CVE-2024-46723 – drm/amdgpu: fix ucode out-of-bounds read warning
https://notcve.org/view.php?id=CVE-2024-46723
In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: fix ucode out-of-bounds read warning Clear warning that read ucode[] may out-of-bounds. Ubuntu Security Notice 7144-1 - Supraja Sridhara, Benedict Schlüter, Mark Kuhne, Andrin Bertschi, and Shweta Shinde discovered that the Confidential Computing framework in the Linux kernel for x86 platforms did not properly handle 32-bit emulation on TDX and SEV. An attacker with access to the VMM could use this to cause a denial of service or possibly execute arbitrary code. Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. • https://git.kernel.org/stable/c/82ac8f1d02886b5d8aeb9e058989d3bd6fc581e2 https://git.kernel.org/stable/c/e789e05388854a5436b2b5d8695fdb864c9bcc27 https://git.kernel.org/stable/c/5f09fa5e0ad45fbca71933a0e024ca52da47d59b https://git.kernel.org/stable/c/0bef65e069d84d1cd77ce757aea0e437b8e2bd33 https://git.kernel.org/stable/c/8981927ebc6c12fa76b30c4178acb462bab15f54 https://git.kernel.org/stable/c/f2b7a9f3839e92f43559b2795b34640ca8cf839f https://git.kernel.org/stable/c/23fefef859c6057e6770584242bdd938254f8ddd https://git.kernel.org/stable/c/8944acd0f9db33e17f387fdc75d33bb47 •
CVE-2024-46722 – drm/amdgpu: fix mc_data out-of-bounds read warning
https://notcve.org/view.php?id=CVE-2024-46722
In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: fix mc_data out-of-bounds read warning Clear warning that read mc_data[i-1] may out-of-bounds. Ubuntu Security Notice 7154-1 - Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. • https://git.kernel.org/stable/c/5fa4df25ecfc7b6c9006f5b871c46cfe25ea8826 https://git.kernel.org/stable/c/2097edede72ec5bb3869cf0205337d392fb2a553 https://git.kernel.org/stable/c/310b9d8363b88e818afec97ca7652bd7fe3d0650 https://git.kernel.org/stable/c/345bd3ad387f9e121aaad9c95957b80895e2f2ec https://git.kernel.org/stable/c/b862a0bc5356197ed159fed7b1c647e77bc9f653 https://git.kernel.org/stable/c/d0a43bf367ed640e527e8ef3d53aac1e71f80114 https://git.kernel.org/stable/c/578ae965e8b90cd09edeb0252b50fa0503ea35c5 https://git.kernel.org/stable/c/51dfc0a4d609fe700750a62f41447f01b •
CVE-2024-46721 – apparmor: fix possible NULL pointer dereference
https://notcve.org/view.php?id=CVE-2024-46721
In the Linux kernel, the following vulnerability has been resolved: apparmor: fix possible NULL pointer dereference profile->parent->dents[AAFS_PROF_DIR] could be NULL only if its parent is made from __create_missing_ancestors(..) and 'ent->old' is NULL in aa_replace_profiles(..). In that case, it must return an error code and the code, -ENOENT represents its state that the path of its parent is not existed yet. BUG: kernel NULL pointer dereference, address: 0000000000000030 PGD 0 P4D 0 PREEMPT SMP PTI CPU: 4 PID: 3362 Comm: apparmor_parser Not tainted 6.8.0-24-generic #24 Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.15.0-1 04/01/2014 RIP: 0010:aafs_create.constprop.0+0x7f/0x130 Code: 4c 63 e0 48 83 c4 18 4c 89 e0 5b 41 5c 41 5d 41 5e 41 5f 5d 31 d2 31 c9 31 f6 31 ff 45 31 c0 45 31 c9 45 31 d2 c3 cc cc cc cc <4d> 8b 55 30 4d 8d ba a0 00 00 00 4c 89 55 c0 4c 89 ff e8 7a 6a ae RSP: 0018:ffffc9000b2c7c98 EFLAGS: 00010246 RAX: 0000000000000000 RBX: 00000000000041ed RCX: 0000000000000000 RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 RBP: ffffc9000b2c7cd8 R08: 