CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 0CVE-2022-48718 – drm: mxsfb: Fix NULL pointer dereference
https://notcve.org/view.php?id=CVE-2022-48718
20 Jun 2024 — In the Linux kernel, the following vulnerability has been resolved: drm: mxsfb: Fix NULL pointer dereference mxsfb should not ever dereference the NULL pointer which drm_atomic_get_new_bridge_state is allowed to return. Assume a fixed format instead. En el kernel de Linux, se resolvió la siguiente vulnerabilidad: drm: mxsfb: corrige la desreferencia del puntero NULL. mxsfb nunca debería desreferenciar el puntero NULL que drm_atomic_get_new_bridge_state puede devolver. En su lugar, asuma un formato fijo. In ... • https://git.kernel.org/stable/c/b776b0f00f246d093c595bac4453c6e51541d5c5 •
CVSS: 5.5EPSS: 0%CPEs: 6EXPL: 0CVE-2022-48717 – ASoC: max9759: fix underflow in speaker_gain_control_put()
https://notcve.org/view.php?id=CVE-2022-48717
20 Jun 2024 — In the Linux kernel, the following vulnerability has been resolved: ASoC: max9759: fix underflow in speaker_gain_control_put() Check for negative values of "priv->gain" to prevent an out of bounds access. The concern is that these might come from the user via: -> snd_ctl_elem_write_user() -> snd_ctl_elem_write() -> kctl->put() En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: ASoC: max9759: corrige el desbordamiento en altavoz_gain_control_put() Compruebe si hay valores negativos de "priv-&... • https://git.kernel.org/stable/c/fa8d915172b8c10ec0734c4021e99e9705023b07 •
CVSS: 9.8EPSS: 0%CPEs: 3EXPL: 0CVE-2022-48716 – ASoC: codecs: wcd938x: fix incorrect used of portid
https://notcve.org/view.php?id=CVE-2022-48716
20 Jun 2024 — In the Linux kernel, the following vulnerability has been resolved: ASoC: codecs: wcd938x: fix incorrect used of portid Mixer controls have the channel id in mixer->reg, which is not same as port id. port id should be derived from chan_info array. So fix this. Without this, its possible that we could corrupt struct wcd938x_sdw_priv by accessing port_map array out of range with channel id instead of port id. En el kernel de Linux, se resolvió la siguiente vulnerabilidad: ASoC: códecs: wcd938x: corrige el uso... • https://git.kernel.org/stable/c/e8ba1e05bdc016700c85fad559a812c2e795442f • CWE-400: Uncontrolled Resource Consumption •
CVSS: 3.6EPSS: 0%CPEs: 8EXPL: 0CVE-2022-48715 – scsi: bnx2fc: Make bnx2fc_recv_frame() mp safe
https://notcve.org/view.php?id=CVE-2022-48715
20 Jun 2024 — In the Linux kernel, the following vulnerability has been resolved: scsi: bnx2fc: Make bnx2fc_recv_frame() mp safe Running tests with a debug kernel shows that bnx2fc_recv_frame() is modifying the per_cpu lport stats counters in a non-mpsafe way. Just boot a debug kernel and run the bnx2fc driver with the hardware enabled. [ 1391.699147] BUG: using smp_processor_id() in preemptible [00000000] code: bnx2fc_ [ 1391.699160] caller is bnx2fc_recv_frame+0xbf9/0x1760 [bnx2fc] [ 1391.699174] CPU: 2 PID: 4355 Comm:... • https://git.kernel.org/stable/c/d576a5e80cd07ea7049f8fd7b303c14df7b5d7d2 •
CVSS: 2.3EPSS: 0%CPEs: 4EXPL: 0CVE-2022-48714 – bpf: Use VM_MAP instead of VM_ALLOC for ringbuf
https://notcve.org/view.php?id=CVE-2022-48714
20 Jun 2024 — In the Linux kernel, the following vulnerability has been resolved: bpf: Use VM_MAP instead of VM_ALLOC for ringbuf After commit 2fd3fb0be1d1 ("kasan, vmalloc: unpoison VM_ALLOC pages after mapping"), non-VM_ALLOC mappings will be marked as accessible in __get_vm_area_node() when KASAN is enabled. But now the flag for ringbuf area is VM_ALLOC, so KASAN will complain out-of-bound access after vmap() returns. Because the ringbuf area is created by mapping allocated pages, so use VM_MAP instead. After the chan... • https://git.kernel.org/stable/c/457f44363a8894135c85b7a9afd2bd8196db24ab •
