CVSS: 5.5EPSS: 0%CPEs: 6EXPL: 0CVE-2021-46905 – net: hso: fix NULL-deref on disconnect regression
https://notcve.org/view.php?id=CVE-2021-46905
In the Linux kernel, the following vulnerability has been resolved: net: hso: fix NULL-deref on disconnect regression Commit 8a12f8836145 ("net: hso: fix null-ptr-deref during tty device unregistration") fixed the racy minor allocation reported by syzbot, but introduced an unconditional NULL-pointer dereference on every disconnect instead. Specifically, the serial device table must no longer be accessed after the minor has been released by hso_serial_tty_unregister(). En el kernel de Linux, se resolvió la siguiente vulnerabilidad: net: hso: corrige NULL-deref durante la regresión de desconexión. El Commit 8a12f8836145 ("net: hso: corrige null-ptr-deref durante la cancelación del registro del dispositivo tty") corrigió la asignación menor picante reportada por syzbot, pero en su lugar introdujo una desreferencia de puntero NULL incondicional en cada desconexión. Específicamente, ya no se debe acceder a la tabla de dispositivos serie después de que hso_serial_tty_unregister() haya liberado al menor. A vulnerability was found in the Linux kernel. • https://git.kernel.org/stable/c/92028d7a31e55d53e41cff679156b9432cffcb36 https://git.kernel.org/stable/c/4a2933c88399c0ebc738db39bbce3ae89786d723 https://git.kernel.org/stable/c/dc195928d7e4ec7b5cfc6cd10dc4c8d87a7c72ac https://git.kernel.org/stable/c/388d05f70f1ee0cac4a2068fd295072f1a44152a https://git.kernel.org/stable/c/8a12f8836145ffe37e9c8733dce18c22fb668b66 https://git.kernel.org/stable/c/5c17cfe155d21954b4c7e2a78fa771cebcd86725 https://git.kernel.org/stable/c/d7fad2ce15bdbbd0fec3ebe999fd7cab2267f53e https://git.kernel.org/stable/c/90642ee9eb581a13569b1c0bd57e85d96 • CWE-476: NULL Pointer Dereference •
CVSS: 5.5EPSS: 0%CPEs: 8EXPL: 0CVE-2021-46904 – net: hso: fix null-ptr-deref during tty device unregistration
https://notcve.org/view.php?id=CVE-2021-46904
In the Linux kernel, the following vulnerability has been resolved: net: hso: fix null-ptr-deref during tty device unregistration Multiple ttys try to claim the same the minor number causing a double unregistration of the same device. The first unregistration succeeds but the next one results in a null-ptr-deref. The get_free_serial_index() function returns an available minor number but doesn't assign it immediately. The assignment is done by the caller later. But before this assignment, calls to get_free_serial_index() would return the same minor number. Fix this by modifying get_free_serial_index to assign the minor number immediately after one is found to be and rename it to obtain_minor() to better reflect what it does. Similary, rename set_serial_by_index() to release_minor() and modify it to free up the minor number of the given hso_serial. • https://git.kernel.org/stable/c/72dc1c096c7051a48ab1dbb12f71976656b55eb5 https://git.kernel.org/stable/c/a462067d7c8e6953a733bf5ade8db947b1bb5449 https://git.kernel.org/stable/c/145c89c441d27696961752bf51b323f347601bee https://git.kernel.org/stable/c/caf5ac93b3b5d5fac032fc11fbea680e115421b4 https://git.kernel.org/stable/c/92028d7a31e55d53e41cff679156b9432cffcb36 https://git.kernel.org/stable/c/4a2933c88399c0ebc738db39bbce3ae89786d723 https://git.kernel.org/stable/c/dc195928d7e4ec7b5cfc6cd10dc4c8d87a7c72ac https://git.kernel.org/stable/c/388d05f70f1ee0cac4a2068fd295072f1 • CWE-476: NULL Pointer Dereference •
CVSS: 5.5EPSS: 0%CPEs: 8EXPL: 0CVE-2023-52470 – drm/radeon: check the alloc_workqueue return value in radeon_crtc_init()
https://notcve.org/view.php?id=CVE-2023-52470
