CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 0CVE-2020-36775 – f2fs: fix to avoid potential deadlock
https://notcve.org/view.php?id=CVE-2020-36775
26 Feb 2024 — In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to avoid potential deadlock Using f2fs_trylock_op() in f2fs_write_compressed_pages() to avoid potential deadlock like we did in f2fs_write_single_data_page(). En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: f2fs: corrección para evitar un posible interbloqueo Usando f2fs_trylock_op() en f2fs_write_compressed_pages() para evitar un posible interbloqueo como lo hicimos en f2fs_write_single_data_page(). In the Linu... • https://git.kernel.org/stable/c/0478ccdc8ea016de1ebaf6fe6da0275c2b258c5b • CWE-667: Improper Locking •
CVSS: 7.8EPSS: 0%CPEs: 8EXPL: 1CVE-2019-25162 – i2c: Fix a potential use after free
https://notcve.org/view.php?id=CVE-2019-25162
26 Feb 2024 — In the Linux kernel, the following vulnerability has been resolved: i2c: Fix a potential use after free Free the adap structure only after we are done using it. This patch just moves the put_device() down a bit to avoid the use after free. [wsa: added comment to the code, added Fixes tag] En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: i2c: corrige un use after free que libera la estructura adap solo después de que hayamos terminado de usarla. Este parche simplemente mueve put_device() un... • https://github.com/uthrasri/CVE-2019-25162 • CWE-416: Use After Free •
CVSS: 7.1EPSS: 0%CPEs: 8EXPL: 0CVE-2019-25160 – netlabel: fix out-of-bounds memory accesses
https://notcve.org/view.php?id=CVE-2019-25160
26 Feb 2024 — In the Linux kernel, the following vulnerability has been resolved: netlabel: fix out-of-bounds memory accesses There are two array out-of-bounds memory accesses, one in cipso_v4_map_lvl_valid(), the other in netlbl_bitmap_walk(). Both errors are embarassingly simple, and the fixes are straightforward. As a FYI for anyone backporting this patch to kernels prior to v4.8, you'll want to apply the netlbl_bitmap_walk() patch to cipso_v4_bitmap_walk() as netlbl_bitmap_walk() doesn't exist before Linux v4.8. En e... • https://git.kernel.org/stable/c/446fda4f26822b2d42ab3396aafcedf38a9ff2b6 • CWE-125: Out-of-bounds Read •
CVSS: 5.5EPSS: 0%CPEs: 8EXPL: 0CVE-2024-26606 – binder: signal epoll threads of self-work
https://notcve.org/view.php?id=CVE-2024-26606
26 Feb 2024 — In the Linux kernel, the following vulnerability has been resolved: binder: signal epoll threads of self-work In (e)poll mode, threads often depend on I/O events to determine when data is ready for consumption. Within binder, a thread may initiate a command via BINDER_WRITE_READ without a read buffer and then make use of epoll_wait() or similar to consume any responses afterwards. It is then crucial that epoll threads are signaled via wakeup when they queue their own work. Otherwise, they risk waiting indef... • https://git.kernel.org/stable/c/457b9a6f09f011ebcb9b52cc203a6331a6fc2de7 •
CVSS: 7.8EPSS: 0%CPEs: 8EXPL: 0CVE-2022-48626 – moxart: fix potential use-after-free on remove path
https://notcve.org/view.php?id=CVE-2022-48626
25 Feb 2024 — In the Linux kernel, the following vulnerability has been resolved: moxart: fix potential use-after-free on remove path It was reported that the mmc host structure could be accessed after it was freed in moxart_remove(), so fix this by saving the base register of the device and using it instead of the pointer dereference. En el kernel de Linux, se resolvió la siguiente vulnerabilidad: moxart: corrige el posible use-after-free en la ruta de eliminación. Se informó que se podía acceder a la estructura del hos... • https://git.kernel.org/stable/c/f5dc193167591e88797262ec78515a0cbe79ff5f • CWE-416: Use After Free •
CVSS: 5.5EPSS: 0%CPEs: 6EXPL: 0CVE-2021-46905 – net: hso: fix NULL-deref on disconnect regression
