CVE-2023-52867 – drm/radeon: possible buffer overflow
https://notcve.org/view.php?id=CVE-2023-52867
21 May 2024 — In the Linux kernel, the following vulnerability has been resolved: drm/radeon: possible buffer overflow Buffer 'afmt_status' of size 6 could overflow, since index 'afmt_idx' is checked after access. En el kernel de Linux se ha resuelto la siguiente vulnerabilidad: drm/radeon: posible desbordamiento del búfer. El búfer 'afmt_status' de tamaño 6 podría desbordarse, ya que el índice 'afmt_idx' se comprueba después del acceso. In the Linux kernel, the following vulnerability has been resolved: drm/radeon: poss... • https://git.kernel.org/stable/c/5cc4e5fc293bfe2634535f544427e8c6061492a5 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVE-2023-52865 – clk: mediatek: clk-mt6797: Add check for mtk_alloc_clk_data
https://notcve.org/view.php?id=CVE-2023-52865
21 May 2024 — In the Linux kernel, the following vulnerability has been resolved: clk: mediatek: clk-mt6797: Add check for mtk_alloc_clk_data Add the check for the return value of mtk_alloc_clk_data() in order to avoid NULL pointer dereference. En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: clk: mediatek: clk-mt6797: Agregar verificación para mtk_alloc_clk_data Agregue la verificación para el valor de retorno de mtk_alloc_clk_data() para evitar la desreferencia al puntero NULL. In the Linux kernel, th... • https://git.kernel.org/stable/c/96596aa06628e86ea0e1c08c34b0ccc7619e43ac •
CVE-2023-52864 – platform/x86: wmi: Fix opening of char device
https://notcve.org/view.php?id=CVE-2023-52864
21 May 2024 — In the Linux kernel, the following vulnerability has been resolved: platform/x86: wmi: Fix opening of char device Since commit fa1f68db6ca7 ("drivers: misc: pass miscdevice pointer via file private data"), the miscdevice stores a pointer to itself inside filp->private_data, which means that private_data will not be NULL when wmi_char_open() is called. This might cause memory corruption should wmi_char_open() be unable to find its driver, something which can happen when the associated WMI device is deleted i... • https://git.kernel.org/stable/c/44b6b7661132b1b0e5fd3147ded66f1e4a817ca9 • CWE-402: Transmission of Private Resources into a New Sphere ('Resource Leak') •
CVE-2023-52863 – hwmon: (axi-fan-control) Fix possible NULL pointer dereference
https://notcve.org/view.php?id=CVE-2023-52863
21 May 2024 — In the Linux kernel, the following vulnerability has been resolved: hwmon: (axi-fan-control) Fix possible NULL pointer dereference axi_fan_control_irq_handler(), dependent on the private axi_fan_control_data structure, might be called before the hwmon device is registered. That will cause an "Unable to handle kernel NULL pointer dereference" error. En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: hwmon: (axi-fan-control) Se corrigió la posible desreferencia del puntero NULL. Se podría llam... • https://git.kernel.org/stable/c/8412b410fa5e1e494a0fec84c3c462d49870d3f5 •
CVE-2023-52861 – drm: bridge: it66121: Fix invalid connector dereference
https://notcve.org/view.php?id=CVE-2023-52861
21 May 2024 — In the Linux kernel, the following vulnerability has been resolved: drm: bridge: it66121: Fix invalid connector dereference Fix the NULL pointer dereference when no monitor is connected, and the sound card is opened from userspace. Instead return an empty buffer (of zeroes) as the EDID information to the sound framework if there is no connector attached. En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: drm: bridge: it66121: Corrige la desreferencia del conector no válido. Corrige la desref... • https://git.kernel.org/stable/c/e0fd83dbe92426e4f09b01111d260d2a7dc72fdb • CWE-476: NULL Pointer Dereference •
