CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 0CVE-2023-52778 – mptcp: deal with large GSO size
https://notcve.org/view.php?id=CVE-2023-52778
21 May 2024 — RDX: 0000000080000303 RSI: 0000000000013908 RDI: 0000000000003908 RBP: ffffc90000007110 R08: ffffffff83e9e078 R09: 1ffff1100e548c8a R10: dffffc0000000000 R11: ffffed100e548c8b R12: 0000000000013908 R13: dffffc0000000000 R14: 0000000000003908 R15: 000000000031cf29 FS: 00007f239c47e700(0000) GS:ffff88811b200000(0000) knlGS:0000000000000000 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: 00007f239c45cd78 CR3: 000000006a66c006 CR4: 0000000000770ef0 DR0: 0000000000000000 DR1: 0000000000000000 DR2: 00000000... • https://git.kernel.org/stable/c/7c4e983c4f3cf94fcd879730c6caa877e0768a4d •
CVSS: 5.9EPSS: 0%CPEs: 4EXPL: 0CVE-2023-52777 – wifi: ath11k: fix gtk offload status event locking
https://notcve.org/view.php?id=CVE-2023-52777
21 May 2024 — In the Linux kernel, the following vulnerability has been resolved: wifi: ath11k: fix gtk offload status event locking The ath11k active pdevs are protected by RCU but the gtk offload status event handling code calling ath11k_mac_get_arvif_by_vdev_id() was not marked as a read-side critical section. In the Linux kernel, the following vulnerability has been resolved: wifi: ath11k: fix gtk offload status event locking The ath11k active pdevs are protected by RCU but the gtk offload status event ... • https://git.kernel.org/stable/c/a16d9b50cfbaf112401b8e5ccfa852709f498cd4 • CWE-416: Use After Free •
CVSS: 5.9EPSS: 0%CPEs: 3EXPL: 0CVE-2023-52776 – wifi: ath12k: fix dfs-radar and temperature event locking
https://notcve.org/view.php?id=CVE-2023-52776
21 May 2024 — In the Linux kernel, the following vulnerability has been resolved: wifi: ath12k: fix dfs-radar and temperature event locking The ath12k active pdevs are protected by RCU but the DFS-radar and temperature event handling code calling ath12k_mac_get_ar_by_pdev_id() was not marked as a read-side critical section. In the Linux kernel, the following vulnerability has been resolved: wifi: ath12k: fix dfs-radar and temperature event locking The ath12k active pdevs are protected by RCU but the DFS-rad... • https://git.kernel.org/stable/c/d889913205cf7ebda905b1e62c5867ed4e39f6c2 •
CVSS: 5.5EPSS: 0%CPEs: 5EXPL: 0CVE-2023-52775 – net/smc: avoid data corruption caused by decline
https://notcve.org/view.php?id=CVE-2023-52775
21 May 2024 — In the Linux kernel, the following vulnerability has been resolved: net/smc: avoid data corruption caused by decline We found a data corruption issue during testing of SMC-R on Redis applications. In the Linux kernel, the following vulnerability has been resolved: net/smc: avoid data corruption caused by decline We found a data corruption issue during testing of SMC-R on Redis applications. ... En el kernel de Linux, se resolvió la siguiente vulnerabilidad: net/smc: evita la corrupción ... • https://git.kernel.org/stable/c/0fb0b02bd6fd26cba38002be4a6bbcae2228fd44 • CWE-20: Improper Input Validation •
CVSS: 5.5EPSS: 0%CPEs: 8EXPL: 0CVE-2023-52774 – s390/dasd: protect device queue against concurrent access
https://notcve.org/view.php?id=CVE-2023-52774
21 May 2024 — In the Linux kernel, the following vulnerability has been resolved: s390/dasd: protect device queue against concurrent access In dasd_profile_start() the amount of requests on the device queue are counted. In the Linux kernel, the following vulnerability has been resolved: s390/dasd: protect device queue against concurrent access In dasd_profile_start() the amount of requests on the device queue are counted. ... En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: s390/das... • https://git.kernel.org/stable/c/4fa52aa7a82f9226b3874a69816bda3af821f002 •
