CVSS: -EPSS: 0%CPEs: 2EXPL: 0CVE-2024-53133 – drm/amd/display: Handle dml allocation failure to avoid crash
https://notcve.org/view.php?id=CVE-2024-53133
04 Dec 2024 — In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Handle dml allocation failure to avoid crash [Why] In the case where a dml allocation fails for any reason, the current state's dml contexts would no longer be valid. Then subsequent calls dc_state_copy_internal would shallow copy invalid memory and if the new state was released, a double free would occur. [How] Reset dml pointers in new_state to NULL and avoid invalid pointer (cherry picked from commit bcafdc61529a48f6... • https://git.kernel.org/stable/c/874ff59cde8fc525112dda26b501a1bac17dde9f •
CVSS: -EPSS: 0%CPEs: 8EXPL: 0CVE-2024-53131 – nilfs2: fix null-ptr-deref in block_touch_buffer tracepoint
https://notcve.org/view.php?id=CVE-2024-53131
04 Dec 2024 — In the Linux kernel, the following vulnerability has been resolved: nilfs2: fix null-ptr-deref in block_touch_buffer tracepoint Patch series "nilfs2: fix null-ptr-deref bugs on block tracepoints". This series fixes null pointer dereference bugs that occur when using nilfs2 and two block-related tracepoints. This patch (of 2): It has been reported that when using "block:block_touch_buffer" tracepoint, touch_buffer() called from __nilfs_get_folio_block() causes a NULL pointer dereference, or a general p... • https://git.kernel.org/stable/c/5305cb830834549b9203ad4d009ad5483c5e293f •
CVSS: -EPSS: 0%CPEs: 8EXPL: 0CVE-2024-53130 – nilfs2: fix null-ptr-deref in block_dirty_buffer tracepoint
https://notcve.org/view.php?id=CVE-2024-53130
04 Dec 2024 — In the Linux kernel, the following vulnerability has been resolved: nilfs2: fix null-ptr-deref in block_dirty_buffer tracepoint When using the "block:block_dirty_buffer" tracepoint, mark_buffer_dirty() may cause a NULL pointer dereference, or a general protection fault when KASAN is enabled. This happens because, since the tracepoint was added in mark_buffer_dirty(), it references the dev_t member bh->b_bdev->bd_dev regardless of whether the buffer head has a pointer to a block_device structure. In the ... • https://git.kernel.org/stable/c/5305cb830834549b9203ad4d009ad5483c5e293f •
CVSS: -EPSS: 0%CPEs: 3EXPL: 0CVE-2024-53128 – sched/task_stack: fix object_is_on_stack() for KASAN tagged pointers
https://notcve.org/view.php?id=CVE-2024-53128
04 Dec 2024 — In the Linux kernel, the following vulnerability has been resolved: sched/task_stack: fix object_is_on_stack() for KASAN tagged pointers When CONFIG_KASAN_SW_TAGS and CONFIG_KASAN_STACK are enabled, the object_is_on_stack() function may produce incorrect results due to the presence of tags in the obj pointer, while the stack pointer does not have tags. This discrepancy can lead to incorrect stack object detection and subsequently trigger warnings if CONFIG_DEBUG_OBJECTS is also enabled. Example of the w... • https://git.kernel.org/stable/c/2d2b19ed4169c38dc6c61a186c5f7bdafc709691 •
CVSS: -EPSS: 0%CPEs: 2EXPL: 0CVE-2024-53114 – x86/CPU/AMD: Clear virtualized VMLOAD/VMSAVE on Zen4 client
https://notcve.org/view.php?id=CVE-2024-53114
02 Dec 2024 — In the Linux kernel, the following vulnerability has been resolved: x86/CPU/AMD: Clear virtualized VMLOAD/VMSAVE on Zen4 client A number of Zen4 client SoCs advertise the ability to use virtualized VMLOAD/VMSAVE, but using these instructions is reported to be a cause of a random host reboot. These instructions aren't intended to be advertised on Zen4 client so clear the capability. En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: x86/CPU/AMD: Borrar VMLOAD/VMSAVE virtualizado en el clie... • https://git.kernel.org/stable/c/00c713f84f477a85e524f34aad8fbd11a1c051f0 •
