CVSS: -EPSS: 0%CPEs: 6EXPL: 0CVE-2024-50181 – clk: imx: Remove CLK_SET_PARENT_GATE for DRAM mux for i.MX7D
https://notcve.org/view.php?id=CVE-2024-50181
08 Nov 2024 — In the Linux kernel, the following vulnerability has been resolved: clk: imx: Remove CLK_SET_PARENT_GATE for DRAM mux for i.MX7D For i.MX7D DRAM related mux clock, the clock source change should ONLY be done done in low level asm code without accessing DRAM, and then calling clk API to sync the HW clock status with clk tree, it should never touch real clock source switch via clk API, so CLK_SET_PARENT_GATE flag should NOT be added, otherwise, DRAM's clock parent will be disabled when DRAM is active, and s... • https://git.kernel.org/stable/c/b677b94a9193ec7b6607bd1255172ae59174a382 •
CVSS: -EPSS: 0%CPEs: 8EXPL: 0CVE-2024-50180 – fbdev: sisfb: Fix strbuf array overflow
https://notcve.org/view.php?id=CVE-2024-50180
08 Nov 2024 — In the Linux kernel, the following vulnerability has been resolved: fbdev: sisfb: Fix strbuf array overflow The values of the variables xres and yres are placed in strbuf. These variables are obtained from strbuf1. The strbuf1 array contains digit characters and a space if the array contains non-digit characters. Then, when executing sprintf(strbuf, "%ux%ux8", xres, yres); more than 16 bytes will be written to strbuf. It is suggested to increase the size of the strbuf array to 24. Found by Linux Verifica... • https://git.kernel.org/stable/c/433c84c8495008922534c5cafdae6ff970fb3241 •
CVSS: -EPSS: 0%CPEs: 9EXPL: 0CVE-2024-50179 – ceph: remove the incorrect Fw reference check when dirtying pages
https://notcve.org/view.php?id=CVE-2024-50179
08 Nov 2024 — In the Linux kernel, the following vulnerability has been resolved: ceph: remove the incorrect Fw reference check when dirtying pages When doing the direct-io reads it will also try to mark pages dirty, but for the read path it won't hold the Fw caps and there is case will it get the Fw reference. Ubuntu Security Notice 7166-3 - Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. • https://git.kernel.org/stable/c/5dda377cf0a6bd43f64a3c1efb670d7c668e7b29 •
CVSS: -EPSS: 0%CPEs: 2EXPL: 0CVE-2024-50178 – cpufreq: loongson3: Use raw_smp_processor_id() in do_service_request()
https://notcve.org/view.php?id=CVE-2024-50178
08 Nov 2024 — In the Linux kernel, the following vulnerability has been resolved: cpufreq: loongson3: Use raw_smp_processor_id() in do_service_request() Use raw_smp_processor_id() instead of plain smp_processor_id() in do_service_request(), otherwise we may get some errors with the driver enabled: BUG: using smp_processor_id() in preemptible [00000000] code: (udev-worker)/208 caller is loongson3_cpufreq_probe+0x5c/0x250 [loongson3_cpufreq] • https://git.kernel.org/stable/c/2f78e4a6d2702ac03c2bf2ed3a0e344e1fa9f967 •
CVSS: -EPSS: 0%CPEs: 2EXPL: 0CVE-2024-50177 – drm/amd/display: fix a UBSAN warning in DML2.1
https://notcve.org/view.php?id=CVE-2024-50177
08 Nov 2024 — In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: fix a UBSAN warning in DML2.1 When programming phantom pipe, since cursor_width is explicity set to 0, this causes calculation logic to trigger overflow for an unsigned int triggering the kernel's UBSAN check as below: [ 40.962845] UBSAN: shift-out-of-bounds in /tmp/amd.EfpumTkO/amd/amdgpu/../display/dc/dml2/dml21/src/dml2_core/dml2_core_dcn4_calcs.c:3312:34 [ 40.962849] shift exponent 4294967170 is too large for 32-... • https://git.kernel.org/stable/c/27bc3da5eae57e3af8f5648b4498ffde48781434 •
