CVSS: 4.6EPSS: 0%CPEs: 9EXPL: 0CVE-2023-52845 – tipc: Change nla_policy for bearer-related names to NLA_NUL_STRING
https://notcve.org/view.php?id=CVE-2023-52845
21 May 2024 — In the Linux kernel, the following vulnerability has been resolved: tipc: Change nla_policy for bearer-related names to NLA_NUL_STRING syzbot reported the following uninit-value access issue [1]: ===================================================== BUG: KMSAN: uninit-value in strlen lib/string.c:418 [inline] BUG: KMSAN: uninit-value in strstr+0xb8/0x2f0 lib/string.c:756 strlen lib/string.c:418 [inline] strstr+0xb8/0x2f0 lib/string.c:756 tipc_nl_node_reset_link_stats+0x3ea/0xb50 net/tipc/node.c:2595 ... • https://git.kernel.org/stable/c/7be57fc6918470ecacd16b89c0d4f73d8fc265c4 • CWE-476: NULL Pointer Dereference •
CVSS: 6.2EPSS: 0%CPEs: 6EXPL: 0CVE-2023-52844 – media: vidtv: psi: Add check for kstrdup
https://notcve.org/view.php?id=CVE-2023-52844
21 May 2024 — In the Linux kernel, the following vulnerability has been resolved: media: vidtv: psi: Add check for kstrdup Add check for the return value of kstrdup() and return the error if it fails in order to avoid NULL pointer dereference. In the Linux kernel, the following vulnerability has been resolved: media: vidtv: psi: Add check for kstrdup Add check for the return value of kstrdup() and return the error if it fails in order to avoid NULL pointer dereference. En el kernel de Linux, se ha re... • https://git.kernel.org/stable/c/7a7899f6f58e3270ccfd200ee63ebced5ddba3c9 • CWE-476: NULL Pointer Dereference •
CVSS: 5.5EPSS: 0%CPEs: 9EXPL: 0CVE-2023-52843 – llc: verify mac len before reading mac header
https://notcve.org/view.php?id=CVE-2023-52843
21 May 2024 — In the Linux kernel, the following vulnerability has been resolved: llc: verify mac len before reading mac header LLC reads the mac header with eth_hdr without verifying that the skb has an Ethernet header. In the Linux kernel, the following vulnerability has been resolved: llc: verify mac len before reading mac header LLC reads the mac header with eth_hdr without verifying that the skb has an Ethernet header. ... En el kernel de Linux se ha resuelto la siguiente vulnerabilidad: llc: ve... • https://git.kernel.org/stable/c/f83f1768f833cb45bc93429fdc552252a4f55ac3 •
CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 0CVE-2023-52842 – virtio/vsock: Fix uninit-value in virtio_transport_recv_pkt()
https://notcve.org/view.php?id=CVE-2023-52842
21 May 2024 — In the Linux kernel, the following vulnerability has been resolved: virtio/vsock: Fix uninit-value in virtio_transport_recv_pkt() KMSAN reported the following uninit-value access issue: ===================================================== BUG: KMSAN: uninit-value in virtio_transport_recv_pkt+0x1dfb/0x26a0 net/vmw_vsock/virtio_transport_common.c:1421 virtio_transport_recv_pkt+0x1dfb/0x26a0 net/vmw_vsock/virtio_transport_common.c:1421 vsock_loopback_work+0x3bb/0x5a0 net/vmw_vsock/vsock_loopback.c:120 ... • https://git.kernel.org/stable/c/71dc9ec9ac7d3eee785cdc986c3daeb821381e20 •
CVSS: 5.5EPSS: 0%CPEs: 6EXPL: 0CVE-2023-52841 – media: vidtv: mux: Add check and kfree for kstrdup
https://notcve.org/view.php?id=CVE-2023-52841
21 May 2024 — In the Linux kernel, the following vulnerability has been resolved: media: vidtv: mux: Add check and kfree for kstrdup Add check for the return value of kstrdup() and return the error if it fails in order to avoid NULL pointer dereference. In the Linux kernel, the following vulnerability has been resolved: media: vidtv: mux: Add check and kfree for kstrdup Add check for the return value of kstrdup() and return the error if it fails in order to avoid NULL pointer dereference. • https://git.kernel.org/stable/c/c2f78f0cb294aa6f009d3a170f4ee8ad199ba5da •