CVSS: -EPSS: 0%CPEs: 8EXPL: 0CVE-2024-53112 – ocfs2: uncache inode which has failed entering the group
https://notcve.org/view.php?id=CVE-2024-53112
02 Dec 2024 — In the Linux kernel, the following vulnerability has been resolved: ocfs2: uncache inode which has failed entering the group Syzbot has reported the following BUG: kernel BUG at fs/ocfs2/uptodate.c:509! ... Call Trace: <TASK> ? __die_body+0x5f/0xb0 ? die+0x9e/0xc0 ? do_trap+0x15a/0x3a0 ? • https://git.kernel.org/stable/c/7909f2bf835376a20d6dbf853eb459a27566eba2 •
CVSS: -EPSS: 0%CPEs: 3EXPL: 0CVE-2024-53108 – drm/amd/display: Adjust VSDB parser for replay feature
https://notcve.org/view.php?id=CVE-2024-53108
02 Dec 2024 — In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Adjust VSDB parser for replay feature At some point, the IEEE ID identification for the replay check in the AMD EDID was added. However, this check causes the following out-of-bounds issues when using KASAN: [ 27.804016] BUG: KASAN: slab-out-of-bounds in amdgpu_dm_update_freesync_caps+0xefa/0x17a0 [amdgpu] [ 27.804788] Read of size 1 at addr ffff8881647fdb00 by task systemd-udevd/383 ... [ 27.821207] Memory state... • https://git.kernel.org/stable/c/0a326fbc8f72a320051f27328d4d4e7abdfe68d7 •
CVSS: 7.8EPSS: 0%CPEs: 9EXPL: 0CVE-2024-53104 – media: uvcvideo: Skip parsing frames of type UVC_VS_UNDEFINED in uvc_parse_format
https://notcve.org/view.php?id=CVE-2024-53104
02 Dec 2024 — In the Linux kernel, the following vulnerability has been resolved: media: uvcvideo: Skip parsing frames of type UVC_VS_UNDEFINED in uvc_parse_format This can lead to out of bounds writes since frames of this type were not taken into account when calculating the size of the frames buffer in uvc_parse_streaming. En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: media: uvcvideo: Omitir el análisis de fotogramas de tipo UVC_VS_UNDEFINED en uvc_parse_format Esto puede provocar escrituras fuer... • https://git.kernel.org/stable/c/c0efd232929c2cd87238de2cccdaf4e845be5b0c • CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 8EXPL: 0CVE-2023-52922 – can: bcm: Fix UAF in bcm_proc_show()
https://notcve.org/view.php?id=CVE-2023-52922
28 Nov 2024 — In the Linux kernel, the following vulnerability has been resolved: can: bcm: Fix UAF in bcm_proc_show() BUG: KASAN: slab-use-after-free in bcm_proc_show+0x969/0xa80 Read of size 8 at addr ffff888155846230 by task cat/7862 CPU: 1 PID: 7862 Comm: cat Not tainted 6.5.0-rc1-00153-gc8746099c197 #230 Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.15.0-1 04/01/2014 Call Trace:
CVSS: -EPSS: 0%CPEs: 8EXPL: 0CVE-2024-53101 – fs: Fix uninitialized value issue in from_kuid and from_kgid
https://notcve.org/view.php?id=CVE-2024-53101
25 Nov 2024 — In the Linux kernel, the following vulnerability has been resolved: fs: Fix uninitialized value issue in from_kuid and from_kgid ocfs2_setattr() uses attr->ia_mode, attr->ia_uid and attr->ia_gid in a trace point even though ATTR_MODE, ATTR_UID and ATTR_GID aren't set. Initialize all fields of newattrs to avoid uninitialized variables, by checking if ATTR_MODE, ATTR_UID, ATTR_GID are initialized, otherwise 0. • https://git.kernel.org/stable/c/a0c77e5e3dcbffc7c6080ccc89c037f0c86496cf •