CVSS: 4.4EPSS: 0%CPEs: 4EXPL: 0CVE-2022-48713 – perf/x86/intel/pt: Fix crash with stop filters in single-range mode
https://notcve.org/view.php?id=CVE-2022-48713
20 Jun 2024 — In the Linux kernel, the following vulnerability has been resolved: perf/x86/intel/pt: Fix crash with stop filters in single-range mode Add a check for !buf->single before calling pt_buffer_region_size in a place where a missing check can cause a kernel crash. Fixes a bug introduced by commit 670638477aed ("perf/x86/intel/pt: Opportunistically use single range output mode"), which added a support for PT single-range output mode. Since that commit if a PT stop filter range is hit while tracing, the kernel wi... • https://git.kernel.org/stable/c/670638477aede0d7a355ced04b569214aa3feacd •
CVSS: 4.4EPSS: 0%CPEs: 4EXPL: 0CVE-2022-48712 – ext4: fix error handling in ext4_fc_record_modified_inode()
https://notcve.org/view.php?id=CVE-2022-48712
20 Jun 2024 — In the Linux kernel, the following vulnerability has been resolved: ext4: fix error handling in ext4_fc_record_modified_inode() Current code does not fully takes care of krealloc() error case, which could lead to silent memory corruption or a kernel bug. This patch fixes that. Also it cleans up some duplicated error handling logic from various functions in fast_commit.c file. En el kernel de Linux, se resolvió la siguiente vulnerabilidad: ext4: corrige el manejo de errores en ext4_fc_record_modified_inode()... • https://git.kernel.org/stable/c/62e46e0ffc02daa8fcfc02f7a932cc8a19601b19 •
CVSS: 7.0EPSS: 0%CPEs: 8EXPL: 0CVE-2022-48711 – tipc: improve size validations for received domain records
https://notcve.org/view.php?id=CVE-2022-48711
20 Jun 2024 — In the Linux kernel, the following vulnerability has been resolved: tipc: improve size validations for received domain records The function tipc_mon_rcv() allows a node to receive and process domain_record structs from peer nodes to track their views of the network topology. This patch verifies that the number of members in a received domain record does not exceed the limit defined by MAX_MON_DOMAIN, something that may otherwise lead to a stack overflow. tipc_mon_rcv() is called from the function tipc_link_... • https://git.kernel.org/stable/c/35c55c9877f8de0ab129fa1a309271d0ecc868b9 •
CVSS: 5.5EPSS: 0%CPEs: 9EXPL: 0CVE-2021-47620 – Bluetooth: refactor malicious adv data check
https://notcve.org/view.php?id=CVE-2021-47620
20 Jun 2024 — In the Linux kernel, the following vulnerability has been resolved: Bluetooth: refactor malicious adv data check Check for out-of-bound read was being performed at the end of while num_reports loop, and would fill journal with false positives. Added check to beginning of loop processing so that it doesn't get checked after ptr has been advanced. En el kernel de Linux, se resolvió la siguiente vulnerabilidad: Bluetooth: refactorización de verificación de datos publicitarios maliciosos. Se estaba realizando u... • https://git.kernel.org/stable/c/305e92f525450f3e1b5f5c9dc7eadb152d66a082 •
CVSS: 5.5EPSS: 0%CPEs: 6EXPL: 0CVE-2021-47619 – i40e: Fix queues reservation for XDP
https://notcve.org/view.php?id=CVE-2021-47619
20 Jun 2024 — In the Linux kernel, the following vulnerability has been resolved: i40e: Fix queues reservation for XDP When XDP was configured on a system with large number of CPUs and X722 NIC there was a call trace with NULL pointer dereference. i40e 0000:87:00.0: failed to get tracking for 256 queues for VSI 0 err -12 i40e 0000:87:00.0: setup of MAIN VSI failed BUG: kernel NULL pointer dereference, address: 0000000000000000 RIP: 0010:i40e_xdp+0xea/0x1b0 [i40e] Call Trace: ? i40e_reconfig_rss_queues+0x130/0x130 [i40e] ... • https://git.kernel.org/stable/c/41c445ff0f482bb6e6b72dcee9e598e20575f743 •