CVSS: 5.5EPSS: 0%CPEs: 9EXPL: 0CVE-2023-52855 – usb: dwc2: fix possible NULL pointer dereference caused by driver concurrency
https://notcve.org/view.php?id=CVE-2023-52855
21 May 2024 — In the Linux kernel, the following vulnerability has been resolved: usb: dwc2: fix possible NULL pointer dereference caused by driver concurrency In _dwc2_hcd_urb_enqueue(), "urb->hcpriv = NULL" is executed without holding the lock "hsotg->lock". ... The above possible bug is reported, when my tool analyzes the source code of Linux 6.5. The above possible bug is reported, when my tool analyzes the source code of Linux 6.5. ... En el kernel de Linux, se ha resuelto la siguiente vu... • https://git.kernel.org/stable/c/33ad261aa62be02f0cedeb4d5735cc726de84a3f • CWE-476: NULL Pointer Dereference •
CVSS: 5.5EPSS: 0%CPEs: 13EXPL: 0CVE-2023-52854 – padata: Fix refcnt handling in padata_free_shell()
https://notcve.org/view.php?id=CVE-2023-52854
21 May 2024 — In the Linux kernel, the following vulnerability has been resolved: padata: Fix refcnt handling in padata_free_shell() In a high-load arm64 environment, the pcrypt_aead01 test in LTP can lead to system UAF (Use-After-Free) issues. In the Linux kernel, the following vulnerability has been resolved: padata: Fix refcnt handling in padata_free_shell() In a high-load arm64 environment, the pcrypt_aead01 test in LTP can lead to system UAF (Use-After-Free) issues. ... En el kernel de Linux, se... • https://git.kernel.org/stable/c/07928d9bfc81640bab36f5190e8725894d93b659 •
CVSS: 4.7EPSS: 0%CPEs: 8EXPL: 0CVE-2023-52853 – hid: cp2112: Fix duplicate workqueue initialization
https://notcve.org/view.php?id=CVE-2023-52853
21 May 2024 — In the Linux kernel, the following vulnerability has been resolved: hid: cp2112: Fix duplicate workqueue initialization Previously the cp2112 driver called INIT_DELAYED_WORK within cp2112_gpio_irq_startup, resulting in duplicate initilizations of the workqueue on subsequent IRQ startups following an initial request. In the Linux kernel, the following vulnerability has been resolved: hid: cp2112: Fix duplicate workqueue initialization Previously the cp2112 driver called INIT_DELAYED_WORK within... • https://git.kernel.org/stable/c/13de9cca514ed63604263cad87ca8cb36e9b6489 •
CVSS: 7.8EPSS: 0%CPEs: 6EXPL: 0CVE-2023-52852 – f2fs: compress: fix to avoid use-after-free on dic
https://notcve.org/view.php?id=CVE-2023-52852
21 May 2024 — In the Linux kernel, the following vulnerability has been resolved: f2fs: compress: fix to avoid use-after-free on dic Call trace: __memcpy+0x128/0x250 f2fs_read_multi_pages+0x940/0xf7c f2fs_mpage_readpages+0x5a8/0x624 f2fs_readahead+0x5c/0x110 page_cache_ra_unbounded+0x1b8/0x590 do_sync_mmap_readahead+0x1dc/0x2e4 filemap_fault+0x254/0xa8c f2fs_filemap_fault+0x2c/0x104 __do_fault+0x7c/0x238 do_handle_mm_fault+0x11bc/0x2d14 do_mem_abort+0x3a8/0x1004 el0_da+0x3c/0xa0 el0t_64_sync_handler+0xc4/0xec el0t... • https://git.kernel.org/stable/c/6ce19aff0b8cd386860855185c6cd79337fc4d2b •
CVSS: 5.5EPSS: 0%CPEs: 4EXPL: 0CVE-2023-52851 – IB/mlx5: Fix init stage error handling to avoid double free of same QP and UAF
https://notcve.org/view.php?id=CVE-2023-52851
21 May 2024 — /include/linux/slab.h:603 ./include/linux/slab.h:720 .... /include/linux/slab.h:603 ./ include/linux/slab.h:720 .... /include/linux/slab.h:603 ./include/linux/slab.h:720 . • https://git.kernel.org/stable/c/04876c12c19e94bbbc94bb0446c7bc7cd75163de •
CVSS: 5.5EPSS: 0%CPEs: 4EXPL: 0CVE-2023-52850 – media: hantro: Check whether reset op is defined before use
