csaf_certbund - wid-sec-w-2024-1431

wid-sec-w-2024-1431

Vulnerability from csaf_certbund

Published

2024-06-23 22:00

Modified

2024-07-24 22:00

Summary

Linux Kernel: Mehrere Schwachstellen ermöglichen Denial of Service

Notes

Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.

Produktbeschreibung

Der Kernel stellt den Kern des Linux Betriebssystems dar.

Angriff

Ein lokaler Angreifer kann mehrere Schwachstellen im Linux Kernel ausnutzen, um einen Denial of Service Angriff durchzuführen.

Betroffene Betriebssysteme

- Linux

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "text": "mittel"
    },
    "category": "csaf_base",
    "csaf_version": "2.0",
    "distribution": {
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "de-DE",
    "notes": [
      {
        "category": "legal_disclaimer",
        "text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
      },
      {
        "category": "description",
        "text": "Der Kernel stellt den Kern des Linux Betriebssystems dar.",
        "title": "Produktbeschreibung"
      },
      {
        "category": "summary",
        "text": "Ein lokaler Angreifer kann mehrere Schwachstellen im Linux Kernel ausnutzen, um einen Denial of Service Angriff durchzuf\u00fchren.",
        "title": "Angriff"
      },
      {
        "category": "general",
        "text": "- Linux",
        "title": "Betroffene Betriebssysteme"
      }
    ],
    "publisher": {
      "category": "other",
      "contact_details": "csaf-provider@cert-bund.de",
      "name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
      "namespace": "https://www.bsi.bund.de"
    },
    "references": [
      {
        "category": "self",
        "summary": "WID-SEC-W-2024-1431 - CSAF Version",
        "url": "https://wid.cert-bund.de/.well-known/csaf/white/2024/wid-sec-w-2024-1431.json"
      },
      {
        "category": "self",
        "summary": "WID-SEC-2024-1431 - Portal Version",
        "url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2024-1431"
      },
      {
        "category": "external",
        "summary": "Linux CVE Announcement vom 2024-06-23",
        "url": "https://lore.kernel.org/linux-cve-announce/2024062131-CVE-2023-52884-5b0d@gregkh/T/"
      },
      {
        "category": "external",
        "summary": "Linux CVE Announcement vom 2024-06-23",
        "url": "https://lore.kernel.org/linux-cve-announce/2024062134-CVE-2024-31076-786e@gregkh/T/"
      },
      {
        "category": "external",
        "summary": "Linux CVE Announcement vom 2024-06-23",
        "url": "https://lore.kernel.org/linux-cve-announce/2024062136-CVE-2024-36489-7213@gregkh/T/"
      },
      {
        "category": "external",
        "summary": "Linux CVE Announcement vom 2024-06-23",
        "url": "https://lore.kernel.org/linux-cve-announce/2024062137-CVE-2024-37353-71d4@gregkh/T/"
      },
      {
        "category": "external",
        "summary": "Linux CVE Announcement vom 2024-06-23",
        "url": "https://lore.kernel.org/linux-cve-announce/2024062137-CVE-2024-37356-cc7b@gregkh/T/"
      },
      {
        "category": "external",
        "summary": "Linux CVE Announcement vom 2024-06-23",
        "url": "https://lore.kernel.org/linux-cve-announce/2024062137-CVE-2024-38381-07fb@gregkh/T/"
      },
      {
        "category": "external",
        "summary": "Linux CVE Announcement vom 2024-06-23",
        "url": "https://lore.kernel.org/linux-cve-announce/2024062137-CVE-2024-38388-fb75@gregkh/T/"
      },
      {
        "category": "external",
        "summary": "Linux CVE Announcement vom 2024-06-23",
        "url": "https://lore.kernel.org/linux-cve-announce/2024062138-CVE-2024-38390-395e@gregkh/T/"
      },
      {
        "category": "external",
        "summary": "Linux CVE Announcement vom 2024-06-23",
        "url": "https://lore.kernel.org/linux-cve-announce/2024062138-CVE-2024-38391-c792@gregkh/T/"
      },
      {
        "category": "external",
        "summary": "Linux CVE Announcement vom 2024-06-23",
        "url": "https://lore.kernel.org/linux-cve-announce/2024062138-CVE-2024-38621-d52e@gregkh/T/"
      },
      {
        "category": "external",
        "summary": "Debian Security Advisory DLA-3840 vom 2024-06-27",
        "url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2024:2372-1 vom 2024-07-09",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2024-July/018901.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2024:2360-1 vom 2024-07-09",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2024-July/018907.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2024:2381-1 vom 2024-07-10",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2024-July/018916.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2024:2394-1 vom 2024-07-10",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2024-July/018922.html"
      },
      {
        "category": "external",
        "summary": "Debian Security Advisory DSA-5730 vom 2024-07-16",
        "url": "https://lists.debian.org/debian-security-announce/2024/msg00141.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2024:2561-1 vom 2024-07-18",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2024-July/019001.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2024:2571-1 vom 2024-07-22",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2024-July/019019.html"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2024:4831 vom 2024-07-24",
        "url": "https://access.redhat.com/errata/RHSA-2024:4831"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2024:4823 vom 2024-07-24",
        "url": "https://access.redhat.com/errata/RHSA-2024:4823"
      }
    ],
    "source_lang": "en-US",
    "title": "Linux Kernel: Mehrere Schwachstellen erm\u00f6glichen Denial of Service",
    "tracking": {
      "current_release_date": "2024-07-24T22:00:00.000+00:00",
      "generator": {
        "date": "2024-07-25T08:32:58.573+00:00",
        "engine": {
          "name": "BSI-WID",
          "version": "1.3.0"
        }
      },
      "id": "WID-SEC-W-2024-1431",
      "initial_release_date": "2024-06-23T22:00:00.000+00:00",
      "revision_history": [
        {
          "date": "2024-06-23T22:00:00.000+00:00",
          "number": "1",
          "summary": "Initiale Fassung"
        },
        {
          "date": "2024-06-27T22:00:00.000+00:00",
          "number": "2",
          "summary": "Neue Updates von Debian aufgenommen"
        },
        {
          "date": "2024-07-09T22:00:00.000+00:00",
          "number": "3",
          "summary": "Neue Updates von SUSE aufgenommen"
        },
        {
          "date": "2024-07-10T22:00:00.000+00:00",
          "number": "4",
          "summary": "Neue Updates von SUSE aufgenommen"
        },
        {
          "date": "2024-07-15T22:00:00.000+00:00",
          "number": "5",
          "summary": "Neue Updates von Debian aufgenommen"
        },
        {
          "date": "2024-07-18T22:00:00.000+00:00",
          "number": "6",
          "summary": "Neue Updates von SUSE aufgenommen"
        },
        {
          "date": "2024-07-22T22:00:00.000+00:00",
          "number": "7",
          "summary": "Neue Updates von SUSE aufgenommen"
        },
        {
          "date": "2024-07-24T22:00:00.000+00:00",
          "number": "8",
          "summary": "Neue Updates von Red Hat aufgenommen"
        }
      ],
      "status": "final",
      "version": "8"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "category": "product_name",
            "name": "Debian Linux",
            "product": {
              "name": "Debian Linux",
              "product_id": "2951",
              "product_identification_helper": {
                "cpe": "cpe:/o:debian:debian_linux:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "Debian"
      },
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "\u003c6.10-rc1",
                "product": {
                  "name": "Open Source Linux Kernel \u003c6.10-rc1",
                  "product_id": "T035616",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:linux:linux_kernel:6.10-rc1"
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "Linux Kernel"
          }
        ],
        "category": "vendor",
        "name": "Open Source"
      },
      {
        "branches": [
          {
            "category": "product_name",
            "name": "Red Hat Enterprise Linux",
            "product": {
              "name": "Red Hat Enterprise Linux",
              "product_id": "67646",
              "product_identification_helper": {
                "cpe": "cpe:/o:redhat:enterprise_linux:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "Red Hat"
      },
      {
        "branches": [
          {
            "category": "product_name",
            "name": "SUSE Linux",
            "product": {
              "name": "SUSE Linux",
              "product_id": "T002207",
              "product_identification_helper": {
                "cpe": "cpe:/o:suse:suse_linux:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "SUSE"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2023-52884",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie z.B. cyapa, virtio oder nfc/nci u.a. aufgrund mehrerer sicherheitsrelevanter Probleme wie z.B. einer NULL- Pointer-Dereferenz, einem Out-of-Bound Write oder einem Vektorleck und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand zu verursachen oder einen unspezifischen Angriff durchzuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646"
        ]
      },
      "release_date": "2024-06-23T22:00:00Z",
      "title": "CVE-2023-52884"
    },
    {
      "cve": "CVE-2024-31076",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie z.B. cyapa, virtio oder nfc/nci u.a. aufgrund mehrerer sicherheitsrelevanter Probleme wie z.B. einer NULL- Pointer-Dereferenz, einem Out-of-Bound Write oder einem Vektorleck und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand zu verursachen oder einen unspezifischen Angriff durchzuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646"
        ]
      },
      "release_date": "2024-06-23T22:00:00Z",
      "title": "CVE-2024-31076"
    },
    {
      "cve": "CVE-2024-36489",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie z.B. cyapa, virtio oder nfc/nci u.a. aufgrund mehrerer sicherheitsrelevanter Probleme wie z.B. einer NULL- Pointer-Dereferenz, einem Out-of-Bound Write oder einem Vektorleck und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand zu verursachen oder einen unspezifischen Angriff durchzuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646"
        ]
      },
      "release_date": "2024-06-23T22:00:00Z",
      "title": "CVE-2024-36489"
    },
    {
      "cve": "CVE-2024-37353",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie z.B. cyapa, virtio oder nfc/nci u.a. aufgrund mehrerer sicherheitsrelevanter Probleme wie z.B. einer NULL- Pointer-Dereferenz, einem Out-of-Bound Write oder einem Vektorleck und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand zu verursachen oder einen unspezifischen Angriff durchzuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646"
        ]
      },
      "release_date": "2024-06-23T22:00:00Z",
      "title": "CVE-2024-37353"
    },
    {
      "cve": "CVE-2024-37356",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie z.B. cyapa, virtio oder nfc/nci u.a. aufgrund mehrerer sicherheitsrelevanter Probleme wie z.B. einer NULL- Pointer-Dereferenz, einem Out-of-Bound Write oder einem Vektorleck und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand zu verursachen oder einen unspezifischen Angriff durchzuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646"
        ]
      },
      "release_date": "2024-06-23T22:00:00Z",
      "title": "CVE-2024-37356"
    },
    {
      "cve": "CVE-2024-38381",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie z.B. cyapa, virtio oder nfc/nci u.a. aufgrund mehrerer sicherheitsrelevanter Probleme wie z.B. einer NULL- Pointer-Dereferenz, einem Out-of-Bound Write oder einem Vektorleck und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand zu verursachen oder einen unspezifischen Angriff durchzuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646"
        ]
      },
      "release_date": "2024-06-23T22:00:00Z",
      "title": "CVE-2024-38381"
    },
    {
      "cve": "CVE-2024-38388",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie z.B. cyapa, virtio oder nfc/nci u.a. aufgrund mehrerer sicherheitsrelevanter Probleme wie z.B. einer NULL- Pointer-Dereferenz, einem Out-of-Bound Write oder einem Vektorleck und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand zu verursachen oder einen unspezifischen Angriff durchzuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646"
        ]
      },
      "release_date": "2024-06-23T22:00:00Z",
      "title": "CVE-2024-38388"
    },
    {
      "cve": "CVE-2024-38390",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie z.B. cyapa, virtio oder nfc/nci u.a. aufgrund mehrerer sicherheitsrelevanter Probleme wie z.B. einer NULL- Pointer-Dereferenz, einem Out-of-Bound Write oder einem Vektorleck und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand zu verursachen oder einen unspezifischen Angriff durchzuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646"
        ]
      },
      "release_date": "2024-06-23T22:00:00Z",
      "title": "CVE-2024-38390"
    },
    {
      "cve": "CVE-2024-38391",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie z.B. cyapa, virtio oder nfc/nci u.a. aufgrund mehrerer sicherheitsrelevanter Probleme wie z.B. einer NULL- Pointer-Dereferenz, einem Out-of-Bound Write oder einem Vektorleck und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand zu verursachen oder einen unspezifischen Angriff durchzuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646"
        ]
      },
      "release_date": "2024-06-23T22:00:00Z",
      "title": "CVE-2024-38391"
    },
    {
      "cve": "CVE-2024-38621",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie z.B. cyapa, virtio oder nfc/nci u.a. aufgrund mehrerer sicherheitsrelevanter Probleme wie z.B. einer NULL- Pointer-Dereferenz, einem Out-of-Bound Write oder einem Vektorleck und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand zu verursachen oder einen unspezifischen Angriff durchzuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "67646"
        ]
      },
      "release_date": "2024-06-23T22:00:00Z",
      "title": "CVE-2024-38621"
    }
  ]
}

