CVE-2023-52878 – can: dev: can_put_echo_skb(): don't crash kernel if can_priv::echo_skb is accessed out of bounds
https://notcve.org/view.php?id=CVE-2023-52878
In the Linux kernel, the following vulnerability has been resolved: can: dev: can_put_echo_skb(): don't crash kernel if can_priv::echo_skb is accessed out of bounds If the "struct can_priv::echoo_skb" is accessed out of bounds, this would cause a kernel crash. Instead, issue a meaningful warning message and return with an error. En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: can: dev: can_put_echo_skb(): no bloquee el kernel si se accede a can_priv::echo_skb fuera de los límites. Si se accede a "struct can_priv::echoo_skb" fuera de los límites, esto provocaría un fallo del kernel. En su lugar, emita un mensaje de advertencia significativo y regrese con un error. • https://git.kernel.org/stable/c/a6e4bc5304033e434fabccabb230b8e9ff55d76f https://git.kernel.org/stable/c/826120c9ba68f2d0dbae58e99013929c883d1444 https://git.kernel.org/stable/c/0d30931f1fa0fb893fb7d5dc32b6b7edfb775be4 https://git.kernel.org/stable/c/53c468008a7c9ca3f5fc985951f35ec2acae85bc https://git.kernel.org/stable/c/8ab67da060157362b2e0926692c659808784708f https://git.kernel.org/stable/c/6411959c10fe917288cbb1038886999148560057 https://access.redhat.com/security/cve/CVE-2023-52878 https://bugzilla.redhat.com/show_bug.cgi?id=2282680 • CWE-125: Out-of-bounds Read •
CVE-2023-52875 – clk: mediatek: clk-mt2701: Add check for mtk_alloc_clk_data
https://notcve.org/view.php?id=CVE-2023-52875
In the Linux kernel, the following vulnerability has been resolved: clk: mediatek: clk-mt2701: Add check for mtk_alloc_clk_data Add the check for the return value of mtk_alloc_clk_data() in order to avoid NULL pointer dereference. En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: clk: mediatek: clk-mt2701: Agregar verificación para mtk_alloc_clk_data. Agregue la verificación para el valor de retorno de mtk_alloc_clk_data() para evitar la desreferencia al puntero NULL. • https://git.kernel.org/stable/c/e9862118272aa528e35e54ef9f1e35c217870fd7 https://git.kernel.org/stable/c/6fccee2af400edaed9cf349d506c5971d4762739 https://git.kernel.org/stable/c/1953e62366da5460dc712e045f94fb0d8918999d https://git.kernel.org/stable/c/d1461f0c9ca0827c03730fe9652ebbf6316a2a95 https://git.kernel.org/stable/c/001e5def774fa1a8f2b29567c0b0cd3e3a859a96 https://git.kernel.org/stable/c/d1175cf4bd2b4c5f7c43f677ea1ce9ad2c18d055 https://git.kernel.org/stable/c/2a18dd653284550900b02107c3c7b3ac5e0eb802 https://git.kernel.org/stable/c/e61934720af4a58ffd43a63ffdd6f3a0b •
CVE-2023-52868 – thermal: core: prevent potential string overflow
https://notcve.org/view.php?id=CVE-2023-52868
In the Linux kernel, the following vulnerability has been resolved: thermal: core: prevent potential string overflow The dev->id value comes from ida_alloc() so it's a number between zero and INT_MAX. If it's too high then these sprintf()s will overflow. En el kernel de Linux, se resolvió la siguiente vulnerabilidad: térmica: núcleo: evita un posible desbordamiento de cadenas. El valor dev->id proviene de ida_alloc(), por lo que es un número entre cero e INT_MAX. Si es demasiado alto, estos sprintf()s se desbordarán. • https://git.kernel.org/stable/c/203d3d4aa482339b4816f131f713e1b8ee37f6dd https://git.kernel.org/stable/c/b55f0a9f865be75ca1019aad331f3225f7b50ce8 https://git.kernel.org/stable/c/6ad1bf47fbe5750c4d5d8e41337665e193e2c521 https://git.kernel.org/stable/c/3091ab943dfc7b2578599b0fe203350286fab5bb https://git.kernel.org/stable/c/3f795fb35c2d8a637efe76b4518216c9319b998c https://git.kernel.org/stable/c/3a8f4e58e1ee707b4f46a1000b40b86ea3dd509c https://git.kernel.org/stable/c/77ff34a56b695e228e6daf30ee30be747973d6e8 https://git.kernel.org/stable/c/0f6b3be28c4d62ef6498133959c722666 •
CVE-2023-52867 – drm/radeon: possible buffer overflow
https://notcve.org/view.php?id=CVE-2023-52867
In the Linux kernel, the following vulnerability has been resolved: drm/radeon: possible buffer overflow Buffer 'afmt_status' of size 6 could overflow, since index 'afmt_idx' is checked after access. En el kernel de Linux se ha resuelto la siguiente vulnerabilidad: drm/radeon: posible desbordamiento del búfer. El búfer 'afmt_status' de tamaño 6 podría desbordarse, ya que el índice 'afmt_idx' se comprueba después del acceso. • https://git.kernel.org/stable/c/5cc4e5fc293bfe2634535f544427e8c6061492a5 https://git.kernel.org/stable/c/112d4b02d94bf9fa4f1d3376587878400dd74783 https://git.kernel.org/stable/c/caaa74541459c4c9e2c10046cf66ad2890483d0f https://git.kernel.org/stable/c/ddc42881f170f1f518496f5a70447501335fc783 https://git.kernel.org/stable/c/7b063c93bece827fde237fae1c101bceeee4e896 https://git.kernel.org/stable/c/347f025a02b3a5d715a0b471fc3b1439c338ad94 https://git.kernel.org/stable/c/341e79f8aec6af6b0061b8171d77b085835c6a58 https://git.kernel.org/stable/c/d9b4fa249deaae1145d6fc2b64dae718e • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVE-2023-52865 – clk: mediatek: clk-mt6797: Add check for mtk_alloc_clk_data
https://notcve.org/view.php?id=CVE-2023-52865
In the Linux kernel, the following vulnerability has been resolved: clk: mediatek: clk-mt6797: Add check for mtk_alloc_clk_data Add the check for the return value of mtk_alloc_clk_data() in order to avoid NULL pointer dereference. En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: clk: mediatek: clk-mt6797: Agregar verificación para mtk_alloc_clk_data Agregue la verificación para el valor de retorno de mtk_alloc_clk_data() para evitar la desreferencia al puntero NULL. • https://git.kernel.org/stable/c/96596aa06628e86ea0e1c08c34b0ccc7619e43ac https://git.kernel.org/stable/c/c26feedbc561f2a3cee1a4f717e61bdbdfb4fa92 https://git.kernel.org/stable/c/4c79cbfb8e9e2311be77182893fda5ea4068c836 https://git.kernel.org/stable/c/2705c5b97f504e831ae1935c05f0e44f80dfa6b3 https://git.kernel.org/stable/c/81b16286110728674dcf81137be0687c5055e7bf https://git.kernel.org/stable/c/3aefc6fcfbada57fac27f470602d5565e5b76cb4 https://git.kernel.org/stable/c/357df1c2f6ace96defd557fad709ed1f9f70e16c https://git.kernel.org/stable/c/be3f12f16038a558f08fa93cc32fa7157 •