CVSS: 5.5EPSS: 0%CPEs: 6EXPL: 0CVE-2022-48717 – ASoC: max9759: fix underflow in speaker_gain_control_put()
https://notcve.org/view.php?id=CVE-2022-48717
20 Jun 2024 — In the Linux kernel, the following vulnerability has been resolved: ASoC: max9759: fix underflow in speaker_gain_control_put() Check for negative values of "priv->gain" to prevent an out of bounds access. The concern is that these might come from the user via: -> snd_ctl_elem_write_user() -> snd_ctl_elem_write() -> kctl->put() En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: ASoC: max9759: corrige el desbordamiento en altavoz_gain_control_put() Compruebe si hay valores negativos de "priv-&... • https://git.kernel.org/stable/c/fa8d915172b8c10ec0734c4021e99e9705023b07 •
CVSS: 3.6EPSS: 0%CPEs: 8EXPL: 0CVE-2022-48715 – scsi: bnx2fc: Make bnx2fc_recv_frame() mp safe
https://notcve.org/view.php?id=CVE-2022-48715
20 Jun 2024 — In the Linux kernel, the following vulnerability has been resolved: scsi: bnx2fc: Make bnx2fc_recv_frame() mp safe Running tests with a debug kernel shows that bnx2fc_recv_frame() is modifying the per_cpu lport stats counters in a non-mpsafe way. Just boot a debug kernel and run the bnx2fc driver with the hardware enabled. [ 1391.699147] BUG: using smp_processor_id() in preemptible [00000000] code: bnx2fc_ [ 1391.699160] caller is bnx2fc_recv_frame+0xbf9/0x1760 [bnx2fc] [ 1391.699174] CPU: 2 PID: 4355 Comm:... • https://git.kernel.org/stable/c/d576a5e80cd07ea7049f8fd7b303c14df7b5d7d2 •
CVSS: 4.4EPSS: 0%CPEs: 4EXPL: 0CVE-2022-48712 – ext4: fix error handling in ext4_fc_record_modified_inode()
https://notcve.org/view.php?id=CVE-2022-48712
20 Jun 2024 — In the Linux kernel, the following vulnerability has been resolved: ext4: fix error handling in ext4_fc_record_modified_inode() Current code does not fully takes care of krealloc() error case, which could lead to silent memory corruption or a kernel bug. This patch fixes that. Also it cleans up some duplicated error handling logic from various functions in fast_commit.c file. En el kernel de Linux, se resolvió la siguiente vulnerabilidad: ext4: corrige el manejo de errores en ext4_fc_record_modified_inode()... • https://git.kernel.org/stable/c/62e46e0ffc02daa8fcfc02f7a932cc8a19601b19 •
CVSS: 7.0EPSS: 0%CPEs: 8EXPL: 0CVE-2022-48711 – tipc: improve size validations for received domain records
https://notcve.org/view.php?id=CVE-2022-48711
20 Jun 2024 — In the Linux kernel, the following vulnerability has been resolved: tipc: improve size validations for received domain records The function tipc_mon_rcv() allows a node to receive and process domain_record structs from peer nodes to track their views of the network topology. This patch verifies that the number of members in a received domain record does not exceed the limit defined by MAX_MON_DOMAIN, something that may otherwise lead to a stack overflow. tipc_mon_rcv() is called from the function tipc_link_... • https://git.kernel.org/stable/c/35c55c9877f8de0ab129fa1a309271d0ecc868b9 •
CVSS: 5.5EPSS: 0%CPEs: 9EXPL: 0CVE-2021-47620 – Bluetooth: refactor malicious adv data check
https://notcve.org/view.php?id=CVE-2021-47620
20 Jun 2024 — In the Linux kernel, the following vulnerability has been resolved: Bluetooth: refactor malicious adv data check Check for out-of-bound read was being performed at the end of while num_reports loop, and would fill journal with false positives. Added check to beginning of loop processing so that it doesn't get checked after ptr has been advanced. En el kernel de Linux, se resolvió la siguiente vulnerabilidad: Bluetooth: refactorización de verificación de datos publicitarios maliciosos. Se estaba realizando u... • https://git.kernel.org/stable/c/305e92f525450f3e1b5f5c9dc7eadb152d66a082 •
CVSS: 5.5EPSS: 0%CPEs: 6EXPL: 0CVE-2021-47619 – i40e: Fix queues reservation for XDP
