CVE-2024-46712 – drm/vmwgfx: Disable coherent dumb buffers without 3d
https://notcve.org/view.php?id=CVE-2024-46712
In the Linux kernel, the following vulnerability has been resolved: drm/vmwgfx: Disable coherent dumb buffers without 3d Coherent surfaces make only sense if the host renders to them using accelerated apis. Without 3d the entire content of dumb buffers stays in the guest making all of the extra work they're doing to synchronize between guest and host useless. Configurations without 3d also tend to run with very low graphics memory limits. The pinned console fb, mob cursors and graphical login manager tend to run out of 16MB graphics memory that those guests use. Fix it by making sure the coherent dumb buffers are only used on configs with 3d enabled. • https://git.kernel.org/stable/c/af6441e6f3d41e95bfc5bfc11960c259bb4f0f11 https://git.kernel.org/stable/c/c45558414b8f2e0b9dc34eb8f9d4e8359b887681 https://git.kernel.org/stable/c/e9fd436bb8fb9b9d31fdf07bbcdba6d30290c5e4 •
CVE-2024-46711 – mptcp: pm: fix ID 0 endp usage after multiple re-creations
https://notcve.org/view.php?id=CVE-2024-46711
In the Linux kernel, the following vulnerability has been resolved: mptcp: pm: fix ID 0 endp usage after multiple re-creations 'local_addr_used' and 'add_addr_accepted' are decremented for addresses not related to the initial subflow (ID0), because the source and destination addresses of the initial subflows are known from the beginning: they don't count as "additional local address being used" or "ADD_ADDR being accepted". It is then required not to increment them when the entrypoint used by the initial subflow is removed and re-added during a connection. Without this modification, this entrypoint cannot be removed and re-added more than once. Ubuntu Security Notice 7155-1 - Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. • https://git.kernel.org/stable/c/3ad14f54bd7448384458e69f0183843f683ecce8 https://git.kernel.org/stable/c/c9c744666f7308a4daba520191e29d395260bcfe https://git.kernel.org/stable/c/53e2173172d26c0617b29dd83618b71664bed1fb https://git.kernel.org/stable/c/119806ae4e46cf239db8e6ad92bc2fd3daae86dc https://git.kernel.org/stable/c/9366922adc6a71378ca01f898c41be295309f044 •
CVE-2024-46710 – drm/vmwgfx: Prevent unmapping active read buffers
https://notcve.org/view.php?id=CVE-2024-46710
In the Linux kernel, the following vulnerability has been resolved: drm/vmwgfx: Prevent unmapping active read buffers The kms paths keep a persistent map active to read and compare the cursor buffer. These maps can race with each other in simple scenario where: a) buffer "a" mapped for update b) buffer "a" mapped for compare c) do the compare d) unmap "a" for compare e) update the cursor f) unmap "a" for update At step "e" the buffer has been unmapped and the read contents is bogus. Prevent unmapping of active read buffers by simply keeping a count of how many paths have currently active maps and unmap only when the count reaches 0. Ubuntu Security Notice 7156-1 - Chenyuan Yang discovered that the USB Gadget subsystem in the Linux kernel did not properly check for the device to be enabled before writing. A local attacker could possibly use this to cause a denial of service. Several security issues were discovered in the Linux kernel. • https://git.kernel.org/stable/c/485d98d472d53f9617ffdfba5e677ac29ad4fe20 https://git.kernel.org/stable/c/58a3714db4d9dcaeb9fc4905141e17b9f536c0a5 https://git.kernel.org/stable/c/0851b1ec650adadcaa23ec96daad95a55bf966f0 https://git.kernel.org/stable/c/d5228d158e4c0b1663b3983044913c15c3d0135e https://git.kernel.org/stable/c/aba07b9a0587f50e5d3346eaa19019cf3f86c0ea •
CVE-2024-46709 – drm/vmwgfx: Fix prime with external buffers
https://notcve.org/view.php?id=CVE-2024-46709
In the Linux kernel, the following vulnerability has been resolved: drm/vmwgfx: Fix prime with external buffers Make sure that for external buffers mapping goes through the dma_buf interface instead of trying to access pages directly. External buffers might not provide direct access to readable/writable pages so to make sure the bo's created from external dma_bufs can be read dma_buf interface has to be used. Fixes crashes in IGT's kms_prime with vgem. Regular desktop usage won't trigger this due to the fact that virtual machines will not have multiple GPUs but it enables better test coverage in IGT. Ubuntu Security Notice 7154-1 - Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. • https://git.kernel.org/stable/c/65674218b43f2dd54587ab2b06560e17c30d8b41 https://git.kernel.org/stable/c/b32233accefff1338806f064fb9b62cf5bc0609f https://git.kernel.org/stable/c/2cdb71c975a10b8774fcd199f16f9ea88948de50 https://git.kernel.org/stable/c/9a9716bbbf3dd6b6cbefba3abcc89af8b72631f4 https://git.kernel.org/stable/c/5c12391ee1ab59cb2f3be3f1f5e6d0fc0c2dc854 https://git.kernel.org/stable/c/50f1199250912568606b3778dc56646c10cb7b04 •
CVE-2024-46708 – pinctrl: qcom: x1e80100: Fix special pin offsets
https://notcve.org/view.php?id=CVE-2024-46708
In the Linux kernel, the following vulnerability has been resolved: pinctrl: qcom: x1e80100: Fix special pin offsets Remove the erroneus 0x100000 offset to prevent the boards from crashing on pin state setting, as well as for the intended state changes to take effect. Ubuntu Security Notice 7156-1 - Chenyuan Yang discovered that the USB Gadget subsystem in the Linux kernel did not properly check for the device to be enabled before writing. A local attacker could possibly use this to cause a denial of service. Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. • https://git.kernel.org/stable/c/05e4941d97ef05ddaa742a57301daab8a2f7db5b https://git.kernel.org/stable/c/0197bf772f657fbdea5e9bdec5eea6e67d82cbde https://git.kernel.org/stable/c/d3692d95cc4d88114b070ee63cffc976f00f207f •