Threat and Vulnerability Intelligence Database

Example Searches:

CVE-2024-56730	net/9p/usbg: fix handling of the failed kzalloc() memory allocation Description: In the Linux kernel, the following vulnerability has been resolved: net/9p/usbg: fix handling of the failed kzalloc() memory allocation On the linux-next, next-20241108 vanilla kernel, the coccinelle tool gave the following error report: ./net/9p/trans_usbg.c:912:5-11: ERROR: allocation function on line 911 returns NULL not ERR_PTR on failure kzalloc() failure is fixed to handle the NULL return case on the memory exhaustion. EPSS Score: 0.04% Source: CVE December 30th, 2024 (5 months ago)
CVE-2024-56729	smb: Initialize cfid->tcon before performing network ops Description: In the Linux kernel, the following vulnerability has been resolved: smb: Initialize cfid->tcon before performing network ops Avoid leaking a tcon ref when a lease break races with opening the cached directory. Processing the leak break might take a reference to the tcon in cached_dir_lease_break() and then fail to release the ref in cached_dir_offload_close, since cfid->tcon is still NULL. EPSS Score: 0.04% Source: CVE December 30th, 2024 (5 months ago)
CVE-2024-56728	octeontx2-pf: handle otx2_mbox_get_rsp errors in otx2_ethtool.c Description: In the Linux kernel, the following vulnerability has been resolved: octeontx2-pf: handle otx2_mbox_get_rsp errors in otx2_ethtool.c Add error pointer check after calling otx2_mbox_get_rsp(). EPSS Score: 0.04% Source: CVE December 30th, 2024 (5 months ago)
CVE-2024-56727	octeontx2-pf: handle otx2_mbox_get_rsp errors in otx2_flows.c Description: In the Linux kernel, the following vulnerability has been resolved: octeontx2-pf: handle otx2_mbox_get_rsp errors in otx2_flows.c Adding error pointer check after calling otx2_mbox_get_rsp(). EPSS Score: 0.04% Source: CVE December 30th, 2024 (5 months ago)
CVE-2024-56726	octeontx2-pf: handle otx2_mbox_get_rsp errors in cn10k.c Description: In the Linux kernel, the following vulnerability has been resolved: octeontx2-pf: handle otx2_mbox_get_rsp errors in cn10k.c Add error pointer check after calling otx2_mbox_get_rsp(). EPSS Score: 0.04% Source: CVE December 30th, 2024 (5 months ago)
CVE-2024-56725	octeontx2-pf: handle otx2_mbox_get_rsp errors in otx2_dcbnl.c Description: In the Linux kernel, the following vulnerability has been resolved: octeontx2-pf: handle otx2_mbox_get_rsp errors in otx2_dcbnl.c Add error pointer check after calling otx2_mbox_get_rsp(). EPSS Score: 0.04% Source: CVE December 30th, 2024 (5 months ago)
CVE-2024-56724	mfd: intel_soc_pmic_bxtwc: Use IRQ domain for TMU device Description: In the Linux kernel, the following vulnerability has been resolved: mfd: intel_soc_pmic_bxtwc: Use IRQ domain for TMU device While design wise the idea of converting the driver to use the hierarchy of the IRQ chips is correct, the implementation has (inherited) flaws. This was unveiled when platform_get_irq() had started WARN() on IRQ 0 that is supposed to be a Linux IRQ number (also known as vIRQ). Rework the driver to respect IRQ domain when creating each MFD device separately, as the domain is not the same for all of them. EPSS Score: 0.04% Source: CVE December 30th, 2024 (5 months ago)
CVE-2024-56723	mfd: intel_soc_pmic_bxtwc: Use IRQ domain for PMIC devices Description: In the Linux kernel, the following vulnerability has been resolved: mfd: intel_soc_pmic_bxtwc: Use IRQ domain for PMIC devices While design wise the idea of converting the driver to use the hierarchy of the IRQ chips is correct, the implementation has (inherited) flaws. This was unveiled when platform_get_irq() had started WARN() on IRQ 0 that is supposed to be a Linux IRQ number (also known as vIRQ). Rework the driver to respect IRQ domain when creating each MFD device separately, as the domain is not the same for all of them. EPSS Score: 0.04% Source: CVE December 30th, 2024 (5 months ago)
CVE-2024-56722	RDMA/hns: Fix cpu stuck caused by printings during reset Description: In the Linux kernel, the following vulnerability has been resolved: RDMA/hns: Fix cpu stuck caused by printings during reset During reset, cmd to destroy resources such as qp, cq, and mr may fail, and error logs will be printed. When a large number of resources are destroyed, there will be lots of printings, and it may lead to a cpu stuck. Delete some unnecessary printings and replace other printing functions in these paths with the ratelimited version. EPSS Score: 0.04% Source: CVE December 30th, 2024 (5 months ago)
CVE-2024-56721	x86/CPU/AMD: Terminate the erratum_1386_microcode array Description: In the Linux kernel, the following vulnerability has been resolved: x86/CPU/AMD: Terminate the erratum_1386_microcode array The erratum_1386_microcode array requires an empty entry at the end. Otherwise x86_match_cpu_with_stepping() will continue iterate the array after it ended. Add an empty entry to erratum_1386_microcode to its end. EPSS Score: 0.04% Source: CVE December 30th, 2024 (5 months ago)