CVSS: 5.5EPSS: 0%CPEs: 4EXPL: 0CVE-2023-52773 – drm/amd/display: fix a NULL pointer dereference in amdgpu_dm_i2c_xfer()
https://notcve.org/view.php?id=CVE-2023-52773
21 May 2024 — In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: fix a NULL pointer dereference in amdgpu_dm_i2c_xfer() When ddc_service_construct() is called, it explicitly checks both the link type and whether there is something on the link which will dictate whether the pin is marked as hw_supported. In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: fix a NULL pointer dereference in amdgpu_dm_i2c_xfer() When ddc_service_construct() is c... • https://git.kernel.org/stable/c/22676bc500c27d987a0b42cbe162aebf783f1c38 • CWE-476: NULL Pointer Dereference •
CVSS: 7.8EPSS: 0%CPEs: 5EXPL: 0CVE-2023-52772 – af_unix: fix use-after-free in unix_stream_read_actor()
https://notcve.org/view.php?id=CVE-2023-52772
21 May 2024 — [1] BUG: KASAN: slab-use-after-free in unix_stream_read_actor+0xa7/0xc0 net/unix/af_unix.c:2866 Read of size 4 at addr ffff88801f3b9cc4 by task syz-executor107/5297 CPU: 1 PID: 5297 Comm: syz-executor107 Not tainted 6.6.0-syzkaller-15910-gb8e3a87a627b #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/09/2023 Call Trace:
CVSS: 4.4EPSS: 0%CPEs: 3EXPL: 0CVE-2023-52771 – cxl/port: Fix delete_endpoint() vs parent unregistration race
https://notcve.org/view.php?id=CVE-2023-52771
21 May 2024 — In the Linux kernel, the following vulnerability has been resolved: cxl/port: Fix delete_endpoint() vs parent unregistration race The CXL subsystem, at cxl_mem ->probe() time, establishes a lineage of ports (struct cxl_port objects) between an endpoint and the root of a CXL topology. In the Linux kernel, the following vulnerability has been resolved: cxl/port: Fix delete_endpoint() vs parent unregistration race The CXL subsystem, at cxl_mem ->probe() time, establishes a lineage of ports (struc... • https://git.kernel.org/stable/c/8dd2bc0f8e02d39bd80851ca787bcbdb7d495e69 • CWE-413: Improper Resource Locking •
CVSS: 7.1EPSS: 0%CPEs: 4EXPL: 0CVE-2023-52770 – f2fs: split initial and dynamic conditions for extent_cache
https://notcve.org/view.php?id=CVE-2023-52770
21 May 2024 — In the Linux kernel, the following vulnerability has been resolved: f2fs: split initial and dynamic conditions for extent_cache Let's allocate the extent_cache tree without dynamic conditions to avoid a missing condition causing a panic as below. • https://git.kernel.org/stable/c/72840cccc0a1a0a0dc1bb27b669a9111be6d0f6a •
CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 0CVE-2023-52769 – wifi: ath12k: fix htt mlo-offset event locking
https://notcve.org/view.php?id=CVE-2023-52769
21 May 2024 — In the Linux kernel, the following vulnerability has been resolved: wifi: ath12k: fix htt mlo-offset event locking The ath12k active pdevs are protected by RCU but the htt mlo-offset event handling code calling ath12k_mac_get_ar_by_pdev_id() was not marked as a read-side critical section. In the Linux kernel, the following vulnerability has been resolved: wifi: ath12k: fix htt mlo-offset event locking The ath12k active pdevs are protected by RCU but the htt mlo-offset event handling code calli... • https://git.kernel.org/stable/c/d889913205cf7ebda905b1e62c5867ed4e39f6c2 • CWE-416: Use After Free •