CVSS: 9.1EPSS: 0%CPEs: 9EXPL: 0CVE-2023-52832 – wifi: mac80211: don't return unset power in ieee80211_get_tx_power()
https://notcve.org/view.php?id=CVE-2023-52832
21 May 2024 — In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211: don't return unset power in ieee80211_get_tx_power() We can get a UBSAN warning if ieee80211_get_tx_power() returns the INT_MIN value mac80211 internally uses for "unset power level". UBSAN: signed-integer-overflow in net/wireless/nl80211.c:3816:5 -2147483648 * 100 cannot be represented in type 'int' CPU: 0 PID: 20433 Comm: insmod Tainted: G WC OE Call Trace: dump_stack+0x74/0x92 ubsan_epilogue+0x9/0x50 handle_overflow+0x8d/... • https://git.kernel.org/stable/c/1571120c44dbe5757aee1612c5b6097cdc42710f • CWE-190: Integer Overflow or Wraparound CWE-920: Improper Restriction of Power Consumption •
CVSS: 5.5EPSS: 0%CPEs: 4EXPL: 0CVE-2023-52831 – cpu/hotplug: Don't offline the last non-isolated CPU
https://notcve.org/view.php?id=CVE-2023-52831
21 May 2024 — In the Linux kernel, the following vulnerability has been resolved: cpu/hotplug: Don't offline the last non-isolated CPU If a system has isolated CPUs via the "isolcpus=" command line parameter, then an attempt to offline the last housekeeping CPU will result in a WARN_ON() when rebuilding the scheduler domains and a subsequent panic due to and unhandled empty CPU mas in partition_sched_domains_locked(). cpuset_hotplug_workfn() rebuild_sched_domains_locked() ndoms = generate_sched_domains(&doms, &attr); cpu... • https://git.kernel.org/stable/c/3410b702354702b500bde10e3cc1f9db8731d908 • CWE-99: Improper Control of Resource Identifiers ('Resource Injection') •
CVSS: 9.8EPSS: 0%CPEs: 6EXPL: 0CVE-2023-52828 – bpf: Detect IP == ksym.end as part of BPF program
https://notcve.org/view.php?id=CVE-2023-52828
21 May 2024 — In the Linux kernel, the following vulnerability has been resolved: bpf: Detect IP == ksym.end as part of BPF program Now that bpf_throw kfunc is the first such call instruction that has noreturn semantics within the verifier, this also kicks in dead code elimination in unprecedented ways. For one, any instruction following a bpf_throw call will never be marked as seen. Moreover, if a callchain ends up throwing, any instructions after the call instruction to the eventually throwing subprog in callers will a... • https://git.kernel.org/stable/c/6058e4829696412457729a00734969acc6fd1d18 •
CVSS: 5.5EPSS: 0%CPEs: 6EXPL: 0CVE-2023-52826 – drm/panel/panel-tpo-tpg110: fix a possible null pointer dereference
https://notcve.org/view.php?id=CVE-2023-52826
21 May 2024 — In the Linux kernel, the following vulnerability has been resolved: drm/panel/panel-tpo-tpg110: fix a possible null pointer dereference In tpg110_get_modes(), the return value of drm_mode_duplicate() is assigned to mode, which will lead to a NULL pointer dereference on failure of drm_mode_duplicate(). Add a check to avoid npd. En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: drm/panel/panel-tpo-tpg110: corrige una posible desreferencia del puntero null. En tpg110_get_modes(), el valor de r... • https://git.kernel.org/stable/c/9acc2bc00135e9ecd13a70ce1140e2673e504cdc •
CVSS: 6.4EPSS: 0%CPEs: 5EXPL: 0CVE-2023-52825 – drm/amdkfd: Fix a race condition of vram buffer unref in svm code
https://notcve.org/view.php?id=CVE-2023-52825
21 May 2024 — In the Linux kernel, the following vulnerability has been resolved: drm/amdkfd: Fix a race condition of vram buffer unref in svm code prange->svm_bo unref can happen in both mmu callback and a callback after migrate to system ram. Both are async call in different tasks. Sync svm_bo unref operation to avoid random "use-after-free". En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: drm/amdkfd: se corrige una condición de ejecución de vram buffer unref en el código svm prange->svm_bo unref ... • https://git.kernel.org/stable/c/7d43cdd22cd81a2b079e864c4321b9aba4c6af34 • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •
