CVE-2023-52811 – scsi: ibmvfc: Remove BUG_ON in the case of an empty event pool
https://notcve.org/view.php?id=CVE-2023-52811
In the Linux kernel, the following vulnerability has been resolved: scsi: ibmvfc: Remove BUG_ON in the case of an empty event pool In practice the driver should never send more commands than are allocated to a queue's event pool. ... En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: scsi: ibmvfc: Eliminar BUG_ON en el caso de un grupo de eventos vacío. • https://git.kernel.org/stable/c/e1d1f79b1929dce470a5dc9281c574cd58e8c6c0 https://git.kernel.org/stable/c/88984ec4792766df5a9de7a2ff2b5f281f94c7d4 https://git.kernel.org/stable/c/d2af4ef80601224b90630c1ddc7cd2c7c8ab4dd8 https://git.kernel.org/stable/c/8bbe784c2ff28d56ca0c548aaf3e584edc77052d https://git.kernel.org/stable/c/b39f2d10b86d0af353ea339e5815820026bca48f https://access.redhat.com/security/cve/CVE-2023-52811 https://bugzilla.redhat.com/show_bug.cgi?id=2282743 • CWE-476: NULL Pointer Dereference •
CVE-2023-52810 – fs/jfs: Add check for negative db_l2nbperpage
https://notcve.org/view.php?id=CVE-2023-52810
In the Linux kernel, the following vulnerability has been resolved: fs/jfs: Add check for negative db_l2nbperpage l2nbperpage is log2(number of blks per page), and the minimum legal value should be 0, not negative. In the case of l2nbperpage being negative, an error will occur when subsequently used as shift exponent. Syzbot reported this bug: UBSAN: shift-out-of-bounds in fs/jfs/jfs_dmap.c:799:12 shift exponent -16777216 is negative En el kernel de Linux, se resolvió la siguiente vulnerabilidad: fs/jfs: agregue verificación para db_l2nbperpage negativo, l2nbperpage es log2 (número de bloques por página) y el valor mínimo legal debe ser 0, no negativo. • https://git.kernel.org/stable/c/cc61fcf7d1c99f148fe8ddfb5c6ed0bb75861f01 https://git.kernel.org/stable/c/8f2964df6bfce9d92d81ca552010b8677af8d9dc https://git.kernel.org/stable/c/a81a56b4cbe3142cc99f6b98e8f9b3a631c768e1 https://git.kernel.org/stable/c/524b4f203afcf87accfe387e846f33f916f0c907 https://git.kernel.org/stable/c/5f148b16972e5f4592629b244d5109b15135f53f https://git.kernel.org/stable/c/0cb567e727339a192f9fd0db00781d73a91d15a6 https://git.kernel.org/stable/c/491085258185ffc4fb91555b0dba895fe7656a45 https://git.kernel.org/stable/c/1a7c53fdea1d189087544d9a606d249e9 • CWE-1335: Incorrect Bitwise Shift of Integer •
CVE-2023-52809 – scsi: libfc: Fix potential NULL pointer dereference in fc_lport_ptp_setup()
https://notcve.org/view.php?id=CVE-2023-52809
In the Linux kernel, the following vulnerability has been resolved: scsi: libfc: Fix potential NULL pointer dereference in fc_lport_ptp_setup() fc_lport_ptp_setup() did not check the return value of fc_rport_create() which can return NULL and would cause a NULL pointer dereference. ... En el kernel de Linux, se resolvió la siguiente vulnerabilidad: scsi: libfc: corrigió la posible desreferencia del puntero NULL en fc_lport_ptp_setup() fc_lport_ptp_setup() no verificó el valor de retorno de fc_rport_create() que puede devolver NULL y causaría una desreferencia del puntero NULL. • https://git.kernel.org/stable/c/930f0aaba4820d6362de4e6ed569eaf444f1ea4e https://git.kernel.org/stable/c/77072ec41d6ab3718c3fc639bc149b8037caedfa https://git.kernel.org/stable/c/b549acf999824d4f751ca57965700372f2f3ad00 https://git.kernel.org/stable/c/bb83f79f90e92f46466adcfd4fd264a7ae0f0f01 https://git.kernel.org/stable/c/56d78b5495ebecbb9395101f3be177cd0a52450b https://git.kernel.org/stable/c/442fd24d7b6b29e4a9cd9225afba4142d5f522ba https://git.kernel.org/stable/c/f6fe7261b92b21109678747f36df9fdab1e30c34 https://git.kernel.org/stable/c/6b9ecf4e1032e645873933e5b43cbb84c • CWE-476: NULL Pointer Dereference •
CVE-2023-52808 – scsi: hisi_sas: Set debugfs_dir pointer to NULL after removing debugfs
https://notcve.org/view.php?id=CVE-2023-52808
In the Linux kernel, the following vulnerability has been resolved: scsi: hisi_sas: Set debugfs_dir pointer to NULL after removing debugfs If init debugfs failed during device registration due to memory allocation failure, debugfs_remove_recursive() is called, after which debugfs_dir is not set to NULL. debugfs_remove_recursive() will be called again during device removal. ... En el kernel de Linux, se resolvió la siguiente vulnerabilidad: scsi: hisi_sas: establezca el puntero debugfs_dir en NULL después de eliminar debugfs. • https://git.kernel.org/stable/c/f0bfc8a5561fb0b2c48183dcbfe00bdd6d973bd3 https://git.kernel.org/stable/c/33331b265aac9441ac0c1a5442e3f05d038240ec https://git.kernel.org/stable/c/75a2656260fe8c7eeabda6ff4600b29e183f48db https://git.kernel.org/stable/c/b4465009e7d60c6111946db4c8f1e50d401ed7be https://git.kernel.org/stable/c/6de426f9276c448e2db7238911c97fb157cb23be •
CVE-2023-52807 – net: hns3: fix out-of-bounds access may occur when coalesce info is read via debugfs
https://notcve.org/view.php?id=CVE-2023-52807
In the Linux kernel, the following vulnerability has been resolved: net: hns3: fix out-of-bounds access may occur when coalesce info is read via debugfs The hns3 driver define an array of string to show the coalesce info, but if the kernel adds a new mode or a new state, out-of-bounds access may occur when coalesce info is read via debugfs, this patch fix the problem. En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: net: hns3: se puede corregir el acceso fuera de los límites cuando se lee la información fusionada a través de debugfs. • https://git.kernel.org/stable/c/c99fead7cb07979f5db38035ccb5f02ad2c7106a https://git.kernel.org/stable/c/07f5b8c47152cadbd9102e053dcb60685820aa09 https://git.kernel.org/stable/c/be1f703f39efa27b7371b9a4cd983317f1366792 https://git.kernel.org/stable/c/f79d985c69060047426be68b7e4c1663d5d731b4 https://git.kernel.org/stable/c/53aba458f23846112c0d44239580ff59bc5c36c3 •