CVE-2024-46775 – drm/amd/display: Validate function returns
https://notcve.org/view.php?id=CVE-2024-46775
In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Validate function returns [WHAT & HOW] Function return values must be checked before data can be used in subsequent functions. This fixes 4 CHECKED_RETURN issues reported by Coverity. • https://git.kernel.org/stable/c/5639a3048c7079803256374204ad55ec52cd0b49 https://git.kernel.org/stable/c/673f816b9e1e92d1f70e1bf5f21b531e0ff9ad6c •
CVE-2024-46774 – powerpc/rtas: Prevent Spectre v1 gadget construction in sys_rtas()
https://notcve.org/view.php?id=CVE-2024-46774
In the Linux kernel, the following vulnerability has been resolved: powerpc/rtas: Prevent Spectre v1 gadget construction in sys_rtas() Smatch warns: arch/powerpc/kernel/rtas.c:1932 __do_sys_rtas() warn: potential spectre issue 'args.args' [r] (local cap) The 'nargs' and 'nret' locals come directly from a user-supplied buffer and are used as indexes into a small stack-based array and as inputs to copy_to_user() after they are subject to bounds checks. Use array_index_nospec() after the bounds checks to clamp these values for speculative execution. • https://git.kernel.org/stable/c/68d8156480940b79227d58865ec5d2947b9384a8 https://git.kernel.org/stable/c/0974d03eb479384466d828d65637814bee6b26d7 •
CVE-2024-46773 – drm/amd/display: Check denominator pbn_div before used
https://notcve.org/view.php?id=CVE-2024-46773
In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Check denominator pbn_div before used [WHAT & HOW] A denominator cannot be 0, and is checked before used. This fixes 1 DIVIDE_BY_ZERO issue reported by Coverity. • https://git.kernel.org/stable/c/20e7164c52d9bfbb9d9862b833fa989624a61345 https://git.kernel.org/stable/c/dfafee0a7b51c7c9612edd2d991401294964d02f https://git.kernel.org/stable/c/11f997143c67680d6e40a13363618380cd57a414 https://git.kernel.org/stable/c/116a678f3a9abc24f5c9d2525b7393d18d9eb58e •
CVE-2024-46772 – drm/amd/display: Check denominator crb_pipes before used
https://notcve.org/view.php?id=CVE-2024-46772
In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Check denominator crb_pipes before used [WHAT & HOW] A denominator cannot be 0, and is checked before used. This fixes 2 DIVIDE_BY_ZERO issues reported by Coverity. • https://git.kernel.org/stable/c/ede06d23392529b039cf7ac11b5875b047900f1c https://git.kernel.org/stable/c/ea79068d4073bf303f8203f2625af7d9185a1bc6 •
CVE-2024-46762 – xen: privcmd: Fix possible access to a freed kirqfd instance
https://notcve.org/view.php?id=CVE-2024-46762
In the Linux kernel, the following vulnerability has been resolved: xen: privcmd: Fix possible access to a freed kirqfd instance Nothing prevents simultaneous ioctl calls to privcmd_irqfd_assign() and privcmd_irqfd_deassign(). If that happens, it is possible that a kirqfd created and added to the irqfds_list by privcmd_irqfd_assign() may get removed by another thread executing privcmd_irqfd_deassign(), while the former is still using it after dropping the locks. This can lead to a situation where an already freed kirqfd instance may be accessed and cause kernel oops. Use SRCU locking to prevent the same, as is done for the KVM implementation for irqfds. • https://git.kernel.org/stable/c/e997b357b13a7d95de31681fc54fcc34235fa527 https://git.kernel.org/stable/c/112fd2f02b308564724b8e81006c254d20945c4b https://git.kernel.org/stable/c/611ff1b1ae989a7bcce3e2a8e132ee30e968c557 •