CVSS: 5.5EPSS: 0%CPEs: 5EXPL: 0CVE-2023-52788 – i915/perf: Fix NULL deref bugs with drm_dbg() calls
https://notcve.org/view.php?id=CVE-2023-52788
21 May 2024 — In the Linux kernel, the following vulnerability has been resolved: i915/perf: Fix NULL deref bugs with drm_dbg() calls When i915 perf interface is not available dereferencing it will lead to NULL dereferences. ... [tursulin: added stable tag] (cherry picked from commit 36f27350ff745bd228ab04d7845dfbffc177a889) En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: i915/perf: corrige errores de desreferencia NULL con llamadas drm_dbg(). ... [tursulin: etiqueta estable agregada] (ce... • https://git.kernel.org/stable/c/9b344cf6aea0a69c00e19efdc6e02c6d5aae1a23 • CWE-476: NULL Pointer Dereference •
CVSS: 5.5EPSS: 0%CPEs: 4EXPL: 0CVE-2023-52787 – blk-mq: make sure active queue usage is held for bio_integrity_prep()
https://notcve.org/view.php?id=CVE-2023-52787
21 May 2024 — Fix the issue by: - call bio_integrity_prep() with one queue usage counter grabbed reliably - call bio_integrity_prep() before bio merge En el kernel de Linux, se resolvió la siguiente vulnerabilidad: blk-mq: asegúrese de que el uso de la cola activa se mantenga para bio_integrity_prep() blk_integrity_unregister() puede aparecer si el contador de uso de la cola no se mantiene para una biografía con integridad preparada, por lo que esta solicitud se puede completar llamando al perfil->complete_fn, ... • https://git.kernel.org/stable/c/900e080752025f0016128f07c9ed4c50eba3654b •
CVSS: 3.6EPSS: 0%CPEs: 3EXPL: 0CVE-2023-52786 – ext4: fix racy may inline data check in dio write
https://notcve.org/view.php?id=CVE-2023-52786
21 May 2024 — In the Linux kernel, the following vulnerability has been resolved: ext4: fix racy may inline data check in dio write syzbot reports that the following warning from ext4_iomap_begin() triggers as of the commit referenced below: if (WARN_ON_ONCE(ext4_has_inline_data(inode))) return -ERANGE; This occurs during a dio write, which is never expected to encounter an inode with inline data. In the Linux kernel, the following vulnerability has been resolved: ext4: fix racy may inline data check in dio... • https://git.kernel.org/stable/c/310ee0902b8d9d0a13a5a13e94688a5863fa29c2 •
CVSS: 6.2EPSS: 0%CPEs: 3EXPL: 0CVE-2023-52785 – scsi: ufs: core: Fix racing issue between ufshcd_mcq_abort() and ISR
https://notcve.org/view.php?id=CVE-2023-52785
21 May 2024 — In the Linux kernel, the following vulnerability has been resolved: scsi: ufs: core: Fix racing issue between ufshcd_mcq_abort() and ISR If command timeout happens and cq complete IRQ is raised at the same time, ufshcd_mcq_abort clears lprb->cmd and a NULL pointer deref happens in the ISR. Error log: ufshcd_abort: Device abort task at tag 18 Unable to handle kernel NULL pointer dereference at virtual address 0000000000000108 pc : [0xffffffe27ef867ac] scsi_dma_unmap+0xc/0x44 lr : [0xffffffe27f1b898c] ... • https://git.kernel.org/stable/c/f1304d4420777f82a1d844c606db3d9eca841765 •
CVSS: 4.4EPSS: 0%CPEs: 7EXPL: 0CVE-2023-52784 – bonding: stop the device in bond_setup_by_slave()
https://notcve.org/view.php?id=CVE-2023-52784
21 May 2024 — Internal error: Oops - BUG: 00000000f2000800 [#1] PREEMPT SMP Modules linked in: CPU: 0 PID: 6007 Comm: syz-executor383 Not tainted 6.6.0-rc3-syzkaller-gbf6547d8715b #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/04/2023 pstate: 60400005 (nZCv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--) pc : skb_panic net/core/skbuff.c:188 [inline] pc : skb_under_panic+0x13c/0x140 net/core/skbuff.c:202 lr : skb_panic net/core/skbuff.c:188 [inline] lr : skb_under_panic+0x13c/0x140 net/core/... • https://git.kernel.org/stable/c/872254dd6b1f80cb95ee9e2e22980888533fc293 • CWE-99: Improper Control of Resource Identifiers ('Resource Injection') •
CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 0CVE-2023-52783 – net: wangxun: fix kernel panic due to null pointer
https://notcve.org/view.php?id=CVE-2023-52783
21 May 2024 — In the Linux kernel, the following vulnerability has been resolved: net: wangxun: fix kernel panic due to null pointer When the device uses a custom subsystem vendor ID, the function wx_sw_init() returns before the memory of 'wx->mac_table' is allocated. In the Linux kernel, the following vulnerability has been resolved: net: wangxun: fix kernel panic due to null pointer When the device uses a custom subsystem vendor ID, the function wx_sw_init() returns before the memory of 'wx->mac_table' is... • https://git.kernel.org/stable/c/79625f45ca73ef37c18a6e4b5b6ce7daa1e92683 • CWE-476: NULL Pointer Dereference •
CVSS: 5.9EPSS: 0%CPEs: 2EXPL: 0CVE-2023-52782 – net/mlx5e: Track xmit submission to PTP WQ after populating metadata map
https://notcve.org/view.php?id=CVE-2023-52782
21 May 2024 — In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: Track xmit submission to PTP WQ after populating metadata map Ensure the skb is available in metadata mapping to skbs before tracking the metadata index for detecting undelivered CQEs. ... kthread_complete_and_exit+0x20/0x20 ret_from_fork_as ---truncated--- En el kernel de Linux, se resolvió la siguiente vulnerabilidad: net/mlx5e: realice un seguimiento del envío de xmit a PTP WQ después de completar el mapa de meta... • https://git.kernel.org/stable/c/3178308ad4ca38955cad684d235153d4939f1fcd •
CVSS: 4.6EPSS: 0%CPEs: 12EXPL: 0CVE-2023-52781 – usb: config: fix iteration issue in 'usb_get_bos_descriptor()'
https://notcve.org/view.php?id=CVE-2023-52781
21 May 2024 — In the Linux kernel, the following vulnerability has been resolved: usb: config: fix iteration issue in 'usb_get_bos_descriptor()' The BOS descriptor defines a root descriptor and is the base descriptor for accessing a family of related descriptors. In the Linux kernel, the following vulnerability has been resolved: usb: config: fix iteration issue in 'usb_get_bos_descriptor()' The BOS descriptor defines a root descriptor and is the base descriptor for accessing a family of related descriptors... • https://git.kernel.org/stable/c/3dd550a2d36596a1b0ee7955da3b611c031d3873 • CWE-20: Improper Input Validation •
CVSS: 4.4EPSS: 0%CPEs: 4EXPL: 0CVE-2023-52780 – net: mvneta: fix calls to page_pool_get_stats
https://notcve.org/view.php?id=CVE-2023-52780
21 May 2024 — The current implementation leads to the following crash calling ethstats on a port that is down or when calling it at the wrong moment: ble to handle kernel NULL pointer dereference at virtual address 00000070 [00000070] *pgd=00000000 Internal error: Oops: 5 [#1] SMP ARM Hardware name: Marvell Armada 380/385 (Device Tree) PC is at page_pool_get_stats+0x18/0x1cc LR is at mvneta_ethtool_get_stats+0xa0/0xe0 [mvneta] pc : [
CVSS: 6.2EPSS: 0%CPEs: 2EXPL: 0CVE-2023-52779 – fs: Pass AT_GETATTR_NOSEC flag to getattr interface function
https://notcve.org/view.php?id=CVE-2023-52779
21 May 2024 — In the Linux kernel, the following vulnerability has been resolved: fs: Pass AT_GETATTR_NOSEC flag to getattr interface function When vfs_getattr_nosec() calls a filesystem's getattr interface function then the 'nosec' should propagate into this function so that vfs_getattr_nosec() can again be called from the filesystem's gettattr rather than vfs_getattr(). In the Linux kernel, the following vulnerability has been resolved: fs: Pass AT_GETATTR_NOSEC flag to getattr interface function When vfs... • https://git.kernel.org/stable/c/db1d1e8b9867aae5c3e61ad7859abfcc4a6fd6c7 •