CVSS: 5.5EPSS: 0%CPEs: 5EXPL: 0CVE-2023-52788 – i915/perf: Fix NULL deref bugs with drm_dbg() calls
https://notcve.org/view.php?id=CVE-2023-52788
21 May 2024 — In the Linux kernel, the following vulnerability has been resolved: i915/perf: Fix NULL deref bugs with drm_dbg() calls When i915 perf interface is not available dereferencing it will lead to NULL dereferences. As returning -ENOTSUPP is pretty clear return when perf interface is not available. [tursulin: added stable tag] (cherry picked from commit 36f27350ff745bd228ab04d7845dfbffc177a889) En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: i915/perf: corrige errores de desreferencia NULL con... • https://git.kernel.org/stable/c/9b344cf6aea0a69c00e19efdc6e02c6d5aae1a23 • CWE-476: NULL Pointer Dereference •
CVSS: 5.5EPSS: 0%CPEs: 4EXPL: 0CVE-2023-52787 – blk-mq: make sure active queue usage is held for bio_integrity_prep()
https://notcve.org/view.php?id=CVE-2023-52787
21 May 2024 — In the Linux kernel, the following vulnerability has been resolved: blk-mq: make sure active queue usage is held for bio_integrity_prep() blk_integrity_unregister() can come if queue usage counter isn't held for one bio with integrity prepared, so this request may be completed with calling profile->complete_fn, then kernel panic. Another constraint is that bio_integrity_prep() needs to be called before bio merge. Fix the issue by: - call bio_integrity_prep() with one queue usage counter grabbed reliably - c... • https://git.kernel.org/stable/c/900e080752025f0016128f07c9ed4c50eba3654b •
CVSS: 3.6EPSS: 0%CPEs: 3EXPL: 0CVE-2023-52786 – ext4: fix racy may inline data check in dio write
https://notcve.org/view.php?id=CVE-2023-52786
21 May 2024 — In the Linux kernel, the following vulnerability has been resolved: ext4: fix racy may inline data check in dio write syzbot reports that the following warning from ext4_iomap_begin() triggers as of the commit referenced below: if (WARN_ON_ONCE(ext4_has_inline_data(inode))) return -ERANGE; This occurs during a dio write, which is never expected to encounter an inode with inline data. To enforce this behavior, ext4_dio_write_iter() checks the current inline state of the inode and clears the MAY_INLINE_DATA s... • https://git.kernel.org/stable/c/310ee0902b8d9d0a13a5a13e94688a5863fa29c2 •
CVSS: 6.2EPSS: 0%CPEs: 3EXPL: 0CVE-2023-52785 – scsi: ufs: core: Fix racing issue between ufshcd_mcq_abort() and ISR
https://notcve.org/view.php?id=CVE-2023-52785
21 May 2024 — In the Linux kernel, the following vulnerability has been resolved: scsi: ufs: core: Fix racing issue between ufshcd_mcq_abort() and ISR If command timeout happens and cq complete IRQ is raised at the same time, ufshcd_mcq_abort clears lprb->cmd and a NULL pointer deref happens in the ISR. Error log: ufshcd_abort: Device abort task at tag 18 Unable to handle kernel NULL pointer dereference at virtual address 0000000000000108 pc : [0xffffffe27ef867ac] scsi_dma_unmap+0xc/0x44 lr : [0xffffffe27f1b898c] ufshcd_... • https://git.kernel.org/stable/c/f1304d4420777f82a1d844c606db3d9eca841765 •
CVSS: 4.4EPSS: 0%CPEs: 7EXPL: 0CVE-2023-52784 – bonding: stop the device in bond_setup_by_slave()
https://notcve.org/view.php?id=CVE-2023-52784
21 May 2024 — In the Linux kernel, the following vulnerability has been resolved: bonding: stop the device in bond_setup_by_slave() Commit 9eed321cde22 ("net: lapbether: only support ethernet devices") has been able to keep syzbot away from net/lapb, until today. In the following splat [1], the issue is that a lapbether device has been created on a bonding device without members. Then adding a non ARPHRD_ETHER member forced the bonding master to change its type. The fix is to make sure we call dev_close() in bond_setup_b... • https://git.kernel.org/stable/c/872254dd6b1f80cb95ee9e2e22980888533fc293 • CWE-99: Improper Control of Resource Identifiers ('Resource Injection') •
CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 0CVE-2023-52783 – net: wangxun: fix kernel panic due to null pointer
https://notcve.org/view.php?id=CVE-2023-52783
21 May 2024 — In the Linux kernel, the following vulnerability has been resolved: net: wangxun: fix kernel panic due to null pointer When the device uses a custom subsystem vendor ID, the function wx_sw_init() returns before the memory of 'wx->mac_table' is allocated. The null pointer will causes the kernel panic. En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: net: wangxun: corrige el pánico del kernel debido a un puntero null. Cuando el dispositivo utiliza un ID de proveedor de subsistema personaliza... • https://git.kernel.org/stable/c/79625f45ca73ef37c18a6e4b5b6ce7daa1e92683 • CWE-476: NULL Pointer Dereference •
CVSS: 5.9EPSS: 0%CPEs: 2EXPL: 0CVE-2023-52782 – net/mlx5e: Track xmit submission to PTP WQ after populating metadata map
https://notcve.org/view.php?id=CVE-2023-52782
21 May 2024 — In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: Track xmit submission to PTP WQ after populating metadata map Ensure the skb is available in metadata mapping to skbs before tracking the metadata index for detecting undelivered CQEs. If the metadata index is put in the tracking list before putting the skb in the map, the metadata index might be used for detecting undelivered CQEs before the relevant skb is available in the map, which can lead to a null-ptr-deref. Log: general p... • https://git.kernel.org/stable/c/3178308ad4ca38955cad684d235153d4939f1fcd •
CVSS: 4.6EPSS: 0%CPEs: 12EXPL: 0CVE-2023-52781 – usb: config: fix iteration issue in 'usb_get_bos_descriptor()'
https://notcve.org/view.php?id=CVE-2023-52781
21 May 2024 — In the Linux kernel, the following vulnerability has been resolved: usb: config: fix iteration issue in 'usb_get_bos_descriptor()' The BOS descriptor defines a root descriptor and is the base descriptor for accessing a family of related descriptors. Function 'usb_get_bos_descriptor()' encounters an iteration issue when skipping the 'USB_DT_DEVICE_CAPABILITY' descriptor type. This results in the same descriptor being read repeatedly. To address this issue, a 'goto' statement is introduced to ensure that the ... • https://git.kernel.org/stable/c/3dd550a2d36596a1b0ee7955da3b611c031d3873 • CWE-20: Improper Input Validation •
CVSS: 4.4EPSS: 0%CPEs: 4EXPL: 0CVE-2023-52780 – net: mvneta: fix calls to page_pool_get_stats
https://notcve.org/view.php?id=CVE-2023-52780
21 May 2024 — In the Linux kernel, the following vulnerability has been resolved: net: mvneta: fix calls to page_pool_get_stats Calling page_pool_get_stats in the mvneta driver without checks leads to kernel crashes. First the page pool is only available if the bm is not used. The page pool is also not allocated when the port is stopped. It can also be not allocated in case of errors. The current implementation leads to the following crash calling ethstats on a port that is down or when calling it at the wrong moment: bl... • https://git.kernel.org/stable/c/b3fc79225f055af7ef48b47a90752c31cc062e6e •
CVSS: 6.2EPSS: 0%CPEs: 2EXPL: 0CVE-2023-52779 – fs: Pass AT_GETATTR_NOSEC flag to getattr interface function
https://notcve.org/view.php?id=CVE-2023-52779
21 May 2024 — In the Linux kernel, the following vulnerability has been resolved: fs: Pass AT_GETATTR_NOSEC flag to getattr interface function When vfs_getattr_nosec() calls a filesystem's getattr interface function then the 'nosec' should propagate into this function so that vfs_getattr_nosec() can again be called from the filesystem's gettattr rather than vfs_getattr(). The latter would add unnecessary security checks that the initial vfs_getattr_nosec() call wanted to avoid. Therefore, introduce the getattr flag GETAT... • https://git.kernel.org/stable/c/db1d1e8b9867aae5c3e61ad7859abfcc4a6fd6c7 •