cve,link,title,description,vendor,products,score,severity,epss,cisa,article,ransomware,exploited,poc,trended,trended_no_1,published,trended_score CVE-2024-56764,https://securityvulnerability.io/vulnerability/CVE-2024-56764,,"In the Linux kernel, the following vulnerability has been resolved: ublk: detach gendisk from ublk device if add_disk() fails Inside ublk_abort_requests(), gendisk is grabbed for aborting all inflight requests. And ublk_abort_requests() is called when exiting the uring context or handling timeout. If add_disk() fails, the gendisk may have been freed when calling ublk_abort_requests(), so use-after-free can be caused when getting disk's reference in ublk_abort_requests(). Fixes the bug by detaching gendisk from ublk device if add_disk() fails.",Linux,Linux,7.8,HIGH,0.0004299999854993075,false,false,false,false,false,false,false,2025-01-06T17:15:00.000Z,0 CVE-2024-56758,https://securityvulnerability.io/vulnerability/CVE-2024-56758,,"In the Linux kernel, the following vulnerability has been resolved: btrfs: check folio mapping after unlock in relocate_one_folio() When we call btrfs_read_folio() to bring a folio uptodate, we unlock the folio. The result of that is that a different thread can modify the mapping (like remove it with invalidate) before we call folio_lock(). This results in an invalid page and we need to try again. In particular, if we are relocating concurrently with aborting a transaction, this can result in a crash like the following: BUG: kernel NULL pointer dereference, address: 0000000000000000 PGD 0 P4D 0 Oops: 0000 [#1] SMP CPU: 76 PID: 1411631 Comm: kworker/u322:5 Workqueue: events_unbound btrfs_reclaim_bgs_work RIP: 0010:set_page_extent_mapped+0x20/0xb0 RSP: 0018:ffffc900516a7be8 EFLAGS: 00010246 RAX: ffffea009e851d08 RBX: ffffea009e0b1880 RCX: 0000000000000000 RDX: 0000000000000000 RSI: ffffc900516a7b90 RDI: ffffea009e0b1880 RBP: 0000000003573000 R08: 0000000000000001 R09: ffff88c07fd2f3f0 R10: 0000000000000000 R11: 0000194754b575be R12: 0000000003572000 R13: 0000000003572fff R14: 0000000000100cca R15: 0000000005582fff FS: 0000000000000000(0000) GS:ffff88c07fd00000(0000) knlGS:0000000000000000 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: 0000000000000000 CR3: 000000407d00f002 CR4: 00000000007706f0 DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 PKRU: 55555554 Call Trace: ? __die+0x78/0xc0 ? page_fault_oops+0x2a8/0x3a0 ? __switch_to+0x133/0x530 ? wq_worker_running+0xa/0x40 ? exc_page_fault+0x63/0x130 ? asm_exc_page_fault+0x22/0x30 ? set_page_extent_mapped+0x20/0xb0 relocate_file_extent_cluster+0x1a7/0x940 relocate_data_extent+0xaf/0x120 relocate_block_group+0x20f/0x480 btrfs_relocate_block_group+0x152/0x320 btrfs_relocate_chunk+0x3d/0x120 btrfs_reclaim_bgs_work+0x2ae/0x4e0 process_scheduled_works+0x184/0x370 worker_thread+0xc6/0x3e0 ? blk_add_timer+0xb0/0xb0 kthread+0xae/0xe0 ? flush_tlb_kernel_range+0x90/0x90 ret_from_fork+0x2f/0x40 ? flush_tlb_kernel_range+0x90/0x90 ret_from_fork_asm+0x11/0x20 This occurs because cleanup_one_transaction() calls destroy_delalloc_inodes() which calls invalidate_inode_pages2() which takes the folio_lock before setting mapping to NULL. We fail to check this, and subsequently call set_extent_mapping(), which assumes that mapping != NULL (in fact it asserts that in debug mode) Note that the ""fixes"" patch here is not the one that introduced the race (the very first iteration of this code from 2009) but a more recent change that made this particular crash happen in practice.",Linux,Linux,5.5,MEDIUM,0.0004299999854993075,false,false,false,false,false,false,false,2025-01-06T17:15:00.000Z,0 CVE-2024-56766,https://securityvulnerability.io/vulnerability/CVE-2024-56766,,"In the Linux kernel, the following vulnerability has been resolved: mtd: rawnand: fix double free in atmel_pmecc_create_user() The ""user"" pointer was converted from being allocated with kzalloc() to being allocated by devm_kzalloc(). Calling kfree(user) will lead to a double free.",Linux,Linux,7.8,HIGH,0.00044999999227002263,false,false,false,false,false,false,false,2025-01-06T17:15:00.000Z,0 