cve-2024-38388

Vulnerability from cvelistv5

Published

2024-06-21 10:18

Modified

2024-08-02 04:04

Severity

Summary

ALSA: hda/cs_dsp_ctl: Use private_free for control cleanup

References

URL	Tags
https://git.kernel.org/stable/c/191dc1b2ff0fb35e7aff15a53224837637df8bff
https://git.kernel.org/stable/c/6e359be4975006ff72818e79dad8fe48293f2eb2
https://git.kernel.org/stable/c/3291486af5636540980ea55bae985f3eaa5b0740
https://git.kernel.org/stable/c/172811e3a557d8681a5e2d0f871dc04a2d17eb13

Impacted products

Vendor	Product
Linux	Linux
Linux	Linux

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-38388",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-06-24T15:21:00.338175Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-06-24T15:21:07.685Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T04:04:25.255Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/191dc1b2ff0fb35e7aff15a53224837637df8bff"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/6e359be4975006ff72818e79dad8fe48293f2eb2"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/3291486af5636540980ea55bae985f3eaa5b0740"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/172811e3a557d8681a5e2d0f871dc04a2d17eb13"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "sound/pci/hda/hda_cs_dsp_ctl.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "191dc1b2ff0f",
              "status": "affected",
              "version": "3233b978af23",
              "versionType": "git"
            },
            {
              "lessThan": "6e359be49750",
              "status": "affected",
              "version": "3233b978af23",
              "versionType": "git"
            },
            {
              "lessThan": "3291486af563",
              "status": "affected",
              "version": "3233b978af23",
              "versionType": "git"
            },
            {
              "lessThan": "172811e3a557",
              "status": "affected",
              "version": "3233b978af23",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "sound/pci/hda/hda_cs_dsp_ctl.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "status": "affected",
              "version": "6.0"
            },
            {
              "lessThan": "6.0",
              "status": "unaffected",
              "version": "0",
              "versionType": "custom"
            },
            {
              "lessThanOrEqual": "6.1.*",
              "status": "unaffected",
              "version": "6.1.93",
              "versionType": "custom"
            },
            {
              "lessThanOrEqual": "6.6.*",
              "status": "unaffected",
              "version": "6.6.33",
              "versionType": "custom"
            },
            {
              "lessThanOrEqual": "6.9.*",
              "status": "unaffected",
              "version": "6.9.4",
              "versionType": "custom"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "6.10",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nALSA: hda/cs_dsp_ctl: Use private_free for control cleanup\n\nUse the control private_free callback to free the associated data\nblock. This ensures that the memory won\u0027t leak, whatever way the\ncontrol gets destroyed.\n\nThe original implementation didn\u0027t actually remove the ALSA\ncontrols in hda_cs_dsp_control_remove(). It only freed the internal\ntracking structure. This meant it was possible to remove/unload the\namp driver while leaving its ALSA controls still present in the\nsoundcard. Obviously attempting to access them could cause segfaults\nor at least dereferencing stale pointers."
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-07-15T06:47:36.307Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/191dc1b2ff0fb35e7aff15a53224837637df8bff"
        },
        {
          "url": "https://git.kernel.org/stable/c/6e359be4975006ff72818e79dad8fe48293f2eb2"
        },
        {
          "url": "https://git.kernel.org/stable/c/3291486af5636540980ea55bae985f3eaa5b0740"
        },
        {
          "url": "https://git.kernel.org/stable/c/172811e3a557d8681a5e2d0f871dc04a2d17eb13"
        }
      ],
      "title": "ALSA: hda/cs_dsp_ctl: Use private_free for control cleanup",
      "x_generator": {
        "engine": "bippy-c9c4e1df01b2"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2024-38388",
    "datePublished": "2024-06-21T10:18:12.995Z",
    "dateReserved": "2024-06-21T10:12:11.500Z",
    "dateUpdated": "2024-08-02T04:04:25.255Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2024-38391

Vulnerability from cvelistv5

This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "cna": {
      "providerMetadata": {
        "dateUpdated": "2024-07-02T19:16:26.621Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "rejectedReasons": [
        {
          "lang": "en",
          "value": "This CVE ID has been rejected or withdrawn by its CVE Numbering Authority."
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2024-38391",
    "datePublished": "2024-06-21T10:18:14.299Z",
    "dateRejected": "2024-07-02T19:16:26.621Z",
    "dateReserved": "2024-06-21T10:13:16.293Z",
    "dateUpdated": "2024-07-02T19:16:26.621Z",
    "state": "REJECTED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2024-37356

Vulnerability from cvelistv5

Published

2024-06-21 10:18

Modified

2024-08-02 03:50

Severity

Summary

tcp: Fix shift-out-of-bounds in dctcp_update_alpha().

