CVE-2023-52866 – HID: uclogic: Fix user-memory-access bug in uclogic_params_ugee_v2_init_event_hooks()
https://notcve.org/view.php?id=CVE-2023-52866
In the Linux kernel, the following vulnerability has been resolved: HID: uclogic: Fix user-memory-access bug in uclogic_params_ugee_v2_init_event_hooks() When CONFIG_HID_UCLOGIC=y and CONFIG_KUNIT_ALL_TESTS=y, launch kernel and then the below user-memory-access bug occurs. In hid_test_uclogic_params_cleanup_event_hooks(),it call uclogic_params_ugee_v2_init_event_hooks() with the first arg=NULL, so when it calls uclogic_params_ugee_v2_has_battery(), the hid_get_drvdata() will access hdev->dev with hdev=NULL, which will cause below user-memory-access. So add a fake_device with quirks member and call hid_set_drvdata() to assign hdev->dev->driver_data which avoids the null-ptr-def bug for drvdata->quirks in uclogic_params_ugee_v2_has_battery(). ... kthread_complete_and_exit+0x20/0x20 ret_from_fork_asm+0x11/0x20 </TASK> Modules linked in: Dumping ftrace buffer: (ftrace buffer empty) ---[ end trace 0000000000000000 ]--- RIP: 0010:uclogic_params_ugee_v2_init_event_hooks+0x87/0x600 Code: f3 f3 65 48 8b 14 25 28 00 00 00 48 89 54 24 60 31 d2 48 89 fa c7 44 24 30 00 00 00 00 48 c7 44 24 28 02 f8 02 01 48 c1 ea 03 <80> 3c 02 00 0f 85 2c 04 00 00 48 8b 9d 48 19 00 00 48 b8 00 00 00 RSP: 0000:ffff88810679fc88 EFLAGS: 00010202 RAX: dffffc0000000000 RBX: 0000000000000004 RCX: 0000000000000000 RDX: 0000000000000329 RSI: ffff88810679fd88 RDI: 0000000000001948 RBP: 0000000000000000 R08: 0000000000000000 R09: ffffed1020f639f0 R10: ffff888107b1cf87 R11: 0000000000000400 R12: 1ffff11020cf3f92 R13: ffff88810679fd88 R14: ffff888100b97b08 R15: ffff8881030bb080 FS: 0000000000000000(0000) GS:ffff888119e80000(0000) knlGS:0000000000000000 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: 0000000000000000 CR3: 0000000005286001 CR4: 0000000000770ee0 DR0: ffffffff8fdd6cf4 DR1: ---truncated--- En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: HID: uclogic: corrige el error de acceso a la memoria del usuario en uclogic_params_ugee_v2_init_event_hooks(). • https://git.kernel.org/stable/c/a251d6576d2a29fc0806ef4775719e3b6e672d91 https://git.kernel.org/stable/c/64da1f6147dac7f8499d4937a0d7ea990bf569e8 https://git.kernel.org/stable/c/6c8f953728d75104d994893f58801c457274335a https://git.kernel.org/stable/c/91cfe0bbaa1c434d4271eb6e1d7aaa1fe8d121f6 •
CVE-2023-52865 – clk: mediatek: clk-mt6797: Add check for mtk_alloc_clk_data
https://notcve.org/view.php?id=CVE-2023-52865
In the Linux kernel, the following vulnerability has been resolved: clk: mediatek: clk-mt6797: Add check for mtk_alloc_clk_data Add the check for the return value of mtk_alloc_clk_data() in order to avoid NULL pointer dereference. En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: clk: mediatek: clk-mt6797: Agregar verificación para mtk_alloc_clk_data Agregue la verificación para el valor de retorno de mtk_alloc_clk_data() para evitar la desreferencia al puntero NULL. • https://git.kernel.org/stable/c/96596aa06628e86ea0e1c08c34b0ccc7619e43ac https://git.kernel.org/stable/c/c26feedbc561f2a3cee1a4f717e61bdbdfb4fa92 https://git.kernel.org/stable/c/4c79cbfb8e9e2311be77182893fda5ea4068c836 https://git.kernel.org/stable/c/2705c5b97f504e831ae1935c05f0e44f80dfa6b3 https://git.kernel.org/stable/c/81b16286110728674dcf81137be0687c5055e7bf https://git.kernel.org/stable/c/3aefc6fcfbada57fac27f470602d5565e5b76cb4 https://git.kernel.org/stable/c/357df1c2f6ace96defd557fad709ed1f9f70e16c https://git.kernel.org/stable/c/be3f12f16038a558f08fa93cc32fa7157 •