CVE-2024-56768,https://securityvulnerability.io/vulnerability/CVE-2024-56768,,"In the Linux kernel, the following vulnerability has been resolved: bpf: Fix bpf_get_smp_processor_id() on !CONFIG_SMP On x86-64 calling bpf_get_smp_processor_id() in a kernel with CONFIG_SMP disabled can trigger the following bug, as pcpu_hot is unavailable: [ 8.471774] BUG: unable to handle page fault for address: 00000000936a290c [ 8.471849] #PF: supervisor read access in kernel mode [ 8.471881] #PF: error_code(0x0000) - not-present page Fix by inlining a return 0 in the !CONFIG_SMP case.",Linux,Linux,5.5,MEDIUM,0.0004299999854993075,false,false,false,false,false,false,false,2025-01-06T17:15:00.000Z,0 CVE-2024-56765,https://securityvulnerability.io/vulnerability/CVE-2024-56765,,"In the Linux kernel, the following vulnerability has been resolved: powerpc/pseries/vas: Add close() callback in vas_vm_ops struct The mapping VMA address is saved in VAS window struct when the paste address is mapped. This VMA address is used during migration to unmap the paste address if the window is active. The paste address mapping will be removed when the window is closed or with the munmap(). But the VMA address in the VAS window is not updated with munmap() which is causing invalid access during migration. The KASAN report shows: [16386.254991] BUG: KASAN: slab-use-after-free in reconfig_close_windows+0x1a0/0x4e8 [16386.255043] Read of size 8 at addr c00000014a819670 by task drmgr/696928 [16386.255096] CPU: 29 UID: 0 PID: 696928 Comm: drmgr Kdump: loaded Tainted: G B 6.11.0-rc5-nxgzip #2 [16386.255128] Tainted: [B]=BAD_PAGE [16386.255148] Hardware name: IBM,9080-HEX Power11 (architected) 0x820200 0xf000007 of:IBM,FW1110.00 (NH1110_016) hv:phyp pSeries [16386.255181] Call Trace: [16386.255202] [c00000016b297660] [c0000000018ad0ac] dump_stack_lvl+0x84/0xe8 (unreliable) [16386.255246] [c00000016b297690] [c0000000006e8a90] print_report+0x19c/0x764 [16386.255285] [c00000016b297760] [c0000000006e9490] kasan_report+0x128/0x1f8 [16386.255309] [c00000016b297880] [c0000000006eb5c8] __asan_load8+0xac/0xe0 [16386.255326] [c00000016b2978a0] [c00000000013f898] reconfig_close_windows+0x1a0/0x4e8 [16386.255343] [c00000016b297990] [c000000000140e58] vas_migration_handler+0x3a4/0x3fc [16386.255368] [c00000016b297a90] [c000000000128848] pseries_migrate_partition+0x4c/0x4c4 ... [16386.256136] Allocated by task 696554 on cpu 31 at 16377.277618s: [16386.256149] kasan_save_stack+0x34/0x68 [16386.256163] kasan_save_track+0x34/0x80 [16386.256175] kasan_save_alloc_info+0x58/0x74 [16386.256196] __kasan_slab_alloc+0xb8/0xdc [16386.256209] kmem_cache_alloc_noprof+0x200/0x3d0 [16386.256225] vm_area_alloc+0x44/0x150 [16386.256245] mmap_region+0x214/0x10c4 [16386.256265] do_mmap+0x5fc/0x750 [16386.256277] vm_mmap_pgoff+0x14c/0x24c [16386.256292] ksys_mmap_pgoff+0x20c/0x348 [16386.256303] sys_mmap+0xd0/0x160 ... [16386.256350] Freed by task 0 on cpu 31 at 16386.204848s: [16386.256363] kasan_save_stack+0x34/0x68 [16386.256374] kasan_save_track+0x34/0x80 [16386.256384] kasan_save_free_info+0x64/0x10c [16386.256396] __kasan_slab_free+0x120/0x204 [16386.256415] kmem_cache_free+0x128/0x450 [16386.256428] vm_area_free_rcu_cb+0xa8/0xd8 [16386.256441] rcu_do_batch+0x2c8/0xcf0 [16386.256458] rcu_core+0x378/0x3c4 [16386.256473] handle_softirqs+0x20c/0x60c [16386.256495] do_softirq_own_stack+0x6c/0x88 [16386.256509] do_softirq_own_stack+0x58/0x88 [16386.256521] __irq_exit_rcu+0x1a4/0x20c [16386.256533] irq_exit+0x20/0x38 [16386.256544] interrupt_async_exit_prepare.constprop.0+0x18/0x2c ... [16386.256717] Last potentially related work creation: [16386.256729] kasan_save_stack+0x34/0x68 [16386.256741] __kasan_record_aux_stack+0xcc/0x12c [16386.256753] __call_rcu_common.constprop.0+0x94/0xd04 [16386.256766] vm_area_free+0x28/0x3c [16386.256778] remove_vma+0xf4/0x114 [16386.256797] do_vmi_align_munmap.constprop.0+0x684/0x870 [16386.256811] __vm_munmap+0xe0/0x1f8 [16386.256821] sys_munmap+0x54/0x6c [16386.256830] system_call_exception+0x1a0/0x4a0 [16386.256841] system_call_vectored_common+0x15c/0x2ec [16386.256868] The buggy address belongs to the object at c00000014a819670 which belongs to the cache vm_area_struct of size 168 [16386.256887] The buggy address is located 0 bytes inside of freed 168-byte region [c00000014a819670, c00000014a819718) [16386.256915] The buggy address belongs to the physical page: [16386.256928] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x14a81 [16386.256950] memcg:c0000000ba430001 [16386.256961] anon flags: 0x43ffff800000000(node=4|zone=0|lastcpupid=0x7ffff) [16386.256975] page_type: 0xfdffffff(slab) [16386 ---truncated---",Linux,Linux,7.8,HIGH,0.00044999999227002263,false,false,false,false,false,false,false,2025-01-06T17:15:00.000Z,0 CVE-2024-56757,https://securityvulnerability.io/vulnerability/CVE-2024-56757,,"In the Linux kernel, the following vulnerability has been resolved: Bluetooth: btusb: mediatek: add intf release flow when usb disconnect MediaTek claim an special usb intr interface for ISO data transmission. The interface need to be released before unregistering hci device when usb disconnect. Removing BT usb dongle without properly releasing the interface may cause Kernel panic while unregister hci device.",Linux,Linux,5.5,MEDIUM,0.0004299999854993075,false,false,false,false,false,false,false,2025-01-06T17:15:00.000Z,0 CVE-2024-56760,https://securityvulnerability.io/vulnerability/CVE-2024-56760,,"In the Linux kernel, the following vulnerability has been resolved: PCI/MSI: Handle lack of irqdomain gracefully Alexandre observed a warning emitted from pci_msi_setup_msi_irqs() on a RISCV platform which does not provide PCI/MSI support: WARNING: CPU: 1 PID: 1 at drivers/pci/msi/msi.h:121 pci_msi_setup_msi_irqs+0x2c/0x32 __pci_enable_msix_range+0x30c/0x596 pci_msi_setup_msi_irqs+0x2c/0x32 pci_alloc_irq_vectors_affinity+0xb8/0xe2 RISCV uses hierarchical interrupt domains and correctly does not implement the legacy fallback. The warning triggers from the legacy fallback stub. That warning is bogus as the PCI/MSI layer knows whether a PCI/MSI parent domain is associated with the device or not. There is a check for MSI-X, which has a legacy assumption. But that legacy fallback assumption is only valid when legacy support is enabled, but otherwise the check should simply return -ENOTSUPP. Loongarch tripped over the same problem and blindly enabled legacy support without implementing the legacy fallbacks. There are weak implementations which return an error, so the problem was papered over. Correct pci_msi_domain_supports() to evaluate the legacy mode and add the missing supported check into the MSI enable path to complete it.",Linux,Linux,5.5,MEDIUM,0.00044999999227002263,false,false,false,false,false,false,false,2025-01-06T17:15:00.000Z,0 CVE-2024-56759,https://securityvulnerability.io/vulnerability/CVE-2024-56759,,"In the Linux kernel, the following vulnerability has been resolved: btrfs: fix use-after-free when COWing tree bock and tracing is enabled When a COWing a tree block, at btrfs_cow_block(), and we have the tracepoint trace_btrfs_cow_block() enabled and preemption is also enabled (CONFIG_PREEMPT=y), we can trigger a use-after-free in the COWed extent buffer while inside the tracepoint code. This is because in some paths that call btrfs_cow_block(), such as btrfs_search_slot(), we are holding the last reference on the extent buffer @buf so btrfs_force_cow_block() drops the last reference on the @buf extent buffer when it calls free_extent_buffer_stale(buf), which schedules the release of the extent buffer with RCU. This means that if we are on a kernel with preemption, the current task may be preempted before calling trace_btrfs_cow_block() and the extent buffer already released by the time trace_btrfs_cow_block() is called, resulting in a use-after-free. Fix this by moving the trace_btrfs_cow_block() from btrfs_cow_block() to btrfs_force_cow_block() before the COWed extent buffer is freed. This also has a side effect of invoking the tracepoint in the tree defrag code, at defrag.c:btrfs_realloc_node(), since