References

URL	Tags
https://git.kernel.org/stable/c/06d0fe049b51b0a92a70df8333fd85c4ba3eb2c6
https://git.kernel.org/stable/c/6aacaa80d962f4916ccf90e2080306cec6c90fcf
https://git.kernel.org/stable/c/e9b2f60636d18dfd0dd4965b3316f88dfd6a2b31
https://git.kernel.org/stable/c/8602150286a2a860a1dc55cbd04f99316f19b40a
https://git.kernel.org/stable/c/e65d13ec00a738fa7661925fd5929ab3c765d4be
https://git.kernel.org/stable/c/02261d3f9dc7d1d7be7d778f839e3404ab99034c
https://git.kernel.org/stable/c/237340dee373b97833a491d2e99fcf1d4a9adafd
https://git.kernel.org/stable/c/3ebc46ca8675de6378e3f8f40768e180bb8afa66

Impacted products

Vendor	Product
Linux	Linux
Linux	Linux

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-37356",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-06-21T13:56:45.436880Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-06-21T13:57:55.391Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T03:50:55.998Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/06d0fe049b51b0a92a70df8333fd85c4ba3eb2c6"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/6aacaa80d962f4916ccf90e2080306cec6c90fcf"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/e9b2f60636d18dfd0dd4965b3316f88dfd6a2b31"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/8602150286a2a860a1dc55cbd04f99316f19b40a"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/e65d13ec00a738fa7661925fd5929ab3c765d4be"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/02261d3f9dc7d1d7be7d778f839e3404ab99034c"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/237340dee373b97833a491d2e99fcf1d4a9adafd"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/3ebc46ca8675de6378e3f8f40768e180bb8afa66"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "net/ipv4/tcp_dctcp.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "06d0fe049b51",
              "status": "affected",
              "version": "e3118e8359bb",
              "versionType": "git"
            },
            {
              "lessThan": "6aacaa80d962",
              "status": "affected",
              "version": "e3118e8359bb",
              "versionType": "git"
            },
            {
              "lessThan": "e9b2f60636d1",
              "status": "affected",
              "version": "e3118e8359bb",
              "versionType": "git"
            },
            {
              "lessThan": "8602150286a2",
              "status": "affected",
              "version": "e3118e8359bb",
              "versionType": "git"
            },
            {
              "lessThan": "e65d13ec00a7",
              "status": "affected",
              "version": "e3118e8359bb",
              "versionType": "git"
            },
            {
              "lessThan": "02261d3f9dc7",
              "status": "affected",
              "version": "e3118e8359bb",
              "versionType": "git"
            },
            {
              "lessThan": "237340dee373",
              "status": "affected",
              "version": "e3118e8359bb",
              "versionType": "git"
            },
            {
              "lessThan": "3ebc46ca8675",
              "status": "affected",
              "version": "e3118e8359bb",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "net/ipv4/tcp_dctcp.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "status": "affected",
              "version": "3.18"
            },
            {
              "lessThan": "3.18",
              "status": "unaffected",
              "version": "0",
              "versionType": "custom"
            },
            {
              "lessThanOrEqual": "4.19.*",
              "status": "unaffected",
              "version": "4.19.316",
              "versionType": "custom"
            },
            {
              "lessThanOrEqual": "5.4.*",
              "status": "unaffected",
              "version": "5.4.278",
              "versionType": "custom"
            },
            {
              "lessThanOrEqual": "5.10.*",
              "status": "unaffected",
              "version": "5.10.219",
              "versionType": "custom"
            },
            {
              "lessThanOrEqual": "5.15.*",
              "status": "unaffected",
              "version": "5.15.161",
              "versionType": "custom"
            },
            {
              "lessThanOrEqual": "6.1.*",
              "status": "unaffected",
              "version": "6.1.93",
              "versionType": "custom"
            },
            {
              "lessThanOrEqual": "6.6.*",
              "status": "unaffected",
              "version": "6.6.33",
              "versionType": "custom"
            },
            {
              "lessThanOrEqual": "6.9.*",
              "status": "unaffected",
              "version": "6.9.4",
              "versionType": "custom"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "6.10",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ntcp: Fix shift-out-of-bounds in dctcp_update_alpha().\n\nIn dctcp_update_alpha(), we use a module parameter dctcp_shift_g\nas follows:\n\n  alpha -= min_not_zero(alpha, alpha \u003e\u003e dctcp_shift_g);\n  ...\n  delivered_ce \u003c\u003c= (10 - dctcp_shift_g);\n\nIt seems syzkaller started fuzzing module parameters and triggered\nshift-out-of-bounds [0] by setting 100 to dctcp_shift_g:\n\n  memcpy((void*)0x20000080,\n         \"/sys/module/tcp_dctcp/parameters/dctcp_shift_g\\000\", 47);\n  res = syscall(__NR_openat, /*fd=*/0xffffffffffffff9cul, /*file=*/0x20000080ul,\n                /*flags=*/2ul, /*mode=*/0ul);\n  memcpy((void*)0x20000000, \"100\\000\", 4);\n  syscall(__NR_write, /*fd=*/r[0], /*val=*/0x20000000ul, /*len=*/4ul);\n\nLet\u0027s limit the max value of dctcp_shift_g by param_set_uint_minmax().\n\nWith this patch:\n\n  # echo 10 \u003e /sys/module/tcp_dctcp/parameters/dctcp_shift_g\n  # cat /sys/module/tcp_dctcp/parameters/dctcp_shift_g\n  10\n  # echo 11 \u003e /sys/module/tcp_dctcp/parameters/dctcp_shift_g\n  -bash: echo: write error: Invalid argument\n\n[0]:\nUBSAN: shift-out-of-bounds in net/ipv4/tcp_dctcp.c:143:12\nshift exponent 100 is too large for 32-bit type \u0027u32\u0027 (aka \u0027unsigned int\u0027)\nCPU: 0 PID: 8083 Comm: syz-executor345 Not tainted 6.9.0-05151-g1b294a1f3561 #2\nHardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS\n1.13.0-1ubuntu1.1 04/01/2014\nCall Trace:\n \u003cTASK\u003e\n __dump_stack lib/dump_stack.c:88 [inline]\n dump_stack_lvl+0x201/0x300 lib/dump_stack.c:114\n ubsan_epilogue lib/ubsan.c:231 [inline]\n __ubsan_handle_shift_out_of_bounds+0x346/0x3a0 lib/ubsan.c:468\n dctcp_update_alpha+0x540/0x570 net/ipv4/tcp_dctcp.c:143\n tcp_in_ack_event net/ipv4/tcp_input.c:3802 [inline]\n tcp_ack+0x17b1/0x3bc0 net/ipv4/tcp_input.c:3948\n tcp_rcv_state_process+0x57a/0x2290 net/ipv4/tcp_input.c:6711\n tcp_v4_do_rcv+0x764/0xc40 net/ipv4/tcp_ipv4.c:1937\n sk_backlog_rcv include/net/sock.h:1106 [inline]\n __release_sock+0x20f/0x350 net/core/sock.c:2983\n release_sock+0x61/0x1f0 net/core/sock.c:3549\n mptcp_subflow_shutdown+0x3d0/0x620 net/mptcp/protocol.c:2907\n mptcp_check_send_data_fin+0x225/0x410 net/mptcp/protocol.c:2976\n __mptcp_close+0x238/0xad0 net/mptcp/protocol.c:3072\n mptcp_close+0x2a/0x1a0 net/mptcp/protocol.c:3127\n inet_release+0x190/0x1f0 net/ipv4/af_inet.c:437\n __sock_release net/socket.c:659 [inline]\n sock_close+0xc0/0x240 net/socket.c:1421\n __fput+0x41b/0x890 fs/file_table.c:422\n task_work_run+0x23b/0x300 kernel/task_work.c:180\n exit_task_work include/linux/task_work.h:38 [inline]\n do_exit+0x9c8/0x2540 kernel/exit.c:878\n do_group_exit+0x201/0x2b0 kernel/exit.c:1027\n __do_sys_exit_group kernel/exit.c:1038 [inline]\n __se_sys_exit_group kernel/exit.c:1036 [inline]\n __x64_sys_exit_group+0x3f/0x40 kernel/exit.c:1036\n do_syscall_x64 arch/x86/entry/common.c:52 [inline]\n do_syscall_64+0xe4/0x240 arch/x86/entry/common.c:83\n entry_SYSCALL_64_after_hwframe+0x67/0x6f\nRIP: 0033:0x7f6c2b5005b6\nCode: Unable to access opcode bytes at 0x7f6c2b50058c.\nRSP: 002b:00007ffe883eb948 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7\nRAX: ffffffffffffffda RBX: 00007f6c2b5862f0 RCX: 00007f6c2b5005b6\nRDX: 0000000000000001 RSI: 000000000000003c RDI: 0000000000000001\nRBP: 0000000000000001 R08: 00000000000000e7 R09: ffffffffffffffc0\nR10: 0000000000000006 R11: 0000000000000246 R12: 00007f6c2b5862f0\nR13: 0000000000000001 R14: 0000000000000000 R15: 0000000000000001\n \u003c/TASK\u003e"
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-07-15T06:47:30.546Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/06d0fe049b51b0a92a70df8333fd85c4ba3eb2c6"
        },
        {
          "url": "https://git.kernel.org/stable/c/6aacaa80d962f4916ccf90e2080306cec6c90fcf"
        },
        {
          "url": "https://git.kernel.org/stable/c/e9b2f60636d18dfd0dd4965b3316f88dfd6a2b31"
        },
        {
          "url": "https://git.kernel.org/stable/c/8602150286a2a860a1dc55cbd04f99316f19b40a"
        },
        {
          "url": "https://git.kernel.org/stable/c/e65d13ec00a738fa7661925fd5929ab3c765d4be"
        },
        {
          "url": "https://git.kernel.org/stable/c/02261d3f9dc7d1d7be7d778f839e3404ab99034c"
        },
        {
          "url": "https://git.kernel.org/stable/c/237340dee373b97833a491d2e99fcf1d4a9adafd"
        },
        {
          "url": "https://git.kernel.org/stable/c/3ebc46ca8675de6378e3f8f40768e180bb8afa66"
        }
      ],
      "title": "tcp: Fix shift-out-of-bounds in dctcp_update_alpha().",
      "x_generator": {
        "engine": "bippy-c9c4e1df01b2"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2024-37356",
    "datePublished": "2024-06-21T10:18:11.642Z",
    "dateReserved": "2024-06-21T10:13:16.306Z",
    "dateUpdated": "2024-08-02T03:50:55.998Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2023-52884

