CVE-2024-53205 – phy: realtek: usb: fix NULL deref in rtk_usb2phy_probe
https://notcve.org/view.php?id=CVE-2024-53205
In the Linux kernel, the following vulnerability has been resolved: phy: realtek: usb: fix NULL deref in rtk_usb2phy_probe In rtk_usb2phy_probe() devm_kzalloc() may return NULL but this returned value is not checked. • https://git.kernel.org/stable/c/134e6d25f6bd06071e5aac0a7eefcea6f7713955 https://git.kernel.org/stable/c/0b398b6b6c94315fd2ce3658e3cee96539dbd7b7 https://git.kernel.org/stable/c/fb83c9a08324e37f321ffb400809aa4310387d65 https://git.kernel.org/stable/c/04e3e9188291a183b27306ddb833722c0d083d6a •
CVE-2024-53204 – phy: realtek: usb: fix NULL deref in rtk_usb3phy_probe
https://notcve.org/view.php?id=CVE-2024-53204
In the Linux kernel, the following vulnerability has been resolved: phy: realtek: usb: fix NULL deref in rtk_usb3phy_probe In rtk_usb3phy_probe() devm_kzalloc() may return NULL but this returned value is not checked. • https://git.kernel.org/stable/c/adda6e82a7de7d6d478f6c8ef127f0ac51c510a1 https://git.kernel.org/stable/c/48d52d3168749e10c1c37cd4ceccd18625851741 https://git.kernel.org/stable/c/776f13ad1f88485206f1dca5ef138553106950e5 https://git.kernel.org/stable/c/bf373d2919d98f3d1fe1b19a0304f72fe74386d9 •
CVE-2024-53203 – usb: typec: fix potential array underflow in ucsi_ccg_sync_control()
https://notcve.org/view.php?id=CVE-2024-53203
In the Linux kernel, the following vulnerability has been resolved: usb: typec: fix potential array underflow in ucsi_ccg_sync_control() The "command" variable can be controlled by the user via debugfs. The worry is that if con_index is zero then "&uc->ucsi->connector[con_index - 1]" would be an array underflow. • https://git.kernel.org/stable/c/170a6726d0e266f2c8f306e3d61715c32f4ee41e https://git.kernel.org/stable/c/ef92cd55289a282910575c5b9d87f646f2d39b38 https://git.kernel.org/stable/c/56971710cd541f2f05160a84b3183477d34a1be9 https://git.kernel.org/stable/c/e56aac6e5a25630645607b6856d4b2a17b2311a5 •
CVE-2024-53202 – firmware_loader: Fix possible resource leak in fw_log_firmware_info()
https://notcve.org/view.php?id=CVE-2024-53202
In the Linux kernel, the following vulnerability has been resolved: firmware_loader: Fix possible resource leak in fw_log_firmware_info() The alg instance should be released under the exception path, otherwise there may be resource leak here. To mitigate this, free the alg instance with crypto_free_shash when kmalloc fails. • https://git.kernel.org/stable/c/02fe26f25325b547b7a31a65deb0326c04bb5174 https://git.kernel.org/stable/c/789a72498d32f88d24371c10985aceb46397056c https://git.kernel.org/stable/c/eb5d67d00ad17a5bd0920f455160dc2ccbd2dc78 https://git.kernel.org/stable/c/f380f895dbb2a11d62ca6df9e82d995f4bc26b84 https://git.kernel.org/stable/c/369a9c046c2fdfe037f05b43b84c386bdbccc103 •
CVE-2024-53200 – drm/amd/display: Fix null check for pipe_ctx->plane_state in hwss_setup_dpp
https://notcve.org/view.php?id=CVE-2024-53200
In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Fix null check for pipe_ctx->plane_state in hwss_setup_dpp This commit addresses a null pointer dereference issue in hwss_setup_dpp(). The issue could occur when pipe_ctx->plane_state is null. The fix adds a check to ensure `pipe_ctx->plane_state` is not null before accessing. This prevents a null pointer dereference. • https://git.kernel.org/stable/c/0baae624630788862bbd654741929007971e9d5b https://git.kernel.org/stable/c/020002c76147ecfdafe95c44abd3240e216b6316 https://git.kernel.org/stable/c/0dd3d1de7a5957804ccd58c1b252f9e34710e3f6 https://git.kernel.org/stable/c/95792a18da0795300e15075ac05d1915e9066999 https://git.kernel.org/stable/c/2bc96c95070571c6c824e0d4c7783bee25a37876 •