CVSS: 5.5EPSS: 0%CPEs: 4EXPL: 0CVE-2024-46720 – drm/amdgpu: fix dereference after null check
https://notcve.org/view.php?id=CVE-2024-46720
18 Sep 2024 — In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: fix dereference after null check check the pointer hive before use. Chenyuan Yang discovered that the USB Gadget subsystem in the Linux kernel did not properly check for the device to be enabled before writing. ... Several security issues were discovered in the Linux kernel. • https://git.kernel.org/stable/c/1b73ea3d97cc23f9b16d10021782b48397d2b517 •
CVSS: 5.5EPSS: 0%CPEs: 7EXPL: 0CVE-2024-46719 – usb: typec: ucsi: Fix null pointer dereference in trace
https://notcve.org/view.php?id=CVE-2024-46719
18 Sep 2024 — In the Linux kernel, the following vulnerability has been resolved: usb: typec: ucsi: Fix null pointer dereference in trace ucsi_register_altmode checks IS_ERR for the alt pointer and treats NULL as valid. In the Linux kernel, the following vulnerability has been resolved: usb: typec: ucsi: Fix null pointer dereference in trace ucsi_register_altmode checks IS_ERR for the alt pointer and treats NULL as valid. ... • https://git.kernel.org/stable/c/8095bf0579ed4906a33f7bec675bfb29b6b16a3b •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2024-46718 – drm/xe: Don't overmap identity VRAM mapping
https://notcve.org/view.php?id=CVE-2024-46718
18 Sep 2024 — In the Linux kernel, the following vulnerability has been resolved: drm/xe: Don't overmap identity VRAM mapping Overmapping the identity VRAM mapping is triggering hardware bugs on certain platforms. Use 2M pages for the last unaligned (to 1G) VRAM chunk. v2: - Always use 2M pages for last chunk (Fei Yang) - break loop when 2M pages are used - Add assert for usable_size being 2M aligned v3: - Fix checkpatch In the Linux kernel, the following vulnerability has been resolved: drm/xe: Don't overm... • https://git.kernel.org/stable/c/dd08ebf6c3525a7ea2186e636df064ea47281987 •
CVSS: 5.5EPSS: 0%CPEs: 4EXPL: 0CVE-2024-46717 – net/mlx5e: SHAMPO, Fix incorrect page release
https://notcve.org/view.php?id=CVE-2024-46717
18 Sep 2024 — In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: SHAMPO, Fix incorrect page release Under the following conditions: 1) No skb created yet 2) header_size == 0 (no SHAMPO header) 3) header_index + 1 % MLX5E_SHAMPO_WQ_HEADER_PER_PAGE == 0 (this is the last page fragment of a SHAMPO header page) a new skb is formed with a page that is NOT a SHAMPO header page (it is a regular data page). In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: SH... • https://git.kernel.org/stable/c/03924d117625ecb10ee3c9b65930bcb2c37ae629 •
CVSS: 3.3EPSS: 0%CPEs: 4EXPL: 0CVE-2024-46716 – dmaengine: altera-msgdma: properly free descriptor in msgdma_free_descriptor
https://notcve.org/view.php?id=CVE-2024-46716
18 Sep 2024 — In the Linux kernel, the following vulnerability has been resolved: dmaengine: altera-msgdma: properly free descriptor in msgdma_free_descriptor Remove list_del call in msgdma_chan_desc_cleanup, this should be the role of msgdma_free_descriptor. In the Linux kernel, the following vulnerability has been resolved: dmaengine: altera-msgdma: properly free descriptor in msgdma_free_descriptor Remove list_del call in msgdma_chan_desc_cleanup, this should be the role of msgdma_free_descriptor. ... • https://git.kernel.org/stable/c/a3480e59fdbe5585d2d1eff0bed7671583acf725 •
CVSS: 5.5EPSS: 0%CPEs: 4EXPL: 0CVE-2024-46715 – driver: iio: add missing checks on iio_info's callback access
https://notcve.org/view.php?id=CVE-2024-46715
18 Sep 2024 — In the Linux kernel, the following vulnerability has been resolved: driver: iio: add missing checks on iio_info's callback access Some callbacks from iio_info structure are accessed without any check, so if a driver doesn't implement them trying to access the corresponding sysfs entries produce a kernel oops such as: [ 2203.527791] Unable to handle kernel NULL pointer dereference at virtual address 00000000 when execute [...] [ 2203.783416] Call trace: [ 2203.783429] iio_read_channel_info_avail from ... • https://git.kernel.org/stable/c/0cc7e0ee31e5c44904e98e2229d591e093282a70 •
CVSS: 5.5EPSS: 0%CPEs: 7EXPL: 0CVE-2024-46714 – drm/amd/display: Skip wbscl_set_scaler_filter if filter is null
https://notcve.org/view.php?id=CVE-2024-46714
18 Sep 2024 — In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Skip wbscl_set_scaler_filter if filter is null Callers can pass null in filter (i.e. In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Skip wbscl_set_scaler_filter if filter is null Callers can pass null in filter (i.e. from returned from the function wbscl_get_filter_coeffs_16p) and a null check is added to ensure that is not the case. ... • https://git.kernel.org/stable/c/0364f1f17a86d89dc39040beea4f099e60189f1b •
CVSS: 7.2EPSS: 0%CPEs: 6EXPL: 0CVE-2024-46713 – perf/aux: Fix AUX buffer serialization
https://notcve.org/view.php?id=CVE-2024-46713
13 Sep 2024 — In the Linux kernel, the following vulnerability has been resolved: perf/aux: Fix AUX buffer serialization Ole reported that event->mmap_mutex is strictly insufficient to serialize the AUX buffer, add a per RB mutex to fully serialize it. In the Linux kernel, the following vulnerability has been resolved: perf/aux: Fix AUX buffer serialization Ole reported that event->mmap_mutex is strictly insufficient to serialize the AUX buffer, add a per RB mutex to fully serialize it. ... • https://git.kernel.org/stable/c/45bfb2e50471abbbfd83d40d28c986078b0d24ff • CWE-662: Improper Synchronization •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2024-46712 – drm/vmwgfx: Disable coherent dumb buffers without 3d
https://notcve.org/view.php?id=CVE-2024-46712
13 Sep 2024 — In the Linux kernel, the following vulnerability has been resolved: drm/vmwgfx: Disable coherent dumb buffers without 3d Coherent surfaces make only sense if the host renders to them using accelerated apis. ... In the Linux kernel, the following vulnerability has been resolved: drm/vmwgfx: Disable coherent dumb buffers without 3d Coherent surfaces make only sense if the host renders to them using accelerated apis. • https://git.kernel.org/stable/c/af6441e6f3d41e95bfc5bfc11960c259bb4f0f11 •
CVSS: 4.7EPSS: 0%CPEs: 4EXPL: 0CVE-2024-46711 – mptcp: pm: fix ID 0 endp usage after multiple re-creations
https://notcve.org/view.php?id=CVE-2024-46711
13 Sep 2024 — In the Linux kernel, the following vulnerability has been resolved: mptcp: pm: fix ID 0 endp usage after multiple re-creations 'local_addr_used' and 'add_addr_accepted' are decremented for addresses not related to the initial subflow (ID0), because the source and destination addresses of the initial subflows are known from the beginning: they don't count as "additional local address being used" or "ADD_ADDR being accepted". In the Linux kernel, the following vulnerability has been resolved: mp... • https://git.kernel.org/stable/c/3ad14f54bd7448384458e69f0183843f683ecce8 •