CVE-2022-49035 – media: s5p_cec: limit msg.len to CEC_MAX_MSG_SIZE
https://notcve.org/view.php?id=CVE-2022-49035
In the Linux kernel, the following vulnerability has been resolved: media: s5p_cec: limit msg.len to CEC_MAX_MSG_SIZE I expect that the hardware will have limited this to 16, but just in case it hasn't, check for this corner case. • https://git.kernel.org/stable/c/7ccb40f26cbefa1c6dfd3418bea54c9518cdbd8a https://git.kernel.org/stable/c/fc0f76dd5f116fa9291327024dda392f8b4e849c https://git.kernel.org/stable/c/a2728bf9b6c65e46468c763e3dab7e04839d4e11 https://git.kernel.org/stable/c/4a449430ecfb199b99ba58af63c467eb53500b39 https://git.kernel.org/stable/c/1609231f86760c1f6a429de7913dd795b9faa08c https://git.kernel.org/stable/c/cbfa26936f318b16ccf9ca31b8e8b30c0dc087bd https://git.kernel.org/stable/c/2654e785bd4aa2439cdffbe7dc1ea30a0eddbfe4 https://git.kernel.org/stable/c/93f65ce036863893c164ca410938e0968 •
CVE-2024-56756 – nvme-pci: fix freeing of the HMB descriptor table
https://notcve.org/view.php?id=CVE-2024-56756
In the Linux kernel, the following vulnerability has been resolved: nvme-pci: fix freeing of the HMB descriptor table The HMB descriptor table is sized to the maximum number of descriptors that could be used for a given device, but __nvme_alloc_host_mem could break out of the loop earlier on memory allocation failure and end up using less descriptors than planned for, which leads to an incorrect size passed to dma_free_coherent. In practice this was not showing up because the number of descriptors tends to be low and the dma coherent allocator always allocates and frees at least a page. • https://git.kernel.org/stable/c/87ad72a59a38d1df217cfd95bc222a2edfe5d399 https://git.kernel.org/stable/c/ac22240540e0c5230d8c4138e3778420b712716a https://git.kernel.org/stable/c/452f9ddd12bebc04cef741e8ba3806bf0e1fd015 https://git.kernel.org/stable/c/869cf50b9c9d1059f5223f79ef68fc0bc6210095 https://git.kernel.org/stable/c/fb96d5cfa97a7363245b3dd523f475b04296d87b https://git.kernel.org/stable/c/cee3bff51a35cab1c5d842d409a7b11caefe2386 https://git.kernel.org/stable/c/6d0f599db73b099aa724a12736369c4d4d92849d https://git.kernel.org/stable/c/582d9ed999b004fb1d415ecbfa86d4d8d •
CVE-2024-56748 – scsi: qedf: Fix a possible memory leak in qedf_alloc_and_init_sb()
https://notcve.org/view.php?id=CVE-2024-56748
In the Linux kernel, the following vulnerability has been resolved: scsi: qedf: Fix a possible memory leak in qedf_alloc_and_init_sb() Hook "qed_ops->common->sb_init = qed_sb_init" does not release the DMA memory sb_virt when it fails. Add dma_free_coherent() to free it. This is the same way as qedr_alloc_mem_sb() and qede_alloc_mem_sb(). • https://git.kernel.org/stable/c/61d8658b4a435eac729966cc94cdda077a8df5cd https://git.kernel.org/stable/c/97384449ddfc07f12ca75f510eb070020d7abb34 https://git.kernel.org/stable/c/a56777a3ef5b35e24a20c4418bcf88bad033807a https://git.kernel.org/stable/c/64654bf5efb3f748e6fc41227adda689618ce9c4 https://git.kernel.org/stable/c/b514f45e0fe18d763a1afc34401b1585333cb329 https://git.kernel.org/stable/c/7c1832287b21ff68c4e3625e63cc7619edf5908b https://git.kernel.org/stable/c/0e04bd5a11dffe8c1c0e4c9fc79f7d3cd6182dd5 https://git.kernel.org/stable/c/78a169dc69fbdaf114c40e2d56955bf6b •
CVE-2024-56747 – scsi: qedi: Fix a possible memory leak in qedi_alloc_and_init_sb()
https://notcve.org/view.php?id=CVE-2024-56747
In the Linux kernel, the following vulnerability has been resolved: scsi: qedi: Fix a possible memory leak in qedi_alloc_and_init_sb() Hook "qedi_ops->common->sb_init = qed_sb_init" does not release the DMA memory sb_virt when it fails. Add dma_free_coherent() to free it. This is the same way as qedr_alloc_mem_sb() and qede_alloc_mem_sb(). • https://git.kernel.org/stable/c/ace7f46ba5fde7273207c7122b0650ceb72510e0 https://git.kernel.org/stable/c/4e48e5b26b3edc0e1dd329201ffc924a7a1f9337 https://git.kernel.org/stable/c/eaf92fad1f21be63427920c12f22227e5f757424 https://git.kernel.org/stable/c/a4d2011cbe039b25024831427b60ab91ee247066 https://git.kernel.org/stable/c/bb8b45883eb072adba297922b67d1467082ac880 https://git.kernel.org/stable/c/b778b5240485106abf665eb509cc01779ed0cb00 https://git.kernel.org/stable/c/10a6fc486ac40a410f0fb84cc15161238eccd20a https://git.kernel.org/stable/c/cfc76acaf2c4b43d1e140f1e4cbde15ad •
CVE-2024-56746 – fbdev: sh7760fb: Fix a possible memory leak in sh7760fb_alloc_mem()
https://notcve.org/view.php?id=CVE-2024-56746
In the Linux kernel, the following vulnerability has been resolved: fbdev: sh7760fb: Fix a possible memory leak in sh7760fb_alloc_mem() When information such as info->screen_base is not ready, calling sh7760fb_free_mem() does not release memory correctly. Call dma_free_coherent() instead. • https://git.kernel.org/stable/c/4a25e41831ee851c1365d8b41decc22493b18e6d https://git.kernel.org/stable/c/0d3fb3b3e9d66f7b6346e3b90bc0ff48683539ce https://git.kernel.org/stable/c/d48cbfa90dce506030151915fa3346d67f964af4 https://git.kernel.org/stable/c/29216bb390e36daeebef66abaa02d9751330252b https://git.kernel.org/stable/c/f4fbd70e15fafe36a7583954ce189aaf5536aeec https://git.kernel.org/stable/c/40f4326ed05a3b3537556ff2a844958b9e779a98 https://git.kernel.org/stable/c/3dd9df8e5f34c6fc4217a7498c1fb3c352d4afc2 https://git.kernel.org/stable/c/d10cd53e5a7fb3b7c6f83d4d9a5ea1d97 •