CVE-2024-49954 static_call: Replace pointless WARN_ON() in static_call_module_notify()

In the Linux kernel, the following vulnerability has been resolved: staticcall: Replace pointless WARNON in staticcallmodulenotify staticcallmodulenotify triggers a WARNON, when memory allocation fails in staticcalladdmodule. That's not really justified, because the failure case must be correctly...

CVE-2024-40958

In the Linux kernel, the following vulnerability has been resolved: netns: Make getnetns handle zero refcount net Syzkaller hit a warning: refcountt: addition on 0; use-after-free. WARNING: CPU: 3 PID: 7890 at lib/refcount.c:25 refcountwarnsaturate+0xdf/0x1d0 Modules linked in: CPU: 3 PID: 7890...

CVE-2024-40958

CVE-2024-40958 relates to the Linux kernel: get_net_ns() may perform a refcount increment on a net namespace with zero refcount, triggering a use-after-free warning and potential kernel panic. The root cause is an addition on 0 refcount via get_net_ns(), surfaced during operations like netns swit...

CVE-2024-40958 netns: Make get_net_ns() handle zero refcount net

In the Linux kernel, the following vulnerability has been resolved: netns: Make getnetns handle zero refcount net Syzkaller hit a warning: refcountt: addition on 0; use-after-free. WARNING: CPU: 3 PID: 7890 at lib/refcount.c:25 refcountwarnsaturate+0xdf/0x1d0 Modules linked in: CPU: 3 PID: 7890...

CVE-2024-36975

In the Linux kernel, the following vulnerability has been resolved: KEYS: trusted: Do not use WARN when encode fails When asn1encodesequence fails, WARN is not the correct solution. 1. asn1encodesequence is not an internal function located in lib/asn1encode.c. 2. Location is known, which makes th...

CVE-2024-36975

In the Linux kernel, the following vulnerability has been resolved: KEYS: trusted: Do not use WARN when encode fails When asn1encodesequence fails, WARN is not the correct solution. 1. asn1encodesequence is not an internal function located in lib/asn1encode.c. 2. Location is known, which makes th...

CVE-2024-36975 KEYS: trusted: Do not use WARN when encode fails

In the Linux kernel, the following vulnerability has been resolved: KEYS: trusted: Do not use WARN when encode fails When asn1encodesequence fails, WARN is not the correct solution. 1. asn1encodesequence is not an internal function located in lib/asn1encode.c. 2. Location is known, which makes th...

CVE-2024-36975

CVE-2024-36975 is a Linux kernel issue: when asn1_encode_sequence() fails, using WARN is inappropriate. The function is located in lib/asn1_encode.c and is not an internal helper, which makes the stack trace less useful. On certain paths, this can crash the kernel if panic_on_warn is set. The rec...

CVE-2024-36028

In the Linux kernel, the following vulnerability has been resolved: mm/hugetlb: fix DEBUGLOCKSWARNON1 when dissolvefreehugetlbfolio When I did memory failure tests recently, below warning occurs: DEBUGLOCKSWARNON1 WARNING: CPU: 8 PID: 1011 at kernel/locking/lockdep.c:232 lockacquire+0xccb/0x1ca0...

CVE-2023-52604

A flaw was found in the jfs module in the Linux kernel. An out-of-bounds read vulnerability can be triggered due to a missing input validation before updating the leaf of a tree with a new value, resulting in a denial of service...