Page 245 of 3289 results (0.008 seconds)

CVSS: -EPSS: 0%CPEs: 2EXPL: 0

In the Linux kernel, the following vulnerability has been resolved: ASoC: mediatek: mt8195: Add platform entry for ETDM1_OUT_BE dai link Commit e70b8dd26711 ("ASoC: mediatek: mt8195: Remove afe-dai component and rework codec link") removed the codec entry for the ETDM1_OUT_BE dai link entirely instead of replacing it with COMP_EMPTY(). This worked by accident as the remaining COMP_EMPTY() platform entry became the codec entry, and the platform entry became completely empty, effectively the same as COMP_DUMMY() since snd_soc_fill_dummy_dai() doesn't do anything for platform entries. This causes a KASAN out-of-bounds warning in mtk_soundcard_common_probe() in sound/soc/mediatek/common/mtk-soundcard-driver.c: for_each_card_prelinks(card, i, dai_link) { if (adsp_node && !strncmp(dai_link->name, "AFE_SOF", strlen("AFE_SOF"))) dai_link->platforms->of_node = adsp_node; else if (!dai_link->platforms->name && !dai_link->platforms->of_node) dai_link->platforms->of_node = platform_node; } where the code expects the platforms array to have space for at least one entry. Add an COMP_EMPTY() entry so that dai_link->platforms has space. • https://git.kernel.org/stable/c/e70b8dd26711704b1ff1f1b4eb3d048ba69e29da https://git.kernel.org/stable/c/42b9ab7a4d7e6c5efd71847541e4fcc213585aad https://git.kernel.org/stable/c/282a4482e198e03781c152c88aac8aa382ef9a55 •

CVSS: -EPSS: 0%CPEs: 8EXPL: 0

In the Linux kernel, the following vulnerability has been resolved: drm/panel: ilitek-ili9881c: Fix warning with GPIO controllers that sleep The ilitek-ili9881c controls the reset GPIO using the non-sleeping gpiod_set_value() function. This complains loudly when the GPIO controller needs to sleep. As the caller can sleep, use gpiod_set_value_cansleep() to fix the issue. • https://git.kernel.org/stable/c/b71348be1236398be2d04c5e145fd6eaae86a91b https://git.kernel.org/stable/c/98686ec1824728ff41d7b358131f7d0227c2ba2a https://git.kernel.org/stable/c/cae52f61fda0f5d2949dc177f984c9e187d4c6a0 https://git.kernel.org/stable/c/489f38de3375ab84b3d269d0a1d64d6ee95d7044 https://git.kernel.org/stable/c/5f41401219fbe7663b3cf65ebd4ed95ebbb8ffb9 https://git.kernel.org/stable/c/1618f7a875ffd916596392fd29880c0429b8af60 https://git.kernel.org/stable/c/e646402bf82145349fcf5dcbe395afaf02a8ce47 https://git.kernel.org/stable/c/ee7860cd8b5763017f8dc785c2851fecb •

CVSS: -EPSS: 0%CPEs: 8EXPL: 0

In the Linux kernel, the following vulnerability has been resolved: iio: chemical: bme680: Fix overflows in compensate() functions There are cases in the compensate functions of the driver that there could be overflows of variables due to bit shifting ops. These implications were initially discussed here [1] and they were mentioned in log message of Commit 1b3bd8592780 ("iio: chemical: Add support for Bosch BME680 sensor"). [1]: https://lore.kernel.org/linux-iio/20180728114028.3c1bbe81@archlinux/ • https://git.kernel.org/stable/c/1b3bd8592780c87c5eddabbe98666b086bbaee36 https://git.kernel.org/stable/c/6fa31bbe2ea8665ee970258eb8320cbf231dbe9e https://git.kernel.org/stable/c/b0af334616ed425024bf220adda0f004806b5feb https://git.kernel.org/stable/c/c326551e99f5416986074ce78bef94f6a404b517 https://git.kernel.org/stable/c/7a13d1357658d3a3c1cd7b3b9543c805a6e5e6e9 https://git.kernel.org/stable/c/ba1bb3e2a38a7fef1c1818dd4f2d9abbfdde553a https://git.kernel.org/stable/c/b5967393d50e3c6e632efda3ea3fdde14c1bfd0e https://git.kernel.org/stable/c/3add41bbda92938e9a528d74659dfc552 •