Vulnerability from cvelistv5

Published

2024-06-21 10:18

Modified

2024-08-02 23:18

Severity

Summary

Input: cyapa - add missing input core locking to suspend/resume functions

References

URL	Tags
https://git.kernel.org/stable/c/f99809fdeb50d65bcbc1661ef391af94eebb8a75
https://git.kernel.org/stable/c/9400caf566f65c703e99d95f87b00c4b445627a7
https://git.kernel.org/stable/c/a4c638ab25786bd5aab5978fe51b2b9be16a4ebd
https://git.kernel.org/stable/c/a5fc298fa8f67cf1f0e1fc126eab70578cd40adc
https://git.kernel.org/stable/c/7b4e0b39182cf5e677c1fc092a3ec40e621c25b6

Impacted products

Vendor	Product
Linux	Linux
Linux	Linux

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2023-52884",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-06-24T17:50:27.641770Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-06-24T17:50:50.592Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T23:18:41.179Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/f99809fdeb50d65bcbc1661ef391af94eebb8a75"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/9400caf566f65c703e99d95f87b00c4b445627a7"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/a4c638ab25786bd5aab5978fe51b2b9be16a4ebd"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/a5fc298fa8f67cf1f0e1fc126eab70578cd40adc"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/7b4e0b39182cf5e677c1fc092a3ec40e621c25b6"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "drivers/input/mouse/cyapa.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "f99809fdeb50",
              "status": "affected",
              "version": "d69f0a43c677",
              "versionType": "git"
            },
            {
              "lessThan": "9400caf566f6",
              "status": "affected",
              "version": "d69f0a43c677",
              "versionType": "git"
            },
            {
              "lessThan": "a4c638ab2578",
              "status": "affected",
              "version": "d69f0a43c677",
              "versionType": "git"
            },
            {
              "lessThan": "a5fc298fa8f6",
              "status": "affected",
              "version": "d69f0a43c677",
              "versionType": "git"
            },
            {
              "lessThan": "7b4e0b39182c",
              "status": "affected",
              "version": "d69f0a43c677",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "drivers/input/mouse/cyapa.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "status": "affected",
              "version": "5.11"
            },
            {
              "lessThan": "5.11",
              "status": "unaffected",
              "version": "0",
              "versionType": "custom"
            },
            {
              "lessThanOrEqual": "5.15.*",
              "status": "unaffected",
              "version": "5.15.161",
              "versionType": "custom"
            },
            {
              "lessThanOrEqual": "6.1.*",
              "status": "unaffected",
              "version": "6.1.93",
              "versionType": "custom"
            },
            {
              "lessThanOrEqual": "6.6.*",
              "status": "unaffected",
              "version": "6.6.33",
              "versionType": "custom"
            },
            {
              "lessThanOrEqual": "6.9.*",
              "status": "unaffected",
              "version": "6.9.4",
              "versionType": "custom"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "6.10",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nInput: cyapa - add missing input core locking to suspend/resume functions\n\nGrab input-\u003emutex during suspend/resume functions like it is done in\nother input drivers. This fixes the following warning during system\nsuspend/resume cycle on Samsung Exynos5250-based Snow Chromebook:\n\n------------[ cut here ]------------\nWARNING: CPU: 1 PID: 1680 at drivers/input/input.c:2291 input_device_enabled+0x68/0x6c\nModules linked in: ...\nCPU: 1 PID: 1680 Comm: kworker/u4:12 Tainted: G        W          6.6.0-rc5-next-20231009 #14109\nHardware name: Samsung Exynos (Flattened Device Tree)\nWorkqueue: events_unbound async_run_entry_fn\n unwind_backtrace from show_stack+0x10/0x14\n show_stack from dump_stack_lvl+0x58/0x70\n dump_stack_lvl from __warn+0x1a8/0x1cc\n __warn from warn_slowpath_fmt+0x18c/0x1b4\n warn_slowpath_fmt from input_device_enabled+0x68/0x6c\n input_device_enabled from cyapa_gen3_set_power_mode+0x13c/0x1dc\n cyapa_gen3_set_power_mode from cyapa_reinitialize+0x10c/0x15c\n cyapa_reinitialize from cyapa_resume+0x48/0x98\n cyapa_resume from dpm_run_callback+0x90/0x298\n dpm_run_callback from device_resume+0xb4/0x258\n device_resume from async_resume+0x20/0x64\n async_resume from async_run_entry_fn+0x40/0x15c\n async_run_entry_fn from process_scheduled_works+0xbc/0x6a8\n process_scheduled_works from worker_thread+0x188/0x454\n worker_thread from kthread+0x108/0x140\n kthread from ret_from_fork+0x14/0x28\nException stack(0xf1625fb0 to 0xf1625ff8)\n...\n---[ end trace 0000000000000000 ]---\n...\n------------[ cut here ]------------\nWARNING: CPU: 1 PID: 1680 at drivers/input/input.c:2291 input_device_enabled+0x68/0x6c\nModules linked in: ...\nCPU: 1 PID: 1680 Comm: kworker/u4:12 Tainted: G        W          6.6.0-rc5-next-20231009 #14109\nHardware name: Samsung Exynos (Flattened Device Tree)\nWorkqueue: events_unbound async_run_entry_fn\n unwind_backtrace from show_stack+0x10/0x14\n show_stack from dump_stack_lvl+0x58/0x70\n dump_stack_lvl from __warn+0x1a8/0x1cc\n __warn from warn_slowpath_fmt+0x18c/0x1b4\n warn_slowpath_fmt from input_device_enabled+0x68/0x6c\n input_device_enabled from cyapa_gen3_set_power_mode+0x13c/0x1dc\n cyapa_gen3_set_power_mode from cyapa_reinitialize+0x10c/0x15c\n cyapa_reinitialize from cyapa_resume+0x48/0x98\n cyapa_resume from dpm_run_callback+0x90/0x298\n dpm_run_callback from device_resume+0xb4/0x258\n device_resume from async_resume+0x20/0x64\n async_resume from async_run_entry_fn+0x40/0x15c\n async_run_entry_fn from process_scheduled_works+0xbc/0x6a8\n process_scheduled_works from worker_thread+0x188/0x454\n worker_thread from kthread+0x108/0x140\n kthread from ret_from_fork+0x14/0x28\nException stack(0xf1625fb0 to 0xf1625ff8)\n...\n---[ end trace 0000000000000000 ]---"
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-07-15T06:46:38.923Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/f99809fdeb50d65bcbc1661ef391af94eebb8a75"
        },
        {
          "url": "https://git.kernel.org/stable/c/9400caf566f65c703e99d95f87b00c4b445627a7"
        },
        {
          "url": "https://git.kernel.org/stable/c/a4c638ab25786bd5aab5978fe51b2b9be16a4ebd"
        },
        {
          "url": "https://git.kernel.org/stable/c/a5fc298fa8f67cf1f0e1fc126eab70578cd40adc"
        },
        {
          "url": "https://git.kernel.org/stable/c/7b4e0b39182cf5e677c1fc092a3ec40e621c25b6"
        }
      ],
      "title": "Input: cyapa - add missing input core locking to suspend/resume functions",
      "x_generator": {
        "engine": "bippy-c9c4e1df01b2"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2023-52884",
    "datePublished": "2024-06-21T10:18:03.669Z",
    "dateReserved": "2024-05-21T15:35:00.782Z",
    "dateUpdated": "2024-08-02T23:18:41.179Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2024-31076

