CVE-2024-56772 kunit: string-stream: Fix a UAF bug in kunit_init_suite()

In the Linux kernel, the following vulnerability has been resolved: kunit: string-stream: Fix a UAF bug in kunitinitsuite In kunitdebugfscreatesuite, if allocstringstream fails in the kunitsuiteforeachtestcase loop, the "suite-log = stream" has assigned before, and the error path only free the...

CVE-2024-56581

In the Linux kernel, the following vulnerability has been resolved: btrfs: ref-verify: fix use-after-free after invalid ref action At btrfsreftreemod after we successfully inserted the new ref entry local variable 'ref' into the respective block entry's rbtree local variable 'be', if we find an...

CVE-2024-56762

CVE-2024-56762 is rejected/not used; this entry does not represent an active vulnerability.

SUSE CVE-2024-56661

In the Linux kernel, the following vulnerability has been resolved: tipc: fix NULL deref in cleanupbearer syzbot found 1 that after blamed commit, ub-ubsock-sk was NULL when attempting the atomicdec : atomicdec&tipcnetsocknetub-ubsock-sk-wqcount; Fix this by caching the tipcnet pointer. 1 Oops:...

PT-2026-5508

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw exists in the Linux kernel related to the J1939 protocol. Specifically, the j1939 session activate function may succeed even after the network device has been unregistered via j19...

PT-2026-8105

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.19.0-rc1-00001-g09db0998649d Description The Linux kernel contains an issue in the mmc subsystem, specifically within the sdhci-of-dwcmshc driver. When operating in HS200 or HS400 timing modes, reducing the clo...

PT-2026-2865

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains a flaw related to the KVM hypervisor and its handling of the periodic HV timer. Specifically, when resuming a virtual machine after a prolonged period of...

CVE-2024-56692

CVE-2024-56692 involves a Linux kernel bug in the f2fs filesystem where an on-disk nat entry blkaddr may be corrupted, triggering a kernel panic in f2fs_invalidate_blocks during truncate_node. The root cause is a lacking sanity check on nat blkaddr, which can be exploited indirectly by fuzzed ima...

SUSE CVE-2024-53202

In the Linux kernel, the following vulnerability has been resolved: firmwareloader: Fix possible resource leak in fwlogfirmwareinfo The alg instance should be released under the exception path, otherwise there may be resource leak here. To mitigate this, free the alg instance with cryptofreeshash...

DEBIAN-CVE-2024-56651

In the Linux kernel, the following vulnerability has been resolved: can: hi311x: hi3110canist: fix potential use-after-free The commit a22bd630cfff "can: hi311x: do not report txerr and rxerr during bus-off" removed the reporting of rxerr and txerr even in case of correct operation i. e. not...

CVE-2024-56598 jfs: array-index-out-of-bounds fix in dtReadFirst

In the Linux kernel, the following vulnerability has been resolved: jfs: array-index-out-of-bounds fix in dtReadFirst The value of stbl can be sometimes out of bounds due to a bad filesystem. Added a check with appopriate return of error code in that case...

CVE-2024-56590 Bluetooth: hci_core: Fix not checking skb length on hci_acldata_packet

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hcicore: Fix not checking skb length on hciacldatapacket This fixes not checking if skb really contains an ACL header otherwise the code may attempt to access some uninitilized/invalid memory past the valid skb-data...

CVE-2024-56565

Technical details about CVE-2024-56565 are not provided in the supplied documents. Monitor for updates.

CVE-2024-56558 nfsd: make sure exp active before svc_export_show

In the Linux kernel, the following vulnerability has been resolved: nfsd: make sure exp active before svcexportshow The function eshow was called with protection from RCU. This only ensures that exp will not be freed. Therefore, the reference count for exp can drop to zero, which will trigger a...

CVE-2024-56550 s390/stacktrace: Use break instead of return statement

In the Linux kernel, the following vulnerability has been resolved: s390/stacktrace: Use break instead of return statement archstackwalkusercommon contains a return statement instead of a break statement in case storeip fails while trying to store a callchain entry of a user space process. This m...

CVE-2024-56549 cachefiles: Fix NULL pointer dereference in object->file

In the Linux kernel, the following vulnerability has been resolved: cachefiles: Fix NULL pointer dereference in object-file At present, the object-file has the NULL pointer dereference problem in ondemand-mode. The root cause is that the allocated fd and object-file lifetime are inconsistent, and...

CVE-2024-56548 hfsplus: don't query the device logical block size multiple times

In the Linux kernel, the following vulnerability has been resolved: hfsplus: don't query the device logical block size multiple times Devices block sizes may change. One of these cases is a loop device by using ioctl LOOPSETBLOCKSIZE. While this may cause other issues like IO being rejected, in t...

CVE-2024-56541 wifi: ath12k: fix use-after-free in ath12k_dp_cc_cleanup()

In the Linux kernel, the following vulnerability has been resolved: wifi: ath12k: fix use-after-free in ath12kdpcccleanup During ath12k module removal, in ath12kcoredeinit, ath12kmacdestroy un-registers ah-hw from mac80211 and frees the ah-hw as well as all the ar's in it. After this...

CVE-2024-53206 tcp: Fix use-after-free of nreq in reqsk_timer_handler().

In the Linux kernel, the following vulnerability has been resolved: tcp: Fix use-after-free of nreq in reqsktimerhandler. The cited commit replaced inetcskreqskqueuedropandput with inetcskreqskqueuedrop and reqskput in reqsktimerhandler. Then, oreq should be passed to reqskput instead of req;...

CVE-2024-53173 NFSv4.0: Fix a use-after-free problem in the asynchronous open()

In the Linux kernel, the following vulnerability has been resolved: NFSv4.0: Fix a use-after-free problem in the asynchronous open Yang Erkun reports that when two threads are opening files at the same time, and are forced to abort before a reply is seen, then the call to nfsreleaseseqid in...