5.5
CVE-2024-36924 - scsi: lpfc: Release hbalock before calling lpfc_worker_wake_up()
In the Linux kernel, the following vulnerability has been resolved: scsi: lpfc: Release hbalock before calling lpfc_worker_wake_up() lpfc_worker_wake_up() calls the lpfc_work_done() routine, which takes the hbalock. Thus, lpfc_worker_wake_up() should not be called while holding the hbalock to avβ¦
5.5
CVE-2024-36922 - wifi: iwlwifi: read txq->read_ptr under lock
In the Linux kernel, the following vulnerability has been resolved: wifi: iwlwifi: read txq->read_ptr under lock If we read txq->read_ptr without lock, we can read the same value twice, then obtain the lock, and reclaim from there to two different places, but crucially reclaim the same entry twicβ¦
5.5
CVE-2024-36900 - net: hns3: fix kernel crash when devlink reload during initialization
In the Linux kernel, the following vulnerability has been resolved: net: hns3: fix kernel crash when devlink reload during initialization The devlink reload process will access the hardware resources, but the register operation is done before the hardware is initialized. So, processing the devlinβ¦
4.4
CVE-2024-36885 - kernel: drm/nouveau/firmware: Fix SG_DEBUG error with nvkm_firmware_ctor()
This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.
5.5
CVE-2024-36958 - NFSD: Fix nfsd4_encode_fattr4() crasher
In the Linux kernel, the following vulnerability has been resolved: NFSD: Fix nfsd4_encode_fattr4() crasher Ensure that args.acl is initialized early. It is used in an unconditional call to kfree() on the way out of nfsd4_encode_fattr4().
4.4
CVE-2024-36953 - KVM: arm64: vgic-v2: Check for non-NULL vCPU in vgic_v2_parse_attr()
In the Linux kernel, the following vulnerability has been resolved: KVM: arm64: vgic-v2: Check for non-NULL vCPU in vgic_v2_parse_attr() vgic_v2_parse_attr() is responsible for finding the vCPU that matches the user-provided CPUID, which (of course) may not be valid. If the ID is invalid, kvm_getβ¦
5.5
CVE-2024-36017 - rtnetlink: Correct nested IFLA_VF_VLAN_LIST attribute validation
In the Linux kernel, the following vulnerability has been resolved: rtnetlink: Correct nested IFLA_VF_VLAN_LIST attribute validation Each attribute inside a nested IFLA_VF_VLAN_LIST is assumed to be a struct ifla_vf_vlan_info so the size of such attribute needs to be at least of sizeof(struct iflβ¦
5.5
CVE-2024-36959 - pinctrl: devicetree: fix refcount leak in pinctrl_dt_to_map()
In the Linux kernel, the following vulnerability has been resolved: pinctrl: devicetree: fix refcount leak in pinctrl_dt_to_map() If we fail to allocate propname buffer, we need to drop the reference count we just took. Because the pinctrl_dt_free_maps() includes the droping operation, here we caβ¦
5.5
CVE-2024-36917 - block: fix overflow in blk_ioctl_discard()
In the Linux kernel, the following vulnerability has been resolved: block: fix overflow in blk_ioctl_discard() There is no check for overflow of 'start + len' in blk_ioctl_discard(). Hung task occurs if submit an discard ioctl with the following param: start = 0x80000000000ff000, len = 0x800000β¦
5.5
CVE-2024-36902 - ipv6: fib6_rules: avoid possible NULL dereference in fib6_rule_action()
In the Linux kernel, the following vulnerability has been resolved: ipv6: fib6_rules: avoid possible NULL dereference in fib6_rule_action() syzbot is able to trigger the following crash [1], caused by unsafe ip6_dst_idev() use. Indeed ip6_dst_idev() can return NULL, and must always be checked. β¦