Vulnerability from cvelistv5

Published

2024-06-21 10:18

Modified

2024-08-02 01:46

Severity

Summary

genirq/cpuhotplug, x86/vector: Prevent vector leak during CPU offline

References

URL	Tags
https://git.kernel.org/stable/c/a40209d355afe4ed6d533507838c9e5cd70a76d8
https://git.kernel.org/stable/c/f5f4675960609d8c5ee95f027fbf6ce380f98372
https://git.kernel.org/stable/c/6752dfcfff3ac3e16625ebd3f0ad9630900e7e76
https://git.kernel.org/stable/c/9eeda3e0071a329af1eba15f4e57dc39576bb420
https://git.kernel.org/stable/c/e9c96d01d520498b169ce734a8ad1142bef86a30
https://git.kernel.org/stable/c/59f86a2908380d09cdc726461c0fbb8d8579c99f
https://git.kernel.org/stable/c/ebfb16fc057a016abb46a9720a54abf0d4f6abe1
https://git.kernel.org/stable/c/a6c11c0a5235fb144a65e0cb2ffd360ddc1f6c32

Impacted products

Vendor	Product
Linux	Linux
Linux	Linux

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T01:46:03.929Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/a40209d355afe4ed6d533507838c9e5cd70a76d8"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/f5f4675960609d8c5ee95f027fbf6ce380f98372"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/6752dfcfff3ac3e16625ebd3f0ad9630900e7e76"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/9eeda3e0071a329af1eba15f4e57dc39576bb420"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/e9c96d01d520498b169ce734a8ad1142bef86a30"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/59f86a2908380d09cdc726461c0fbb8d8579c99f"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/ebfb16fc057a016abb46a9720a54abf0d4f6abe1"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/a6c11c0a5235fb144a65e0cb2ffd360ddc1f6c32"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "arch/x86/kernel/apic/vector.c",
            "kernel/irq/cpuhotplug.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "a40209d355af",
              "status": "affected",
              "version": "f0383c24b485",
              "versionType": "git"
            },
            {
              "lessThan": "f5f467596060",
              "status": "affected",
              "version": "f0383c24b485",
              "versionType": "git"
            },
            {
              "lessThan": "6752dfcfff3a",
              "status": "affected",
              "version": "f0383c24b485",
              "versionType": "git"
            },
            {
              "lessThan": "9eeda3e0071a",
              "status": "affected",
              "version": "f0383c24b485",
              "versionType": "git"
            },
            {
              "lessThan": "e9c96d01d520",
              "status": "affected",
              "version": "f0383c24b485",
              "versionType": "git"
            },
            {
              "lessThan": "59f86a290838",
              "status": "affected",
              "version": "f0383c24b485",
              "versionType": "git"
            },
            {
              "lessThan": "ebfb16fc057a",
              "status": "affected",
              "version": "f0383c24b485",
              "versionType": "git"
            },
            {
              "lessThan": "a6c11c0a5235",
              "status": "affected",
              "version": "f0383c24b485",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "arch/x86/kernel/apic/vector.c",
            "kernel/irq/cpuhotplug.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "status": "affected",
              "version": "4.13"
            },
            {
              "lessThan": "4.13",
              "status": "unaffected",
              "version": "0",
              "versionType": "custom"
            },
            {
              "lessThanOrEqual": "4.19.*",
              "status": "unaffected",
              "version": "4.19.316",
              "versionType": "custom"
            },
            {
              "lessThanOrEqual": "5.4.*",
              "status": "unaffected",
              "version": "5.4.278",
              "versionType": "custom"
            },
            {
              "lessThanOrEqual": "5.10.*",
              "status": "unaffected",
              "version": "5.10.219",
              "versionType": "custom"
            },
            {
              "lessThanOrEqual": "5.15.*",
              "status": "unaffected",
              "version": "5.15.161",
              "versionType": "custom"
            },
            {
              "lessThanOrEqual": "6.1.*",
              "status": "unaffected",
              "version": "6.1.93",
              "versionType": "custom"
            },
            {
              "lessThanOrEqual": "6.6.*",
              "status": "unaffected",
              "version": "6.6.33",
              "versionType": "custom"
            },
            {
              "lessThanOrEqual": "6.9.*",
              "status": "unaffected",
              "version": "6.9.4",
              "versionType": "custom"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "6.10",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ngenirq/cpuhotplug, x86/vector: Prevent vector leak during CPU offline\n\nThe absence of IRQD_MOVE_PCNTXT prevents immediate effectiveness of\ninterrupt affinity reconfiguration via procfs. Instead, the change is\ndeferred until the next instance of the interrupt being triggered on the\noriginal CPU.\n\nWhen the interrupt next triggers on the original CPU, the new affinity is\nenforced within __irq_move_irq(). A vector is allocated from the new CPU,\nbut the old vector on the original CPU remains and is not immediately\nreclaimed. Instead, apicd-\u003emove_in_progress is flagged, and the reclaiming\nprocess is delayed until the next trigger of the interrupt on the new CPU.\n\nUpon the subsequent triggering of the interrupt on the new CPU,\nirq_complete_move() adds a task to the old CPU\u0027s vector_cleanup list if it\nremains online. Subsequently, the timer on the old CPU iterates over its\nvector_cleanup list, reclaiming old vectors.\n\nHowever, a rare scenario arises if the old CPU is outgoing before the\ninterrupt triggers again on the new CPU.\n\nIn that case irq_force_complete_move() is not invoked on the outgoing CPU\nto reclaim the old apicd-\u003eprev_vector because the interrupt isn\u0027t currently\naffine to the outgoing CPU, and irq_needs_fixup() returns false. Even\nthough __vector_schedule_cleanup() is later called on the new CPU, it\ndoesn\u0027t reclaim apicd-\u003eprev_vector; instead, it simply resets both\napicd-\u003emove_in_progress and apicd-\u003eprev_vector to 0.\n\nAs a result, the vector remains unreclaimed in vector_matrix, leading to a\nCPU vector leak.\n\nTo address this issue, move the invocation of irq_force_complete_move()\nbefore the irq_needs_fixup() call to reclaim apicd-\u003eprev_vector, if the\ninterrupt is currently or used to be affine to the outgoing CPU.\n\nAdditionally, reclaim the vector in __vector_schedule_cleanup() as well,\nfollowing a warning message, although theoretically it should never see\napicd-\u003emove_in_progress with apicd-\u003eprev_cpu pointing to an offline CPU."
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-07-15T06:46:40.155Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/a40209d355afe4ed6d533507838c9e5cd70a76d8"
        },
        {
          "url": "https://git.kernel.org/stable/c/f5f4675960609d8c5ee95f027fbf6ce380f98372"
        },
        {
          "url": "https://git.kernel.org/stable/c/6752dfcfff3ac3e16625ebd3f0ad9630900e7e76"
        },
        {
          "url": "https://git.kernel.org/stable/c/9eeda3e0071a329af1eba15f4e57dc39576bb420"
        },
        {
          "url": "https://git.kernel.org/stable/c/e9c96d01d520498b169ce734a8ad1142bef86a30"
        },
        {
          "url": "https://git.kernel.org/stable/c/59f86a2908380d09cdc726461c0fbb8d8579c99f"
        },
        {
          "url": "https://git.kernel.org/stable/c/ebfb16fc057a016abb46a9720a54abf0d4f6abe1"
        },
        {
          "url": "https://git.kernel.org/stable/c/a6c11c0a5235fb144a65e0cb2ffd360ddc1f6c32"
        }
      ],
      "title": "genirq/cpuhotplug, x86/vector: Prevent vector leak during CPU offline",
      "x_generator": {
        "engine": "bippy-c9c4e1df01b2"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2024-31076",
    "datePublished": "2024-06-21T10:18:04.335Z",
    "dateReserved": "2024-06-21T10:13:16.276Z",
    "dateUpdated": "2024-08-02T01:46:03.929Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2024-38390

