5.5
CVE-2024-35882 - SUNRPC: Fix a slow server-side memory leak with RPC-over-TCP
In the Linux kernel, the following vulnerability has been resolved: SUNRPC: Fix a slow server-side memory leak with RPC-over-TCP Jan Schunk reports that his small NFS servers suffer from memory exhaustion after just a few days. A bisect shows that commit e18e157bb5c8 ("SUNRPC: Send RPC message onβ¦
5.5
CVE-2024-35880 - io_uring/kbuf: hold io_buffer_list reference over mmap
In the Linux kernel, the following vulnerability has been resolved: io_uring/kbuf: hold io_buffer_list reference over mmap If we look up the kbuf, ensure that it doesn't get unregistered until after we're done with it. Since we're inside mmap, we cannot safely use the io_uring lock. Rely on the fβ¦
5.5
CVE-2024-35874 - aio: Fix null ptr deref in aio_complete() wakeup
In the Linux kernel, the following vulnerability has been resolved: aio: Fix null ptr deref in aio_complete() wakeup list_del_init_careful() needs to be the last access to the wait queue entry - it effectively unlocks access. Previously, finish_wait() would see the empty list head and skip takinβ¦
5.5
CVE-2024-35872 - mm/secretmem: fix GUP-fast succeeding on secretmem folios
In the Linux kernel, the following vulnerability has been resolved: mm/secretmem: fix GUP-fast succeeding on secretmem folios folio_is_secretmem() currently relies on secretmem folios being LRU folios, to save some cycles. However, folios might reside in a folio batch without the LRU flag set, oβ¦
7.8
CVE-2024-35863 - smb: client: fix potential UAF in is_valid_oplock_break()
In the Linux kernel, the following vulnerability has been resolved: smb: client: fix potential UAF in is_valid_oplock_break() Skip sessions that are being teared down (status == SES_EXITING) to avoid UAF.
5.5
CVE-2024-35891 - net: phy: micrel: Fix potential null pointer dereference
In the Linux kernel, the following vulnerability has been resolved: net: phy: micrel: Fix potential null pointer dereference In lan8814_get_sig_rx() and lan8814_get_sig_tx() ptp_parse_header() may return NULL as ptp_header due to abnormal packet type or corrupted packet. Fix this bug by adding ptβ¦
5.5
CVE-2024-35885 - mlxbf_gige: stop interface during shutdown
In the Linux kernel, the following vulnerability has been resolved: mlxbf_gige: stop interface during shutdown The mlxbf_gige driver intermittantly encounters a NULL pointer exception while the system is shutting down via "reboot" command. The mlxbf_driver will experience an exception right afterβ¦
5.5
CVE-2024-35875 - x86/coco: Require seeding RNG with RDRAND on CoCo systems
In the Linux kernel, the following vulnerability has been resolved: x86/coco: Require seeding RNG with RDRAND on CoCo systems There are few uses of CoCo that don't rely on working cryptography and hence a working RNG. Unfortunately, the CoCo threat model means that the VM host cannot be trusted aβ¦
7.8
CVE-2024-35862 - smb: client: fix potential UAF in smb2_is_network_name_deleted()
In the Linux kernel, the following vulnerability has been resolved: smb: client: fix potential UAF in smb2_is_network_name_deleted() Skip sessions that are being teared down (status == SES_EXITING) to avoid UAF.
3.3
CVE-2024-35935 - btrfs: send: handle path ref underflow in header iterate_inode_ref()
In the Linux kernel, the following vulnerability has been resolved: btrfs: send: handle path ref underflow in header iterate_inode_ref() Change BUG_ON to proper error handling if building the path buffer fails. The pointers are not printed so we don't accidentally leak kernel addresses.