CVSS: -EPSS: 0%CPEs: 4EXPL: 0CVE-2023-52795 – vhost-vdpa: fix use after free in vhost_vdpa_probe()
https://notcve.org/view.php?id=CVE-2023-52795
In the Linux kernel, the following vulnerability has been resolved: vhost-vdpa: fix use after free in vhost_vdpa_probe() The put_device() calls vhost_vdpa_release_dev() which calls ida_simple_remove() and frees "v". ... En el kernel de Linux se ha resuelto la siguiente vulnerabilidad: vhost-vdpa: corrige el use after free en vhost_vdpa_probe(). • https://git.kernel.org/stable/c/ebe6a354fa7e0a7d5b581da31ad031b19d8693f9 https://git.kernel.org/stable/c/c0f8b8fb7df9d1a38652eb5aa817afccd3c56111 https://git.kernel.org/stable/c/ae8ea4e200675a940c365b496ef8e3fb4123601c https://git.kernel.org/stable/c/bf04132cd64ccde4e9e9765d489c83fe83c09b7f https://git.kernel.org/stable/c/e07754e0a1ea2d63fb29574253d1fd7405607343 •
CVSS: -EPSS: 0%CPEs: 3EXPL: 0CVE-2023-52794 – thermal: intel: powerclamp: fix mismatch in get function for max_idle
https://notcve.org/view.php?id=CVE-2023-52794
In the Linux kernel, the following vulnerability has been resolved: thermal: intel: powerclamp: fix mismatch in get function for max_idle KASAN reported this [ 444.853098] BUG: KASAN: global-out-of-bounds in param_get_int+0x77/0x90 [ 444.853111] Read of size 4 at addr ffffffffc16c9220 by task cat/2105 ... [ 444.853442] The buggy address belongs to the variable: [ 444.853443] max_idle+0x0/0xffffffffffffcde0 [intel_powerclamp] There is a mismatch between the param_get_int and the definition of max_idle. ... En el kernel de Linux, se resolvió la siguiente vulnerabilidad: térmica: intel: powerclamp: corrige la falta de coincidencia en la función get para max_idle KASAN informó esto [444.853098] BUG: KASAN: global-fuera de los límites en param_get_int+0x77/0x90 [444.853111 ] Lectura de tamaño 4 en addr ffffffffc16c9220 por tarea cat/2105... [444.853442] La dirección con errores pertenece a la variable: [444.853443] max_idle+0x0/0xffffffffffffffcde0 [intel_powerclamp] Hay una discrepancia entre param_get_int y la definición de max_idle . • https://git.kernel.org/stable/c/ebf519710218814cf827adbf9111af081344c969 https://git.kernel.org/stable/c/6a3866dbdcf39ac93e98708e6abced511733dc18 https://git.kernel.org/stable/c/0a8585281b11e3a0723bba8d8085d61f0b55f37c https://git.kernel.org/stable/c/fae633cfb729da2771b5433f6b84ae7e8b4aa5f7 •
CVSS: -EPSS: 0%CPEs: 4EXPL: 0CVE-2023-52792 – cxl/region: Do not try to cleanup after cxl_region_setup_targets() fails
https://notcve.org/view.php?id=CVE-2023-52792
In the Linux kernel, the following vulnerability has been resolved: cxl/region: Do not try to cleanup after cxl_region_setup_targets() fails Commit 5e42bcbc3fef ("cxl/region: decrement ->nr_targets on error in cxl_region_attach()") tried to avoid 'eiw' initialization errors when ->nr_targets exceeded 16, by just decrementing ->nr_targets when cxl_region_setup_targets() failed. Commit 86987c766276 ("cxl/region: Cleanup target list on attach error") extended that cleanup to also clear cxled->pos and p->targets[pos]. ... En el kernel de Linux, se resolvió la siguiente vulnerabilidad: cxl/region: no intente realizar la limpieza después de que cxl_region_setup_targets() falle. • https://git.kernel.org/stable/c/5e42bcbc3fef6e759dfb4d3f4cfb394c382b4249 https://git.kernel.org/stable/c/90db4c1d5ebaf574d3c3065c055977982c378a83 https://git.kernel.org/stable/c/9090c5537c93cd0811ab7bfbd925b57addfffb60 https://git.kernel.org/stable/c/07ffcd8ec79cf7383e1e45815f4842fd357991c2 https://git.kernel.org/stable/c/0718588c7aaa7a1510b4de972370535b61dddd0d •
CVSS: 4.4EPSS: 0%CPEs: 7EXPL: 0CVE-2023-52791 – i2c: core: Run atomic i2c xfer when !preemptible
https://notcve.org/view.php?id=CVE-2023-52791
In the Linux kernel, the following vulnerability has been resolved: i2c: core: Run atomic i2c xfer when !... En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: i2c: core: ejecute atomic i2c xfer cuando ! • https://git.kernel.org/stable/c/bae1d3a05a8b99bd748168bbf8155a1d047c562e https://git.kernel.org/stable/c/25eb381a736e7ae39a4245ef5c96484eb1073809 https://git.kernel.org/stable/c/25284c46b657f48c0f3880a2e0706c70d81182c0 https://git.kernel.org/stable/c/f6237afabc349c1c7909db00e15d2816519e0d2b https://git.kernel.org/stable/c/185f3617adc8fe45e40489b458f03911f0dec46c https://git.kernel.org/stable/c/8c3fa52a46ff4d208cefb1a462ec94e0043a91e1 https://git.kernel.org/stable/c/3473cf43b9068b9dfef2f545f833f33c6a544b91 https://git.kernel.org/stable/c/aa49c90894d06e18a1ee7c095edbd2f37 • CWE-459: Incomplete Cleanup •
CVSS: -EPSS: 0%CPEs: 2EXPL: 0CVE-2023-52790 – swiotlb: fix out-of-bounds TLB allocations with CONFIG_SWIOTLB_DYNAMIC
https://notcve.org/view.php?id=CVE-2023-52790
In the Linux kernel, the following vulnerability has been resolved: swiotlb: fix out-of-bounds TLB allocations with CONFIG_SWIOTLB_DYNAMIC Limit the free list length to the size of the IO TLB. ... En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: swiotlb: corrige asignaciones de TLB fuera de los límites con CONFIG_SWIOTLB_DYNAMIC Limita la longitud de la lista libre al tamaño del IO TLB. • https://git.kernel.org/stable/c/79636caad3618e2b38457f6e298c9b31ba82b489 https://git.kernel.org/stable/c/ce7612496a4ba6068bc68aa1fa9d947dadb4ad9b https://git.kernel.org/stable/c/53c87e846e335e3c18044c397cc35178163d7827 •