Vulnerabilities > Linux > Linux Kernel > 6.7.9
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-05-01 | CVE-2024-26962 | Improper Locking vulnerability in Linux Kernel In the Linux kernel, the following vulnerability has been resolved: dm-raid456, md/raid456: fix a deadlock for dm-raid456 while io concurrent with reshape For raid456, if reshape is still in progress, then IO across reshape position will wait for reshape to make progress. | 5.5 |
| 2024-05-01 | CVE-2024-26964 | NULL Pointer Dereference vulnerability in Linux Kernel In the Linux kernel, the following vulnerability has been resolved: usb: xhci: Add error handling in xhci_map_urb_for_dma Currently xhci_map_urb_for_dma() creates a temporary buffer and copies the SG list to the new linear buffer. | 5.5 |
| 2024-05-01 | CVE-2024-26966 | Improper Validation of Array Index vulnerability in multiple products In the Linux kernel, the following vulnerability has been resolved: clk: qcom: mmcc-apq8084: fix terminating of frequency table arrays The frequency table arrays are supposed to be terminated with an empty element. | 5.5 |
| 2024-05-01 | CVE-2024-26968 | Improper Validation of Array Index vulnerability in Linux Kernel In the Linux kernel, the following vulnerability has been resolved: clk: qcom: gcc-ipq9574: fix terminating of frequency table arrays The frequency table arrays are supposed to be terminated with an empty element. | 5.5 |
| 2024-05-01 | CVE-2024-26969 | Improper Validation of Array Index vulnerability in multiple products In the Linux kernel, the following vulnerability has been resolved: clk: qcom: gcc-ipq8074: fix terminating of frequency table arrays The frequency table arrays are supposed to be terminated with an empty element. | 5.5 |
| 2024-05-01 | CVE-2024-26971 | Unspecified vulnerability in Linux Kernel In the Linux kernel, the following vulnerability has been resolved: clk: qcom: gcc-ipq5018: fix terminating of frequency table arrays The frequency table arrays are supposed to be terminated with an empty element. | 5.5 |
| 2024-05-01 | CVE-2024-26973 | In the Linux kernel, the following vulnerability has been resolved: fat: fix uninitialized field in nostale filehandles When fat_encode_fh_nostale() encodes file handle without a parent it stores only first 10 bytes of the file handle. | 5.5 |
| 2024-05-01 | CVE-2024-26974 | Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in multiple products In the Linux kernel, the following vulnerability has been resolved: crypto: qat - resolve race condition during AER recovery During the PCI AER system's error recovery process, the kernel driver may encounter a race condition with freeing the reset_data structure's memory. | 7.0 |
| 2024-05-01 | CVE-2024-26975 | NULL Pointer Dereference vulnerability in Linux Kernel In the Linux kernel, the following vulnerability has been resolved: powercap: intel_rapl: Fix a NULL pointer dereference A NULL pointer dereference is triggered when probing the MMIO RAPL driver on platforms with CPU ID not listed in intel_rapl_common CPU model list. This is because the intel_rapl_common module still probes on such platforms even if 'defaults_msr' is not set after commit 1488ac990ac8 ("powercap: intel_rapl: Allow probing without CPUID match"). | 5.5 |
| 2024-05-01 | CVE-2024-26978 | NULL Pointer Dereference vulnerability in Linux Kernel In the Linux kernel, the following vulnerability has been resolved: serial: max310x: fix NULL pointer dereference in I2C instantiation When trying to instantiate a max14830 device from userspace: echo max14830 0x60 > /sys/bus/i2c/devices/i2c-2/new_device we get the following error: Unable to handle kernel NULL pointer dereference at virtual address... ... Call trace: max310x_i2c_probe+0x48/0x170 [max310x] i2c_device_probe+0x150/0x2a0 ... Add check for validity of devtype to prevent the error, and abort probe with a meaningful error message. | 5.5 |