CVE-2023-52867 – drm/radeon: possible buffer overflow
https://notcve.org/view.php?id=CVE-2023-52867
In the Linux kernel, the following vulnerability has been resolved: drm/radeon: possible buffer overflow Buffer 'afmt_status' of size 6 could overflow, since index 'afmt_idx' is checked after access. En el kernel de Linux se ha resuelto la siguiente vulnerabilidad: drm/radeon: posible desbordamiento del búfer. El búfer 'afmt_status' de tamaño 6 podría desbordarse, ya que el índice 'afmt_idx' se comprueba después del acceso. • https://git.kernel.org/stable/c/5cc4e5fc293bfe2634535f544427e8c6061492a5 https://git.kernel.org/stable/c/112d4b02d94bf9fa4f1d3376587878400dd74783 https://git.kernel.org/stable/c/caaa74541459c4c9e2c10046cf66ad2890483d0f https://git.kernel.org/stable/c/ddc42881f170f1f518496f5a70447501335fc783 https://git.kernel.org/stable/c/7b063c93bece827fde237fae1c101bceeee4e896 https://git.kernel.org/stable/c/347f025a02b3a5d715a0b471fc3b1439c338ad94 https://git.kernel.org/stable/c/341e79f8aec6af6b0061b8171d77b085835c6a58 https://git.kernel.org/stable/c/d9b4fa249deaae1145d6fc2b64dae718e • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVE-2023-52865 – clk: mediatek: clk-mt6797: Add check for mtk_alloc_clk_data
https://notcve.org/view.php?id=CVE-2023-52865
In the Linux kernel, the following vulnerability has been resolved: clk: mediatek: clk-mt6797: Add check for mtk_alloc_clk_data Add the check for the return value of mtk_alloc_clk_data() in order to avoid NULL pointer dereference. En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: clk: mediatek: clk-mt6797: Agregar verificación para mtk_alloc_clk_data Agregue la verificación para el valor de retorno de mtk_alloc_clk_data() para evitar la desreferencia al puntero NULL. • https://git.kernel.org/stable/c/96596aa06628e86ea0e1c08c34b0ccc7619e43ac https://git.kernel.org/stable/c/c26feedbc561f2a3cee1a4f717e61bdbdfb4fa92 https://git.kernel.org/stable/c/4c79cbfb8e9e2311be77182893fda5ea4068c836 https://git.kernel.org/stable/c/2705c5b97f504e831ae1935c05f0e44f80dfa6b3 https://git.kernel.org/stable/c/81b16286110728674dcf81137be0687c5055e7bf https://git.kernel.org/stable/c/3aefc6fcfbada57fac27f470602d5565e5b76cb4 https://git.kernel.org/stable/c/357df1c2f6ace96defd557fad709ed1f9f70e16c https://git.kernel.org/stable/c/be3f12f16038a558f08fa93cc32fa7157 •
CVE-2023-52864 – platform/x86: wmi: Fix opening of char device
https://notcve.org/view.php?id=CVE-2023-52864
In the Linux kernel, the following vulnerability has been resolved: platform/x86: wmi: Fix opening of char device Since commit fa1f68db6ca7 ("drivers: misc: pass miscdevice pointer via file private data"), the miscdevice stores a pointer to itself inside filp->private_data, which means that private_data will not be NULL when wmi_char_open() is called. This might cause memory corruption should wmi_char_open() be unable to find its driver, something which can happen when the associated WMI device is deleted in wmi_free_devices(). Fix the problem by using the miscdevice pointer to retrieve the WMI device data associated with a char device using container_of(). This also avoids wmi_char_open() picking a wrong WMI device bound to a driver with the same name as the original driver. En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: plataforma/x86: wmi: corrige la apertura del dispositivo char. Desde la confirmación fa1f68db6ca7 ("drivers: misc: pasar el puntero del dispositivo misc a través de datos privados del archivo"), el