CVSS: 5.7EPSS: 0%CPEs: 5EXPL: 0CVE-2023-52834 – atl1c: Work around the DMA RX overflow issue
https://notcve.org/view.php?id=CVE-2023-52834
21 May 2024 — In the Linux kernel, the following vulnerability has been resolved: atl1c: Work around the DMA RX overflow issue This is based on alx driver commit 881d0327db37 ("net: alx: Work around the DMA RX overflow issue"). The alx and atl1c drivers had RX overflow error which was why a custom allocator was created to avoid certain addresses. The simpler workaround then created for alx driver, but not for atl1c due to lack of tester. Instead of using a custom allocator, check the allocated skb address and use skb_res... • https://git.kernel.org/stable/c/c29a89b23f67ee592f4dee61f9d7efbf86d60315 • CWE-125: Out-of-bounds Read •
CVSS: 5.5EPSS: 0%CPEs: 6EXPL: 0CVE-2023-52833 – Bluetooth: btusb: Add date->evt_skb is NULL check
https://notcve.org/view.php?id=CVE-2023-52833
21 May 2024 — In the Linux kernel, the following vulnerability has been resolved: Bluetooth: btusb: Add date->evt_skb is NULL check fix crash because of null pointers [ 6104.969662] BUG: kernel NULL pointer dereference, address: 00000000000000c8 [ 6104.969667] #PF: supervisor read access in kernel mode [ 6104.969668] #PF: error_code(0x0000) - not-present page [ 6104.969670] PGD 0 P4D 0 [ 6104.969673] Oops: 0000 [#1] SMP NOPTI [ 6104.969684] RIP: 0010:btusb_mtk_hci_wmt_sync+0x144/0x220 [btusb] [ 6104.969688] RSP: 0018:fff... • https://git.kernel.org/stable/c/9f8e4d1a4ca1179aaeb43f91f3e2a386e7e616b3 • CWE-476: NULL Pointer Dereference •
CVSS: 9.1EPSS: 0%CPEs: 9EXPL: 0CVE-2023-52832 – wifi: mac80211: don't return unset power in ieee80211_get_tx_power()
https://notcve.org/view.php?id=CVE-2023-52832
21 May 2024 — In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211: don't return unset power in ieee80211_get_tx_power() We can get a UBSAN warning if ieee80211_get_tx_power() returns the INT_MIN value mac80211 internally uses for "unset power level". UBSAN: signed-integer-overflow in net/wireless/nl80211.c:3816:5 -2147483648 * 100 cannot be represented in type 'int' CPU: 0 PID: 20433 Comm: insmod Tainted: G WC OE Call Trace: dump_stack+0x74/0x92 ubsan_epilogue+0x9/0x50 handle_overflow+0x8d/... • https://git.kernel.org/stable/c/1571120c44dbe5757aee1612c5b6097cdc42710f • CWE-190: Integer Overflow or Wraparound CWE-920: Improper Restriction of Power Consumption •
CVSS: 5.5EPSS: 0%CPEs: 4EXPL: 0CVE-2023-52831 – cpu/hotplug: Don't offline the last non-isolated CPU
https://notcve.org/view.php?id=CVE-2023-52831
21 May 2024 — In the Linux kernel, the following vulnerability has been resolved: cpu/hotplug: Don't offline the last non-isolated CPU If a system has isolated CPUs via the "isolcpus=" command line parameter, then an attempt to offline the last housekeeping CPU will result in a WARN_ON() when rebuilding the scheduler domains and a subsequent panic due to and unhandled empty CPU mas in partition_sched_domains_locked(). cpuset_hotplug_workfn() rebuild_sched_domains_locked() ndoms = generate_sched_domains(&doms, &attr); cpu... • https://git.kernel.org/stable/c/3410b702354702b500bde10e3cc1f9db8731d908 • CWE-99: Improper Control of Resource Identifiers ('Resource Injection') •
CVSS: 9.8EPSS: 0%CPEs: 6EXPL: 0CVE-2023-52828 – bpf: Detect IP == ksym.end as part of BPF program
https://notcve.org/view.php?id=CVE-2023-52828
21 May 2024 — In the Linux kernel, the following vulnerability has been resolved: bpf: Detect IP == ksym.end as part of BPF program Now that bpf_throw kfunc is the first such call instruction that has noreturn semantics within the verifier, this also kicks in dead code elimination in unprecedented ways. For one, any instruction following a bpf_throw call will never be marked as seen. Moreover, if a callchain ends up throwing, any instructions after the call instruction to the eventually throwing subprog in callers will a... • https://git.kernel.org/stable/c/6058e4829696412457729a00734969acc6fd1d18 •