Vulnerability from cvelistv5

Published

2024-06-21 10:18

Modified

2024-08-02 04:12

Severity

Summary

drm/msm/a6xx: Avoid a nullptr dereference when speedbin setting fails

References

URL	Tags
https://git.kernel.org/stable/c/247849eeb3fd88f8990ed73e33af70d5c10f9aec
https://git.kernel.org/stable/c/a1955a6df91355fef72a3a254700acd3cc1fec0d
https://git.kernel.org/stable/c/617e3d1680504a3f9d88e1582892c68be155498f
https://git.kernel.org/stable/c/46d4efcccc688cbacdd70a238bedca510acaa8e4

Impacted products

Vendor	Product
Linux	Linux
Linux	Linux

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T04:12:24.431Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/247849eeb3fd88f8990ed73e33af70d5c10f9aec"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/a1955a6df91355fef72a3a254700acd3cc1fec0d"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/617e3d1680504a3f9d88e1582892c68be155498f"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/46d4efcccc688cbacdd70a238bedca510acaa8e4"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "drivers/gpu/drm/msm/adreno/a6xx_gpu.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "247849eeb3fd",
              "status": "affected",
              "version": "76efc2453d0e",
              "versionType": "git"
            },
            {
              "lessThan": "a1955a6df913",
              "status": "affected",
              "version": "76efc2453d0e",
              "versionType": "git"
            },
            {
              "lessThan": "617e3d168050",
              "status": "affected",
              "version": "76efc2453d0e",
              "versionType": "git"
            },
            {
              "lessThan": "46d4efcccc68",
              "status": "affected",
              "version": "76efc2453d0e",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "drivers/gpu/drm/msm/adreno/a6xx_gpu.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "status": "affected",
              "version": "6.1"
            },
            {
              "lessThan": "6.1",
              "status": "unaffected",
              "version": "0",
              "versionType": "custom"
            },
            {
              "lessThanOrEqual": "6.1.*",
              "status": "unaffected",
              "version": "6.1.93",
              "versionType": "custom"
            },
            {
              "lessThanOrEqual": "6.6.*",
              "status": "unaffected",
              "version": "6.6.33",
              "versionType": "custom"
            },
            {
              "lessThanOrEqual": "6.9.*",
              "status": "unaffected",
              "version": "6.9.4",
              "versionType": "custom"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "6.10",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/msm/a6xx: Avoid a nullptr dereference when speedbin setting fails\n\nCalling a6xx_destroy() before adreno_gpu_init() leads to a null pointer\ndereference on:\n\nmsm_gpu_cleanup() : platform_set_drvdata(gpu-\u003epdev, NULL);\n\nas gpu-\u003epdev is only assigned in:\n\na6xx_gpu_init()\n|_ adreno_gpu_init\n    |_ msm_gpu_init()\n\nInstead of relying on handwavy null checks down the cleanup chain,\nexplicitly de-allocate the LLC data and free a6xx_gpu instead.\n\nPatchwork: https://patchwork.freedesktop.org/patch/588919/"
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-07-15T06:47:37.744Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/247849eeb3fd88f8990ed73e33af70d5c10f9aec"
        },
        {
          "url": "https://git.kernel.org/stable/c/a1955a6df91355fef72a3a254700acd3cc1fec0d"
        },
        {
          "url": "https://git.kernel.org/stable/c/617e3d1680504a3f9d88e1582892c68be155498f"
        },
        {
          "url": "https://git.kernel.org/stable/c/46d4efcccc688cbacdd70a238bedca510acaa8e4"
        }
      ],
      "title": "drm/msm/a6xx: Avoid a nullptr dereference when speedbin setting fails",
      "x_generator": {
        "engine": "bippy-c9c4e1df01b2"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2024-38390",
    "datePublished": "2024-06-21T10:18:13.639Z",
    "dateReserved": "2024-06-21T10:12:11.484Z",
    "dateUpdated": "2024-08-02T04:12:24.431Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2024-38621

Vulnerability from cvelistv5

Published

2024-06-21 10:18

Modified

2024-08-02 04:12

Severity

Summary

media: stk1160: fix bounds checking in stk1160_copy_video()

References

URL	Tags
https://git.kernel.org/stable/c/f6a392266276730bea893b55d12940e32a25f56a
https://git.kernel.org/stable/c/ecf4ddc3aee8ade504c4d36b7b4053ce6093e200
https://git.kernel.org/stable/c/a16775828aaed1c54ff4e6fe83e8e4d5c6a50cb7
https://git.kernel.org/stable/c/7532bcec0797adfa08791301c3bcae14141db3bd
https://git.kernel.org/stable/c/b504518a397059e1d55c521ba0ea2b545a6c4b52
https://git.kernel.org/stable/c/d410017a7181cb55e4a5c810b32b75e4416c6808
https://git.kernel.org/stable/c/a08492832cc4cacc24e0612f483c86ca899b9261
https://git.kernel.org/stable/c/faa4364bef2ec0060de381ff028d1d836600a381

