CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 0CVE-2024-43910 – bpf: add missing check_func_arg_reg_off() to prevent out-of-bounds memory accesses
https://notcve.org/view.php?id=CVE-2024-43910
26 Aug 2024 — In the Linux kernel, the following vulnerability has been resolved: bpf: add missing check_func_arg_reg_off() to prevent out-of-bounds memory accesses Currently, it's possible to pass in a modified CONST_PTR_TO_DYNPTR to a global function as an argument. The adverse effects of this is that BPF helpers can continue to make use of this modified CONST_PTR_TO_DYNPTR from within the context of the global function, which can unintentionally result in out-of-bounds memory accesses and therefore compromise overall ... • https://git.kernel.org/stable/c/a64bfe618665ea9c722f922cba8c6e3234eac5ac •
CVSS: 5.5EPSS: 0%CPEs: 5EXPL: 0CVE-2024-43909 – drm/amdgpu/pm: Fix the null pointer dereference for smu7
https://notcve.org/view.php?id=CVE-2024-43909
26 Aug 2024 — In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu/pm: Fix the null pointer dereference for smu7 optimize the code to avoid pass a null pointer (hwmgr->backend) to function smu7_update_edc_leakage_table. In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu/pm: Fix the null pointer dereference for smu7 optimize the code to avoid pass a null pointer (hwmgr->backend) to function smu7_update_edc_leakage_table. Supraja Sridhara, Benedict Schlüter, Mark Kuhne... • https://git.kernel.org/stable/c/37b9df457cbcf095963d18f17d6cb7dfa0a03fce •
CVSS: 5.5EPSS: 0%CPEs: 7EXPL: 0CVE-2024-43908 – drm/amdgpu: Fix the null pointer dereference to ras_manager
https://notcve.org/view.php?id=CVE-2024-43908
26 Aug 2024 — In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Fix the null pointer dereference to ras_manager Check ras_manager before using it It was discovered that the CIFS network file system implementation in the Linux kernel did not properly validate certain SMB messages, leading to an out-of-bounds read vulnerability. An attacker could use this to cause a denial of service or possibly expose sensitive information. Supraja Sridhara, Benedict Schlüter, Mark Kuhne, Andrin Bertschi, an... • https://git.kernel.org/stable/c/ff5c4eb71ee8951c789b079f6e948f86708b04ed •
CVSS: 5.5EPSS: 0%CPEs: 6EXPL: 0CVE-2024-43907 – drm/amdgpu/pm: Fix the null pointer dereference in apply_state_adjust_rules
https://notcve.org/view.php?id=CVE-2024-43907
26 Aug 2024 — In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu/pm: Fix the null pointer dereference in apply_state_adjust_rules Check the pointer value to fix potential null pointer dereference In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu/pm: Fix the null pointer dereference in apply_state_adjust_rules Check the pointer value to fix potential null pointer dereference It was discovered that the CIFS network file system implementation in the Linux kernel did n... • https://git.kernel.org/stable/c/c1749313f35b98e2e655479f037db37f19756622 •
CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 0CVE-2024-43906 – drm/admgpu: fix dereferencing null pointer context
https://notcve.org/view.php?id=CVE-2024-43906
26 Aug 2024 — In the Linux kernel, the following vulnerability has been resolved: drm/admgpu: fix dereferencing null pointer context When user space sets an invalid ta type, the pointer context will be empty. So it need to check the pointer context before using it In the Linux kernel, the following vulnerability has been resolved: drm/admgpu: fix dereferencing null pointer context When user space sets an invalid ta type, the pointer context will be empty. So it need to check the pointer context before using it Chenyuan Y... • https://git.kernel.org/stable/c/896b7addf2dc24908ad87f8ebeff83b2a83b8e04 •
CVSS: 5.5EPSS: 0%CPEs: 6EXPL: 0CVE-2024-43905 – drm/amd/pm: Fix the null pointer dereference for vega10_hwmgr
https://notcve.org/view.php?id=CVE-2024-43905
26 Aug 2024 — In the Linux kernel, the following vulnerability has been resolved: drm/amd/pm: Fix the null pointer dereference for vega10_hwmgr Check return value and conduct null pointer handling to avoid null pointer dereference. It was discovered that the CIFS network file system implementation in the Linux kernel did not properly validate certain SMB messages, leading to an out-of-bounds read vulnerability. An attacker could use this to cause a denial of service or possibly expose sensitive information. Supraja Sridh... • https://git.kernel.org/stable/c/2ac9deb7e087f0b461c3559d9eaa6b9cf19d3fa8 •
CVSS: 5.5EPSS: 0%CPEs: 4EXPL: 0CVE-2024-43904 – drm/amd/display: Add null checks for 'stream' and 'plane' before dereferencing
https://notcve.org/view.php?id=CVE-2024-43904
26 Aug 2024 — In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Add null checks for 'stream' and 'plane' before dereferencing This commit adds null checks for the 'stream' and 'plane' variables in the dcn30_apply_idle_power_optimizations function. These variables were previously assumed to be null at line 922, but they were used later in the code without checking if they were null. This could potentially lead to a null pointer dereference, which would cause a crash. The null checks ensu... • https://git.kernel.org/stable/c/5e84eda48ffb2363437db44bbd0235594f8a58f9 •
CVSS: 5.5EPSS: 0%CPEs: 5EXPL: 0CVE-2024-43902 – drm/amd/display: Add null checker before passing variables
https://notcve.org/view.php?id=CVE-2024-43902
26 Aug 2024 — In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Add null checker before passing variables Checks null pointer before passing variables to functions. This fixes 3 NULL_RETURNS issues reported by Coverity. Andy Nguyen discovered that the Bluetooth L2CAP implementation in the Linux kernel contained a type-confusion error. A physically proximate remote attacker could use this to cause a denial of service or possibly execute arbitrary code. Andy Nguyen discovered that the Blu... • https://git.kernel.org/stable/c/d0b8b23b9c2ebec693a36fea518d8f13493ad655 •
CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 0CVE-2024-43901 – drm/amd/display: Fix NULL pointer dereference for DTN log in DCN401
https://notcve.org/view.php?id=CVE-2024-43901
26 Aug 2024 — In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Fix NULL pointer dereference for DTN log in DCN401 When users run the command: cat /sys/kernel/debug/dri/0/amdgpu_dm_dtn_log The following NULL pointer dereference happens: [ +0.000003] BUG: kernel NULL pointer dereference, address: NULL [ +0.000005] #PF: supervisor instruction fetch in kernel mode [ +0.000002] #PF: error_code(0x0010) - not-present page [ +0.000002] PGD 0 P4D 0 [ +0.000004] Oops: 0010 [#1] PREEMPT SMP NOPTI... • https://git.kernel.org/stable/c/1e68b7ce6bc6073579fe8713ec6b85aa9cd2e351 •
CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 0CVE-2024-43900 – media: xc2028: avoid use-after-free in load_firmware_cb()
https://notcve.org/view.php?id=CVE-2024-43900
26 Aug 2024 — In the Linux kernel, the following vulnerability has been resolved: media: xc2028: avoid use-after-free in load_firmware_cb() syzkaller reported use-after-free in load_firmware_cb() [1]. The reason is because the module allocated a struct tuner in tuner_probe(), and then the module initialization failed, the struct tuner was released. A worker which created during module initialization accesses this struct tuner later, it caused use-after-free. The process is as follows: task-6504 worker_thread tuner_probe ... • https://git.kernel.org/stable/c/ef517bdfc01818419f7bd426969a0c86b14f3e0e •