CVSS: 5.5EPSS: 0%CPEs: 8EXPL: 0CVE-2024-46771 – can: bcm: Remove proc entry when dev is unregistered.
https://notcve.org/view.php?id=CVE-2024-46771
18 Sep 2024 — In the Linux kernel, the following vulnerability has been resolved: can: bcm: Remove proc entry when dev is unregistered. syzkaller reported a warning in bcm_connect() below. [0] The repro calls connect() to vxcan1, removes vxcan1, and calls connect() with ifindex == 0. Calling connect() for a BCM socket allocates a proc entry. Calling connect() for a BCM socket allocates a proc entry. Then, bcm_sk(sk)->bound is set to 1 to prevent further connect(). ... • https://git.kernel.org/stable/c/ffd980f976e7fd666c2e61bf8ab35107efd11828 •
CVSS: 9.8EPSS: 0%CPEs: 3EXPL: 0CVE-2024-39462 – clk: bcm: dvp: Assign ->num before accessing ->hws
https://notcve.org/view.php?id=CVE-2024-39462
25 Jun 2024 — In the Linux kernel, the following vulnerability has been resolved: clk: bcm: dvp: Assign ->num before accessing ->hws Commit f316cdff8d67 ("clk: Annotate struct clk_hw_onecell_data with __counted_by") annotated the hws member of 'struct clk_hw_onecell_data' with __counted_by, which informs the bounds sanitizer about the number of elements in hws, so that it can warn when hws is accessed out of bounds. In the Linux kernel, the following vulnerability has been resolved: clk: bcm: dvp: Assign ->... • https://git.kernel.org/stable/c/f316cdff8d677db9ad9c90acb44c4cd535b0ee27 • CWE-400: Uncontrolled Resource Consumption •
CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 0CVE-2024-39461 – clk: bcm: rpi: Assign ->num before accessing ->hws
https://notcve.org/view.php?id=CVE-2024-39461
25 Jun 2024 — In the Linux kernel, the following vulnerability has been resolved: clk: bcm: rpi: Assign ->num before accessing ->hws Commit f316cdff8d67 ("clk: Annotate struct clk_hw_onecell_data with __counted_by") annotated the hws member of 'struct clk_hw_onecell_data' with __counted_by, which informs the bounds sanitizer about the number of elements in hws, so that it can warn when hws is accessed out of bounds. In the Linux kernel, the following vulnerability has been resolved: clk: bcm: rpi: Assign ->... • https://git.kernel.org/stable/c/f316cdff8d677db9ad9c90acb44c4cd535b0ee27 •
CVSS: 5.2EPSS: 0%CPEs: 9EXPL: 0CVE-2024-38579 – crypto: bcm - Fix pointer arithmetic
https://notcve.org/view.php?id=CVE-2024-38579
19 Jun 2024 — In the Linux kernel, the following vulnerability has been resolved: crypto: bcm - Fix pointer arithmetic In spu2_dump_omd() value of ptr is increased by ciph_key_len instead of hash_iv_len which could lead to going beyond the buffer boundaries. In the Linux kernel, the following vulnerability has been resolved: crypto: bcm - Fix pointer arithmetic In spu2_dump_omd() value of ptr is increased by ciph_key_len instead of hash_iv_len which could lead to going beyond the buffer boundaries. • https://git.kernel.org/stable/c/9d12ba86f818aa9cfe9f01b750336aa441f2ffa2 • CWE-99: Improper Control of Resource Identifiers ('Resource Injection') •
CVSS: 5.5EPSS: 0%CPEs: 4EXPL: 0CVE-2024-26714 – interconnect: qcom: sc8180x: Mark CO0 BCM keepalive
https://notcve.org/view.php?id=CVE-2024-26714
03 Apr 2024 — In the Linux kernel, the following vulnerability has been resolved: interconnect: qcom: sc8180x: Mark CO0 BCM keepalive The CO0 BCM needs to be up at all times, otherwise some hardware (like the UFS controller) loses its connection to the rest of the SoC, resulting in a hang of the platform, accompanied by a spectacular logspam. In the Linux kernel, the following vulnerability has been resolved: interconnect: qcom: sc8180x: Mark CO0 BCM keepalive The CO0 BCM needs to be up at all... • https://git.kernel.org/stable/c/9c8c6bac1ae86f6902baa938101902fb3a0a100b •
CVSS: 9.1EPSS: 0%CPEs: 3EXPL: 0CVE-2021-47151 – interconnect: qcom: bcm-voter: add a missing of_node_put()
https://notcve.org/view.php?id=CVE-2021-47151
25 Mar 2024 — In the Linux kernel, the following vulnerability has been resolved: interconnect: qcom: bcm-voter: add a missing of_node_put() Add a missing of_node_put() in of_bcm_voter_get() to avoid the reference leak. In the Linux kernel, the following vulnerability has been resolved: interconnect: qcom: bcm-voter: add a missing of_node_put() Add a missing of_node_put() in of_bcm_voter_get() to avoid the reference leak. En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: interconexión: qcom... • https://git.kernel.org/stable/c/976daac4a1c581e5d5fd64047519fd6fcde39738 •
CVSS: 7.8EPSS: 0%CPEs: 15EXPL: 0CVE-2021-3600 – kernel: eBPF 32-bit source register truncation on div/mod
https://notcve.org/view.php?id=CVE-2021-3600
23 Jun 2021 — Norbert Slusarek discovered a race condition in the CAN BCM networking protocol of the Linux kernel leading to multiple use-after-free vulnerabilities. • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3600 • CWE-125: Out-of-bounds Read CWE-787: Out-of-bounds Write •
CVSS: 7.0EPSS: 0%CPEs: 68EXPL: 1CVE-2021-3609 – kernel: race condition in net/can/bcm.c leads to local privilege escalation
https://notcve.org/view.php?id=CVE-2021-3609
23 Jun 2021 — .A flaw was found in the CAN BCM networking protocol in the Linux kernel, where a local attacker can abuse a flaw in the CAN subsystem to corrupt memory, crash the system or escalate privileges. ... Se ha encontrado un fallo en el protocolo de red CAN BCM en el kernel de Linux, donde un atacante local puede abusar de un fallo en el subsistema CAN para corromper la memoria, bloquear el sistema o escalar privilegios. Esta condición de carrera en el archivo net/can/bcm.c en el kernel de Linux per... • https://bugzilla.redhat.com/show_bug.cgi?id=1971651 • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •
CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 0CVE-2021-23134 – Linux kernel llcp_sock_bind/connect use-after-free
https://notcve.org/view.php?id=CVE-2021-23134
12 May 2021 — En configuraciones típicas, el problema solo puede ser desencadenado por un usuario local privilegiado con la capacidad CAP_NET_RAW Norbert Slusarek discovered a race condition in the CAN BCM networking protocol of the Linux kernel leading to multiple use-after-free vulnerabilities. • https://git.kernel.org/pub/scm/linux/kernel/git/netdev/net.git/commit/?id=c61760e6940d • CWE-416: Use After Free •
CVSS: 4.3EPSS: 0%CPEs: 50EXPL: 1CVE-2020-24586 – kernel: Fragmentation cache not cleared on reconnection
https://notcve.org/view.php?id=CVE-2020-24586
11 May 2021 — Norbert Slusarek discovered a race condition in the CAN BCM networking protocol of the Linux kernel leading to multiple use-after-free vulnerabilities. • http://www.openwall.com/lists/oss-security/2021/05/11/12 • CWE-212: Improper Removal of Sensitive Information Before Storage or Transfer •