CVE-2024-42264 – drm/v3d: Prevent out of bounds access in performance query extensions
https://notcve.org/view.php?id=CVE-2024-42264
In the Linux kernel, the following vulnerability has been resolved: drm/v3d: Prevent out of bounds access in performance query extensions Check that the number of perfmons userspace is passing in the copy and reset extensions is not greater than the internal kernel storage where the ids will be copied into. (cherry picked from commit f32b5128d2c440368b5bf3a7a356823e235caabb) • https://git.kernel.org/stable/c/bae7cb5d68001a8d4ceec5964dda74bb9aab7220 https://git.kernel.org/stable/c/73ad583bd4938bf37d2709fc36901eb6f22f2722 https://git.kernel.org/stable/c/6ce9efd12ae81cf46bf44eb0348594558dfbb9d2 •
CVE-2024-42263 – drm/v3d: Fix potential memory leak in the timestamp extension
https://notcve.org/view.php?id=CVE-2024-42263
In the Linux kernel, the following vulnerability has been resolved: drm/v3d: Fix potential memory leak in the timestamp extension If fetching of userspace memory fails during the main loop, all drm sync objs looked up until that point will be leaked because of the missing drm_syncobj_put. Fix it by exporting and using a common cleanup helper. (cherry picked from commit 753ce4fea62182c77e1691ab4f9022008f25b62e) • https://git.kernel.org/stable/c/9ba0ff3e083f6a4a0b6698f06bfff74805fefa5f https://git.kernel.org/stable/c/9b5033ee2c5af6d1135a403df32d219ab57e55f9 https://git.kernel.org/stable/c/0e50fcc20bd87584840266e8004f9064a8985b4f •
CVE-2024-42262 – drm/v3d: Fix potential memory leak in the performance extension
https://notcve.org/view.php?id=CVE-2024-42262
In the Linux kernel, the following vulnerability has been resolved: drm/v3d: Fix potential memory leak in the performance extension If fetching of userspace memory fails during the main loop, all drm sync objs looked up until that point will be leaked because of the missing drm_syncobj_put. Fix it by exporting and using a common cleanup helper. (cherry picked from commit 484de39fa5f5b7bd0c5f2e2c5265167250ef7501) • https://git.kernel.org/stable/c/bae7cb5d68001a8d4ceec5964dda74bb9aab7220 https://git.kernel.org/stable/c/ad5fdc48f7a63b8a98493c667505fe4d3864ae21 https://git.kernel.org/stable/c/32df4abc44f24dbec239d43e2b26d5768c5d1a78 •
CVE-2024-42261 – drm/v3d: Validate passed in drm syncobj handles in the timestamp extension
https://notcve.org/view.php?id=CVE-2024-42261
In the Linux kernel, the following vulnerability has been resolved: drm/v3d: Validate passed in drm syncobj handles in the timestamp extension If userspace provides an unknown or invalid handle anywhere in the handle array the rest of the driver will not handle that well. Fix it by checking handle was looked up successfully or otherwise fail the extension by jumping into the existing unwind. (cherry picked from commit 8d1276d1b8f738c3afe1457d4dff5cc66fc848a3) • https://git.kernel.org/stable/c/9ba0ff3e083f6a4a0b6698f06bfff74805fefa5f https://git.kernel.org/stable/c/5c56f104edd02a537e9327dc543574e55713e1d7 https://git.kernel.org/stable/c/023d22e8bb0cdd6900382ad1ed06df3b6c2ea791 •
CVE-2024-42260 – drm/v3d: Validate passed in drm syncobj handles in the performance extension
https://notcve.org/view.php?id=CVE-2024-42260
In the Linux kernel, the following vulnerability has been resolved: drm/v3d: Validate passed in drm syncobj handles in the performance extension If userspace provides an unknown or invalid handle anywhere in the handle array the rest of the driver will not handle that well. Fix it by checking handle was looked up successfully or otherwise fail the extension by jumping into the existing unwind. (cherry picked from commit a546b7e4d73c23838d7e4d2c92882b3ca902d213) • https://git.kernel.org/stable/c/bae7cb5d68001a8d4ceec5964dda74bb9aab7220 https://git.kernel.org/stable/c/5d4aa25f47cd05e9eeac272906588728588605dd https://git.kernel.org/stable/c/4ecc24a84d7e0254efd150ec23e0b89638386516 •