CVSS: 9.0EPSS: 0%CPEs: 5EXPL: 0CVE-2023-52755 – ksmbd: fix slab out of bounds write in smb_inherit_dacl()
https://notcve.org/view.php?id=CVE-2023-52755
21 May 2024 — In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix slab out of bounds write in smb_inherit_dacl() slab out-of-bounds write is caused by that offsets is bigger than pntsd allocation size. In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix slab out of bounds write in smb_inherit_dacl() slab out-of-bounds write is caused by that offsets is bigger than pntsd allocation size. ... En el kernel de Linux, se resolvió la siguiente vulnerabi... • https://git.kernel.org/stable/c/0626e6641f6b467447c81dd7678a69c66f7746cf • CWE-787: Out-of-bounds Write •
CVSS: 5.5EPSS: 0%CPEs: 6EXPL: 0CVE-2023-52754 – media: imon: fix access to invalid resource for the second interface
https://notcve.org/view.php?id=CVE-2023-52754
21 May 2024 — In the Linux kernel, the following vulnerability has been resolved: media: imon: fix access to invalid resource for the second interface imon driver probes two USB interfaces, and at the probe of the second interface, the driver assumes blindly that the first interface got bound with the same imon driver. In the Linux kernel, the following vulnerability has been resolved: media: imon: fix access to invalid resource for the second interface imon driver probes two USB interfaces, and at the prob... • https://git.kernel.org/stable/c/0f5068519f89d928d6c51100e4b274479123829f •
CVSS: 5.5EPSS: 0%CPEs: 8EXPL: 0CVE-2023-52753 – drm/amd/display: Avoid NULL dereference of timing generator
https://notcve.org/view.php?id=CVE-2023-52753
21 May 2024 — In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Avoid NULL dereference of timing generator [Why & How] Check whether assigned timing generator is NULL or not before accessing its funcs to prevent NULL dereference. In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Avoid NULL dereference of timing generator [Why & How] Check whether assigned timing generator is NULL or not before accessing its funcs to prevent NULL dereferen... • https://git.kernel.org/stable/c/09909f515032fa80b921fd3118efe66b185d10fd • CWE-476: NULL Pointer Dereference •
CVSS: 8.4EPSS: 0%CPEs: 4EXPL: 0CVE-2023-52752 – smb: client: fix use-after-free bug in cifs_debug_data_proc_show()
https://notcve.org/view.php?id=CVE-2023-52752
21 May 2024 — In the Linux kernel, the following vulnerability has been resolved: smb: client: fix use-after-free bug in cifs_debug_data_proc_show() Skip SMB sessions that are being teared down (e.g. ... srso_alias_return_thunk+0x5/0x7f [ 816.263945] vfs_read+0x201/0x350 [ 816.264211] ksys_read+0x75/0x100 [ 816.264472] do_syscall_64+0x3f/0x90 [ 816.264750] entry_SYSCALL_64_after_hwframe+0x6e/0xd8 [ 816.265135] RIP: 0033:0x7fd5e669d381 En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: smb: c... • https://git.kernel.org/stable/c/558817597d5fbd7af31f891b67b0fd20f0d047b7 • CWE-416: Use After Free •
CVSS: 7.1EPSS: 0%CPEs: 3EXPL: 0CVE-2023-52751 – smb: client: fix use-after-free in smb2_query_info_compound()
https://notcve.org/view.php?id=CVE-2023-52751
21 May 2024 — In the Linux kernel, the following vulnerability has been resolved: smb: client: fix use-after-free in smb2_query_info_compound() The following UAF was triggered when running fstests generic/072 with KASAN enabled against Windows Server 2022 and mount options 'multichannel,max_channels=2,vers=3.1.1,mfsymlinks,noperm' BUG: KASAN: slab-use-after-free in smb2_query_info_compound+0x423/0x6d0 [cifs] Read of size 8 at addr ffff888014941048 by task xfs_io/27534 CPU: 0 PID: 27534 Comm: xfs_io Not tainted 6.6... • https://git.kernel.org/stable/c/6db94d08359c43f2c8fe372811cdee04564a41b9 • CWE-416: Use After Free •
