CVE-2023-52688 – wifi: ath12k: fix the error handler of rfkill config
https://notcve.org/view.php?id=CVE-2023-52688
In the Linux kernel, the following vulnerability has been resolved: wifi: ath12k: fix the error handler of rfkill config When the core rfkill config throws error, it should free the allocated resources. Currently it is not freeing the core pdev create resources. Avoid this issue by calling the core pdev destroy in the error handler of core rfkill config. Found this issue in the code review and it is compile tested only. En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: wifi: ath12k: corrige el controlador de errores de la configuración de rfkill Cuando la configuración principal de rfkill arroja un error, debería liberar los recursos asignados. Actualmente no está liberando recursos de creación de pdev centrales. • https://git.kernel.org/stable/c/004ccbc0dd49c63576a4c60a663a38dd3cb6bee5 https://git.kernel.org/stable/c/b4e593a7a22fa3c7d0550ef51c90b5c21f790aa8 https://git.kernel.org/stable/c/898d8b3e1414cd900492ee6a0b582f8095ba4a1a •
CVE-2023-52687 – crypto: safexcel - Add error handling for dma_map_sg() calls
https://notcve.org/view.php?id=CVE-2023-52687
In the Linux kernel, the following vulnerability has been resolved: crypto: safexcel - Add error handling for dma_map_sg() calls Macro dma_map_sg() may return 0 on error. This patch enables checks in case of the macro failure and ensures unmapping of previously mapped buffers with dma_unmap_sg(). Found by Linux Verification Center (linuxtesting.org) with static analysis tool SVACE. En el kernel de Linux, se resolvió la siguiente vulnerabilidad: crypto: safexcel - Añadir manejo de errores para llamadas a dma_map_sg() La macro dma_map_sg() puede devolver 0 en caso de error. Este parche permite realizar comprobaciones en caso de fallo de la macro y garantiza la eliminación de la asignación de búferes previamente asignados con dma_unmap_sg(). Encontrado por el Centro de verificación de Linux (linuxtesting.org) con la herramienta de análisis estático SVACE. • https://git.kernel.org/stable/c/49186a7d9e46ff132a0ed9b721ad6b6a58dba6c1 https://git.kernel.org/stable/c/4c0ac81a172a69a7733290915276672787e904ec https://git.kernel.org/stable/c/8084b788c2fb1260f7d44c032d5124680b20d2b2 https://git.kernel.org/stable/c/fc0b785802b856566df3ac943e38a072557001c4 https://git.kernel.org/stable/c/87e02063d07708cac5bfe9fd3a6a242898758ac8 •
CVE-2023-52686 – powerpc/powernv: Add a null pointer check in opal_event_init()
https://notcve.org/view.php?id=CVE-2023-52686
In the Linux kernel, the following vulnerability has been resolved: powerpc/powernv: Add a null pointer check in opal_event_init() kasprintf() returns a pointer to dynamically allocated memory which can be NULL upon failure. En el kernel de Linux, se resolvió la siguiente vulnerabilidad: powerpc/powernv: añadir una verificación de puntero nulo en opal_event_init() kasprintf() devuelve un puntero a la memoria asignada dinámicamente que puede ser NULL en caso de fallo. • https://git.kernel.org/stable/c/2717a33d60745f2f72e521cdaedf79b00f66f8ca https://git.kernel.org/stable/c/8422d179cf46889c15ceff9ede48c5bfa4e7f0b4 https://git.kernel.org/stable/c/e93d7cf4c1ddbcd846739e7ad849f955a4f18031 https://git.kernel.org/stable/c/e6ad05e3ae9c84c5a71d7bb2d44dc845ae7990cf https://git.kernel.org/stable/c/c0b111ea786ddcc8be0682612830796ece9436c7 https://git.kernel.org/stable/c/9a523e1da6d88c2034f946adfa4f74b236c95ca9 https://git.kernel.org/stable/c/a14c55eb461d630b836f80591d8caf1f74e62877 https://git.kernel.org/stable/c/e08c2e275fa1874de945b87093f925997 •
CVE-2023-52684 – firmware: qcom: qseecom: fix memory leaks in error paths
https://notcve.org/view.php?id=CVE-2023-52684
In the Linux kernel, the following vulnerability has been resolved: firmware: qcom: qseecom: fix memory leaks in error paths Fix instances of returning error codes directly instead of jumping to the relevant labels where memory allocated for the SCM calls would be freed. En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: firmware: qcom: qseecom: corrige pérdidas de memoria en rutas de error Corrija instancias de devolución de códigos de error directamente en lugar de saltar a las etiquetas relevantes donde se liberaría la memoria asignada para las llamadas SCM. • https://git.kernel.org/stable/c/759e7a2b62eb3ef3c93ffeb5cca788a09627d7d9 https://git.kernel.org/stable/c/85fdbf6840455be64eac16bdfe0df3368ee3d0f0 https://git.kernel.org/stable/c/6c57d7b593c4a4e60db65d5ce0fe1d9f79ccbe9b •
CVE-2023-52683 – ACPI: LPIT: Avoid u32 multiplication overflow
https://notcve.org/view.php?id=CVE-2023-52683
In the Linux kernel, the following vulnerability has been resolved: ACPI: LPIT: Avoid u32 multiplication overflow In lpit_update_residency() there is a possibility of overflow in multiplication, if tsc_khz is large enough (> UINT_MAX/1000). Change multiplication to mul_u32_u32(). Found by Linux Verification Center (linuxtesting.org) with SVACE. En el kernel de Linux se ha resuelto la siguiente vulnerabilidad: ACPI: LPIT: Evitar desbordamiento de multiplicación u32 En lpit_update_residency() existe la posibilidad de desbordamiento en la multiplicación, si tsc_khz es lo suficientemente grande (> UINT_MAX/1000). Cambie la multiplicación a mul_u32_u32(). Encontrado por el Centro de verificación de Linux (linuxtesting.org) con SVACE. • https://git.kernel.org/stable/c/eeb2d80d502af28e5660ff4bbe00f90ceb82c2db https://git.kernel.org/stable/c/647d1d50c31e60ef9ccb9756a8fdf863329f7aee https://git.kernel.org/stable/c/6c38e791bde07d6ca2a0a619ff9b6837e0d5f9ad https://git.kernel.org/stable/c/f39c3d578c7d09a18ceaf56750fc7f20b02ada63 https://git.kernel.org/stable/c/c1814a4ffd016ce5392c6767d22ef3aa2f0d4bd1 https://git.kernel.org/stable/c/72222dfd76a79d9666ab3117fcdd44ca8cd0c4de https://git.kernel.org/stable/c/d1ac288b2742aa4af746c5613bac71760fadd1c4 https://git.kernel.org/stable/c/b7aab9d906e2e252a7783f872406033ec •