7.8
CVE-2024-50029 - Bluetooth: hci_conn: Fix UAF in hci_enhanced_setup_sync
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hci_conn: Fix UAF in hci_enhanced_setup_sync This checks if the ACL connection remains valid as it could be destroyed while hci_enhanced_setup_sync is pending on cmd_sync leading to the following trace: BUG: KASAN: slβ¦
5.5
CVE-2024-47706 - block, bfq: fix possible UAF for bfqq->bic with merge chain
In the Linux kernel, the following vulnerability has been resolved: block, bfq: fix possible UAF for bfqq->bic with merge chain 1) initial state, three tasks: Process 1 Process 2 Process 3 (BIC1) (BIC2) (BIC3) | Ξ | Ξ | Ξ | | | | | β¦
9.1
CVE-2024-47685 - netfilter: nf_reject_ipv6: fix nf_reject_ip6_tcphdr_put()
In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_reject_ipv6: fix nf_reject_ip6_tcphdr_put() syzbot reported that nf_reject_ip6_tcphdr_put() was possibly sending garbage on the four reserved tcp bits (th->res1) Use skb_put_zero() to clear the whole TCP header, asβ¦
5.5
CVE-2024-49878 - resource: fix region_intersects() vs add_memory_driver_managed()
In the Linux kernel, the following vulnerability has been resolved: resource: fix region_intersects() vs add_memory_driver_managed() On a system with CXL memory, the resource tree (/proc/iomem) related to CXL memory may look like something as follows. 490000000-50fffffff : CXL Window 0 4900000β¦
5.5
CVE-2024-47744 - KVM: Use dedicated mutex to protect kvm_usage_count to avoid deadlock
In the Linux kernel, the following vulnerability has been resolved: KVM: Use dedicated mutex to protect kvm_usage_count to avoid deadlock Use a dedicated mutex to guard kvm_usage_count to fix a potential deadlock on x86 due to a chain of locks and SRCU synchronizations. Translating the below locβ¦
5.5
CVE-2024-47709 - can: bcm: Clear bo->bcm_proc_read after remove_proc_entry().
In the Linux kernel, the following vulnerability has been resolved: can: bcm: Clear bo->bcm_proc_read after remove_proc_entry(). syzbot reported a warning in bcm_release(). [0] The blamed change fixed another warning that is triggered when connect() is issued again for a socket whose connect()edβ¦
5.5
CVE-2024-47703 - bpf, lsm: Add check for BPF LSM return value
In the Linux kernel, the following vulnerability has been resolved: bpf, lsm: Add check for BPF LSM return value A bpf prog returning a positive number attached to file_alloc_security hook makes kernel panic. This happens because file system can not filter out the positive number returned by theβ¦
6.5
CVE-2024-47693 - IB/core: Fix ib_cache_setup_one error flow cleanup
In the Linux kernel, the following vulnerability has been resolved: IB/core: Fix ib_cache_setup_one error flow cleanup When ib_cache_update return an error, we exit ib_cache_setup_one instantly with no proper cleanup, even though before this we had already successfully done gid_table_setup_one, tβ¦
7.8
CVE-2024-47697 - drivers: media: dvb-frontends/rtl2830: fix an out-of-bounds write error
In the Linux kernel, the following vulnerability has been resolved: drivers: media: dvb-frontends/rtl2830: fix an out-of-bounds write error Ensure index in rtl2830_pid_filter does not exceed 31 to prevent out-of-bounds access. dev->filters is a 32-bit value, so set_bit and clear_bit functions shβ¦
0.0
CVE-2024-47722 - kernel: xen: use correct end address of kernel for conflict checking
This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.