btrfs_force_cow_block() is called there, but this is fine and it was actually missing there.",Linux,Linux,7.8,HIGH,0.0004299999854993075,false,false,false,false,false,false,false,2025-01-06T17:15:00.000Z,0 CVE-2024-56769,https://securityvulnerability.io/vulnerability/CVE-2024-56769,,"In the Linux kernel, the following vulnerability has been resolved: media: dvb-frontends: dib3000mb: fix uninit-value in dib3000_write_reg Syzbot reports [1] an uninitialized value issue found by KMSAN in dib3000_read_reg(). Local u8 rb[2] is used in i2c_transfer() as a read buffer; in case that call fails, the buffer may end up with some undefined values. Since no elaborate error handling is expected in dib3000_write_reg(), simply zero out rb buffer to mitigate the problem. [1] Syzkaller report dvb-usb: bulk message failed: -22 (6/0) ===================================================== BUG: KMSAN: uninit-value in dib3000mb_attach+0x2d8/0x3c0 drivers/media/dvb-frontends/dib3000mb.c:758 dib3000mb_attach+0x2d8/0x3c0 drivers/media/dvb-frontends/dib3000mb.c:758 dibusb_dib3000mb_frontend_attach+0x155/0x2f0 drivers/media/usb/dvb-usb/dibusb-mb.c:31 dvb_usb_adapter_frontend_init+0xed/0x9a0 drivers/media/usb/dvb-usb/dvb-usb-dvb.c:290 dvb_usb_adapter_init drivers/media/usb/dvb-usb/dvb-usb-init.c:90 [inline] dvb_usb_init drivers/media/usb/dvb-usb/dvb-usb-init.c:186 [inline] dvb_usb_device_init+0x25a8/0x3760 drivers/media/usb/dvb-usb/dvb-usb-init.c:310 dibusb_probe+0x46/0x250 drivers/media/usb/dvb-usb/dibusb-mb.c:110 ... Local variable rb created at: dib3000_read_reg+0x86/0x4e0 drivers/media/dvb-frontends/dib3000mb.c:54 dib3000mb_attach+0x123/0x3c0 drivers/media/dvb-frontends/dib3000mb.c:758 ...",Linux,Linux,5.5,MEDIUM,0.00044999999227002263,false,false,false,false,false,false,false,2025-01-06T17:15:00.000Z,0 CVE-2024-56761,https://securityvulnerability.io/vulnerability/CVE-2024-56761,,"In the Linux kernel, the following vulnerability has been resolved: x86/fred: Clear WFE in missing-ENDBRANCH #CPs An indirect branch instruction sets the CPU indirect branch tracker (IBT) into WAIT_FOR_ENDBRANCH (WFE) state and WFE stays asserted across the instruction boundary. When the decoder finds an inappropriate instruction while WFE is set ENDBR, the CPU raises a #CP fault. For the ""kernel IBT no ENDBR"" selftest where #CPs are deliberately triggered, the WFE state of the interrupted context needs to be cleared to let execution continue. Otherwise when the CPU resumes from the instruction that just caused the previous #CP, another missing-ENDBRANCH #CP is raised and the CPU enters a dead loop. This is not a problem with IDT because it doesn't preserve WFE and IRET doesn't set WFE. But FRED provides space on the entry stack (in an expanded CS area) to save and restore the WFE state, thus the WFE state is no longer clobbered, so software must clear it. Clear WFE to avoid dead looping in ibt_clear_fred_wfe() and the !ibt_fatal code path when execution is allowed to continue. Clobbering WFE in any other circumstance is a security-relevant bug. [ dhansen: changelog rewording ]",Linux,Linux,5.5,MEDIUM,0.0004299999854993075,false,false,false,false,false,false,false,2025-01-06T17:15:00.000Z,0 CVE-2024-56767,https://securityvulnerability.io/vulnerability/CVE-2024-56767,,"In the Linux kernel, the following vulnerability has been resolved: dmaengine: at_xdmac: avoid null_prt_deref in at_xdmac_prep_dma_memset The at_xdmac_memset_create_desc may return NULL, which will lead to a null pointer dereference. For example, the len input is error, or the atchan->free_descs_list is empty and memory is exhausted. Therefore, add check to avoid this.",Linux,Linux,5.5,MEDIUM,0.00044999999227002263,false,false,false,false,false,false,false,2025-01-06T17:15:00.000Z,0 CVE-2024-56763,https://securityvulnerability.io/vulnerability/CVE-2024-56763,,"In the Linux kernel, the following vulnerability has been resolved: tracing: Prevent bad count for tracing_cpumask_write If a large count is provided, it will trigger a warning in bitmap_parse_user. Also check zero for