CVSS: 5.5EPSS: 0%CPEs: 6EXPL: 0CVE-2023-52826 – drm/panel/panel-tpo-tpg110: fix a possible null pointer dereference
https://notcve.org/view.php?id=CVE-2023-52826
21 May 2024 — In the Linux kernel, the following vulnerability has been resolved: drm/panel/panel-tpo-tpg110: fix a possible null pointer dereference In tpg110_get_modes(), the return value of drm_mode_duplicate() is assigned to mode, which will lead to a NULL pointer dereference on failure of drm_mode_duplicate(). Add a check to avoid npd. En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: drm/panel/panel-tpo-tpg110: corrige una posible desreferencia del puntero null. En tpg110_get_modes(), el valor de r... • https://git.kernel.org/stable/c/9acc2bc00135e9ecd13a70ce1140e2673e504cdc •
CVSS: 6.4EPSS: 0%CPEs: 5EXPL: 0CVE-2023-52825 – drm/amdkfd: Fix a race condition of vram buffer unref in svm code
https://notcve.org/view.php?id=CVE-2023-52825
21 May 2024 — In the Linux kernel, the following vulnerability has been resolved: drm/amdkfd: Fix a race condition of vram buffer unref in svm code prange->svm_bo unref can happen in both mmu callback and a callback after migrate to system ram. Both are async call in different tasks. Sync svm_bo unref operation to avoid random "use-after-free". En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: drm/amdkfd: se corrige una condición de ejecución de vram buffer unref en el código svm prange->svm_bo unref ... • https://git.kernel.org/stable/c/7d43cdd22cd81a2b079e864c4321b9aba4c6af34 • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •
CVSS: 5.5EPSS: 0%CPEs: 6EXPL: 0CVE-2023-52821 – drm/panel: fix a possible null pointer dereference
https://notcve.org/view.php?id=CVE-2023-52821
21 May 2024 — In the Linux kernel, the following vulnerability has been resolved: drm/panel: fix a possible null pointer dereference In versatile_panel_get_modes(), the return value of drm_mode_duplicate() is assigned to mode, which will lead to a NULL pointer dereference on failure of drm_mode_duplicate(). Add a check to avoid npd. En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: drm/panel: corrige una posible desreferencia del puntero null. En versatile_panel_get_modes(), el valor de retorno de drm_mo... • https://git.kernel.org/stable/c/c7dc0aca5962fb37dbea9769dd26ec37813faae1 • CWE-476: NULL Pointer Dereference •
CVSS: 6.6EPSS: 0%CPEs: 9EXPL: 0CVE-2023-52819 – drm/amd: Fix UBSAN array-index-out-of-bounds for Polaris and Tonga
https://notcve.org/view.php?id=CVE-2023-52819
21 May 2024 — In the Linux kernel, the following vulnerability has been resolved: drm/amd: Fix UBSAN array-index-out-of-bounds for Polaris and Tonga For pptable structs that use flexible array sizes, use flexible arrays. En el kernel de Linux, se resolvió la siguiente vulnerabilidad: drm/amd: corrige el índice de matriz UBSAN fuera de límites para Polaris y Tonga. Para estructuras pptable que usan tamaños de matriz flexibles, use matrices flexibles. • https://git.kernel.org/stable/c/60a00dfc7c5deafd1dd393beaf53224f7256dad6 • CWE-129: Improper Validation of Array Index •
CVSS: 7.8EPSS: 0%CPEs: 9EXPL: 0CVE-2023-52818 – drm/amd: Fix UBSAN array-index-out-of-bounds for SMU7
https://notcve.org/view.php?id=CVE-2023-52818
21 May 2024 — In the Linux kernel, the following vulnerability has been resolved: drm/amd: Fix UBSAN array-index-out-of-bounds for SMU7 For pptable structs that use flexible array sizes, use flexible arrays. En el kernel de Linux, se resolvió la siguiente vulnerabilidad: drm/amd: corrige el índice de matriz UBSAN fuera de límites para SMU7. Para estructuras pptable que usan tamaños de matriz flexibles, use matrices flexibles. Several security issues were discovered in the Linux kernel. An attacker could possibly use thes... • https://git.kernel.org/stable/c/e52e324a21341c97350d5f11de14721c1c609498 •