CVSS: 9.1EPSS: 0%CPEs: 6EXPL: 0CVE-2023-52814 – drm/amdgpu: Fix potential null pointer derefernce
https://notcve.org/view.php?id=CVE-2023-52814
21 May 2024 — In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Fix potential null pointer derefernce The amdgpu_ras_get_context may return NULL if device not support ras feature, so add check before using. En el kernel de Linux, se resolvió la siguiente vulnerabilidad: drm/amdgpu: soluciona una posible desreferencia del puntero null. Amdgpu_ras_get_context puede devolver NULL si el dispositivo no admite la función ras, así que agregue la verificación antes de usarlo. In the Linux kernel, ... • https://git.kernel.org/stable/c/b93a25de28af153312f0fc979b0663fc4bd3442b • CWE-476: NULL Pointer Dereference •
CVSS: 5.5EPSS: 0%CPEs: 9EXPL: 0CVE-2023-52813 – crypto: pcrypt - Fix hungtask for PADATA_RESET
https://notcve.org/view.php?id=CVE-2023-52813
21 May 2024 — In the Linux kernel, the following vulnerability has been resolved: crypto: pcrypt - Fix hungtask for PADATA_RESET We found a hungtask bug in test_aead_vec_cfg as follows: INFO: task cryptomgr_test:391009 blocked for more than 120 seconds. "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. Call trace: __switch_to+0x98/0xe0 __schedule+0x6c4/0xf40 schedule+0xd8/0x1b4 schedule_timeout+0x474/0x560 wait_for_common+0x368/0x4e0 wait_for_completion+0x20/0x30 wait_for_completion+0x20... • https://git.kernel.org/stable/c/fb2d3a50a8f29a3c66682bb426144f40e32ab818 • CWE-833: Deadlock •
CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 0CVE-2023-52812 – drm/amd: check num of link levels when update pcie param
https://notcve.org/view.php?id=CVE-2023-52812
21 May 2024 — In the Linux kernel, the following vulnerability has been resolved: drm/amd: check num of link levels when update pcie param In SR-IOV environment, the value of pcie_table->num_of_link_levels will be 0, and num_of_levels - 1 will cause array index out of bounds En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: drm/amd: comprueba el número de niveles de enlace cuando se actualiza el parámetro pcie. En el entorno SR-IOV, el valor de pcie_table->num_of_link_levels será 0, y num_of_levels ... • https://git.kernel.org/stable/c/2f2d48b6247ae3001f83c98730b3cce475cb2927 •
CVSS: 5.5EPSS: 0%CPEs: 5EXPL: 0CVE-2023-52811 – scsi: ibmvfc: Remove BUG_ON in the case of an empty event pool
https://notcve.org/view.php?id=CVE-2023-52811
21 May 2024 — In the Linux kernel, the following vulnerability has been resolved: scsi: ibmvfc: Remove BUG_ON in the case of an empty event pool In practice the driver should never send more commands than are allocated to a queue's event pool. In the unlikely event that this happens, the code asserts a BUG_ON, and in the case that the kernel is not configured to crash on panic returns a junk event pointer from the empty event list causing things to spiral from there. This BUG_ON is a historical artifact of the ibmvfc d... • https://git.kernel.org/stable/c/e1d1f79b1929dce470a5dc9281c574cd58e8c6c0 • CWE-476: NULL Pointer Dereference •
CVSS: 8.4EPSS: 0%CPEs: 9EXPL: 0CVE-2023-52810 – fs/jfs: Add check for negative db_l2nbperpage
https://notcve.org/view.php?id=CVE-2023-52810
21 May 2024 — In the Linux kernel, the following vulnerability has been resolved: fs/jfs: Add check for negative db_l2nbperpage l2nbperpage is log2(number of blks per page), and the minimum legal value should be 0, not negative. In the case of l2nbperpage being negative, an error will occur when subsequently used as shift exponent. Syzbot reported this bug: UBSAN: shift-out-of-bounds in fs/jfs/jfs_dmap.c:799:12 shift exponent -16777216 is negative En el kernel de Linux, se resolvió la siguiente vulnerabilidad: fs/jf... • https://git.kernel.org/stable/c/cc61fcf7d1c99f148fe8ddfb5c6ed0bb75861f01 • CWE-1335: Incorrect Bitwise Shift of Integer •