it.",Linux,Linux,5.5,MEDIUM,0.00044999999227002263,false,false,false,false,false,false,false,2025-01-06T17:15:00.000Z,0 CVE-2022-49035,https://securityvulnerability.io/vulnerability/CVE-2022-49035,Buffer Overflow in Linux Kernel Affecting Media Device Communication,"A vulnerability in the Linux kernel presents a potential risk in media device communication, particularly in implementations employing the Consumer Electronics Control (CEC) protocol. The flaw arises from the failure to properly limit the message length to the defined CEC_MAX_MSG_SIZE. Although hardware implementations are expected to constrain this to a maximum of 16 bytes, there is a possibility that this may not be enforced, leaving a corner case open for exploitation. This oversight could allow attackers to conduct unauthorized actions or trigger unexpected behavior within the affected systems. The Linux development community has addressed this issue in recent updates, underscoring the importance of applying security patches promptly.",Linux,Linux,,,0.0004400000034365803,false,false,false,false,false,false,false,2025-01-02T14:38:04.604Z,0 CVE-2024-56756,https://securityvulnerability.io/vulnerability/CVE-2024-56756,Memory Allocation Issue in Linux Kernel's NVMe PCI Implementation,"A memory allocation flaw in the NVMe PCI implementation of the Linux kernel has been identified. This vulnerability arises from the handling of the Host Memory Buffer (HMB) descriptor table, which is designed to accommodate the maximum number of descriptors for a device. However, due to a mismanagement in the __nvme_alloc_host_mem function, the allocation process may prematurely exit on memory allocation failure, resulting in fewer descriptors being utilized than intended. This discrepancy can lead to incorrect memory sizes being passed to the dma_free_coherent function. Although this issue was not prevalent in typical scenarios due to low descriptor counts, it potentially poses a risk in high-demand environments where accurate memory management is crucial.",Linux,Linux,5.5,MEDIUM,0.0004199999966658652,false,false,false,false,false,false,false,2024-12-29T11:30:20.516Z,0 CVE-2024-56755,https://securityvulnerability.io/vulnerability/CVE-2024-56755,Linux Kernel Vulnerability in FSCACHE Volume Creation Process,"A vulnerability has been identified in the Linux kernel relating to the fscache_create_volume function, where a missing memory barrier between the operations of bit-clearing and process wake-up can lead to potential indefinite waiting issues. This flaw occurs during the volume creation process when multiple cookies interact, causing one process to remain in a waiting state even after the necessary bit-clearing action has been completed. The absence of a barrier does not guarantee the timely detection of this action by the waiting process, leading to a potential deadlock scenario. To resolve this issue, a change was implemented to introduce proper barriers that ensure synchronization between the clear and wake operations.",Linux,Linux,5.5,MEDIUM,0.0004199999966658652,false,false,false,false,false,false,false,2024-12-29T11:30:19.795Z,0 CVE-2024-56754,https://securityvulnerability.io/vulnerability/CVE-2024-56754,Linux Kernel Vulnerability in CAAM Crypto Driver,"A vulnerability within the Linux kernel's CAAM (Cryptographic Acceleration and Assurance Module) driver has been identified where a pointer type mismatch occurs during the shutdown process. Specifically, the last parameter that is passed to the function 'devm_add_action_or_reset()' is of the type 'struct caam_drv_private *', yet it is incorrectly cast to 'struct device *' in the 'caam_qi_shutdown()' function. This miscasting can prevent resources from being released correctly, potentially leading to memory leaks or undefined behavior. The issue has been addressed in the subsequent patches to ensure the proper parameter type is utilized, thereby safeguarding against related operational risks.",Linux,Linux,5.5,MEDIUM,0.0004199999966658652,false,false,false,false,false,false,false,2024-12-29T11:30:19.049Z,0 