https://notcve.org/view.php?id=CVE-2021-46905
25 Feb 2024 — In the Linux kernel, the following vulnerability has been resolved: net: hso: fix NULL-deref on disconnect regression Commit 8a12f8836145 ("net: hso: fix null-ptr-deref during tty device unregistration") fixed the racy minor allocation reported by syzbot, but introduced an unconditional NULL-pointer dereference on every disconnect instead. Specifically, the serial device table must no longer be accessed after the minor has been released by hso_serial_tty_unregister(). En el kernel de Linux, se resolvió la s... • https://git.kernel.org/stable/c/92028d7a31e55d53e41cff679156b9432cffcb36 • CWE-476: NULL Pointer Dereference •
CVSS: 5.5EPSS: 0%CPEs: 8EXPL: 0CVE-2021-46904 – net: hso: fix null-ptr-deref during tty device unregistration
https://notcve.org/view.php?id=CVE-2021-46904
25 Feb 2024 — In the Linux kernel, the following vulnerability has been resolved: net: hso: fix null-ptr-deref during tty device unregistration Multiple ttys try to claim the same the minor number causing a double unregistration of the same device. The first unregistration succeeds but the next one results in a null-ptr-deref. The get_free_serial_index() function returns an available minor number but doesn't assign it immediately. The assignment is done by the caller later. But before this assignment, calls to get_free_s... • https://git.kernel.org/stable/c/72dc1c096c7051a48ab1dbb12f71976656b55eb5 • CWE-476: NULL Pointer Dereference •
CVSS: 5.5EPSS: 0%CPEs: 8EXPL: 0CVE-2023-52470 – drm/radeon: check the alloc_workqueue return value in radeon_crtc_init()
https://notcve.org/view.php?id=CVE-2023-52470
25 Feb 2024 — In the Linux kernel, the following vulnerability has been resolved: drm/radeon: check the alloc_workqueue return value in radeon_crtc_init() check the alloc_workqueue return value in radeon_crtc_init() to avoid null-ptr-deref. En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: drm/radeon: verifique el valor de retorno de alloc_workqueue en radeon_crtc_init() verifique el valor de retorno de alloc_workqueue en radeon_crtc_init() para evitar null-ptr-deref. A NULL pointer dereference flaw was ... • https://git.kernel.org/stable/c/fa7f517cb26eb1a1a1f0baffcced39f6c3ec3337 • CWE-476: NULL Pointer Dereference •
CVSS: 7.8EPSS: 0%CPEs: 8EXPL: 0CVE-2023-52469 – drivers/amd/pm: fix a use-after-free in kv_parse_power_table
https://notcve.org/view.php?id=CVE-2023-52469
25 Feb 2024 — In the Linux kernel, the following vulnerability has been resolved: drivers/amd/pm: fix a use-after-free in kv_parse_power_table When ps allocated by kzalloc equals to NULL, kv_parse_power_table frees adev->pm.dpm.ps that allocated before. However, after the control flow goes through the following call chains: kv_parse_power_table |-> kv_dpm_init |-> kv_dpm_sw_init |-> kv_dpm_fini The adev->pm.dpm.ps is used in the for loop of kv_dpm_fini after its first free in kv_parse_power_table and causes a use-after-f... • https://git.kernel.org/stable/c/a2e73f56fa6282481927ec43aa9362c03c2e2104 • CWE-416: Use After Free •
CVSS: 5.5EPSS: 0%CPEs: 6EXPL: 0CVE-2023-52467 – mfd: syscon: Fix null pointer dereference in of_syscon_register()
https://notcve.org/view.php?id=CVE-2023-52467
25 Feb 2024 — In the Linux kernel, the following vulnerability has been resolved: mfd: syscon: Fix null pointer dereference in of_syscon_register() kasprintf() returns a pointer to dynamically allocated memory which can be NULL upon failure. En el kernel de Linux, se resolvió la siguiente vulnerabilidad: mfd: syscon: corrige la desreferencia del puntero nulo en of_syscon_register() kasprintf() devuelve un puntero a la memoria asignada dinámicamente que puede ser NULL en caso de falla. A vulnerability was found in the Lin... • https://git.kernel.org/stable/c/e15d7f2b81d2e7d93115d46fa931b366c1cdebc2 • CWE-476: NULL Pointer Dereference •