CVSS: -EPSS: 0%CPEs: 6EXPL: 0CVE-2024-42120 – drm/amd/display: Check pipe offset before setting vblank
https://notcve.org/view.php?id=CVE-2024-42120
In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Check pipe offset before setting vblank pipe_ctx has a size of MAX_PIPES so checking its index before accessing the array. This fixes an OVERRUN issue reported by Coverity. • https://git.kernel.org/stable/c/b2e9abc95583ac7bbb2c47da4d476a798146dfd6 https://git.kernel.org/stable/c/0b3702f9d43d163fd05e43b7d7e22e766dbef329 https://git.kernel.org/stable/c/d2c3645a4a5ae5d933b4116c305d9d82b8199dbf https://git.kernel.org/stable/c/96bf81cc1bd058bb8af6e755a548e926e934dfd1 https://git.kernel.org/stable/c/c5ec2afeeee4c91cebc4eff6d4f1ecf4047259f4 https://git.kernel.org/stable/c/5396a70e8cf462ec5ccf2dc8de103c79de9489e6 •
CVSS: -EPSS: 0%CPEs: 8EXPL: 0CVE-2024-42119 – drm/amd/display: Skip finding free audio for unknown engine_id
https://notcve.org/view.php?id=CVE-2024-42119
In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Skip finding free audio for unknown engine_id [WHY] ENGINE_ID_UNKNOWN = -1 and can not be used as an array index. Plus, it also means it is uninitialized and does not need free audio. [HOW] Skip and return NULL. This fixes 2 OVERRUN issues reported by Coverity. • https://git.kernel.org/stable/c/9eb4db08a808e3a3ba59193aeb84a57a6dc4d8c9 https://git.kernel.org/stable/c/eacca028a623f608607d02457122ee5284491e18 https://git.kernel.org/stable/c/ffa7bd3ca9cfa902b857d1dc9a5f46fededf86c8 https://git.kernel.org/stable/c/afaaebdee9bb9f26d9e13cc34b33bd0a7bf59488 https://git.kernel.org/stable/c/874261358d31fc772f2823604167e670983cc1ca https://git.kernel.org/stable/c/95ad20ee3c4efbb91f9a4ab08e070aa3697f5879 https://git.kernel.org/stable/c/881fb6afc0004c5e6392ae2848f825bf051dae14 https://git.kernel.org/stable/c/1357b2165d9ad94faa4c4a20d5e2ce29c •
CVSS: -EPSS: 0%CPEs: 2EXPL: 0CVE-2024-42118 – drm/amd/display: Do not return negative stream id for array
https://notcve.org/view.php?id=CVE-2024-42118
In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Do not return negative stream id for array [WHY] resource_stream_to_stream_idx returns an array index and it return -1 when not found; however, -1 is not a valid array index number. [HOW] When this happens, call ASSERT(), and return a zero instead. This fixes an OVERRUN and an NEGATIVE_RETURNS issues reported by Coverity. • https://git.kernel.org/stable/c/a76fa9c4f0fc0aa6f517da3fa7d7c23e8a32c7d0 https://git.kernel.org/stable/c/3ac31c9a707dd1c7c890b95333182f955e9dcb57 •
CVSS: -EPSS: 0%CPEs: 2EXPL: 0CVE-2024-42117 – drm/amd/display: ASSERT when failing to find index by plane/stream id
https://notcve.org/view.php?id=CVE-2024-42117
In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: ASSERT when failing to find index by plane/stream id [WHY] find_disp_cfg_idx_by_plane_id and find_disp_cfg_idx_by_stream_id returns an array index and they return -1 when not found; however, -1 is not a valid index number. [HOW] When this happens, call ASSERT(), and return a positive number (which is fewer than callers' array size) instead. This fixes 4 OVERRUN and 2 NEGATIVE_RETURNS issues reported by Coverity. • https://git.kernel.org/stable/c/a9c047a5cf3135b8b66bd28fbe2c698b9cace0b3 https://git.kernel.org/stable/c/01eb50e53c1ce505bf449348d433181310288765 •
CVSS: -EPSS: 0%CPEs: 5EXPL: 0CVE-2024-42116 – igc: fix a log entry using uninitialized netdev
https://notcve.org/view.php?id=CVE-2024-42116
In the Linux kernel, the following vulnerability has been resolved: igc: fix a log entry using uninitialized netdev During successful probe, igc logs this: [ 5.133667] igc 0000:01:00.0 (unnamed net_device) (uninitialized): PHC added ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ The reason is that igc_ptp_init() is called very early, even before register_netdev() has been called. So the netdev_info() call works on a partially uninitialized netdev. Fix this by calling igc_ptp_init() after register_netdev(), right after the media autosense check, just as in igb. Add a comment, just as in igb. Now the log message is fine: [ 5.200987] igc 0000:01:00.0 eth0: PHC added • https://git.kernel.org/stable/c/96839f3f588236593de36465f142b0126267f8b6 https://git.kernel.org/stable/c/98c8958980e829f023a490b9a9816ca1fe2f8b79 https://git.kernel.org/stable/c/991f036cabc3d13e886a37faeea1b6800181fdda https://git.kernel.org/stable/c/d478ec838cf2b1e1051a8709cfc744fe1c03110f https://git.kernel.org/stable/c/86167183a17e03ec77198897975e9fdfbd53cb0b •