CVE-2024-56753,https://securityvulnerability.io/vulnerability/CVE-2024-56753,Memory Leak in AMD GPU Driver for Linux Kernel,"In the Linux kernel, a vulnerability exists within the AMD GPU driver related to the GFX9 hardware. This vulnerability arises from an omission in the implementation of cleaner shader support. Specifically, the lack of proper deinitialization in the gfx_v9_0_sw_fini function can lead to memory not being released correctly, resulting in potential memory leaks. This situation can compromise the GPU state during subsequent initialization processes, thus affecting overall system stability and performance. The recent patch introduces necessary code to ensure that resources allocated for the cleaner shader are adequately freed, thereby improving memory management and reliability for affected users.",Linux,Linux,5.5,MEDIUM,0.0004299999854993075,false,false,false,false,false,false,false,2024-12-29T11:30:18.291Z,0 CVE-2024-56752,https://securityvulnerability.io/vulnerability/CVE-2024-56752,Lock Management Flaw in Linux Kernel's Nouveau Driver Affects GPU Performance,"The vulnerability within the Linux kernel's Nouveau driver involves an issue with mutex management that can arise during the execution of the gf100_gr_chan_new() function. Specifically, if the call to gf100_grctx_generate() fails, the necessary action of unlocking the mutex gr->fecs.mutex is not executed prior to return, which may lead to resource contention and potentially unstable GPU functionality. This flaw emphasizes the critical need for proper lock handling to ensure system stability and performance in graphical operations.",Linux,Linux,5.5,MEDIUM,0.0004199999966658652,false,false,false,false,false,false,false,2024-12-29T11:30:17.555Z,0 CVE-2024-56751,https://securityvulnerability.io/vulnerability/CVE-2024-56751,Linux Kernel IPv6 Device Removal Vulnerability,"A vulnerability in the Linux kernel pertains to the IPv6 subsystem, where improper handling of nexthop references occurs during device removal. This flaw can lead to hangs at the time of device cleanup, specifically when unregistering a network device under load. The vulnerability manifests when the kernel continues referencing a nexthop even after the associated device is set for removal, ultimately impacting overall network performance. Explicit management of the routing information base is necessary to ensure that connections are appropriately severed, preventing the persistent state from causing system instability. The resolution focuses on ensuring that referencing is adequately tracked and released during device disengagement, which is crucial for maintaining the integrity of the networking stack.",Linux,Linux,5.5,MEDIUM,0.0004199999966658652,false,false,false,false,false,false,false,2024-12-29T11:30:16.805Z,0 CVE-2024-56750,https://securityvulnerability.io/vulnerability/CVE-2024-56750,Linux Kernel Vulnerability in EROFS for File-Backed Mounts,"A vulnerability exists in the Linux kernel's EROFS filesystem that impacts file-backed mounts when the filesystem's block size is set smaller than the PAGE_SIZE. The issue arises from the improper adjustment of the sb->s_blocksize and sb->s_blocksize_bits parameters. This oversight leads to system instability and potential crashes, as the previous method of using sb_set_blocksize() was unsuitable for scenarios where block devices were not employed. It is critical for users operating with affected versions of the Linux kernel to ensure timely updates to mitigate this risk.",Linux,Linux,5.5,MEDIUM,0.0004299999854993075,false,false,false,false,false,false,false,2024-12-29T11:30:16.053Z,0 CVE-2024-56749,https://securityvulnerability.io/vulnerability/CVE-2024-56749,Linux Kernel Vulnerability in DLM Component,"A vulnerability in the Linux kernel's Distributed Lock Manager (DLM) component has been identified, which can occur during the member recovery process. Specifically, if the dlm_recover_members() function encounters an error, it fails to release references held by the root_list structure that is critical for maintaining resource state blocks (rsbs) during