CVE-2024-26868

A vulnerability was found in the fflayoutcancelio function in the Linux kernel. Improper error checking with the mirrords structure fails to check if it is NULL, leading to a potential NULL pointer dereference. This issue could lead to crashes. Mitigation Mitigation for this issue is either not...

CVE-2024-26867

In the Linux kernel, the following vulnerability has been resolved: comedi: comedi8255: Correct error in subdevice initialization The refactoring done in commit 5c57b1ccecc7 "comedi: comedi8255: Rework subdevice initialization functions" to the initialization of the io field of struct...

CVE-2024-26868 nfs: fix panic when nfs4_ff_layout_prepare_ds() fails

In the Linux kernel, the following vulnerability has been resolved: nfs: fix panic when nfs4fflayoutprepareds fails We've been seeing the following panic in production BUG: kernel NULL pointer dereference, address: 0000000000000065 PGD 2f485f067 P4D 2f485f067 PUD 2cc5d8067 PMD 0 RIP:...

CVE-2024-26866 spi: lpspi: Avoid potential use-after-free in probe()

In the Linux kernel, the following vulnerability has been resolved: spi: lpspi: Avoid potential use-after-free in probe fsllpspiprobe is allocating/disposing memory manually with spiallochost/spialloctarget, but uses devmspiregistercontroller. In case of error after the latter call the memory wil...

CVE-2024-26866 spi: lpspi: Avoid potential use-after-free in probe()

In the Linux kernel, the following vulnerability has been resolved: spi: lpspi: Avoid potential use-after-free in probe fsllpspiprobe is allocating/disposing memory manually with spiallochost/spialloctarget, but uses devmspiregistercontroller. In case of error after the latter call the memory wil...

CVE-2024-26855 net: ice: Fix potential NULL pointer dereference in ice_bridge_setlink()

In the Linux kernel, the following vulnerability has been resolved: net: ice: Fix potential NULL pointer dereference in icebridgesetlink The function icebridgesetlink may encounter a NULL pointer dereference if nlmsgfindattr returns NULL and brspec is dereferenced subsequently in nlaforeachnested...

CVE-2024-26784 pmdomain: arm: Fix NULL dereference on scmi_perf_domain removal

In the Linux kernel, the following vulnerability has been resolved: pmdomain: arm: Fix NULL dereference on scmiperfdomain removal On unloading of the scmiperfdomain module got the below splat, when in the DT provided to the system under test the 'power-domain-cells' property was missing. Indeed,...

CVE-2024-26700

CV E-2024-26700 is a Linux kernel issue: drm/amd/display had a fix to prevent MST null-pointer dereference on RV platforms. The crash trace shows a NULL pointer dereference in drm_dp_atomic_find_time_slots during DP MST time-slot calculation, leading to a kernel oops. Affected code path involves ...

CVE-2024-26700 drm/amd/display: Fix MST Null Ptr for RV

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Fix MST Null Ptr for RV The change try to fix below error specific to RV platform: BUG: kernel NULL pointer dereference, address: 0000000000000008 PGD 0 P4D 0 Oops: 0000 1 PREEMPT SMP NOPTI CPU: 4 PID: 917 Comm:...

CVE-2021-47127

In the Linux kernel, the following vulnerability has been resolved: ice: track AFXDP ZC enabled queues in bitmap Commit c7a219048e45 "ice: Remove xskbuffpool from VSI structure" silently introduced a regression and broke the Tx side of AFXDP in copy mode. xskpool on icering is set only based on t...

CVE-2024-26615

In the Linux kernel, the following vulnerability has been resolved: net/smc: fix illegal rmbdesc access in SMC-D connection dump A crash was found when dumping SMC-D connections. It can be reproduced by following steps: - run nginx/wrk test: smcrun nginx smcrun wrk -t 16 -c 1000 -d -H 'Connection...

CVE-2023-52489

In the Linux kernel, the following vulnerability has been resolved: mm/sparsemem: fix race in accessing memorysection-usage The below race is observed on a PFN which falls into the device memory region with the system memory configuration where PFN's are such that ZONENORMAL ZONEDEVICE ZONENORMAL...

PT-2024-4107

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.8.0-rc6+ Description The vulnerability is related to the SUNRPC module in the Linux kernel, specifically with the TCP TLS functionality. A missing rpc stat for TCP TLS can cause a kernel NULL pointer dereferenc...

CVE-2023-52523

In the Linux kernel, the following vulnerability has been resolved: bpf, sockmap: Reject skmsg egress redirects to non-TCP sockets With a SOCKMAP/SOCKHASH map and an skmsg program user can steer messages sent from one TCP socket s1 to actually egress from another TCP socket s2: tcpbpfsendmsgs1 //...

CVE-2023-52568 x86/sgx: Resolves SECS reclaim vs. page fault for EAUG race

In the Linux kernel, the following vulnerability has been resolved: x86/sgx: Resolves SECS reclaim vs. page fault for EAUG race The SGX EPC reclaimer ksgxd may reclaim the SECS EPC page for an enclave and set secs.epcpage to NULL. The SECS page is used for EAUG and ELDU in the SGX page fault...

CVE-2024-26615 net/smc: fix illegal rmb_desc access in SMC-D connection dump

In the Linux kernel, the following vulnerability has been resolved: net/smc: fix illegal rmbdesc access in SMC-D connection dump A crash was found when dumping SMC-D connections. It can be reproduced by following steps: - run nginx/wrk test: smcrun nginx smcrun wrk -t 16 -c 1000 -d -H 'Connection...

CVE-2024-26615 net/smc: fix illegal rmb_desc access in SMC-D connection dump

In the Linux kernel, the following vulnerability has been resolved: net/smc: fix illegal rmbdesc access in SMC-D connection dump A crash was found when dumping SMC-D connections. It can be reproduced by following steps: - run nginx/wrk test: smcrun nginx smcrun wrk -t 16 -c 1000 -d -H 'Connection...

CVE-2023-52489 mm/sparsemem: fix race in accessing memory_section->usage

In the Linux kernel, the following vulnerability has been resolved: mm/sparsemem: fix race in accessing memorysection-usage The below race is observed on a PFN which falls into the device memory region with the system memory configuration where PFN's are such that ZONENORMAL ZONEDEVICE ZONENORMAL...

CVE-2023-52477

In the Linux kernel, the following vulnerability has been resolved: usb: hub: Guard against accesses to uninitialized BOS descriptors Many functions in drivers/usb/core/hub.c and drivers/usb/core/hub.h access fields inside udev-bos without checking if it was allocated and initialized. If...

CVE-2024-26591

CVE-2024-26591: Linux kernel vulnerability in bpf_tracing_prog_attach can crash with NULL pointer dereference due to missing attach_btf when attaching tracing programs (rawtp/fentry chain). The issue arises in a sequence of loading a rawtp program, loading an fentry with rawtp as target, creating...