable TCP-AO static key after RCU grace period
In the Linux kernel, the following vulnerability has been resolved: net/tcp: Disable TCP-AO static key after RCU grace period The lifetime of TCP-AO static_key is the same as the last tcp_ao_info. On the socket destruction tcp_ao_info ceases to be with RCU grace period, while tcp-ao static branchβ¦
8
CVE-2024-44565 -
Tenda AX1806 v1.0.0.1 contains a stack overflow via the serverName parameter in the function form_fast_setting_internet_set.
8
CVE-2024-44563 -
Tenda AX1806 v1.0.0.1 contains a stack overflow via the iptv.stb.port parameter in the function setIptvInfo.
6.6
CVE-2024-44552 -
Tenda AX1806 v1.0.0.1 contains a stack overflow via the adv.iptv.stballvlans parameter in the function formGetIptv.
5.5
CVE-2024-43901 - drm/amd/display: Fix NULL pointer dereference for DTN log in DCN401
In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Fix NULL pointer dereference for DTN log in DCN401 When users run the command: cat /sys/kernel/debug/dri/0/amdgpu_dm_dtn_log The following NULL pointer dereference happens: [ +0.000003] BUG: kernel NULL pointβ¦
0.0
CVE-2024-43898 - kernel: ext4: sanity check for NULL pointer after ext4_force_shutdown
This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.