CVSS: -EPSS: 0%CPEs: 5EXPL: 0

In the Linux kernel, the following vulnerability has been resolved: usb: dwc3: core: remove lock of otg mode during gadget suspend/resume to avoid deadlock When config CONFIG_USB_DWC3_DUAL_ROLE is selected, and trigger system to enter suspend status with below command: echo mem > /sys/power/state There will be a deadlock issue occurring. Detailed invoking path as below: dwc3_suspend_common() spin_lock_irqsave(&dwc->lock, flags); <-- 1st dwc3_gadget_suspend(dwc); dwc3_gadget_soft_disconnect(dwc); spin_lock_irqsave(&dwc->lock, flags); <-- 2nd This issue is exposed by commit c7ebd8149ee5 ("usb: dwc3: gadget: Fix NULL pointer dereference in dwc3_gadget_suspend") that removes the code of checking whether dwc->gadget_driver is NULL or not. It causes the following code is executed and deadlock occurs when trying to get the spinlock. In fact, the root cause is the commit 5265397f9442("usb: dwc3: Remove DWC3 locking during gadget suspend/resume") that forgot to remove the lock of otg mode. So, remove the redundant lock of otg mode during gadget suspend/resume. • https://git.kernel.org/stable/c/2fa487a9466760a4fb6f147aed6219379dabfc2e https://git.kernel.org/stable/c/5265397f94424eaea596026fd34dc7acf474dcec https://git.kernel.org/stable/c/7026576e89094aa9a0062aa6d10cba18aa99944c https://git.kernel.org/stable/c/d77e2b5104c51d3668b9717c825a4a06998efe63 https://git.kernel.org/stable/c/17e2956633ca560b95f1cbbb297cfc2adf650649 https://git.kernel.org/stable/c/f1274cfab183e69a7c7bafffcb4f50703c876276 https://git.kernel.org/stable/c/7838de15bb700c2898a7d741db9b1f3cbc86c136 •

CVSS: 5.7EPSS: 0%CPEs: 8EXPL: 0

In the Linux kernel, the following vulnerability has been resolved: ftruncate: pass a signed offset The old ftruncate() syscall, using the 32-bit off_t misses a sign extension when called in compat mode on 64-bit architectures. As a result, passing a negative length accidentally succeeds in truncating to file size between 2GiB and 4GiB. Changing the type of the compat syscall to the signed compat_off_t changes the behavior so it instead returns -EINVAL. The native entry point, the truncate() syscall and the corresponding loff_t based variants are all correct already and do not suffer from this mistake. An unexpected file truncate flaw was found when opening files with specific parameters in the Linux kernel's file-system. This vulnerability allows a local user to corrupt specific files when having access to these files. • https://git.kernel.org/stable/c/3f6d078d4accfff8b114f968259a060bfdc7c682 https://git.kernel.org/stable/c/c329760749b5419769e57cb2be80955d2805f9c9 https://git.kernel.org/stable/c/f531d4bc6c5588d713359e42ed65e46816d841d8 https://git.kernel.org/stable/c/84bf6b64a1a0dfc6de7e1b1c776d58d608e7865a https://git.kernel.org/stable/c/dbb226d81cd02cee140139c2369791e6f61f2007 https://git.kernel.org/stable/c/5ae6af68410bdad6181ec82104bb9985a7a6a0fa https://git.kernel.org/stable/c/836359247b0403e0634bfbc83e5bb8063fad287a https://git.kernel.org/stable/c/930a4c369f74da26816eaaa71b5888d29 • CWE-96: Improper Neutralization of Directives in Statically Saved Code ('Static Code Injection') •