CVSS: 5.5EPSS: 0%CPEs: 6EXPL: 0CVE-2023-52821 – drm/panel: fix a possible null pointer dereference
https://notcve.org/view.php?id=CVE-2023-52821
21 May 2024 — In the Linux kernel, the following vulnerability has been resolved: drm/panel: fix a possible null pointer dereference In versatile_panel_get_modes(), the return value of drm_mode_duplicate() is assigned to mode, which will lead to a NULL pointer dereference on failure of drm_mode_duplicate(). Add a check to avoid npd. En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: drm/panel: corrige una posible desreferencia del puntero null. En versatile_panel_get_modes(), el valor de retorno de drm_mo... • https://git.kernel.org/stable/c/c7dc0aca5962fb37dbea9769dd26ec37813faae1 • CWE-476: NULL Pointer Dereference •
CVSS: 6.6EPSS: 0%CPEs: 9EXPL: 0CVE-2023-52819 – drm/amd: Fix UBSAN array-index-out-of-bounds for Polaris and Tonga
https://notcve.org/view.php?id=CVE-2023-52819
21 May 2024 — In the Linux kernel, the following vulnerability has been resolved: drm/amd: Fix UBSAN array-index-out-of-bounds for Polaris and Tonga For pptable structs that use flexible array sizes, use flexible arrays. En el kernel de Linux, se resolvió la siguiente vulnerabilidad: drm/amd: corrige el índice de matriz UBSAN fuera de límites para Polaris y Tonga. Para estructuras pptable que usan tamaños de matriz flexibles, use matrices flexibles. • https://git.kernel.org/stable/c/60a00dfc7c5deafd1dd393beaf53224f7256dad6 • CWE-129: Improper Validation of Array Index •
CVSS: 7.8EPSS: 0%CPEs: 9EXPL: 0CVE-2023-52818 – drm/amd: Fix UBSAN array-index-out-of-bounds for SMU7
https://notcve.org/view.php?id=CVE-2023-52818
21 May 2024 — In the Linux kernel, the following vulnerability has been resolved: drm/amd: Fix UBSAN array-index-out-of-bounds for SMU7 For pptable structs that use flexible array sizes, use flexible arrays. En el kernel de Linux, se resolvió la siguiente vulnerabilidad: drm/amd: corrige el índice de matriz UBSAN fuera de límites para SMU7. Para estructuras pptable que usan tamaños de matriz flexibles, use matrices flexibles. Several security issues were discovered in the Linux kernel. An attacker could possibly use thes... • https://git.kernel.org/stable/c/e52e324a21341c97350d5f11de14721c1c609498 •
CVSS: 8.4EPSS: 0%CPEs: 8EXPL: 0CVE-2023-52817 – drm/amdgpu: Fix a null pointer access when the smc_rreg pointer is NULL
https://notcve.org/view.php?id=CVE-2023-52817
21 May 2024 — In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Fix a null pointer access when the smc_rreg pointer is NULL In certain types of chips, such as VEGA20, reading the amdgpu_regs_smc file could result in an abnormal null pointer access when the smc_rreg pointer is NULL. Below are the steps to reproduce this issue and the corresponding exception log: 1. Navigate to the directory: /sys/kernel/debug/dri/0 2. Execute command: cat amdgpu_regs_smc 3. Exception Log:: [4005007.702554] BU... • https://git.kernel.org/stable/c/bf2d51eedf03bd61e3556e35d74d49e2e6112398 • CWE-476: NULL Pointer Dereference •
CVSS: 5.5EPSS: 0%CPEs: 5EXPL: 0CVE-2023-52816 – drm/amdkfd: Fix shift out-of-bounds issue
https://notcve.org/view.php?id=CVE-2023-52816
21 May 2024 — In the Linux kernel, the following vulnerability has been resolved: drm/amdkfd: Fix shift out-of-bounds issue [ 567.613292] shift exponent 255 is too large for 64-bit type 'long unsigned int' [ 567.614498] CPU: 5 PID: 238 Comm: kworker/5:1 Tainted: G OE 6.2.0-34-generic #34~22.04.1-Ubuntu [ 567.614502] Hardware name: AMD Splinter/Splinter-RPL, BIOS WS43927N_871 09/25/2023 [ 567.614504] Workqueue: events send_exception_work_handler [amdgpu] [ 567.614748] Call Trace: [ 567.614750]