CVSS: 5.9EPSS: 0%CPEs: 8EXPL: 0CVE-2023-52840 – Input: synaptics-rmi4 - fix use after free in rmi_unregister_function()
https://notcve.org/view.php?id=CVE-2023-52840
21 May 2024 — In the Linux kernel, the following vulnerability has been resolved: Input: synaptics-rmi4 - fix use after free in rmi_unregister_function() The put_device() calls rmi_release_function() which frees "fn" so the dereference on the next line "fn->num_of_irqs" is a use after free. In the Linux kernel, the following vulnerability has been resolved: Input: synaptics-rmi4 - fix use after free in rmi_unregister_function() The put_device() calls rmi_release_function() which frees "fn" so the dereferenc... • https://git.kernel.org/stable/c/24d28e4f1271cb2f91613dada8f2acccd00eff56 • CWE-416: Use After Free •
CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 0CVE-2023-52839 – drivers: perf: Do not broadcast to other cpus when starting a counter
https://notcve.org/view.php?id=CVE-2023-52839
21 May 2024 — In the Linux kernel, the following vulnerability has been resolved: drivers: perf: Do not broadcast to other cpus when starting a counter This command: $ perf record -e cycles:k -e instructions:k -c 10000 -m 64M dd if=/dev/zero of=/dev/null count=1000 gives rise to this kernel warning: [ 444.364395] WARNING: CPU: 0 PID: 104 at kernel/smp.c:775 smp_call_function_many_cond+0x42c/0x436 [ 444.364515] Modules linked in: [ 444.364657] CPU: 0 PID: 104 Comm: perf-exec Not tainted 6.6.0-rc6-00051-g391df82e8ec... • https://git.kernel.org/stable/c/3fec323339a4a9801a54e8b282eb571965b67b23 •
CVSS: 6.2EPSS: 0%CPEs: 10EXPL: 0CVE-2023-52838 – fbdev: imsttfb: fix a resource leak in probe
https://notcve.org/view.php?id=CVE-2023-52838
21 May 2024 — In the Linux kernel, the following vulnerability has been resolved: fbdev: imsttfb: fix a resource leak in probe I've re-written the error handling but the bug is that if init_imstt() fails we need to call iounmap(par->cmap_regs). In the Linux kernel, the following vulnerability has been resolved: fbdev: imsttfb: fix a resource leak in probe I've re-written the error handling but the bug is that if init_imstt() fails we need to call iounmap(par->cmap_regs). En el kernel de Linux, se res... • https://git.kernel.org/stable/c/7f683f286a2196bd4d2da420a3194f5ba0269d8c • CWE-416: Use After Free •
CVSS: 6.7EPSS: 0%CPEs: 4EXPL: 0CVE-2023-52837 – nbd: fix uaf in nbd_open
https://notcve.org/view.php?id=CVE-2023-52837
21 May 2024 — In the Linux kernel, the following vulnerability has been resolved: nbd: fix uaf in nbd_open Commit 4af5f2e03013 ("nbd: use blk_mq_alloc_disk and blk_cleanup_disk") cleans up disk by blk_cleanup_disk() and it won't set disk->private_data as NULL as before. In the Linux kernel, the following vulnerability has been resolved: nbd: fix uaf in nbd_open Commit 4af5f2e03013 ("nbd: use blk_mq_alloc_disk and blk_cleanup_disk") cleans up disk by blk_cleanup_disk() and it won't set disk->private_data as ... • https://git.kernel.org/stable/c/4af5f2e0301311f88c420fcfc5f3c8611ade20ac • CWE-416: Use After Free •
CVSS: 0EPSS: 0%CPEs: 9EXPL: 0CVE-2023-52836 – locking/ww_mutex/test: Fix potential workqueue corruption
https://notcve.org/view.php?id=CVE-2023-52836
21 May 2024 — In the Linux kernel, the following vulnerability has been resolved: locking/ww_mutex/test: Fix potential workqueue corruption In some cases running with the test-ww_mutex code, I was seeing odd behavior where sometimes it seemed flush_workqueue was returning before all the work threads were finished. In the Linux kernel, the following vulnerability has been resolved: locking/ww_mutex/test: Fix potential workqueue corruption In some cases running with the test-ww_mutex code, I was seeing odd be... • https://git.kernel.org/stable/c/d4d37c9e6a4dbcca958dabd99216550525c7e389 •