5.5
CVE-2024-35808 - md/dm-raid: don't call md_reap_sync_thread() directly
In the Linux kernel, the following vulnerability has been resolved: md/dm-raid: don't call md_reap_sync_thread() directly Currently md_reap_sync_thread() is called from raid_message() directly without holding 'reconfig_mutex', this is definitely unsafe because md_reap_sync_thread() can change manβ¦
5.5
CVE-2024-27420 - kernel: netrom: Fix a data-race around sysctl_netrom_link_fails_count
This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.
5.5
CVE-2024-35839 - netfilter: bridge: replace physindev with physinif in nf_bridge_info
In the Linux kernel, the following vulnerability has been resolved: netfilter: bridge: replace physindev with physinif in nf_bridge_info An skb can be added to a neigh->arp_queue while waiting for an arp reply. Where original skb's skb->dev can be different to neigh's neigh->dev. For instance in β¦
7.1
CVE-2024-35849 - btrfs: fix information leak in btrfs_ioctl_logical_to_ino()
In the Linux kernel, the following vulnerability has been resolved: btrfs: fix information leak in btrfs_ioctl_logical_to_ino() Syzbot reported the following information leak for in btrfs_ioctl_logical_to_ino(): BUG: KMSAN: kernel-infoleak in instrument_copy_to_user include/linux/instrumented.β¦
5.5
CVE-2024-35822 - usb: udc: remove warning when queue disabled ep
In the Linux kernel, the following vulnerability has been resolved: usb: udc: remove warning when queue disabled ep It is possible trigger below warning message from mass storage function, WARNING: CPU: 6 PID: 3839 at drivers/usb/gadget/udc/core.c:294 usb_ep_queue+0x7c/0x104 pc : usb_ep_queue+0xβ¦
7.8
CVE-2023-52691 - drm/amd/pm: fix a double-free in si_dpm_init
In the Linux kernel, the following vulnerability has been resolved: drm/amd/pm: fix a double-free in si_dpm_init When the allocation of adev->pm.dpm.dyn_state.vddc_dependency_on_dispclk.entries fails, amdgpu_free_extended_power_table is called to free some fields of adev. However, when the controβ¦
5.5
CVE-2023-52686 - powerpc/powernv: Add a null pointer check in opal_event_init()
In the Linux kernel, the following vulnerability has been resolved: powerpc/powernv: Add a null pointer check in opal_event_init() kasprintf() returns a pointer to dynamically allocated memory which can be NULL upon failure.
5.5
CVE-2024-35807 - ext4: fix corruption during on-line resize
In the Linux kernel, the following vulnerability has been resolved: ext4: fix corruption during on-line resize We observed a corruption during on-line resize of a file system that is larger than 16 TiB with 4k block size. With having more then 2^32 blocks resize_inode is turned off by default by β¦
5.5
CVE-2024-27410 - wifi: nl80211: reject iftype change with mesh ID change
In the Linux kernel, the following vulnerability has been resolved: wifi: nl80211: reject iftype change with mesh ID change It's currently possible to change the mesh ID when the interface isn't yet in mesh mode, at the same time as changing it into mesh mode. This leads to an overwrite of data iβ¦
5.5
CVE-2024-27424 - kernel: netrom: Fix a data-race around sysctl_netrom_transport_busy_delay
This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.