CVE-2024-24859

A race condition was found in the Linux kernel's net/bluetooth in sniffmin,maxintervalset function. This can result in a bluetooth sniffing exception issue, possibly leading denial of service...

kernel: HV: hv_balloon: fix memory leak with using debugfs_lookup()

In the Linux kernel, the following vulnerability has been resolved: HV: hvballoon: fix memory leak with using debugfslookup When calling debugfslookup the result must have dput called on it, otherwise the memory will leak over time. To make things simpler, just call debugfslookupandremove instead...

kernel: scsi: lpfc: Prevent lpfc_debugfs_lockstat_write() buffer overflow

In the Linux kernel, the following vulnerability has been resolved: scsi: lpfc: Prevent lpfcdebugfslockstatwrite buffer overflow A static code analysis tool flagged the possibility of buffer overflow when using copyfromuser for a debugfs entry. Currently, it is possible that copyfromuser copies...

kernel: drm/i915/gvt: fix vgpu debugfs clean in remove

A NULL pointer dereference was found in the Linux kernel Intel i915 graphics driver's virtual GPU debugfs cleanup handling. A local user with privileges to unbind the i915 driver can trigger driver removal on systems with active virtual GPU instances, causing the cleanup path to attempt removing...

kernel: USB: ULPI: fix memory leak with using debugfs_lookup()

In the Linux kernel, the following vulnerability has been resolved: USB: ULPI: fix memory leak with using debugfslookup When calling debugfslookup the result must have dput called on it, otherwise the memory will leak over time. To make things simpler, just call debugfslookupandremove instead whi...

kernel: drivers: base: component: fix memory leak with using debugfs_lookup()

In the Linux kernel, the following vulnerability has been resolved: drivers: base: component: fix memory leak with using debugfslookup When calling debugfslookup the result must have dput called on it, otherwise the memory will leak over time. To make things simpler, just call...

kernel: drivers: base: dd: fix memory leak with using debugfs_lookup()

In the Linux kernel, the following vulnerability has been resolved: drivers: base: dd: fix memory leak with using debugfslookup When calling debugfslookup the result must have dput called on it, otherwise the memory will leak over time. To make things simpler, just call debugfslookupandremove...

kernel: Linux kernel: Integer overflow in iwlwifi debugfs function

A flaw was identified in the Linux kernel’s iwlwifi PCIe driver. In the function iwlwritetouserbuf—which is invoked by iwldbgfsmonitordataread—an attacker could supply a specially crafted count value e.g., SIZEMAX. This leads to an integer overflow when calculating the remaining buffer space,...

kernel: drm/i915: Fix request ref counting during error capture & debugfs dump

In the Linux kernel, the following vulnerability has been resolved: drm/i915: Fix request ref counting during error capture & debugfs dump When GuC support was added to error capture, the reference counting around the request object was broken. Fix it up. The context based search manages the...

kernel: USB: uhci: fix memory leak with using debugfs_lookup()

In the Linux kernel, the following vulnerability has been resolved: USB: uhci: fix memory leak with using debugfslookup When calling debugfslookup the result must have dput called on it, otherwise the memory will leak over time. To make things simpler, just call debugfslookupandremove instead whi...

kernel: Kernel: NULL pointer dereference in Intel GVT-g debugfs during device removal

A flaw was found in the Linux kernel's Intel GVT-g Graphics Virtualization Technology debugfs component. When a device is removed through unbinding, the intelgvtdebugfsclean function may attempt to access a debugfs root that has already been deallocated, leading to a NULL pointer dereference. A...

kernel: drm/i915: Fix request ref counting during error capture & debugfs dump

In the Linux kernel, the following vulnerability has been resolved: drm/i915: Fix request ref counting during error capture & debugfs dump When GuC support was added to error capture, the reference counting around the request object was broken. Fix it up. The context based search manages the...

kernel: platform/x86/amd: pmc: Fix memory leak in amd_pmc_stb_debugfs_open_v2()

A memory leak was found in the AMD PMC driver's STB debugfs interface. When amdpmcsendcmd fails, the allocated buffer is not freed, causing memory to leak on each failed operation...

kernel: scsi: lpfc: Prevent lpfc_debugfs_lockstat_write() buffer overflow

In the Linux kernel, the following vulnerability has been resolved: scsi: lpfc: Prevent lpfcdebugfslockstatwrite buffer overflow A static code analysis tool flagged the possibility of buffer overflow when using copyfromuser for a debugfs entry. Currently, it is possible that copyfromuser copies...

kernel: drivers: base: component: fix memory leak with using debugfs_lookup()

In the Linux kernel, the following vulnerability has been resolved: drivers: base: component: fix memory leak with using debugfslookup When calling debugfslookup the result must have dput called on it, otherwise the memory will leak over time. To make things simpler, just call...

kernel: drivers: base: dd: fix memory leak with using debugfs_lookup()

In the Linux kernel, the following vulnerability has been resolved: drivers: base: dd: fix memory leak with using debugfslookup When calling debugfslookup the result must have dput called on it, otherwise the memory will leak over time. To make things simpler, just call debugfslookupandremove...

kernel: USB: fix memory leak with using debugfs_lookup()

In the Linux kernel, the following vulnerability has been resolved: USB: fix memory leak with using debugfslookup When calling debugfslookup the result must have dput called on it, otherwise the memory will leak over time. To make things simpler, just call debugfslookupandremove instead which...

kernel: Linux kernel: Integer overflow in iwlwifi debugfs function

A flaw was identified in the Linux kernel’s iwlwifi PCIe driver. In the function iwlwritetouserbuf—which is invoked by iwldbgfsmonitordataread—an attacker could supply a specially crafted count value e.g., SIZEMAX. This leads to an integer overflow when calculating the remaining buffer space,...

kernel: wifi: iwlwifi: fw: fix memory leak in debugfs

In the Linux kernel, the following vulnerability has been resolved: wifi: iwlwifi: fw: fix memory leak in debugfs Fix a memory leak that occurs when reading the fwinfo file all the way, since we return NULL indicating no more data, but don't free the status tracking object...

kernel: Kernel: NULL pointer dereference in Intel GVT-g debugfs during device removal

A flaw was found in the Linux kernel's Intel GVT-g Graphics Virtualization Technology debugfs component. When a device is removed through unbinding, the intelgvtdebugfsclean function may attempt to access a debugfs root that has already been deallocated, leading to a NULL pointer dereference. A...