CVSS: 5.5EPSS: 0%CPEs: 6EXPL: 0CVE-2023-52750 – arm64: Restrict CPU_BIG_ENDIAN to GNU as or LLVM IAS 15.x or newer
https://notcve.org/view.php?id=CVE-2023-52750
21 May 2024 — In the Linux kernel, the following vulnerability has been resolved: arm64: Restrict CPU_BIG_ENDIAN to GNU as or LLVM IAS 15.x or newer Prior to LLVM 15.0.0, LLVM's integrated assembler would incorrectly byte-swap NOP when compiling for big-endian, and the resulting series of bytes happened to match the encoding of FNMADD S21, S30, S0, S0. In the Linux kernel, the following vulnerability has been resolved: arm64: Restrict CPU_BIG_ENDIAN to GNU as or LLVM IAS 15.x or newer Prior to LLVM 15.0.0, ... • https://git.kernel.org/stable/c/d08a1e75253b4e19ae290b1c35349f12cfcebc0a •
CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 0CVE-2023-52749 – spi: Fix null dereference on suspend
https://notcve.org/view.php?id=CVE-2023-52749
21 May 2024 — In the Linux kernel, the following vulnerability has been resolved: spi: Fix null dereference on suspend A race condition exists where a synchronous (noqueue) transfer can be active during a system suspend. In the Linux kernel, the following vulnerability has been resolved: spi: Fix null dereference on suspend A race condition exists where a synchronous (noqueue) transfer can be active during a system suspend. ... En el kernel de Linux, se resolvió la siguiente vulnerabilidad: spi: corr... • https://git.kernel.org/stable/c/4ec4508db97502a12daee88c74782e8d35ced068 • CWE-476: NULL Pointer Dereference •
CVSS: 7.8EPSS: 0%CPEs: 6EXPL: 0CVE-2023-52748 – f2fs: avoid format-overflow warning
https://notcve.org/view.php?id=CVE-2023-52748
21 May 2024 — In the Linux kernel, the following vulnerability has been resolved: f2fs: avoid format-overflow warning With gcc and W=1 option, there's a warning like this: fs/f2fs/compress.c: In function ‘f2fs_init_page_array_cache’: fs/f2fs/compress.c:1984:47: error: ‘%u’ directive writing between 1 and 7 bytes into a region of size between 5 and 8 [-Werror=format-overflow=] 1984 | sprintf(slab_name, "f2fs_page_array_entry-%u:%u", MAJOR(dev), MINOR(dev)); | ^~ String "f2fs_page_array_entry-%u:%u" can up to 35. In... • https://git.kernel.org/stable/c/31083031709eea6530f0551d59eecdb2e68265ef •
CVSS: 5.5EPSS: 0%CPEs: 9EXPL: 0CVE-2022-48710 – drm/radeon: fix a possible null pointer dereference
https://notcve.org/view.php?id=CVE-2022-48710
21 May 2024 — In the Linux kernel, the following vulnerability has been resolved: drm/radeon: fix a possible null pointer dereference In radeon_fp_native_mode(), the return value of drm_mode_duplicate() is assigned to mode, which will lead to a NULL pointer dereference on failure of drm_mode_duplicate(). In the Linux kernel, the following vulnerability has been resolved: drm/radeon: fix a possible null pointer dereference In radeon_fp_native_mode(), the return value of drm_mode_duplicate() is assigned to mo... • https://git.kernel.org/stable/c/b33f7d99c9226892c7794dc2500fae35966020c9 •
CVSS: 5.5EPSS: 0%CPEs: 4EXPL: 0CVE-2021-47432 – lib/generic-radix-tree.c: Don't overflow in peek()
https://notcve.org/view.php?id=CVE-2021-47432
21 May 2024 — In the Linux kernel, the following vulnerability has been resolved: lib/generic-radix-tree.c: Don't overflow in peek() When we started spreading new inode numbers throughout most of the 64 bit inode space, that triggered some corner case bugs, in particular some integer overflows related to the radix tree code. In the Linux kernel, the following vulnerability has been resolved: lib/generic-radix-tree.c: Don't overflow in peek() When we started spreading new inode numbers throughout most of the... • https://git.kernel.org/stable/c/784d01f9bbc282abb0c5ade5beb98a87f50343ac •