6.1
CVE-2024-35899 - netfilter: nf_tables: flush pending destroy work before exit_net release
In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: flush pending destroy work before exit_net release Similar to 2c9f0293280e ("netfilter: nf_tables: flush pending destroy work before netlink notifier") to address a race between exit_net and the destroy workβ¦
5.5
CVE-2024-35898 - netfilter: nf_tables: Fix potential data-race in __nft_flowtable_type_get()
In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: Fix potential data-race in __nft_flowtable_type_get() nft_unregister_flowtable_type() within nf_flow_inet_module_exit() can concurrent with __nft_flowtable_type_get() within nf_tables_newflowtable(). And thhβ¦
7.1
CVE-2024-35896 - netfilter: validate user input for expected length
In the Linux kernel, the following vulnerability has been resolved: netfilter: validate user input for expected length I got multiple syzbot reports showing old bugs exposed by BPF after commit 20f2505fb436 ("bpf: Try to avoid kzalloc in cgroup/{s,g}etsockopt") setsockopt() @optlen argument shouβ¦
5.5
CVE-2024-35889 - idpf: fix kernel panic on unknown packet types
In the Linux kernel, the following vulnerability has been resolved: idpf: fix kernel panic on unknown packet types In the very rare case where a packet type is unknown to the driver, idpf_rx_process_skb_fields would return early without calling eth_type_trans to set the skb protocol / the networkβ¦
5.5
CVE-2024-35918 - kernel: randomize_kstack: Improve entropy diffusion
This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.
5.5
CVE-2024-35928 - kernel: drm/amd/amdgpu: Fix potential ioremap() memory leaks in amdgpu_device_init()
This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.
5.5
CVE-2024-35947 - dyndbg: fix old BUG_ON in >control parser
In the Linux kernel, the following vulnerability has been resolved: dyndbg: fix old BUG_ON in >control parser Fix a BUG_ON from 2009. Even if it looks "unreachable" (I didn't really look), lets make sure by removing it, doing pr_err and return -EINVAL instead.
5.5
CVE-2024-35860 - bpf: support deferring bpf_link dealloc to after RCU grace period
In the Linux kernel, the following vulnerability has been resolved: bpf: support deferring bpf_link dealloc to after RCU grace period BPF link for some program types is passed as a "context" which can be used by those BPF programs to look up additional information. E.g., for multi-kprobes and mulβ¦
4.4
CVE-2024-35870 - smb: client: fix UAF in smb2_reconnect_server()
In the Linux kernel, the following vulnerability has been resolved: smb: client: fix UAF in smb2_reconnect_server() The UAF bug is due to smb2_reconnect_server() accessing a session that is already being teared down by another thread that is executing __cifs_put_smb_ses(). This can happen when (β¦
5.5
CVE-2024-35881 - kernel: Revert "drm/amd/display: Send DTBCLK disable message on first commit"
This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.