4.7
CVE-2024-35913 - wifi: iwlwifi: mvm: pick the version of SESSION_PROTECTION_NOTIF
In the Linux kernel, the following vulnerability has been resolved: wifi: iwlwifi: mvm: pick the version of SESSION_PROTECTION_NOTIF When we want to know whether we should look for the mac_id or the link_id in struct iwl_mvm_session_prot_notif, we should look at the version of SESSION_PROTECTION_β¦
7.8
CVE-2024-35868 - smb: client: fix potential UAF in cifs_stats_proc_write()
In the Linux kernel, the following vulnerability has been resolved: smb: client: fix potential UAF in cifs_stats_proc_write() Skip sessions that are being teared down (status == SES_EXITING) to avoid UAF.
5.8
CVE-2024-35910 - tcp: properly terminate timers for kernel sockets
In the Linux kernel, the following vulnerability has been resolved: tcp: properly terminate timers for kernel sockets We had various syzbot reports about tcp timers firing after the corresponding netns has been dismantled. Fortunately Josef Bacik could trigger the issue more often, and could tesβ¦
5.5
CVE-2024-35876 - kernel: x86/mce: Make sure to grab mce_sysfs_mutex in set_bank()
This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.
5.5
CVE-2024-35904 - selinux: avoid dereference of garbage after mount failure
In the Linux kernel, the following vulnerability has been resolved: selinux: avoid dereference of garbage after mount failure In case kern_mount() fails and returns an error pointer return in the error branch instead of continuing and dereferencing the error pointer. While on it drop the never rβ¦
5.5
CVE-2024-35931 - drm/amdgpu: Skip do PCI error slot reset during RAS recovery
In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Skip do PCI error slot reset during RAS recovery Why: The PCI error slot reset maybe triggered after inject ue to UMC multi times, this caused system hang. [ 557.371857] amdgpu 0000:af:00.0: amdgpu: GPU rβ¦
5.5
CVE-2024-35890 - gro: fix ownership transfer
In the Linux kernel, the following vulnerability has been resolved: gro: fix ownership transfer If packets are GROed with fraglist they might be segmented later on and continue their journey in the stack. In skb_segment_list those skbs can be reused as-is. This is an issue as their destructor wasβ¦
5.5
CVE-2024-35936 - btrfs: handle chunk tree lookup error in btrfs_relocate_sys_chunks()
In the Linux kernel, the following vulnerability has been resolved: btrfs: handle chunk tree lookup error in btrfs_relocate_sys_chunks() The unhandled case in btrfs_relocate_sys_chunks() loop is a corruption, as it could be caused only by two impossible conditions: - at first the search key is sβ¦
5.5
CVE-2024-35900 - netfilter: nf_tables: reject new basechain after table flag update
In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: reject new basechain after table flag update When dormant flag is toggled, hooks are disabled in the commit phase by iterating over current chains in table (existing and new). The following configuration alβ¦
7.1
CVE-2024-35939 - dma-direct: Leak pages on dma_set_decrypted() failure
In the Linux kernel, the following vulnerability has been resolved: dma-direct: Leak pages on dma_set_decrypted() failure On TDX it is possible for the untrusted host to cause set_memory_encrypted() or set_memory_decrypted() to fail such that an error is returned and the resulting memory is shareβ¦