2988 results (0.006 seconds)

CVSS: 7.2EPSS: 0%CPEs: 4EXPL: 0

06 Jan 2025 — In the Linux kernel, the following vulnerability has been resolved: media: dvb-frontends: dib3000mb: fix uninit-value in dib3000_write_reg Syzbot reports [1] an uninitialized value issue found by KMSAN in dib3000_read_reg(). Local u8 rb[2] is used in i2c_transfer() as a read buffer; in case that call fails, the buffer may end up with some undefined values. Since no elaborate error handling is expected in dib3000_write_reg(), simply zero out rb buffer to mitigate the problem. [1] Syzkaller report dvb-usb: bu... • https://git.kernel.org/stable/c/74340b0a8bc60b400c7e5fe4950303aa6f914d16 •

CVSS: 5.5EPSS: 0%CPEs: 4EXPL: 0

06 Jan 2025 — In the Linux kernel, the following vulnerability has been resolved: dmaengine: at_xdmac: avoid null_prt_deref in at_xdmac_prep_dma_memset The at_xdmac_memset_create_desc may return NULL, which will lead to a null pointer dereference. For example, the len input is error, or the atchan->free_descs_list is empty and memory is exhausted. Therefore, add check to avoid this. En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: dmaengine: at_xdmac: evitar null_prt_deref en at_xdmac_prep_dma_memset El... • https://git.kernel.org/stable/c/b206d9a23ac71cb905f5fb6e0cd813406f89b678 •

CVSS: 5.5EPSS: 0%CPEs: 4EXPL: 0

06 Jan 2025 — In the Linux kernel, the following vulnerability has been resolved: tracing: Prevent bad count for tracing_cpumask_write If a large count is provided, it will trigger a warning in bitmap_parse_user. Also check zero for it. En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: tracing: Evitar recuento incorrecto para tracing_cpumask_write Si se proporciona un recuento alto, se activará una advertencia en bitmap_parse_user. También verifique que esté a cero. In the Linux kernel, the following vul... • https://git.kernel.org/stable/c/9e01c1b74c9531e301c900edaa92a99fcb7738f2 •

CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0

06 Jan 2025 — In the Linux kernel, the following vulnerability has been resolved: btrfs: fix use-after-free when COWing tree bock and tracing is enabled When a COWing a tree block, at btrfs_cow_block(), and we have the tracepoint trace_btrfs_cow_block() enabled and preemption is also enabled (CONFIG_PREEMPT=y), we can trigger a use-after-free in the COWed extent buffer while inside the tracepoint code. This is because in some paths that call btrfs_cow_block(), such as btrfs_search_slot(), we are holding the last referenc... • https://git.kernel.org/stable/c/c3a403d8ce36f5a809a492581de5ad17843e4701 •

CVSS: 4.9EPSS: 0%CPEs: 2EXPL: 0

06 Jan 2025 — In the Linux kernel, the following vulnerability has been resolved: Bluetooth: btusb: mediatek: add intf release flow when usb disconnect MediaTek claim an special usb intr interface for ISO data transmission. The interface need to be released before unregistering hci device when usb disconnect. Removing BT usb dongle without properly releasing the interface may cause Kernel panic while unregister hci device. En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: Bluetooth: btusb: mediatek: agre... • https://git.kernel.org/stable/c/cc569d791ab2a0de74f76e470515d25d24c9b84b •

CVSS: -EPSS: 0%CPEs: 8EXPL: 0

02 Jan 2025 — In the Linux kernel, the following vulnerability has been resolved: media: s5p_cec: limit msg.len to CEC_MAX_MSG_SIZE I expect that the hardware will have limited this to 16, but just in case it hasn't, check for this corner case. In the Linux kernel, the following vulnerability has been resolved: media: s5p_cec: limit msg.len to CEC_MAX_MSG_SIZE I expect that the hardware will have limited this to 16, but just in case it hasn't, check for this corner case. • https://git.kernel.org/stable/c/7ccb40f26cbefa1c6dfd3418bea54c9518cdbd8a •

CVSS: 5.5EPSS: 0%CPEs: 8EXPL: 0

29 Dec 2024 — In the Linux kernel, the following vulnerability has been resolved: nvme-pci: fix freeing of the HMB descriptor table The HMB descriptor table is sized to the maximum number of descriptors that could be used for a given device, but __nvme_alloc_host_mem could break out of the loop earlier on memory allocation failure and end up using less descriptors than planned for, which leads to an incorrect size passed to dma_free_coherent. In practice this was not showing up because the number of descriptors tends to ... • https://git.kernel.org/stable/c/87ad72a59a38d1df217cfd95bc222a2edfe5d399 •

CVSS: 5.5EPSS: 0%CPEs: 8EXPL: 0

29 Dec 2024 — In the Linux kernel, the following vulnerability has been resolved: scsi: qedf: Fix a possible memory leak in qedf_alloc_and_init_sb() Hook "qed_ops->common->sb_init = qed_sb_init" does not release the DMA memory sb_virt when it fails. Add dma_free_coherent() to free it. This is the same way as qedr_alloc_mem_sb() and qede_alloc_mem_sb(). In the Linux kernel, the following vulnerability has been resolved: scsi: qedf: Fix a possible memory leak in qedf_alloc_and_init_sb() Hook "qed_ops->common->sb_init = qed... • https://git.kernel.org/stable/c/61d8658b4a435eac729966cc94cdda077a8df5cd •

CVSS: 5.5EPSS: 0%CPEs: 9EXPL: 0

29 Dec 2024 — In the Linux kernel, the following vulnerability has been resolved: scsi: qedi: Fix a possible memory leak in qedi_alloc_and_init_sb() Hook "qedi_ops->common->sb_init = qed_sb_init" does not release the DMA memory sb_virt when it fails. Add dma_free_coherent() to free it. This is the same way as qedr_alloc_mem_sb() and qede_alloc_mem_sb(). In the Linux kernel, the following vulnerability has been resolved: scsi: qedi: Fix a possible memory leak in qedi_alloc_and_init_sb() Hook "qedi_ops->common->sb_init = q... • https://git.kernel.org/stable/c/ace7f46ba5fde7273207c7122b0650ceb72510e0 •

CVSS: 5.5EPSS: 0%CPEs: 9EXPL: 0

29 Dec 2024 — In the Linux kernel, the following vulnerability has been resolved: fbdev: sh7760fb: Fix a possible memory leak in sh7760fb_alloc_mem() When information such as info->screen_base is not ready, calling sh7760fb_free_mem() does not release memory correctly. Call dma_free_coherent() instead. In the Linux kernel, the following vulnerability has been resolved: fbdev: sh7760fb: Fix a possible memory leak in sh7760fb_alloc_mem() When information such as info->screen_base is not ready, calling sh7760fb_free_mem() d... • https://git.kernel.org/stable/c/4a25e41831ee851c1365d8b41decc22493b18e6d •