dispositivo misc almacena un puntero a sí mismo en su interior. filp->private_data, lo que significa que private_data no será NULL cuando se llame a wmi_char_open(). • https://git.kernel.org/stable/c/44b6b7661132b1b0e5fd3147ded66f1e4a817ca9 https://git.kernel.org/stable/c/cf098e937dd125c0317a0d6f261ac2a950a233d6 https://git.kernel.org/stable/c/9fb0eed09e1470cd4021ff52b2b9dfcbcee4c203 https://git.kernel.org/stable/c/d426a2955e45a95b2282764105fcfb110a540453 https://git.kernel.org/stable/c/e0bf076b734a2fab92d8fddc2b8b03462eee7097 https://git.kernel.org/stable/c/44a96796d25809502c75771d40ee693c2e44724e https://git.kernel.org/stable/c/36d85fa7ae0d6be651c1a745191fa7ef055db43e https://git.kernel.org/stable/c/fb7b06b59c6887659c6ed0ecd3110835e • CWE-402: Transmission of Private Resources into a New Sphere ('Resource Leak') •
CVE-2023-52863 – hwmon: (axi-fan-control) Fix possible NULL pointer dereference
https://notcve.org/view.php?id=CVE-2023-52863
In the Linux kernel, the following vulnerability has been resolved: hwmon: (axi-fan-control) Fix possible NULL pointer dereference axi_fan_control_irq_handler(), dependent on the private axi_fan_control_data structure, might be called before the hwmon device is registered. That will cause an "Unable to handle kernel NULL pointer dereference" error. En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: hwmon: (axi-fan-control) Se corrigió la posible desreferencia del puntero NULL. Se podría llamar a axi_fan_control_irq_handler(), dependiente de la estructura privada axi_fan_control_data, antes de que se registre el dispositivo hwmon. Esto provocará el error "No se puede manejar la desreferencia del puntero NULL del kernel". • https://git.kernel.org/stable/c/8412b410fa5e1e494a0fec84c3c462d49870d3f5 https://git.kernel.org/stable/c/7d870088db4863c514a7f8751cd593751983029a https://git.kernel.org/stable/c/b3e7eb23a6e97642ff3190431c06475d9ca1e062 https://git.kernel.org/stable/c/33de53a2706066d526173dc743faf43d92c62105 https://git.kernel.org/stable/c/f62b8969847850ba7596cb145cc47c65ea57dae0 https://git.kernel.org/stable/c/c49f14cc1bb12c625a1c572e8a95b6adefd4d8eb https://git.kernel.org/stable/c/2a5b3370a1d9750eca325292e291c8c7cb8cf2e0 •
CVE-2023-52861 – drm: bridge: it66121: Fix invalid connector dereference
https://notcve.org/view.php?id=CVE-2023-52861
In the Linux kernel, the following vulnerability has been resolved: drm: bridge: it66121: Fix invalid connector dereference Fix the NULL pointer dereference when no monitor is connected, and the sound card is opened from userspace. Instead return an empty buffer (of zeroes) as the EDID information to the sound framework if there is no connector attached. En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: drm: bridge: it66121: Corrige la desreferencia del conector no válido. Corrige la desreferencia del puntero NULL cuando no hay ningún monitor conectado y la tarjeta de sonido se abre desde el espacio de usuario. En su lugar, devuelva un búfer vacío (de ceros) como información EDID al sistema de sonido si no hay ningún conector conectado. • https://git.kernel.org/stable/c/e0fd83dbe92426e4f09b01111d260d2a7dc72fdb https://git.kernel.org/stable/c/2c80c4f0d2845645f41cbb7c9304c8efbdbd4331 https://git.kernel.org/stable/c/1669d7b21a664aa531856ce85b01359a376baebc https://git.kernel.org/stable/c/1374561a7cbc9a000b77bb0473bb2c19daf18d86 https://git.kernel.org/stable/c/d0375f6858c4ff7244b62b02eb5e93428e1916cd • CWE-476: NULL Pointer Dereference •