CVE-2024-53122

CVE-2024-53122 affects the Linux kernel in mptcp: racing subflow creation in mptcp_rcv_space_adjust can trigger a race when handling spooled data on a subflow, potentially causing a divide-by-zero during tcp_cleanup_rbuf() on newly created subflows. The fix adds a state check to ensure the subflo...

CVE-2024-42065

CVE-2024-42065 relates to the Linux kernel DRM/XE path. A NULL pointer dereference vulnerability in xe_ttm_stolen_mgr_init was fixed by adding an explicit NULL check to ensure the mgr is not NULL before use. The patch updates the function to validate the mgr reference and prevents dereferencing a...

CVE-2024-42065 drm/xe: Add a NULL check in xe_ttm_stolen_mgr_init

In the Linux kernel, the following vulnerability has been resolved: drm/xe: Add a NULL check in xettmstolenmgrinit Add an explicit check to ensure that the mgr is not NULL...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from the lack of an explicit check in xettmstolenmgrinit to ensure that the mgr is not null...

Potential Out-of-Bounds Error When Modifying Ranges

Lines of code Vulnerability details The method allows for the modification of a range based on an index. However, there's no explicit check to ensure that the provided indexToModify is within the bounds of the ranges array. If an out-of-bounds index is provided, the method will throw a generic...

Reactivated gauges have incorrect accounting for the last cycle’s rewards

Lines of code Vulnerability details Impact reactivated gauges that previously had queued up rewards have a mismatch between their storedCycle and contract’s gaugeCycle state variable. Due to this mismatch, there is also a resulting issue with the accounting logic for its completed rewards: Proof ...