CVSS: -EPSS: 0%CPEs: 6EXPL: 0CVE-2024-50176 – remoteproc: k3-r5: Fix error handling when power-up failed
https://notcve.org/view.php?id=CVE-2024-50176
08 Nov 2024 — In the Linux kernel, the following vulnerability has been resolved: remoteproc: k3-r5: Fix error handling when power-up failed By simply bailing out, the driver was violating its rule and internal assumptions that either both or no rproc should be initialized. E.g., this could cause the first core to be available but not the second one, leading to crashes on its shutdown later on while trying to dereference that second instance. • https://git.kernel.org/stable/c/2a1ec20b174c0f613224c59e694639ac07308b53 •
CVSS: -EPSS: 0%CPEs: 4EXPL: 0CVE-2024-50175 – media: qcom: camss: Remove use_count guard in stop_streaming
https://notcve.org/view.php?id=CVE-2024-50175
08 Nov 2024 — In the Linux kernel, the following vulnerability has been resolved: media: qcom: camss: Remove use_count guard in stop_streaming The use_count check was introduced so that multiple concurrent Raw Data Interfaces RDIs could be driven by different virtual channels VCs on the CSIPHY input driving the video pipeline. This is an invalid use of use_count though as use_count pertains to the number of times a video entity has been opened by user-space not the number of active streams. If use_count and stream-on... • https://git.kernel.org/stable/c/89013969e23247661f0514c77f26d60fa083216c •
CVSS: -EPSS: 0%CPEs: 3EXPL: 0CVE-2024-50172 – RDMA/bnxt_re: Fix a possible memory leak
https://notcve.org/view.php?id=CVE-2024-50172
07 Nov 2024 — In the Linux kernel, the following vulnerability has been resolved: RDMA/bnxt_re: Fix a possible memory leak In bnxt_re_setup_chip_ctx() when bnxt_qplib_map_db_bar() fails driver is not freeing the memory allocated for "rdev->chip_ctx". En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: RDMA/bnxt_re: Se corrige una posible pérdida de memoria En bnxt_re_setup_chip_ctx() cuando bnxt_qplib_map_db_bar() falla, el controlador no libera la memoria asignada para "rdev->chip_ctx". • https://git.kernel.org/stable/c/0ac20faf5d837b59fb4c041ea320932ed47fd67f •
CVSS: -EPSS: 0%CPEs: 8EXPL: 0CVE-2024-50171 – net: systemport: fix potential memory leak in bcm_sysport_xmit()
https://notcve.org/view.php?id=CVE-2024-50171
07 Nov 2024 — In the Linux kernel, the following vulnerability has been resolved: net: systemport: fix potential memory leak in bcm_sysport_xmit() The bcm_sysport_xmit() returns NETDEV_TX_OK without freeing skb in case of dma_map_single() fails, add dev_kfree_skb() to fix it. En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: net: systemport: corrige una posible pérdida de memoria en bcm_sysport_xmit(). Bcm_sysport_xmit() devuelve NETDEV_TX_OK sin liberar skb en caso de que dma_map_single() falle. Agreg... • https://git.kernel.org/stable/c/80105befdb4b8cea924711b40b2462b87df65b62 •
CVSS: -EPSS: 0%CPEs: 3EXPL: 0CVE-2024-50170 – net: bcmasp: fix potential memory leak in bcmasp_xmit()
https://notcve.org/view.php?id=CVE-2024-50170
07 Nov 2024 — In the Linux kernel, the following vulnerability has been resolved: net: bcmasp: fix potential memory leak in bcmasp_xmit() The bcmasp_xmit() returns NETDEV_TX_OK without freeing skb in case of mapping fails, add dev_kfree_skb() to fix it. En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: net: bcmasp: corrige una posible pérdida de memoria en bcmasp_xmit(). bcmasp_xmit() devuelve NETDEV_TX_OK sin liberar skb en caso de que falle el mapeo, agregue dev_kfree_skb() para solucionarlo. • https://git.kernel.org/stable/c/490cb412007de593e07c1d3e2b1ec4233886707c •