Impacted products

Vendor	Product
Linux	Linux
Linux	Linux

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T04:12:25.991Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/f6a392266276730bea893b55d12940e32a25f56a"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/ecf4ddc3aee8ade504c4d36b7b4053ce6093e200"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/a16775828aaed1c54ff4e6fe83e8e4d5c6a50cb7"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/7532bcec0797adfa08791301c3bcae14141db3bd"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/b504518a397059e1d55c521ba0ea2b545a6c4b52"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/d410017a7181cb55e4a5c810b32b75e4416c6808"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/a08492832cc4cacc24e0612f483c86ca899b9261"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/faa4364bef2ec0060de381ff028d1d836600a381"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "drivers/media/usb/stk1160/stk1160-video.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "f6a392266276",
              "status": "affected",
              "version": "9cb2173e6ea8",
              "versionType": "git"
            },
            {
              "lessThan": "ecf4ddc3aee8",
              "status": "affected",
              "version": "9cb2173e6ea8",
              "versionType": "git"
            },
            {
              "lessThan": "a16775828aae",
              "status": "affected",
              "version": "9cb2173e6ea8",
              "versionType": "git"
            },
            {
              "lessThan": "7532bcec0797",
              "status": "affected",
              "version": "9cb2173e6ea8",
              "versionType": "git"
            },
            {
              "lessThan": "b504518a3970",
              "status": "affected",
              "version": "9cb2173e6ea8",
              "versionType": "git"
            },
            {
              "lessThan": "d410017a7181",
              "status": "affected",
              "version": "9cb2173e6ea8",
              "versionType": "git"
            },
            {
              "lessThan": "a08492832cc4",
              "status": "affected",
              "version": "9cb2173e6ea8",
              "versionType": "git"
            },
            {
              "lessThan": "faa4364bef2e",
              "status": "affected",
              "version": "9cb2173e6ea8",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "drivers/media/usb/stk1160/stk1160-video.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "status": "affected",
              "version": "3.7"
            },
            {
              "lessThan": "3.7",
              "status": "unaffected",
              "version": "0",
              "versionType": "custom"
            },
            {
              "lessThanOrEqual": "4.19.*",
              "status": "unaffected",
              "version": "4.19.316",
              "versionType": "custom"
            },
            {
              "lessThanOrEqual": "5.4.*",
              "status": "unaffected",
              "version": "5.4.278",
              "versionType": "custom"
            },
            {
              "lessThanOrEqual": "5.10.*",
              "status": "unaffected",
              "version": "5.10.219",
              "versionType": "custom"
            },
            {
              "lessThanOrEqual": "5.15.*",
              "status": "unaffected",
              "version": "5.15.161",
              "versionType": "custom"
            },
            {
              "lessThanOrEqual": "6.1.*",
              "status": "unaffected",
              "version": "6.1.93",
              "versionType": "custom"
            },
            {
              "lessThanOrEqual": "6.6.*",
              "status": "unaffected",
              "version": "6.6.33",
              "versionType": "custom"
            },
            {
              "lessThanOrEqual": "6.9.*",
              "status": "unaffected",
              "version": "6.9.4",
              "versionType": "custom"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "6.10",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: stk1160: fix bounds checking in stk1160_copy_video()\n\nThe subtract in this condition is reversed.  The -\u003elength is the length\nof the buffer.  The -\u003ebytesused is how many bytes we have copied thus\nfar.  When the condition is reversed that means the result of the\nsubtraction is always negative but since it\u0027s unsigned then the result\nis a very high positive value.  That means the overflow check is never\ntrue.\n\nAdditionally, the -\u003ebytesused doesn\u0027t actually work for this purpose\nbecause we\u0027re not writing to \"buf-\u003emem + buf-\u003ebytesused\".  Instead, the\nmath to calculate the destination where we are writing is a bit\ninvolved.  You calculate the number of full lines already written,\nmultiply by two, skip a line if necessary so that we start on an odd\nnumbered line, and add the offset into the line.\n\nTo fix this buffer overflow, just take the actual destination where we\nare writing, if the offset is already out of bounds print an error and\nreturn.  Otherwise, write up to buf-\u003elength bytes."
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-07-15T06:49:14.722Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/f6a392266276730bea893b55d12940e32a25f56a"
        },
        {
          "url": "https://git.kernel.org/stable/c/ecf4ddc3aee8ade504c4d36b7b4053ce6093e200"
        },
        {
          "url": "https://git.kernel.org/stable/c/a16775828aaed1c54ff4e6fe83e8e4d5c6a50cb7"
        },
        {
          "url": "https://git.kernel.org/stable/c/7532bcec0797adfa08791301c3bcae14141db3bd"
        },
        {
          "url": "https://git.kernel.org/stable/c/b504518a397059e1d55c521ba0ea2b545a6c4b52"
        },
        {
          "url": "https://git.kernel.org/stable/c/d410017a7181cb55e4a5c810b32b75e4416c6808"
        },
        {
          "url": "https://git.kernel.org/stable/c/a08492832cc4cacc24e0612f483c86ca899b9261"
        },
        {
          "url": "https://git.kernel.org/stable/c/faa4364bef2ec0060de381ff028d1d836600a381"
        }
      ],
      "title": "media: stk1160: fix bounds checking in stk1160_copy_video()",
      "x_generator": {
        "engine": "bippy-c9c4e1df01b2"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2024-38621",
    "datePublished": "2024-06-21T10:18:14.955Z",
    "dateReserved": "2024-06-18T19:36:34.945Z",
    "dateUpdated": "2024-08-02T04:12:25.991Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2024-36489

Vulnerability from cvelistv5

Published

2024-06-21 10:18

Modified

2024-08-02 03:37

Severity

Summary

tls: fix missing memory barrier in tls_init

References

URL	Tags
https://git.kernel.org/stable/c/d72e126e9a36d3d33889829df8fc90100bb0e071
https://git.kernel.org/stable/c/2c260a24cf1c4d30ea3646124f766ee46169280b
https://git.kernel.org/stable/c/335c8f1566d8e44c384d16b450a18554896d4e8b
https://git.kernel.org/stable/c/ab67c2fd3d070a21914d0c31319d3858ab4e199c
https://git.kernel.org/stable/c/ef21007a7b581c7fe64d5a10c320880a033c837b
https://git.kernel.org/stable/c/91e61dd7a0af660408e87372d8330ceb218be302

Impacted products

Vendor	Product
Linux	Linux
Linux	Linux

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T03:37:05.240Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/d72e126e9a36d3d33889829df8fc90100bb0e071"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/2c260a24cf1c4d30ea3646124f766ee46169280b"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/335c8f1566d8e44c384d16b450a18554896d4e8b"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/ab67c2fd3d070a21914d0c31319d3858ab4e199c"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/ef21007a7b581c7fe64d5a10c320880a033c837b"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/91e61dd7a0af660408e87372d8330ceb218be302"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "net/tls/tls_main.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "d72e126e9a36",
              "status": "affected",
              "version": "d5bee7374b68",
              "versionType": "git"
            },
            {
              "lessThan": "2c260a24cf1c",
              "status": "affected",
              "version": "d5bee7374b68",
              "versionType": "git"
            },
            {
              "lessThan": "335c8f1566d8",
              "status": "affected",
              "version": "d5bee7374b68",
              "versionType": "git"
            },
            {
              "lessThan": "ab67c2fd3d07",
              "status": "affected",
              "version": "d5bee7374b68",
              "versionType": "git"
            },
            {
              "lessThan": "ef21007a7b58",
              "status": "affected",
              "version": "d5bee7374b68",
              "versionType": "git"
            },
            {
              "lessThan": "91e61dd7a0af",
              "status": "affected",
              "version": "d5bee7374b68",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "net/tls/tls_main.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "status": "affected",
              "version": "5.7"
            },
            {
              "lessThan": "5.7",
              "status": "unaffected",
              "version": "0",
              "versionType": "custom"
            },
            {
              "lessThanOrEqual": "5.10.*",
              "status": "unaffected",
              "version": "5.10.219",
              "versionType": "custom"
            },
            {
              "lessThanOrEqual": "5.15.*",
              "status": "unaffected",
              "version": "5.15.161",
              "versionType": "custom"
            },
            {
              "lessThanOrEqual": "6.1.*",
              "status": "unaffected",
              "version": "6.1.93",
              "versionType": "custom"
            },
            {
              "lessThanOrEqual": "6.6.*",
              "status": "unaffected",
              "version": "6.6.33",
              "versionType": "custom"
            },
            {
              "lessThanOrEqual": "6.9.*",
              "status": "unaffected",
              "version": "6.9.4",
              "versionType": "custom"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "6.10",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ntls: fix missing memory barrier in tls_init\n\nIn tls_init(), a write memory barrier is missing, and store-store\nreordering may cause NULL dereference in tls_{setsockopt,getsockopt}.\n\nCPU0                               CPU1\n-----                              -----\n// In tls_init()\n// In tls_ctx_create()\nctx = kzalloc()\nctx-\u003esk_proto = READ_ONCE(sk-\u003esk_prot) -(1)\n\n// In update_sk_prot()\nWRITE_ONCE(sk-\u003esk_prot, tls_prots)     -(2)\n\n                                   // In sock_common_setsockopt()\n                                   READ_ONCE(sk-\u003esk_prot)-\u003esetsockopt()\n\n                                   // In tls_{setsockopt,getsockopt}()\n                                   ctx-\u003esk_proto-\u003esetsockopt()    -(3)\n\nIn the above scenario, when (1) and (2) are reordered, (3) can observe\nthe NULL value of ctx-\u003esk_proto, causing NULL dereference.\n\nTo fix it, we rely on rcu_assign_pointer() which implies the release\nbarrier semantic. By moving rcu_assign_pointer() after ctx-\u003esk_proto is\ninitialized, we can ensure that ctx-\u003esk_proto are visible when\nchanging sk-\u003esk_prot."
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-07-15T06:47:07.280Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/d72e126e9a36d3d33889829df8fc90100bb0e071"
        },
        {
          "url": "https://git.kernel.org/stable/c/2c260a24cf1c4d30ea3646124f766ee46169280b"
        },
        {
          "url": "https://git.kernel.org/stable/c/335c8f1566d8e44c384d16b450a18554896d4e8b"
        },
        {
          "url": "https://git.kernel.org/stable/c/ab67c2fd3d070a21914d0c31319d3858ab4e199c"
        },
        {
          "url": "https://git.kernel.org/stable/c/ef21007a7b581c7fe64d5a10c320880a033c837b"
        },
        {
          "url": "https://git.kernel.org/stable/c/91e61dd7a0af660408e87372d8330ceb218be302"
        }
      ],
      "title": "tls: fix missing memory barrier in tls_init",
      "x_generator": {
        "engine": "bippy-c9c4e1df01b2"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2024-36489",
    "datePublished": "2024-06-21T10:18:10.327Z",
    "dateReserved": "2024-06-21T10:12:11.459Z",
    "dateUpdated": "2024-08-02T03:37:05.240Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2024-37353

