CVSS: 5.5EPSS: 0%CPEs: 5EXPL: 0CVE-2024-49898 – drm/amd/display: Check null-initialized variables
https://notcve.org/view.php?id=CVE-2024-49898
21 Oct 2024 — In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Check null-initialized variables [WHAT & HOW] drr_timing and subvp_pipe are initialized to null and they are not always assigned new values. In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Check null-initialized variables [WHAT & HOW] drr_timing and subvp_pipe are initialized to null and they are not always assigned new values. ... • https://git.kernel.org/stable/c/4562236b3bc0a28aeb6ee93b2d8a849a4c4e1c7c •
CVSS: 5.5EPSS: 0%CPEs: 5EXPL: 0CVE-2024-49897 – drm/amd/display: Check phantom_stream before it is used
https://notcve.org/view.php?id=CVE-2024-49897
21 Oct 2024 — In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Check phantom_stream before it is used dcn32_enable_phantom_stream can return null, so returned value must be checked before used. In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Check phantom_stream before it is used dcn32_enable_phantom_stream can return null, so returned value must be checked before used. ... • https://git.kernel.org/stable/c/4562236b3bc0a28aeb6ee93b2d8a849a4c4e1c7c •
CVSS: 5.5EPSS: 0%CPEs: 9EXPL: 0CVE-2024-49896 – drm/amd/display: Check stream before comparing them
https://notcve.org/view.php?id=CVE-2024-49896
21 Oct 2024 — In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Check stream before comparing them [WHAT & HOW] amdgpu_dm can pass a null stream to dc_is_stream_unchanged. In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Check stream before comparing them [WHAT & HOW] amdgpu_dm can pass a null stream to dc_is_stream_unchanged. ... • https://git.kernel.org/stable/c/4562236b3bc0a28aeb6ee93b2d8a849a4c4e1c7c •
CVSS: 7.8EPSS: 0%CPEs: 7EXPL: 0CVE-2024-49895 – drm/amd/display: Fix index out of bounds in DCN30 degamma hardware format translation
https://notcve.org/view.php?id=CVE-2024-49895
21 Oct 2024 — In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Fix index out of bounds in DCN30 degamma hardware format translation This commit addresses a potential index out of bounds issue in the `cm3_helper_translate_curve_to_degamma_hw_format` function in the DCN30 color management module. ... /display/dc/dcn30/dcn30_cm_common.c:340 cm3_helper_translate_curve_to_degamma_hw_format() error: buffer overflow 'output_tf->tf_pts.blue' 1025 <= s32max In the Linux kernel, th... • https://git.kernel.org/stable/c/4562236b3bc0a28aeb6ee93b2d8a849a4c4e1c7c •
CVSS: 7.8EPSS: 0%CPEs: 9EXPL: 0CVE-2024-49894 – drm/amd/display: Fix index out of bounds in degamma hardware format translation
https://notcve.org/view.php?id=CVE-2024-49894
21 Oct 2024 — In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Fix index out of bounds in degamma hardware format translation Fixes index out of bounds issue in `cm_helper_translate_curve_to_degamma_hw_format` function. ... /display/dc/dcn10/dcn10_cm_common.c:596 cm_helper_translate_curve_to_degamma_hw_format() error: buffer overflow 'output_tf->tf_pts.blue' 1025 <= s32max In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Fix index out o... • https://git.kernel.org/stable/c/4562236b3bc0a28aeb6ee93b2d8a849a4c4e1c7c •
CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 0CVE-2024-49893 – drm/amd/display: Check stream_status before it is used
https://notcve.org/view.php?id=CVE-2024-49893
21 Oct 2024 — In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Check stream_status before it is used [WHAT & HOW] dc_state_get_stream_status can return null, and therefore null must be checked before stream_status is used. In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Check stream_status before it is used [WHAT & HOW] dc_state_get_stream_status can return null, and therefore null must be checked before stream_status is used. ... • https://git.kernel.org/stable/c/4562236b3bc0a28aeb6ee93b2d8a849a4c4e1c7c •
CVSS: 5.5EPSS: 0%CPEs: 8EXPL: 0CVE-2024-49892 – drm/amd/display: Initialize get_bytes_per_element's default to 1
https://notcve.org/view.php?id=CVE-2024-49892
21 Oct 2024 — In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Initialize get_bytes_per_element's default to 1 Variables, used as denominators and maybe not assigned to other values, should not be 0. In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Initialize get_bytes_per_element's default to 1 Variables, used as denominators and maybe not assigned to other values, should not be 0. • https://git.kernel.org/stable/c/4562236b3bc0a28aeb6ee93b2d8a849a4c4e1c7c •
CVSS: 5.5EPSS: 0%CPEs: 5EXPL: 0CVE-2024-49891 – scsi: lpfc: Validate hdwq pointers before dereferencing in reset/errata paths
https://notcve.org/view.php?id=CVE-2024-49891
21 Oct 2024 — In the Linux kernel, the following vulnerability has been resolved: scsi: lpfc: Validate hdwq pointers before dereferencing in reset/errata paths When the HBA is undergoing a reset or is handling an errata event, NULL ptr dereference crashes may occur in routines such as lpfc_sli_flush_io_rings(), lpfc_dev_loss_tmo_callbk(), or lpfc_abort_handler(). In the Linux kernel, the following vulnerability has been resolved: scsi: lpfc: Validate hdwq pointers before dereferencing in reset/errata paths ... • https://git.kernel.org/stable/c/5873aa7f814754085d418848b2089ef406a02dd0 •
CVSS: 5.5EPSS: 0%CPEs: 7EXPL: 0CVE-2024-49890 – drm/amd/pm: ensure the fw_info is not null before using it
https://notcve.org/view.php?id=CVE-2024-49890
21 Oct 2024 — In the Linux kernel, the following vulnerability has been resolved: drm/amd/pm: ensure the fw_info is not null before using it This resolves the dereference null return value warning reported by Coverity. In the Linux kernel, the following vulnerability has been resolved: drm/amd/pm: ensure the fw_info is not null before using it This resolves the dereference null return value warning reported by Coverity. • https://git.kernel.org/stable/c/3bace359149391c6547cefe3bf729f365bcf3ef6 •
CVSS: 7.8EPSS: 0%CPEs: 7EXPL: 0CVE-2024-49889 – ext4: avoid use-after-free in ext4_ext_show_leaf()
https://notcve.org/view.php?id=CVE-2024-49889
21 Oct 2024 — In the Linux kernel, the following vulnerability has been resolved: ext4: avoid use-after-free in ext4_ext_show_leaf() In ext4_find_extent(), path may be freed by error or be reallocated, so using a previously saved *ppath may have been freed and thus may trigger use-after-free, as follows: ext4_split_extent path = *ppath; ext4_split_extent_at(ppath) path = ext4_find_extent(ppath) ext4_split_extent_at(ppath) // ext4_find_extent fails to free path // but zeroout succeeds ext4_ext_show_leaf(inode, path... • https://git.kernel.org/stable/c/b0cb4561fc4284d04e69c8a66c8504928ab2484e • CWE-416: Use After Free •