Page 440 of 2462 results (0.010 seconds)

CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 0

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Fix variable deferencing before NULL check in edp_setup_replay() In edp_setup_replay(), 'struct dc *dc' & 'struct dmub_replay *replay' was dereferenced before the pointer 'link' & 'replay' NULL check. Fixes the below: drivers/gpu/drm/amd/amdgpu/../display/dc/link/protocols/link_edp_panel_control.c:947 edp_setup_replay() warn: variable dereferenced before check 'link' (see line 933) En el kernel de Linux, se resolvió la siguiente vulnerabilidad: drm/amd/display: se corrigió la diferenciación de variables antes de la verificación NULL en edp_setup_replay() En edp_setup_replay(), se eliminó la referencia a 'struct dc *dc' y 'struct dmub_replay *replay' antes de la comprobación NULL del puntero 'enlace' y 'repetición'. Corrige lo siguiente: drivers/gpu/drm/amd/amdgpu/../display/dc/link/protocols/link_edp_panel_control.c:947 edp_setup_replay() advertencia: variable desreferenciada antes de marcar 'enlace' (ver línea 933) • https://git.kernel.org/stable/c/22ae604aea14756954e1c00ae653e34d2afd2935 https://git.kernel.org/stable/c/c02d257c654191ecda1dc1af6875d527e85310e7 https://git.kernel.org/stable/c/7073934f5d73f8b53308963cee36f0d389ea857c •

CVSS: -EPSS: 0%CPEs: 3EXPL: 0

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Fix late derefrence 'dsc' check in 'link_set_dsc_pps_packet()' In link_set_dsc_pps_packet(), 'struct display_stream_compressor *dsc' was dereferenced in a DC_LOGGER_INIT(dsc->ctx->logger); before the 'dsc' NULL pointer check. Fixes the below: drivers/gpu/drm/amd/amdgpu/../display/dc/link/link_dpms.c:905 link_set_dsc_pps_packet() warn: variable dereferenced before check 'dsc' (see line 903) En el kernel de Linux, se resolvió la siguiente vulnerabilidad: drm/amd/display: se corrigió la verificación de desrefrence tardía 'dsc' en 'link_set_dsc_pps_packet()'. En link_set_dsc_pps_packet(), se eliminó la referencia a 'struct display_stream_compressor *dsc' en un DC_LOGGER_INIT(dsc- >ctx->registrador); antes de la verificación del puntero NULL 'dsc'. Corrige lo siguiente: drivers/gpu/drm/amd/amdgpu/../display/dc/link/link_dpms.c:905 link_set_dsc_pps_packet() advertencia: variable desreferenciada antes de verificar 'dsc' (consulte la línea 903) • https://git.kernel.org/stable/c/6aa5ede6665122f4c8abce3c6eba06b49e54d25c https://git.kernel.org/stable/c/cf656fc7276e5b3709a81bc9d9639459be2b2647 https://git.kernel.org/stable/c/3bb9b1f958c3d986ed90a3ff009f1e77e9553207 •

CVSS: 4.4EPSS: 0%CPEs: 4EXPL: 0

In the Linux kernel, the following vulnerability has been resolved: thermal: intel: hfi: Add syscore callbacks for system-wide PM The kernel allocates a memory buffer and provides its location to the hardware, which uses it to update the HFI table. This allocation occurs during boot and remains constant throughout runtime. When resuming from hibernation, the restore kernel allocates a second memory buffer and reprograms the HFI hardware with the new location as part of a normal boot. The location of the second memory buffer may differ from the one allocated by the image kernel. When the restore kernel transfers control to the image kernel, its HFI buffer becomes invalid, potentially leading to memory corruption if the hardware writes to it (the hardware continues to use the buffer from the restore kernel). It is also possible that the hardware "forgets" the address of the memory buffer when resuming from "deep" suspend. Memory corruption may also occur in such a scenario. To prevent the described memory corruption, disable HFI when preparing to suspend or hibernate. Enable it when resuming. Add syscore callbacks to handle the package of the boot CPU (packages of non-boot CPUs are handled via CPU offline). • https://git.kernel.org/stable/c/28f010dc50df0f7987c04112114fcfa7e0803566 https://git.kernel.org/stable/c/019ccc66d56a696a4dfee3bfa2f04d0a7c3d89ee https://git.kernel.org/stable/c/c9d6d63b6c03afaa6f185df249af693a7939577c https://git.kernel.org/stable/c/97566d09fd02d2ab329774bb89a2cdf2267e86d9 https://access.redhat.com/security/cve/CVE-2024-26646 https://bugzilla.redhat.com/show_bug.cgi?id=2271788 • CWE-99: Improper Control of Resource Identifiers ('Resource Injection') •