https://notcve.org/view.php?id=CVE-2021-47619
20 Jun 2024 — In the Linux kernel, the following vulnerability has been resolved: i40e: Fix queues reservation for XDP When XDP was configured on a system with large number of CPUs and X722 NIC there was a call trace with NULL pointer dereference. i40e 0000:87:00.0: failed to get tracking for 256 queues for VSI 0 err -12 i40e 0000:87:00.0: setup of MAIN VSI failed BUG: kernel NULL pointer dereference, address: 0000000000000000 RIP: 0010:i40e_xdp+0xea/0x1b0 [i40e] Call Trace: ? i40e_reconfig_rss_queues+0x130/0x130 [i40e] ... • https://git.kernel.org/stable/c/41c445ff0f482bb6e6b72dcee9e598e20575f743 •
CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 0CVE-2021-47618 – ARM: 9170/1: fix panic when kasan and kprobe are enabled
https://notcve.org/view.php?id=CVE-2021-47618
20 Jun 2024 — In the Linux kernel, the following vulnerability has been resolved: ARM: 9170/1: fix panic when kasan and kprobe are enabled arm32 uses software to simulate the instruction replaced by kprobe. some instructions may be simulated by constructing assembly functions. therefore, before executing instruction simulation, it is necessary to construct assembly function execution environment in C language through binding registers. after kasan is enabled, the register binding relationship will be destroyed, resulting... • https://git.kernel.org/stable/c/35aa1df4328340f38edc46f00837f08d33d49f63 •
CVSS: 5.5EPSS: 0%CPEs: 6EXPL: 0CVE-2021-47617 – PCI: pciehp: Fix infinite loop in IRQ handler upon power fault
https://notcve.org/view.php?id=CVE-2021-47617
20 Jun 2024 — In the Linux kernel, the following vulnerability has been resolved: PCI: pciehp: Fix infinite loop in IRQ handler upon power fault The Power Fault Detected bit in the Slot Status register differs from all other hotplug events in that it is sticky: It can only be cleared after turning off slot power. Per PCIe r5.0, sec. 6.7.1.8: If a power controller detects a main power fault on the hot-plug slot, it must automatically set its internal main power fault latch [...]. The main power fault latch is cleared when... • https://git.kernel.org/stable/c/a8cc52270f3d8e8f4faf01ffd6c4a95bbfb55ba4 •
CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 0CVE-2024-38620 – Bluetooth: HCI: Remove HCI_AMP support
https://notcve.org/view.php?id=CVE-2024-38620
20 Jun 2024 — In the Linux kernel, the following vulnerability has been resolved: Bluetooth: HCI: Remove HCI_AMP support Since BT_HS has been remove HCI_AMP controllers no longer has any use so remove it along with the capability of creating AMP controllers. Since we no longer need to differentiate between AMP and Primary controllers, as only HCI_PRIMARY is left, this also remove hdev->dev_type altogether. En el kernel de Linux, se resolvió la siguiente vulnerabilidad: Bluetooth: HCI: eliminar la compatibilidad con HCI_A... • https://git.kernel.org/stable/c/244bc377591c3882f454882357bc730c90cbedb5 •
CVSS: 5.5EPSS: 0%CPEs: 8EXPL: 0CVE-2024-38619 – usb-storage: alauda: Check whether the media is initialized
https://notcve.org/view.php?id=CVE-2024-38619
20 Jun 2024 — In the Linux kernel, the following vulnerability has been resolved: usb-storage: alauda: Check whether the media is initialized The member "uzonesize" of struct alauda_info will remain 0 if alauda_init_media() fails, potentially causing divide errors in alauda_read_data() and alauda_write_lba(). - Add a member "media_initialized" to struct alauda_info. - Change a condition in alauda_check_media() to ensure the first initialization. - Add an error check for the return value of alauda_init_media(). En el kern... • https://git.kernel.org/stable/c/e80b0fade09ef1ee67b0898d480d4c588f124d5f • CWE-457: Use of Uninitialized Variable •