CVSS: 5.5EPSS: 0%CPEs: 6EXPL: 0CVE-2023-52863 – hwmon: (axi-fan-control) Fix possible NULL pointer dereference
https://notcve.org/view.php?id=CVE-2023-52863
21 May 2024 — In the Linux kernel, the following vulnerability has been resolved: hwmon: (axi-fan-control) Fix possible NULL pointer dereference axi_fan_control_irq_handler(), dependent on the private axi_fan_control_data structure, might be called before the hwmon device is registered. That will cause an "Unable to handle kernel NULL pointer dereference" error. En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: hwmon: (axi-fan-control) Se corrigió la posible desreferencia del puntero NULL. Se podría llam... • https://git.kernel.org/stable/c/8412b410fa5e1e494a0fec84c3c462d49870d3f5 •
CVSS: 4.1EPSS: 0%CPEs: 3EXPL: 0CVE-2023-52862 – drm/amd/display: Fix null pointer dereference in error message
https://notcve.org/view.php?id=CVE-2023-52862
21 May 2024 — In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Fix null pointer dereference in error message This patch fixes a null pointer dereference in the error message that is printed when the Display Core (DC) fails to initialize. The original message includes the DC version number, which is undefined if the DC is not initialized. En el kernel de Linux, se resolvió la siguiente vulnerabilidad: drm/amd/display: corrige la desreferencia del puntero null en el mensaje de error. Est... • https://git.kernel.org/stable/c/9788d087caffd8358d6e14349ee69d9385666719 • CWE-476: NULL Pointer Dereference •
CVSS: 6.2EPSS: 0%CPEs: 4EXPL: 0CVE-2023-52861 – drm: bridge: it66121: Fix invalid connector dereference
https://notcve.org/view.php?id=CVE-2023-52861
21 May 2024 — In the Linux kernel, the following vulnerability has been resolved: drm: bridge: it66121: Fix invalid connector dereference Fix the NULL pointer dereference when no monitor is connected, and the sound card is opened from userspace. Instead return an empty buffer (of zeroes) as the EDID information to the sound framework if there is no connector attached. En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: drm: bridge: it66121: Corrige la desreferencia del conector no válido. Corrige la desref... • https://git.kernel.org/stable/c/e0fd83dbe92426e4f09b01111d260d2a7dc72fdb • CWE-476: NULL Pointer Dereference •
CVSS: 4.4EPSS: 0%CPEs: 4EXPL: 0CVE-2023-52860 – drivers/perf: hisi: use cpuhp_state_remove_instance_nocalls() for hisi_hns3_pmu uninit process
https://notcve.org/view.php?id=CVE-2023-52860
21 May 2024 — In the Linux kernel, the following vulnerability has been resolved: drivers/perf: hisi: use cpuhp_state_remove_instance_nocalls() for hisi_hns3_pmu uninit process When tearing down a 'hisi_hns3' PMU, we mistakenly run the CPU hotplug callbacks after the device has been unregistered, leading to fireworks when we try to execute empty function callbacks within the driver: | Unable to handle kernel NULL pointer dereference at virtual address 0000000000000000 | CPU: 0 PID: 15 Comm: cpuhp/0 Tainted: G W O 5.12.0-... • https://git.kernel.org/stable/c/66637ab137b44914356a9dc7a9b3f8ebcf0b0695 •
CVSS: 6.0EPSS: 0%CPEs: 5EXPL: 0CVE-2023-52859 – perf: hisi: Fix use-after-free when register pmu fails
https://notcve.org/view.php?id=CVE-2023-52859
21 May 2024 — In the Linux kernel, the following vulnerability has been resolved: perf: hisi: Fix use-after-free when register pmu fails When we fail to register the uncore pmu, the pmu context may not been allocated. The error handing will call cpuhp_state_remove_instance() to call uncore pmu offline callback, which migrate the pmu context. Since that's liable to lead to some kind of use-after-free. Use cpuhp_state_remove_instance_nocalls() instead of cpuhp_state_remove_instance() so that the notifiers don't execute aft... • https://git.kernel.org/stable/c/3bf30882c3c7b6e376d9d6d04082c9aa2d2ac30a • CWE-416: Use After Free •