recovery. This can lead to resource retention issues, particularly in scenarios where ping_members() may be interrupted, causing an erroneous state that could affect overall kernel stability and performance. Ensuring timely updates and patches for affected kernel versions is essential to mitigate these concerns.",Linux,Linux,5.5,MEDIUM,0.0004199999966658652,false,false,false,false,false,false,false,2024-12-29T11:30:15.127Z,0 CVE-2024-56748,https://securityvulnerability.io/vulnerability/CVE-2024-56748,Memory Leak in Linux Kernel's QEDF Driver,"A memory leak vulnerability exists in the Linux kernel's QEDF (QLogic Ethernet Driver Framework) driver, specifically in the function qedf_alloc_and_init_sb(). When an initialization step fails, the hook 'qed_ops->common->sb_init' does not properly release allocated DMA memory (sb_virt). The absence of a corresponding dma_free_coherent() function call results in a potential memory leak, impacting system performance and resource utilization. This issue has been addressed in recent kernel updates, ensuring better memory management practices alongside the same approach utilized in other related functions, such as qedr_alloc_mem_sb() and qede_alloc_mem_sb().",Linux,Linux,5.5,MEDIUM,0.0004199999966658652,false,false,false,false,false,false,false,2024-12-29T11:30:14.378Z,0 CVE-2024-56747,https://securityvulnerability.io/vulnerability/CVE-2024-56747,Memory Leak Vulnerability in Linux Kernel Affecting SCSI QEDI Driver,"A memory leak vulnerability exists in the Linux kernel specifically impacting the SCSI QEDI driver, due to improper handling in the qedi_alloc_and_init_sb() function. When the initialization process fails, it does not release the DMA memory allocated for sb_virt, which may lead to resource exhaustion over time. The fix involves implementing dma_free_coherent() to correctly free memory, following the existing practices observed in similar allocation functions like qedr_alloc_mem_sb() and qede_alloc_mem_sb(). Addressing this issue is crucial for maintaining optimal system performance and stability.",Linux,Linux,5.5,MEDIUM,0.0004400000034365803,false,false,false,false,false,false,false,2024-12-29T11:30:13.739Z,0 CVE-2024-56746,https://securityvulnerability.io/vulnerability/CVE-2024-56746,Memory Leak Vulnerability in Linux Kernel Affecting fbdev,"A memory leak vulnerability exists in the Linux kernel's fbdev subsystem related to the sh7760 framebuffer device driver. This issue arises when the information, such as info->screen_base, is not initialized correctly. In such cases, invoking the sh7760fb_free_mem() function fails to release the allocated memory, leading to a potential memory leak. The solution involves using dma_free_coherent() to properly free the memory. Addressing this vulnerability is crucial to maintaining the stability and efficiency of systems operating on affected kernel versions.",Linux,Linux,5.5,MEDIUM,0.0004400000034365803,false,false,false,false,false,false,false,2024-12-29T11:30:13.074Z,0 CVE-2024-56745,https://securityvulnerability.io/vulnerability/CVE-2024-56745,Memory Leak Vulnerability in Linux Kernel Affecting PCI Functionality,"A vulnerability exists in the Linux kernel's PCI subsystem related to the reset_method_store() function, where improper handling of memory allocation results in memory leaks. The function uses kstrndup() to allocate a string assigned to a local variable named 'options'. During the processing of this string, the strsep() function can set 'options' to NULL if no spaces are found, preventing the allocated memory from being freed correctly. This oversight leads to potential memory leaks that could impact system performance and stability. A fix has been implemented by introducing a separate temporary variable to iterate over the options, ensuring the original memory allocation remains intact for proper deallocation. This resolution aids in safeguarding system resources and maintaining optimal performance.",Linux,Linux,5.5,MEDIUM,0.0004400000034365803,false,false,false,false,false,false,false,2024-12-29T11:30:12.434Z,0