5.5
CVE-2024-35944 - VMCI: Fix memcpy() run-time warning in dg_dispatch_as_host()
In the Linux kernel, the following vulnerability has been resolved: VMCI: Fix memcpy() run-time warning in dg_dispatch_as_host() Syzkaller hit 'WARNING in dg_dispatch_as_host' bug. memcpy: detected field-spanning write (size 56) of single field "&dg_info->msg" at drivers/misc/vmw_vmci/vmci_datagβ¦
7.8
CVE-2024-35867 - smb: client: fix potential UAF in cifs_stats_proc_show()
In the Linux kernel, the following vulnerability has been resolved: smb: client: fix potential UAF in cifs_stats_proc_show() Skip sessions that are being teared down (status == SES_EXITING) to avoid UAF.
5.5
CVE-2024-35946 - wifi: rtw89: fix null pointer access when abort scan
In the Linux kernel, the following vulnerability has been resolved: wifi: rtw89: fix null pointer access when abort scan During cancel scan we might use vif that weren't scanning. Fix this by using the actual scanning vif.
7.8
CVE-2024-35886 - ipv6: Fix infinite recursion in fib6_dump_done().
In the Linux kernel, the following vulnerability has been resolved: ipv6: Fix infinite recursion in fib6_dump_done(). syzkaller reported infinite recursive calls of fib6_dump_done() during netlink socket destruction. [1] From the log, syzkaller sent an AF_UNSPEC RTM_GETROUTE message, and then tβ¦
7.1
CVE-2024-35871 - riscv: process: Fix kernel gp leakage
In the Linux kernel, the following vulnerability has been resolved: riscv: process: Fix kernel gp leakage childregs represents the registers which are active for the new thread in user context. For a kernel thread, childregs->gp is never used since the kernel gp is not touched by switch_to. For aβ¦
7.8
CVE-2024-35932 - drm/vc4: don't check if plane->state->fb == state->fb
In the Linux kernel, the following vulnerability has been resolved: drm/vc4: don't check if plane->state->fb == state->fb Currently, when using non-blocking commits, we can see the following kernel warning: [ 110.908514] ------------[ cut here ]------------ [ 110.908529] refcount_t: underflow;β¦
5.5
CVE-2024-35945 - net: phy: phy_device: Prevent nullptr exceptions on ISR
In the Linux kernel, the following vulnerability has been resolved: net: phy: phy_device: Prevent nullptr exceptions on ISR If phydev->irq is set unconditionally, check for valid interrupt handler or fall back to polling mode to prevent nullptr exceptions in interrupt service routine.
7.8
CVE-2024-35894 - mptcp: prevent BPF accessing lowat from a subflow socket.
In the Linux kernel, the following vulnerability has been resolved: mptcp: prevent BPF accessing lowat from a subflow socket. Alexei reported the following splat: WARNING: CPU: 32 PID: 3276 at net/mptcp/subflow.c:1430 subflow_data_ready+0x147/0x1c0 Modules linked in: dummy bpf_testmod(O) [lastβ¦
7.8
CVE-2024-35866 - smb: client: fix potential UAF in cifs_dump_full_key()
In the Linux kernel, the following vulnerability has been resolved: smb: client: fix potential UAF in cifs_dump_full_key() Skip sessions that are being teared down (status == SES_EXITING) to avoid UAF.
5.5
CVE-2024-35923 - kernel: io_uring: clear opcode specific data for an early failure
This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.