CVSS: 6.2EPSS: 0%CPEs: 7EXPL: 0CVE-2023-52858 – clk: mediatek: clk-mt7629: Add check for mtk_alloc_clk_data
https://notcve.org/view.php?id=CVE-2023-52858
21 May 2024 — In the Linux kernel, the following vulnerability has been resolved: clk: mediatek: clk-mt7629: Add check for mtk_alloc_clk_data Add the check for the return value of mtk_alloc_clk_data() in order to avoid NULL pointer dereference. En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: clk: mediatek: clk-mt7629: Agregar verificación para mtk_alloc_clk_data. Agregue la verificación para el valor de retorno de mtk_alloc_clk_data() para evitar la desreferencia al puntero NULL. In the Linux kernel, t... • https://git.kernel.org/stable/c/3b5e748615e714711220b2a95d19bd25a037db09 • CWE-476: NULL Pointer Dereference •
CVSS: 5.5EPSS: 0%CPEs: 4EXPL: 0CVE-2023-52857 – drm/mediatek: Fix coverity issue with unintentional integer overflow
https://notcve.org/view.php?id=CVE-2023-52857
21 May 2024 — In the Linux kernel, the following vulnerability has been resolved: drm/mediatek: Fix coverity issue with unintentional integer overflow 1. Instead of multiplying 2 variable of different types. Change to assign a value of one variable and then multiply the other variable. 2. Add a int variable for multiplier calculation instead of calculating different types multiplier with dma_addr_t variable directly. En el kernel de Linux, se resolvió la siguiente vulnerabilidad: drm/mediatek: soluciona el problema de co... • https://git.kernel.org/stable/c/1a64a7aff8da352c9419de3d5c34343682916411 •
CVSS: 4.9EPSS: 0%CPEs: 5EXPL: 0CVE-2023-52856 – drm/bridge: lt8912b: Fix crash on bridge detach
https://notcve.org/view.php?id=CVE-2023-52856
21 May 2024 — In the Linux kernel, the following vulnerability has been resolved: drm/bridge: lt8912b: Fix crash on bridge detach The lt8912b driver, in its bridge detach function, calls drm_connector_unregister() and drm_connector_cleanup(). drm_connector_unregister() should be called only for connectors explicitly registered with drm_connector_register(), which is not the case in lt8912b. The driver's drm_connector_funcs.destroy hook is set to drm_connector_cleanup(). Thus the driver should not call either drm_connecto... • https://git.kernel.org/stable/c/30e2ae943c260036ea494b601343f6ed5ce7bc60 •
CVSS: 5.5EPSS: 0%CPEs: 9EXPL: 0CVE-2023-52855 – usb: dwc2: fix possible NULL pointer dereference caused by driver concurrency
https://notcve.org/view.php?id=CVE-2023-52855
21 May 2024 — In the Linux kernel, the following vulnerability has been resolved: usb: dwc2: fix possible NULL pointer dereference caused by driver concurrency In _dwc2_hcd_urb_enqueue(), "urb->hcpriv = NULL" is executed without holding the lock "hsotg->lock". In _dwc2_hcd_urb_dequeue(): spin_lock_irqsave(&hsotg->lock, flags); ... if (!urb->hcpriv) { dev_dbg(hsotg->dev, "## urb->hcpriv is NULL ##\n"); goto out; } rc = dwc2_hcd_urb_dequeue(hsotg, urb->hcpriv); // Use urb->hcpriv ... out: spin_unlock_irqrestore(&hsotg->loc... • https://git.kernel.org/stable/c/33ad261aa62be02f0cedeb4d5735cc726de84a3f • CWE-476: NULL Pointer Dereference •
CVSS: 5.5EPSS: 0%CPEs: 13EXPL: 0CVE-2023-52854 – padata: Fix refcnt handling in padata_free_shell()
https://notcve.org/view.php?id=CVE-2023-52854
21 May 2024 — In the Linux kernel, the following vulnerability has been resolved: padata: Fix refcnt handling in padata_free_shell() In a high-load arm64 environment, the pcrypt_aead01 test in LTP can lead to system UAF (Use-After-Free) issues. Due to the lengthy analysis of the pcrypt_aead01 function call, I'll describe the problem scenario using a simplified model: Suppose there's a user of padata named `user_function` that adheres to the padata requirement of calling `padata_free_shell` after `serial()` has been invok... • https://git.kernel.org/stable/c/07928d9bfc81640bab36f5190e8725894d93b659 •