https://notcve.org/view.php?id=CVE-2023-52850
21 May 2024 — In the Linux kernel, the following vulnerability has been resolved: media: hantro: Check whether reset op is defined before use The i.MX8MM/N/P does not define the .reset op since reset of the VPU is done by genpd. In the Linux kernel, the following vulnerability has been resolved: media: hantro: Check whether reset op is defined before use The i.MX8MM/N/P does not define the .reset op since reset of the VPU is done by genpd. ... En el kernel de Linux, se ha resuelto la siguiente vulner... • https://git.kernel.org/stable/c/6971efb70ac3e43d19bf33ef5f83bea0271831ee •
CVSS: 5.5EPSS: 0%CPEs: 6EXPL: 0CVE-2023-52849 – cxl/mem: Fix shutdown order
https://notcve.org/view.php?id=CVE-2023-52849
21 May 2024 — In the Linux kernel, the following vulnerability has been resolved: cxl/mem: Fix shutdown order Ira reports that removing cxl_mock_mem causes a crash with the following trace: BUG: kernel NULL pointer dereference, address: 0000000000000044 [..] ... En el kernel de Linux, se resolvió la siguiente vulnerabilidad: cxl/mem: arreglo del orden de apagado. ... In the Linux kernel, the following vulnerability has been resolved: cxl/mem: Fix shutdown order Ira reports that removing cxl_mock_mem ... • https://git.kernel.org/stable/c/9cc238c7a526dba9ee8c210fa2828886fc65db66 •
CVSS: 5.5EPSS: 0%CPEs: 4EXPL: 0CVE-2023-52848 – f2fs: fix to drop meta_inode's page cache in f2fs_put_super()
https://notcve.org/view.php?id=CVE-2023-52848
21 May 2024 — In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to drop meta_inode's page cache in f2fs_put_super() syzbot reports a kernel bug as below: F2FS-fs (loop1): detect filesystem reference count leak during umount, type: 10, count: 1 kernel BUG at fs/f2fs/super.c:1639! In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to drop meta_inode's page cache in f2fs_put_super() syzbot reports a kernel bug as below: F2FS-fs (loop1): detect filesystem r... • https://git.kernel.org/stable/c/20872584b8c0b006c007da9588a272c9e28d2e18 •
CVSS: 5.2EPSS: 0%CPEs: 8EXPL: 0CVE-2023-52847 – media: bttv: fix use after free error due to btv->timeout timer
https://notcve.org/view.php?id=CVE-2023-52847
21 May 2024 — In the Linux kernel, the following vulnerability has been resolved: media: bttv: fix use after free error due to btv->timeout timer There may be some a race condition between timer function bttv_irq_timeout and bttv_remove. ... Fix it by adding del_timer_sync invoking to the remove function. cpu0 cpu1 bttv_probe ->timer_setup ->bttv_set_dma ->mod_timer; bttv_remove ->kfree(btv); ->bttv_irq_timeout ->USE btv En el kernel de Linux, se resolvió la siguiente vulnerabilidad: medio: bttv: corrección... • https://git.kernel.org/stable/c/162e6376ac58440beb6a2d2ee294f5d88ea58dd1 • CWE-416: Use After Free •
CVSS: 7.0EPSS: 0%CPEs: 6EXPL: 0CVE-2023-52846 – hsr: Prevent use after free in prp_create_tagged_frame()
https://notcve.org/view.php?id=CVE-2023-52846
21 May 2024 — In the Linux kernel, the following vulnerability has been resolved: hsr: Prevent use after free in prp_create_tagged_frame() The prp_fill_rct() function can fail. ... En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: hsr: impedir el uso después de liberar en prp_create_tagged_frame(). ... In the Linux kernel, the following vulnerability has been resolved: hsr: Prevent use after free in prp_create_tagged_frame() The prp_fill_rct() function can fail. • https://git.kernel.org/stable/c/451d8123f89791bb628277c0bdb4cae34a3563e6 •