In the Linux kernel, the following vulnerability has been resolved: drm/radeon: check the alloc_workqueue return value in radeon_crtc_init() check the alloc_workqueue return value in radeon_crtc_init() to avoid null-ptr-deref. En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: drm/radeon: verifique el valor de retorno de alloc_workqueue en radeon_crtc_init() verifique el valor de retorno de alloc_workqueue en radeon_crtc_init() para evitar null-ptr-deref. A NULL pointer dereference flaw was found in alloc_workqueue in the Linux Kernel. Check the alloc_workqueue return value in radeon_crtc_init() to avoid null-ptr-deref. • https://git.kernel.org/stable/c/fa7f517cb26eb1a1a1f0baffcced39f6c3ec3337 https://git.kernel.org/stable/c/21b1645660717d6126dd4866c850fcc5c4703a41 https://git.kernel.org/stable/c/5d12c5d75f7c78b83a738025947651ec5c95b4d4 https://git.kernel.org/stable/c/57ca7984806d79b38af528de88fd803babf27feb https://git.kernel.org/stable/c/14bbfaa5df273b26cde6707f6e655585700e6fe1 https://git.kernel.org/stable/c/c4ff55408187f2595066967047363ca84e76db85 https://git.kernel.org/stable/c/0b813a6a0087451cb702b6eb841f10856f49d088 https://git.kernel.org/stable/c/fb2d8bc9b5e55848b8a7c3c028e2ee8d4 • CWE-476: NULL Pointer Dereference •
CVSS: 7.8EPSS: 0%CPEs: 8EXPL: 0CVE-2023-52469 – drivers/amd/pm: fix a use-after-free in kv_parse_power_table
https://notcve.org/view.php?id=CVE-2023-52469
In the Linux kernel, the following vulnerability has been resolved: drivers/amd/pm: fix a use-after-free in kv_parse_power_table When ps allocated by kzalloc equals to NULL, kv_parse_power_table frees adev->pm.dpm.ps that allocated before. However, after the control flow goes through the following call chains: kv_parse_power_table |-> kv_dpm_init |-> kv_dpm_sw_init |-> kv_dpm_fini The adev->pm.dpm.ps is used in the for loop of kv_dpm_fini after its first free in kv_parse_power_table and causes a use-after-free bug. En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: drivers/amd/pm: corrige un use-after-free en kv_parse_power_table Cuando ps asignado por kzalloc es igual a NULL, kv_parse_power_table libera adev->pm.dpm.ps que se asignó antes. Sin embargo, después de que el flujo de control pasa por las siguientes cadenas de llamadas: kv_parse_power_table |-> kv_dpm_init |-> kv_dpm_sw_init |-> kv_dpm_fini El adev->pm.dpm.ps se usa en el bucle for de kv_dpm_fini después de su primera liberación en kv_parse_power_table y provoca un error de use-after-free. A use-after-free flaw was found in kv_parse_power_table in drivers/amd/pm in the Linux kernel. • https://git.kernel.org/stable/c/a2e73f56fa6282481927ec43aa9362c03c2e2104 https://git.kernel.org/stable/c/8a27d9d9fc9b5564b8904c3a77a7dea482bfa34e https://git.kernel.org/stable/c/8b55b06e737feb2a645b0293ea27e38418876d63 https://git.kernel.org/stable/c/520e213a0b97b64735a13950e9371e0a5d7a5dc3 https://git.kernel.org/stable/c/b6dcba02ee178282e0d28684d241e0b8462dea6a https://git.kernel.org/stable/c/35fa2394d26e919f63600ce631e6aefc95ec2706 https://git.kernel.org/stable/c/95084632a65d5c0d682a83b55935560bdcd2a1e3 https://git.kernel.org/stable/c/3426f059eacc33ecc676b0d66539297e1 • CWE-416: Use After Free •
CVSS: 5.5EPSS: 0%CPEs: 8EXPL: 0CVE-2024-26602 – sched/membarrier: reduce the ability to hammer on sys_membarrier
https://notcve.org/view.php?id=CVE-2024-26602
In the Linux kernel, the following vulnerability has been resolved: sched/membarrier: reduce the ability to hammer on sys_membarrier On some systems, sys_membarrier can be very expensive, causing overall slowdowns for everything. So put a lock on the path in order to serialize the accesses to prevent the ability for this to be called at too high of a frequency and saturate the machine. En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: sched/membarrier: reduce la capacidad de martillar en sys_membarrier. En algunos sistemas, sys_membarrier puede ser muy costoso, provocando ralentizaciones generales en todo. Por lo tanto, bloquee la ruta para serializar los accesos y evitar que se llame a una frecuencia demasiado alta y sature la máquina. • https://git.kernel.org/stable/c/22e4ebb975822833b083533035233d128b30e98f https://git.kernel.org/stable/c/3cd139875e9a7688b3fc715264032620812a5fa3 https://git.kernel.org/stable/c/2441a64070b85c14eecc3728cc87e883f953f265 https://git.kernel.org/stable/c/db896bbe4a9c67cee377e5f6a743350d3ae4acf6 https://git.kernel.org/stable/c/50fb4e17df319bb33be6f14e2a856950c1577dee https://git.kernel.org/stable/c/24ec7504a08a67247fbe798d1de995208a8c128a https://git.kernel.org/stable/c/b6a2a9cbb67545c825ec95f06adb7ff300a2ad71 https://git.kernel.org/stable/c/c5b2063c65d05e79fad8029324581d86c •