CVSS: 5.5EPSS: 0%CPEs: 9EXPL: 0CVE-2023-52809 – scsi: libfc: Fix potential NULL pointer dereference in fc_lport_ptp_setup()
https://notcve.org/view.php?id=CVE-2023-52809
21 May 2024 — In the Linux kernel, the following vulnerability has been resolved: scsi: libfc: Fix potential NULL pointer dereference in fc_lport_ptp_setup() fc_lport_ptp_setup() did not check the return value of fc_rport_create() which can return NULL and would cause a NULL pointer dereference. Address this issue by checking return value of fc_rport_create() and log error message on fc_rport_create() failed. En el kernel de Linux, se resolvió la siguiente vulnerabilidad: scsi: libfc: corrigió la posible desreferencia ... • https://git.kernel.org/stable/c/930f0aaba4820d6362de4e6ed569eaf444f1ea4e • CWE-476: NULL Pointer Dereference •
CVSS: 5.5EPSS: 0%CPEs: 5EXPL: 0CVE-2023-52808 – scsi: hisi_sas: Set debugfs_dir pointer to NULL after removing debugfs
https://notcve.org/view.php?id=CVE-2023-52808
21 May 2024 — In the Linux kernel, the following vulnerability has been resolved: scsi: hisi_sas: Set debugfs_dir pointer to NULL after removing debugfs If init debugfs failed during device registration due to memory allocation failure, debugfs_remove_recursive() is called, after which debugfs_dir is not set to NULL. debugfs_remove_recursive() will be called again during device removal. As a result, illegal pointer is accessed. [ 1665.467244] hisi_sas_v3_hw 0000:b4:02.0: failed to init debugfs! ... [ 1669.836708] Unab... • https://git.kernel.org/stable/c/f0bfc8a5561fb0b2c48183dcbfe00bdd6d973bd3 •
CVSS: 5.1EPSS: 0%CPEs: 4EXPL: 0CVE-2023-52807 – net: hns3: fix out-of-bounds access may occur when coalesce info is read via debugfs
https://notcve.org/view.php?id=CVE-2023-52807
21 May 2024 — In the Linux kernel, the following vulnerability has been resolved: net: hns3: fix out-of-bounds access may occur when coalesce info is read via debugfs The hns3 driver define an array of string to show the coalesce info, but if the kernel adds a new mode or a new state, out-of-bounds access may occur when coalesce info is read via debugfs, this patch fix the problem. En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: net: hns3: se puede corregir el acceso fuera de los límites cuando se le... • https://git.kernel.org/stable/c/c99fead7cb07979f5db38035ccb5f02ad2c7106a •
CVSS: 5.5EPSS: 0%CPEs: 9EXPL: 0CVE-2023-52806 – ALSA: hda: Fix possible null-ptr-deref when assigning a stream
https://notcve.org/view.php?id=CVE-2023-52806
21 May 2024 — In the Linux kernel, the following vulnerability has been resolved: ALSA: hda: Fix possible null-ptr-deref when assigning a stream While AudioDSP drivers assign streams exclusively of HOST or LINK type, nothing blocks a user to attempt to assign a COUPLED stream. As supplied substream instance may be a stub, what is the case when code-loading, such scenario ends with null-ptr-deref. En el kernel de Linux se ha resuelto la siguiente vulnerabilidad: ALSA: hda: Corrige posible null-ptr-deref al asignar un fl... • https://git.kernel.org/stable/c/7de25112de8222fd20564769e6c99dc9f9738a0b • CWE-476: NULL Pointer Dereference •
CVSS: 5.3EPSS: 0%CPEs: 9EXPL: 0CVE-2023-52805 – jfs: fix array-index-out-of-bounds in diAlloc
https://notcve.org/view.php?id=CVE-2023-52805
21 May 2024 — In the Linux kernel, the following vulnerability has been resolved: jfs: fix array-index-out-of-bounds in diAlloc Currently there is not check against the agno of the iag while allocating new inodes to avoid fragmentation problem. Added the check which is required. En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: jfs: corrige el índice de matriz fuera de los límites en diAlloc. Actualmente no se verifica el agno del iag al asignar nuevos inodos para evitar problemas de fragmentación. Se ... • https://git.kernel.org/stable/c/2308d0fb0dc32446b4e6ca37cd09c30374bb64e9 •