CVE-2024-38622

CVE-2024-38622 concerns a Linux kernel issue in drm/msm/dpu where dpu_core_irq_callback_handler() checks a callback pointer for NULL but then unconditionally calls it. The vulnerability arises from calling a possibly NULL function pointer, which could lead to kernel behavior disruption. The fix a...

SUSE CVE-2024-38615

In the Linux kernel, the following vulnerability has been resolved: cpufreq: exit callback is optional The exit callback is optional and shouldn't be called without checking a valid pointer first. Also, we must clear freqtable pointer even if the exit callback isn't present...

Linux kernel security vulnerabilities

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel, which stems from the drm/msm/dpu module adding a check before calling a callback function pointer...

CLSA-2024-1718897210 glibc: Fix of 3 CVEs

CVE-2024-33600: nscd: avoid null pointer crashes after notfound response - CVE-2024-33601: fix memory allocation issue in netgroup cache by replacing xmalloc and xrealloc functions to prevent denial of service - CVE-2024-33602: fix memory corruption in netgroup cache by ensuring all strings are...

CVE-2021-47613

In the Linux kernel, the following vulnerability has been resolved: i2c: virtio: fix completion handling The driver currently assumes that the notify callback is only received when the device is done with all the queued buffers. However, this is not true, since the notify callback could be called...

CVE-2022-48753 block: fix memory leak in disk_register_independent_access_ranges

In the Linux kernel, the following vulnerability has been resolved: block: fix memory leak in diskregisterindependentaccessranges kobjectinitandadd takes reference even when it fails. According to the doc of kobjectinitandadd If this function returns an error, kobjectput must be called to properl...

CVE-2022-48721 net/smc: Forward wakeup to smc socket waitqueue after fallback

In the Linux kernel, the following vulnerability has been resolved: net/smc: Forward wakeup to smc socket waitqueue after fallback When we replace TCP with SMC and a fallback occurs, there may be some socket waitqueue entries remaining in smc socket-wq, such as eppollentries inserted by userspace...

CVE-2021-47613

In the Linux kernel, the following vulnerability has been resolved: i2c: virtio: fix completion handling The driver currently assumes that the notify callback is only received when the device is done with all the queued buffers. However, this is not true, since the notify callback could be called...

CVE-2021-47613

In the Linux kernel, the following vulnerability has been resolved: i2c: virtio: fix completion handling The driver currently assumes that the notify callback is only received when the device is done with all the queued buffers. However, this is not true, since the notify callback could be called...

CVE-2024-38615

In the Linux kernel, the following vulnerability has been resolved: cpufreq: exit callback is optional The exit callback is optional and shouldn't be called without checking a valid pointer first. Also, we must clear freqtable pointer even if the exit callback isn't present...

DEBIAN-CVE-2024-38615

In the Linux kernel, the following vulnerability has been resolved: cpufreq: exit callback is optional The exit callback is optional and shouldn't be called without checking a valid pointer first. Also, we must clear freqtable pointer even if the exit callback isn't present...

DEBIAN-CVE-2024-38611

In the Linux kernel, the following vulnerability has been resolved: media: i2c: et8ek8: Don't strip remove function when driver is builtin Using exit for the remove function results in the remove callback being discarded with CONFIGVIDEOET8EK8=y. When such a device gets unbound e.g. using sysfs o...

UBUNTU-CVE-2024-38611

In the Linux kernel, the following vulnerability has been resolved: media: i2c: et8ek8: Don't strip remove function when driver is builtin Using exit for the remove function results in the remove callback being discarded with CONFIGVIDEOET8EK8=y. When such a device gets unbound e.g. using sysfs o...

UBUNTU-CVE-2024-38615

In the Linux kernel, the following vulnerability has been resolved: cpufreq: exit callback is optional The exit callback is optional and shouldn't be called without checking a valid pointer first. Also, we must clear freqtable pointer even if the exit callback isn't present...

CVE-2024-38615 cpufreq: exit() callback is optional

In the Linux kernel, the following vulnerability has been resolved: cpufreq: exit callback is optional The exit callback is optional and shouldn't be called without checking a valid pointer first. Also, we must clear freqtable pointer even if the exit callback isn't present...

CVE-2024-38615 cpufreq: exit() callback is optional

In the Linux kernel, the following vulnerability has been resolved: cpufreq: exit callback is optional The exit callback is optional and shouldn't be called without checking a valid pointer first. Also, we must clear freqtable pointer even if the exit callback isn't present...

CVE-2024-38615 cpufreq: exit() callback is optional

In the Linux kernel, the following vulnerability has been resolved: cpufreq: exit callback is optional The exit callback is optional and shouldn't be called without checking a valid pointer first. Also, we must clear freqtable pointer even if the exit callback isn't present...

CLSA-2024-1718794810 glibc: Fix of 3 CVEs

CVE-2024-33600: nscd: avoid null pointer crashes after notfound response - CVE-2024-33601: fix memory allocation issue in netgroup cache by replacing xmalloc and xrealloc functions to prevent denial of service - CVE-2024-33602: fix memory corruption in netgroup cache by ensuring all strings are...

PT-2024-9285 · Linux +1 · Linux Kernel +1

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: The issue is related to the Linux kernel's virtio component, where the driver incorrectly assumes that the notify callback is only received when the device is done with all the queued...

Linux kernel security vulnerabilities

Linux kernel is the kernel used by the Linux Foundation's open source operating system Linux. A security vulnerability exists in the Linux kernel, which stems from the use of exit as the delete function can cause the delete callback to be discarded, resulting in a resource leak when a device is...