CVSS: 5.5EPSS: 0%CPEs: 6EXPL: 0

In the Linux kernel, the following vulnerability has been resolved: iio: adc: ad7091r: Allow users to configure device events AD7091R-5 devices are supported by the ad7091r-5 driver together with the ad7091r-base driver. Those drivers declared iio events for notifying user space when ADC readings fall bellow the thresholds of low limit registers or above the values set in high limit registers. However, to configure iio events and their thresholds, a set of callback functions must be implemented and those were not present until now. The consequence of trying to configure ad7091r-5 events without the proper callback functions was a null pointer dereference in the kernel because the pointers to the callback functions were not set. Implement event configuration callbacks allowing users to read/write event thresholds and enable/disable event generation. Since the event spec structs are generic to AD7091R devices, also move those from the ad7091r-5 driver the base driver so they can be reused when support for ad7091r-2/-4/-8 be added. En el kernel de Linux, se resolvió la siguiente vulnerabilidad: iio: adc: ad7091r: permitir a los usuarios configurar eventos de dispositivo Los dispositivos AD7091R-5 son compatibles con el controlador ad7091r-5 junto con el controlador ad7091r-base. Esos controladores declararon eventos iio para notificar al espacio del usuario cuando las lecturas de ADC caen por debajo de los umbrales de los registros de límite bajo o por encima de los valores establecidos en los registros de límite alto. Sin embargo, para configurar los eventos de iio y sus umbrales, se debe implementar un conjunto de funciones de devolución de llamada que no estaban presentes hasta ahora. • https://git.kernel.org/stable/c/ca69300173b642ba64118200172171ea5967b6c5 https://git.kernel.org/stable/c/1eba6f7ffa295a0eec098c107043074be7cc4ec5 https://git.kernel.org/stable/c/49f322ce1f265935f15e5512da69a399f27a5091 https://git.kernel.org/stable/c/137568aa540a9f587c48ff7d4c51cdba08cfe9a4 https://git.kernel.org/stable/c/89c4e63324e208a23098f7fb15c00487cecbfed2 https://git.kernel.org/stable/c/55aca2ce91a63740278502066beaddbd841af9c6 https://git.kernel.org/stable/c/020e71c7ffc25dfe29ed9be6c2d39af7bd7f661f https://lists.debian.org/debian-lts-announce/2024/06/ •

CVSS: 6.0EPSS: 0%CPEs: 4EXPL: 0

In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: Fix operation precedence bug in port timestamping napi_poll context Indirection (*) is of lower precedence than postfix increment (++). Logic in napi_poll context would cause an out-of-bound read by first increment the pointer address by byte address space and then dereference the value. Rather, the intended logic was to dereference first and then increment the underlying value. En el kernel de Linux, se resolvió la siguiente vulnerabilidad: net/mlx5e: se corrigió el error de precedencia de operación en la marca de tiempo del puerto contexto napi_poll La indirección (*) tiene menor prioridad que el incremento de postfijo (++). La lógica en el contexto napi_poll provocaría una lectura fuera de los límites al incrementar primero la dirección del puntero por espacio de direcciones de bytes y luego desreferenciar el valor. Más bien, la lógica prevista era desreferenciar primero y luego incrementar el valor subyacente. • https://git.kernel.org/stable/c/e5d30f7da35720060299483e65fc372980a82dfb https://git.kernel.org/stable/c/92214be5979c0961a471b7eaaaeacab41bdf456c https://git.kernel.org/stable/c/42b11d1293e5a0f932c0b6e891b2c7bae57b839d https://git.kernel.org/stable/c/40e0d0746390c5b0c31144f4f1688d72f3f8d790 https://git.kernel.org/stable/c/33cdeae8c6fb58cc445f859b67c014dc9f60b4e0 https://git.kernel.org/stable/c/3876638b2c7ebb2c9d181de1191db0de8cac143a https://access.redhat.com/security/cve/CVE-2023-52626 https://bugzilla.redhat.com/show_bug.cgi?id=2271680 • CWE-125: Out-of-bounds Read •