CVE-2023-52864 – platform/x86: wmi: Fix opening of char device
https://notcve.org/view.php?id=CVE-2023-52864
In the Linux kernel, the following vulnerability has been resolved: platform/x86: wmi: Fix opening of char device Since commit fa1f68db6ca7 ("drivers: misc: pass miscdevice pointer via file private data"), the miscdevice stores a pointer to itself inside filp->private_data, which means that private_data will not be NULL when wmi_char_open() is called. ... En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: plataforma/x86: wmi: corrige la apertura del dispositivo char. • https://git.kernel.org/stable/c/44b6b7661132b1b0e5fd3147ded66f1e4a817ca9 https://git.kernel.org/stable/c/cf098e937dd125c0317a0d6f261ac2a950a233d6 https://git.kernel.org/stable/c/9fb0eed09e1470cd4021ff52b2b9dfcbcee4c203 https://git.kernel.org/stable/c/d426a2955e45a95b2282764105fcfb110a540453 https://git.kernel.org/stable/c/e0bf076b734a2fab92d8fddc2b8b03462eee7097 https://git.kernel.org/stable/c/44a96796d25809502c75771d40ee693c2e44724e https://git.kernel.org/stable/c/36d85fa7ae0d6be651c1a745191fa7ef055db43e https://git.kernel.org/stable/c/fb7b06b59c6887659c6ed0ecd3110835e • CWE-402: Transmission of Private Resources into a New Sphere ('Resource Leak') •
CVE-2023-52863 – hwmon: (axi-fan-control) Fix possible NULL pointer dereference
https://notcve.org/view.php?id=CVE-2023-52863
In the Linux kernel, the following vulnerability has been resolved: hwmon: (axi-fan-control) Fix possible NULL pointer dereference axi_fan_control_irq_handler(), dependent on the private axi_fan_control_data structure, might be called before the hwmon device is registered. ... En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: hwmon: (axi-fan-control) Se corrigió la posible desreferencia del puntero NULL. • https://git.kernel.org/stable/c/8412b410fa5e1e494a0fec84c3c462d49870d3f5 https://git.kernel.org/stable/c/7d870088db4863c514a7f8751cd593751983029a https://git.kernel.org/stable/c/b3e7eb23a6e97642ff3190431c06475d9ca1e062 https://git.kernel.org/stable/c/33de53a2706066d526173dc743faf43d92c62105 https://git.kernel.org/stable/c/f62b8969847850ba7596cb145cc47c65ea57dae0 https://git.kernel.org/stable/c/c49f14cc1bb12c625a1c572e8a95b6adefd4d8eb https://git.kernel.org/stable/c/2a5b3370a1d9750eca325292e291c8c7cb8cf2e0 •
CVE-2023-52862 – drm/amd/display: Fix null pointer dereference in error message
https://notcve.org/view.php?id=CVE-2023-52862
In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Fix null pointer dereference in error message This patch fixes a null pointer dereference in the error message that is printed when the Display Core (DC) fails to initialize. ... En el kernel de Linux, se resolvió la siguiente vulnerabilidad: drm/amd/display: corrige la desreferencia del puntero null en el mensaje de error. • https://git.kernel.org/stable/c/9788d087caffd8358d6e14349ee69d9385666719 https://git.kernel.org/stable/c/97ef07182ac46b069bb5e7d46cb903a764d67898 https://git.kernel.org/stable/c/8b72c5d4a5d25e76b16283397c40b8b3c0d70019 https://git.kernel.org/stable/c/0c3601a2fbfb265ce283651480e30c8e60459112 • CWE-476: NULL Pointer Dereference •