CVE-2023-52860 – drivers/perf: hisi: use cpuhp_state_remove_instance_nocalls() for hisi_hns3_pmu uninit process
https://notcve.org/view.php?id=CVE-2023-52860
21 May 2024 — In the Linux kernel, the following vulnerability has been resolved: drivers/perf: hisi: use cpuhp_state_remove_instance_nocalls() for hisi_hns3_pmu uninit process When tearing down a 'hisi_hns3' PMU, we mistakenly run the CPU hotplug callbacks after the device has been unregistered, leading to fireworks when we try to execute empty function callbacks within the driver: | Unable to handle kernel NULL pointer dereference at virtual address 0000000000000000 | CPU: 0 PID: 15 Comm: cpuhp/0 Tainted: G W O 5.12.0-... • https://git.kernel.org/stable/c/66637ab137b44914356a9dc7a9b3f8ebcf0b0695 •
CVE-2023-52859 – perf: hisi: Fix use-after-free when register pmu fails
https://notcve.org/view.php?id=CVE-2023-52859
21 May 2024 — In the Linux kernel, the following vulnerability has been resolved: perf: hisi: Fix use-after-free when register pmu fails When we fail to register the uncore pmu, the pmu context may not been allocated. The error handing will call cpuhp_state_remove_instance() to call uncore pmu offline callback, which migrate the pmu context. Since that's liable to lead to some kind of use-after-free. Use cpuhp_state_remove_instance_nocalls() instead of cpuhp_state_remove_instance() so that the notifiers don't execute aft... • https://git.kernel.org/stable/c/3bf30882c3c7b6e376d9d6d04082c9aa2d2ac30a • CWE-416: Use After Free •
CVE-2023-52858 – clk: mediatek: clk-mt7629: Add check for mtk_alloc_clk_data
https://notcve.org/view.php?id=CVE-2023-52858
21 May 2024 — In the Linux kernel, the following vulnerability has been resolved: clk: mediatek: clk-mt7629: Add check for mtk_alloc_clk_data Add the check for the return value of mtk_alloc_clk_data() in order to avoid NULL pointer dereference. En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: clk: mediatek: clk-mt7629: Agregar verificación para mtk_alloc_clk_data. Agregue la verificación para el valor de retorno de mtk_alloc_clk_data() para evitar la desreferencia al puntero NULL. In the Linux kernel, t... • https://git.kernel.org/stable/c/3b5e748615e714711220b2a95d19bd25a037db09 • CWE-476: NULL Pointer Dereference •
CVE-2023-52857 – drm/mediatek: Fix coverity issue with unintentional integer overflow
https://notcve.org/view.php?id=CVE-2023-52857
21 May 2024 — In the Linux kernel, the following vulnerability has been resolved: drm/mediatek: Fix coverity issue with unintentional integer overflow 1. Instead of multiplying 2 variable of different types. Change to assign a value of one variable and then multiply the other variable. 2. Add a int variable for multiplier calculation instead of calculating different types multiplier with dma_addr_t variable directly. En el kernel de Linux, se resolvió la siguiente vulnerabilidad: drm/mediatek: soluciona el problema de co... • https://git.kernel.org/stable/c/1a64a7aff8da352c9419de3d5c34343682916411 •
CVE-2023-52856 – drm/bridge: lt8912b: Fix crash on bridge detach
https://notcve.org/view.php?id=CVE-2023-52856
21 May 2024 — In the Linux kernel, the following vulnerability has been resolved: drm/bridge: lt8912b: Fix crash on bridge detach The lt8912b driver, in its bridge detach function, calls drm_connector_unregister() and drm_connector_cleanup(). drm_connector_unregister() should be called only for connectors explicitly registered with drm_connector_register(), which is not the case in lt8912b. The driver's drm_connector_funcs.destroy hook is set to drm_connector_cleanup(). Thus the driver should not call either drm_connecto... • https://git.kernel.org/stable/c/30e2ae943c260036ea494b601343f6ed5ce7bc60 •