Vulnerabilities > Linux > Linux Kernel > 5.4.130

DATE CVE VULNERABILITY TITLE RISK
2024-11-08 CVE-2024-50183 Race Condition vulnerability in Linux Kernel
In the Linux kernel, the following vulnerability has been resolved: scsi: lpfc: Ensure DA_ID handling completion before deleting an NPIV instance Deleting an NPIV instance requires all fabric ndlps to be released before an NPIV's resources can be torn down.
local
high complexity
linux CWE-362
4.7
2024-11-08 CVE-2024-50184 Improper Check for Unusual or Exceptional Conditions vulnerability in Linux Kernel
In the Linux kernel, the following vulnerability has been resolved: virtio_pmem: Check device status before requesting flush If a pmem device is in a bad status, the driver side could wait for host ack forever in virtio_pmem_flush(), causing the system to hang. So add a status check in the beginning of virtio_pmem_flush() to return early if the device is not activated.
local
low complexity
linux CWE-754
5.5
2024-11-08 CVE-2024-50187 Unspecified vulnerability in Linux Kernel
In the Linux kernel, the following vulnerability has been resolved: drm/vc4: Stop the active perfmon before being destroyed Upon closing the file descriptor, the active performance monitor is not stopped.
local
low complexity
linux
5.5
2024-11-08 CVE-2024-50191 Unspecified vulnerability in Linux Kernel
In the Linux kernel, the following vulnerability has been resolved: ext4: don't set SB_RDONLY after filesystem errors When the filesystem is mounted with errors=remount-ro, we were setting SB_RDONLY flag to stop all filesystem modifications.
local
low complexity
linux
5.5
2024-11-08 CVE-2024-50193 Unspecified vulnerability in Linux Kernel
In the Linux kernel, the following vulnerability has been resolved: x86/entry_32: Clear CPU buffers after register restore in NMI return CPU buffers are currently cleared after call to exc_nmi, but before register state is restored.
local
low complexity
linux
7.1
2024-11-08 CVE-2024-50194 Unspecified vulnerability in Linux Kernel
In the Linux kernel, the following vulnerability has been resolved: arm64: probes: Fix uprobes for big-endian kernels The arm64 uprobes code is broken for big-endian kernels as it doesn't convert the in-memory instruction encoding (which is always little-endian) into the kernel's native endianness before analyzing and simulating instructions.
local
low complexity
linux
5.5
2024-11-08 CVE-2024-50195 Improper Check for Unusual or Exceptional Conditions vulnerability in Linux Kernel
In the Linux kernel, the following vulnerability has been resolved: posix-clock: Fix missing timespec64 check in pc_clock_settime() As Andrew pointed out, it will make sense that the PTP core checked timespec64 struct's tv_sec and tv_nsec range before calling ptp->info->settime64(). As the man manual of clock_settime() said, if tp.tv_sec is negative or tp.tv_nsec is outside the range [0..999,999,999], it should return EINVAL, which include dynamic clocks which handles PTP clock, and the condition is consistent with timespec64_valid().
local
low complexity
linux CWE-754
5.5
2024-11-08 CVE-2024-50196 Improper Check for Unusual or Exceptional Conditions vulnerability in Linux Kernel
In the Linux kernel, the following vulnerability has been resolved: pinctrl: ocelot: fix system hang on level based interrupts The current implementation only calls chained_irq_enter() and chained_irq_exit() if it detects pending interrupts. ``` for (i = 0; i < info->stride; i++) { uregmap_read(info->map, id_reg + 4 * i, &reg); if (!reg) continue; chained_irq_enter(parent_chip, desc); ``` However, in case of GPIO pin configured in level mode and the parent controller configured in edge mode, GPIO interrupt might be lowered by the hardware.
local
low complexity
linux CWE-754
5.5
2024-11-08 CVE-2024-50202 Improper Handling of Exceptional Conditions vulnerability in Linux Kernel
In the Linux kernel, the following vulnerability has been resolved: nilfs2: propagate directory read errors from nilfs_find_entry() Syzbot reported that a task hang occurs in vcs_open() during a fuzzing test for nilfs2. The root cause of this problem is that in nilfs_find_entry(), which searches for directory entries, ignores errors when loading a directory page/folio via nilfs_get_folio() fails. If the filesystem images is corrupted, and the i_size of the directory inode is large, and the directory page/folio is successfully read but fails the sanity check, for example when it is zero-filled, nilfs_check_folio() may continue to spit out error messages in bursts. Fix this issue by propagating the error to the callers when loading a page/folio fails in nilfs_find_entry(). The current interface of nilfs_find_entry() and its callers is outdated and cannot propagate error codes such as -EIO and -ENOMEM returned via nilfs_find_entry(), so fix it together.
local
low complexity
linux CWE-755
5.5
2024-11-08 CVE-2024-50205 Divide By Zero vulnerability in Linux Kernel
In the Linux kernel, the following vulnerability has been resolved: ALSA: firewire-lib: Avoid division by zero in apply_constraint_to_size() The step variable is initialized to zero.
local
low complexity
linux CWE-369
5.5