0000000000000000 R09: 0000000000000000 R10: 0000000000000000 R11: 0000000000000000 R12: ffffffff82baac10 R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 FS: 00007be9f22cf740(0000) GS:ffff88817bc00000(0000) knlGS:0000000000000000 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: 0000000000000030 CR3: 0000000134b08000 CR4: 00000000000006f0 Call Trace: <TASK> ? show_regs+0x6d/0x80 ? __die+0x24/0x80 ? page_fault_oops+0x99/0x1b0 ? kernelmode_fixup_or_oops+0xb2/0x140 ? • https://git.kernel.org/stable/c/8d9da10a392a32368392f7a16775e1f36e2a5346 https://git.kernel.org/stable/c/730ee2686af0d55372e97a2695005ff142702363 https://git.kernel.org/stable/c/52338a3aa772762b8392ce7cac106c1099aeab85 https://git.kernel.org/stable/c/e3c7d23f7a5c0b11ba0093cea32261ab8098b94e https://git.kernel.org/stable/c/09b2d107fe63e55b6ae643f9f26bf8eb14a261d9 https://git.kernel.org/stable/c/59f742e55a469ef36c5c1533b6095a103b61eda8 https://git.kernel.org/stable/c/c49bbe69ee152bd9c1c1f314c0f582e76c578f64 https://git.kernel.org/stable/c/3dd384108d53834002be5630132ad5c3f •
CVE-2024-46720 – drm/amdgpu: fix dereference after null check
https://notcve.org/view.php?id=CVE-2024-46720
In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: fix dereference after null check check the pointer hive before use. Ubuntu Security Notice 7156-1 - Chenyuan Yang discovered that the USB Gadget subsystem in the Linux kernel did not properly check for the device to be enabled before writing. A local attacker could possibly use this to cause a denial of service. Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. • https://git.kernel.org/stable/c/1b73ea3d97cc23f9b16d10021782b48397d2b517 https://git.kernel.org/stable/c/0aad97bf6d0bc7a34a19f266b0b9fb2861efe64c https://git.kernel.org/stable/c/00b9594d6310eb33e14d3f07b54866499efe0d50 https://git.kernel.org/stable/c/b1f7810b05d1950350ac2e06992982974343e441 •
CVE-2024-46719 – usb: typec: ucsi: Fix null pointer dereference in trace
https://notcve.org/view.php?id=CVE-2024-46719
In the Linux kernel, the following vulnerability has been resolved: usb: typec: ucsi: Fix null pointer dereference in trace ucsi_register_altmode checks IS_ERR for the alt pointer and treats NULL as valid. When CONFIG_TYPEC_DP_ALTMODE is not enabled, ucsi_register_displayport returns NULL which causes a NULL pointer dereference in trace. Rather than return NULL, call typec_port_register_altmode to register DisplayPort alternate mode as a non-controllable mode when CONFIG_TYPEC_DP_ALTMODE is not enabled. Ubuntu Security Notice 7144-1 - Supraja Sridhara, Benedict Schlüter, Mark Kuhne, Andrin Bertschi, and Shweta Shinde discovered that the Confidential Computing framework in the Linux kernel for x86 platforms did not properly handle 32-bit emulation on TDX and SEV. An attacker with access to the VMM could use this to cause a denial of service or possibly execute arbitrary code. • https://git.kernel.org/stable/c/8095bf0579ed4906a33f7bec675bfb29b6b16a3b https://git.kernel.org/stable/c/7e64cabe81c303bdf6fd26b6a09a3289b33bc870 https://git.kernel.org/stable/c/3aa56313b0de06ce1911950b2cc0c269614a87a9 https://git.kernel.org/stable/c/b4243c05d7e3db0bdbf9124e6fa59b4ca7c807ae https://git.kernel.org/stable/c/3b9f2d9301ae67070fe77a0c06758722fd7172b7 https://git.kernel.org/stable/c/99331fe68a8eaa4097143a33fb0c12d5e5e8e830 https://git.kernel.org/stable/c/99516f76db48e1a9d54cdfed63c1babcee4e71a5 •