CVE-2023-52674 – ALSA: scarlett2: Add clamp() in scarlett2_mixer_ctl_put()
https://notcve.org/view.php?id=CVE-2023-52674
In the Linux kernel, the following vulnerability has been resolved: ALSA: scarlett2: Add clamp() in scarlett2_mixer_ctl_put() Ensure the value passed to scarlett2_mixer_ctl_put() is between 0 and SCARLETT2_MIXER_MAX_VALUE so we don't attempt to access outside scarlett2_mixer_values[]. En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: ALSA: scarlett2: Add clamp() en scarlett2_mixer_ctl_put() Asegúrese de que el valor pasado a scarlett2_mixer_ctl_put() esté entre 0 y SCARLETT2_MIXER_MAX_VALUE para que no intentemos acceder fuera de scarlett2_mixer_values[]. • https://git.kernel.org/stable/c/9e4d5c1be21f0c00e747e92186784f3298309b3e https://git.kernel.org/stable/c/e517645ead5ea22c69d2a44694baa23fe1ce7c2b https://git.kernel.org/stable/c/d8d8897d65061cbe36bf2909057338303a904810 https://git.kernel.org/stable/c/03035872e17897ba89866940bbc9cefca601e572 https://git.kernel.org/stable/c/ad945ea8d47dd4454c271510bea24850119847c2 https://git.kernel.org/stable/c/04f8f053252b86c7583895c962d66747ecdc61b7 •
CVE-2024-35837 – net: mvpp2: clear BM pool before initialization
https://notcve.org/view.php?id=CVE-2024-35837
In the Linux kernel, the following vulnerability has been resolved: net: mvpp2: clear BM pool before initialization Register value persist after booting the kernel using kexec which results in kernel panic. Thus clear the BM pool registers before initialisation to fix the issue. En el kernel de Linux, se resolvió la siguiente vulnerabilidad: net: mvpp2: borre el grupo de BM antes de la inicialización. El valor del registro persiste después de iniciar el kernel usando kexec, lo que genera pánico en el kernel. Por lo tanto, borre los registros del grupo BM antes de la inicialización para solucionar el problema. • https://git.kernel.org/stable/c/3f518509dedc99f0b755d2ce68d24f610e3a005a https://git.kernel.org/stable/c/83f99138bf3b396f761600ab488054396fb5768f https://git.kernel.org/stable/c/af47faa6d3328406038b731794e7cf508c71affa https://git.kernel.org/stable/c/cec65f09c47d8c2d67f2bcad6cf05c490628d1ec https://git.kernel.org/stable/c/938729484cfa535e9987ed0f86f29a2ae3a8188b https://git.kernel.org/stable/c/dc77f6ab5c3759df60ff87ed24f4d45df0f3b4c4 https://git.kernel.org/stable/c/9f538b415db862e74b8c5d3abbccfc1b2b6caa38 https://lists.debian.org/debian-lts-announce/2024/06/ •
CVE-2024-35835 – net/mlx5e: fix a double-free in arfs_create_groups
https://notcve.org/view.php?id=CVE-2024-35835
In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: fix a double-free in arfs_create_groups When `in` allocated by kvzalloc fails, arfs_create_groups will free ft->g and return an error. However, arfs_create_table, the only caller of arfs_create_groups, will hold this error and call to mlx5e_destroy_flow_table, in which the ft->g will be freed again. En el kernel de Linux, se resolvió la siguiente vulnerabilidad: net/mlx5e: corregido un double free en arfs_create_groups Cuando falla `in` asignado por kvzalloc, arfs_create_groups liberará ft->g y devolverá un error. Sin embargo, arfs_create_table, el único llamador de arfs_create_groups, mantendrá este error y llamará a mlx5e_destroy_flow_table, en el que ft->g se liberará nuevamente. A double-free vulnerability was found in the `arfs_create_groups` function in the Linux kernel's `net/mlx5e` driver. • https://git.kernel.org/stable/c/1cabe6b0965ec067ac60e8f182f16d479a3b9a5c https://git.kernel.org/stable/c/e3d3ed8c152971dbe64c92c9ecb98fdb52abb629 https://git.kernel.org/stable/c/2501afe6c4c9829d03abe9a368b83d9ea1b611b7 https://git.kernel.org/stable/c/cf116d9c3c2aebd653c2dfab5b10c278e9ec3ee5 https://git.kernel.org/stable/c/c57ca114eb00e03274dd38108d07a3750fa3c056 https://git.kernel.org/stable/c/42876db001bbea7558e8676d1019f08f9390addb https://git.kernel.org/stable/c/b21db3f1ab7967a81d6bbd328d28fe5a4c07a8a7 https://git.kernel.org/stable/c/66cc521a739ccd5da057a1cb3d6346c6d •
CVE-2023-52673 – drm/amd/display: Fix a debugfs null pointer error
https://notcve.org/view.php?id=CVE-2023-52673
In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Fix a debugfs null pointer error [WHY & HOW] Check whether get_subvp_en() callback exists before calling it. En el kernel de Linux, se resolvió la siguiente vulnerabilidad: drm/amd/display: corrige un error de puntero null de debugfs [POR QUÉ Y CÓMO] Verifique si la devolución de llamada get_subvp_en() existe antes de llamarla. • https://git.kernel.org/stable/c/43235db21fc23559f50a62f8f273002eeb506f5a https://git.kernel.org/stable/c/efb91fea652a42fcc037d2a9ef4ecd1ffc5ff4b7 •
CVE-2023-52671 – drm/amd/display: Fix hang/underflow when transitioning to ODM4:1
https://notcve.org/view.php?id=CVE-2023-52671
In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Fix hang/underflow when transitioning to ODM4:1 [Why] Under some circumstances, disabling an OPTC and attempting to reclaim its OPP(s) for a different OPTC could cause a hang/underflow due to OPPs not being properly disconnected from the disabled OPTC. [How] Ensure that all OPPs are unassigned from an OPTC when it gets disabled. En el kernel de Linux, se resolvió la siguiente vulnerabilidad: drm/amd/display: corrigió bloqueo/desbordamiento insuficiente al realizar la transición a ODM4:1 [Por qué] En algunas circunstancias, deshabilitar un OPTC e intentar reclamar sus OPP para otro OPTC podría causar un bloqueo/desbordamiento insuficiente debido a que los OPP no se desconectan correctamente del OPTC deshabilitado. [Cómo] Asegúrese de que todos los OPP estén desasignados de un OPTC cuando se deshabilite. • https://git.kernel.org/stable/c/ae62f1dde66a6f0eee98defc4c7a346bd5acd239 https://git.kernel.org/stable/c/4b6b479b2da6badff099b2e3abf0248936eefbf5 https://git.kernel.org/stable/c/e7b2b108cdeab76a7e7324459e50b0c1214c0386 •