Vulnerability from cvelistv5

This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "cna": {
      "providerMetadata": {
        "dateUpdated": "2024-08-21T23:54:07.622Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "rejectedReasons": [
        {
          "lang": "en",
          "value": "This CVE ID has been rejected or withdrawn by its CVE Numbering Authority."
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2024-37353",
    "datePublished": "2024-06-21T10:18:10.995Z",
    "dateRejected": "2024-08-21T23:54:07.622Z",
    "dateReserved": "2024-06-21T10:13:16.289Z",
    "dateUpdated": "2024-08-21T23:54:07.622Z",
    "state": "REJECTED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2024-38381

Vulnerability from cvelistv5

Published

2024-06-21 10:18

Modified

2024-08-02 04:04

Severity

Summary

nfc: nci: Fix uninit-value in nci_rx_work

References

URL	Tags
https://git.kernel.org/stable/c/406cfac9debd4a6d3dc5d9258ee086372a8c08b6
https://git.kernel.org/stable/c/485ded868ed62ceb2acb3a459d7843fd71472619
https://git.kernel.org/stable/c/f80b786ab0550d0020191a59077b2c7e069db2d1
https://git.kernel.org/stable/c/ad4d196d2008c7f413167f0a693feb4f0439d7fe
https://git.kernel.org/stable/c/e8c8e0d0d214c877fbad555df5b3ed558cd9b0c3
https://git.kernel.org/stable/c/e53a7f8afcbd2886f2a94c5d56757328109730ea
https://git.kernel.org/stable/c/017ff397624930fd7ac7f1761f3c9d6a7100f68c
https://git.kernel.org/stable/c/e4a87abf588536d1cdfb128595e6e680af5cf3ed

Impacted products

Vendor	Product
Linux	Linux
Linux	Linux

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T04:04:25.281Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/406cfac9debd4a6d3dc5d9258ee086372a8c08b6"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/485ded868ed62ceb2acb3a459d7843fd71472619"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/f80b786ab0550d0020191a59077b2c7e069db2d1"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/ad4d196d2008c7f413167f0a693feb4f0439d7fe"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/e8c8e0d0d214c877fbad555df5b3ed558cd9b0c3"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/e53a7f8afcbd2886f2a94c5d56757328109730ea"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/017ff397624930fd7ac7f1761f3c9d6a7100f68c"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/e4a87abf588536d1cdfb128595e6e680af5cf3ed"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "net/nfc/nci/core.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "406cfac9debd",
              "status": "affected",
              "version": "11387b2effbb",
              "versionType": "git"
            },
            {
              "lessThan": "485ded868ed6",
              "status": "affected",
              "version": "03fe259649a5",
              "versionType": "git"
            },
            {
              "lessThan": "f80b786ab055",
              "status": "affected",
              "version": "755e53bbc61b",
              "versionType": "git"
            },
            {
              "lessThan": "ad4d196d2008",
              "status": "affected",
              "version": "ac68d9fa09e4",
              "versionType": "git"
            },
            {
              "lessThan": "e8c8e0d0d214",
              "status": "affected",
              "version": "b51ec7fc9f87",
              "versionType": "git"
            },
            {
              "lessThan": "e53a7f8afcbd",
              "status": "affected",
              "version": "a946ebee45b0",
              "versionType": "git"
            },
            {
              "lessThan": "017ff3976249",
              "status": "affected",
              "version": "d24b03535e5e",
              "versionType": "git"
            },
            {
              "lessThan": "e4a87abf5885",
              "status": "affected",
              "version": "d24b03535e5e",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "net/nfc/nci/core.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "status": "affected",
              "version": "6.9"
            },
            {
              "lessThan": "6.9",
              "status": "unaffected",
              "version": "0",
              "versionType": "custom"
            },
            {
              "lessThanOrEqual": "4.19.*",
              "status": "unaffected",
              "version": "4.19.316",
              "versionType": "custom"
            },
            {
              "lessThanOrEqual": "5.4.*",
              "status": "unaffected",
              "version": "5.4.278",
              "versionType": "custom"
            },
            {
              "lessThanOrEqual": "5.10.*",
              "status": "unaffected",
              "version": "5.10.219",
              "versionType": "custom"
            },
            {
              "lessThanOrEqual": "5.15.*",
              "status": "unaffected",
              "version": "5.15.161",
              "versionType": "custom"
            },
            {
              "lessThanOrEqual": "6.1.*",
              "status": "unaffected",
              "version": "6.1.93",
              "versionType": "custom"
            },
            {
              "lessThanOrEqual": "6.6.*",
              "status": "unaffected",
              "version": "6.6.33",
              "versionType": "custom"
            },
            {
              "lessThanOrEqual": "6.9.*",
              "status": "unaffected",
              "version": "6.9.4",
              "versionType": "custom"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "6.10",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnfc: nci: Fix uninit-value in nci_rx_work\n\nsyzbot reported the following uninit-value access issue [1]\n\nnci_rx_work() parses received packet from ndev-\u003erx_q. It should be\nvalidated header size, payload size and total packet size before\nprocessing the packet. If an invalid packet is detected, it should be\nsilently discarded."
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-07-15T06:47:32.840Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/406cfac9debd4a6d3dc5d9258ee086372a8c08b6"
        },
        {
          "url": "https://git.kernel.org/stable/c/485ded868ed62ceb2acb3a459d7843fd71472619"
        },
        {
          "url": "https://git.kernel.org/stable/c/f80b786ab0550d0020191a59077b2c7e069db2d1"
        },
        {
          "url": "https://git.kernel.org/stable/c/ad4d196d2008c7f413167f0a693feb4f0439d7fe"
        },
        {
          "url": "https://git.kernel.org/stable/c/e8c8e0d0d214c877fbad555df5b3ed558cd9b0c3"
        },
        {
          "url": "https://git.kernel.org/stable/c/e53a7f8afcbd2886f2a94c5d56757328109730ea"
        },
        {
          "url": "https://git.kernel.org/stable/c/017ff397624930fd7ac7f1761f3c9d6a7100f68c"
        },
        {
          "url": "https://git.kernel.org/stable/c/e4a87abf588536d1cdfb128595e6e680af5cf3ed"
        }
      ],
      "title": "nfc: nci: Fix uninit-value in nci_rx_work",
      "x_generator": {
        "engine": "bippy-c9c4e1df01b2"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2024-38381",
    "datePublished": "2024-06-21T10:18:12.302Z",
    "dateReserved": "2024-06-21T10:12:11.547Z",
    "dateUpdated": "2024-08-02T04:04:25.281Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Action not permitted

Vulnerability from csaf_certbund

Vulnerability from cvelistv5

Vulnerability from cvelistv5

Vulnerability from cvelistv5

Vulnerability from cvelistv5

Vulnerability from cvelistv5

Vulnerability from cvelistv5

Vulnerability from cvelistv5

Vulnerability from cvelistv5

Vulnerability from cvelistv5

Vulnerability from cvelistv5

Tags