CVSS: -EPSS: 0%CPEs: 7EXPL: 0CVE-2024-49900 – jfs: Fix uninit-value access of new_ea in ea_buffer
https://notcve.org/view.php?id=CVE-2024-49900
In the Linux kernel, the following vulnerability has been resolved: jfs: Fix uninit-value access of new_ea in ea_buffer syzbot reports that lzo1x_1_do_compress is using uninit-value: ===================================================== BUG: KMSAN: uninit-value in lzo1x_1_do_compress+0x19f9/0x2510 lib/lzo/lzo1x_compress.c:178 ... Uninit was stored to memory at: ea_put fs/jfs/xattr.c:639 [inline] ... Local variable ea_buf created at: __jfs_setxattr+0x5d/0x1ae0 fs/jfs/xattr.c:662 __jfs_xattr_set+0xe6/0x1f0 fs/jfs/xattr.c:934 ===================================================== The reason is ea_buf->new_ea is not initialized properly. Fix this by using memset to empty its content at the beginning in ea_get(). • https://git.kernel.org/stable/c/8b1dcf25c26d42e4a68c4725ce52a0543c7878cc https://git.kernel.org/stable/c/d7444f91a9f93eaa48827087ed0f3381c194181d https://git.kernel.org/stable/c/6041536d18c5f51a84bc37cd568cbab61870031e https://git.kernel.org/stable/c/c076b3746224982eebdba5c9e4b1467e146c0d64 https://git.kernel.org/stable/c/7c244d5b48284a770d96ff703df2dfeadf804a73 https://git.kernel.org/stable/c/8ad8b531de79c348bcb8133e7f5e827b884226af https://git.kernel.org/stable/c/2b59ffad47db1c46af25ccad157bb3b25147c35c •
CVSS: -EPSS: 0%CPEs: 2EXPL: 0CVE-2024-49899 – drm/amd/display: Initialize denominators' default to 1
https://notcve.org/view.php?id=CVE-2024-49899
In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Initialize denominators' default to 1 [WHAT & HOW] Variables used as denominators and maybe not assigned to other values, should not be 0. Change their default to 1 so they are never 0. This fixes 10 DIVIDE_BY_ZERO issues reported by Coverity. • https://git.kernel.org/stable/c/7f8e93b862aba08d540f1e9e03e0ceb4d0cfd5fb https://git.kernel.org/stable/c/b995c0a6de6c74656a0c39cd57a0626351b13e3c •
CVSS: -EPSS: 0%CPEs: 3EXPL: 0CVE-2024-49898 – drm/amd/display: Check null-initialized variables
https://notcve.org/view.php?id=CVE-2024-49898
In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Check null-initialized variables [WHAT & HOW] drr_timing and subvp_pipe are initialized to null and they are not always assigned new values. It is necessary to check for null before dereferencing. This fixes 2 FORWARD_NULL issues reported by Coverity. • https://git.kernel.org/stable/c/3fc70ae048fe0936761b73b50700a810ff61e853 https://git.kernel.org/stable/c/115b1a3b0944b4d8ef0b4b0c5a625bdd9474131f https://git.kernel.org/stable/c/367cd9ceba1933b63bc1d87d967baf6d9fd241d2 •
CVSS: -EPSS: 0%CPEs: 3EXPL: 0CVE-2024-49897 – drm/amd/display: Check phantom_stream before it is used
https://notcve.org/view.php?id=CVE-2024-49897
In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Check phantom_stream before it is used dcn32_enable_phantom_stream can return null, so returned value must be checked before used. This fixes 1 NULL_RETURNS issue reported by Coverity. • https://git.kernel.org/stable/c/1decf695ce08e23d9ded6ce83d121b2282ce9899 https://git.kernel.org/stable/c/3ba1219e299ab5462b5cb374c2fa2a67af0ea190 https://git.kernel.org/stable/c/3718a619a8c0a53152e76bb6769b6c414e1e83f4 •
CVSS: -EPSS: 0%CPEs: 7EXPL: 0CVE-2024-49896 – drm/amd/display: Check stream before comparing them
https://notcve.org/view.php?id=CVE-2024-49896
In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Check stream before comparing them [WHAT & HOW] amdgpu_dm can pass a null stream to dc_is_stream_unchanged. It is necessary to check for null before dereferencing them. This fixes 1 FORWARD_NULL issue reported by Coverity. • https://git.kernel.org/stable/c/0167d570f6a0b38689c4a0e50bf79c518d827500 https://git.kernel.org/stable/c/14db8692afe1aa2143b673856bb603713d8ea93f https://git.kernel.org/stable/c/e8da54b7f8a17e44e67ea6d1037f35450af28115 https://git.kernel.org/stable/c/42d31a33643813cce55ee1ebbad3a2d0d24a08e0 https://git.kernel.org/stable/c/5b4b13e678b15975055f4ff1ce4cf0ce4c19b6c4 https://git.kernel.org/stable/c/e41a291e1bef1153bba091b6580ecc7affc53c82 https://git.kernel.org/stable/c/35ff747c86767937ee1e0ca987545b7eed7a0810 •