CVSS: 5.5EPSS: 0%CPEs: 8EXPL: 0CVE-2024-44931 – gpio: prevent potential speculation leaks in gpio_device_get_desc()
https://notcve.org/view.php?id=CVE-2024-44931
26 Aug 2024 — In the Linux kernel, the following vulnerability has been resolved: gpio: prevent potential speculation leaks in gpio_device_get_desc() Userspace may trigger a speculative read of an address outside the gpio descriptor array. Users can do that by calling gpio_ioctl() with an offset out of range. Offset is copied from user and then used as an array index to get the gpio descriptor without sanitization in gpio_device_get_desc(). This change ensures that the offset is sanitized by using array_index_nospec() to... • https://git.kernel.org/stable/c/18504710442671b02d00e6db9804a0ad26c5a479 •
CVSS: 5.5EPSS: 0%CPEs: 8EXPL: 0CVE-2024-43914 – md/raid5: avoid BUG_ON() while continue reshape after reassembling
https://notcve.org/view.php?id=CVE-2024-43914
26 Aug 2024 — In the Linux kernel, the following vulnerability has been resolved: md/raid5: avoid BUG_ON() while continue reshape after reassembling Currently, mdadm support --revert-reshape to abort the reshape while reassembling, as the test 07revert-grow. However, following BUG_ON() can be triggerred by the test: kernel BUG at drivers/md/raid5.c:6278! invalid opcode: 0000 [#1] PREEMPT SMP PTI irq event stamp: 158985 CPU: 6 PID: 891 Comm: md0_reshape Not tainted 6.9.0-03335-g7592a0b0049a #94 RIP: 0010:reshape_request+0... • https://git.kernel.org/stable/c/2c92f8c1c456d556f15cbf51667b385026b2e6a0 •
CVSS: 5.5EPSS: 0%CPEs: 4EXPL: 0CVE-2024-43912 – wifi: nl80211: disallow setting special AP channel widths
https://notcve.org/view.php?id=CVE-2024-43912
26 Aug 2024 — In the Linux kernel, the following vulnerability has been resolved: wifi: nl80211: disallow setting special AP channel widths Setting the AP channel width is meant for use with the normal 20/40/... MHz channel width progression, and switching around in S1G or narrow channels isn't supported. Disallow that. In the Linux kernel, the following vulnerability has been resolved: wifi: nl80211: disallow setting special AP channel widths Setting the AP channel width is meant for use with the normal 20/40/... MHz ch... • https://git.kernel.org/stable/c/3d42f2125f6c89e1e71c87b9f23412afddbba45e •
CVSS: 5.7EPSS: 0%CPEs: 4EXPL: 0CVE-2024-43911 – wifi: mac80211: fix NULL dereference at band check in starting tx ba session
https://notcve.org/view.php?id=CVE-2024-43911
26 Aug 2024 — In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211: fix NULL dereference at band check in starting tx ba session In MLD connection, link_data/link_conf are dynamically allocated. They don't point to vif->bss_conf. So, there will be no chanreq assigned to vif->bss_conf and then the chan will be NULL. Tweak the code to check ht_supported/vht_supported/has_he/has_eht on sta deflink. Crash log (with rtw89 version under MLO development): [ 9890.526087] BUG: kernel NULL pointer der... • https://git.kernel.org/stable/c/0acaf4a5025d6dafb7da787d2d4c47ed95e46ed6 • CWE-476: NULL Pointer Dereference •
CVSS: 5.5EPSS: 0%CPEs: 5EXPL: 0CVE-2024-43909 – drm/amdgpu/pm: Fix the null pointer dereference for smu7
https://notcve.org/view.php?id=CVE-2024-43909
26 Aug 2024 — In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu/pm: Fix the null pointer dereference for smu7 optimize the code to avoid pass a null pointer (hwmgr->backend) to function smu7_update_edc_leakage_table. In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu/pm: Fix the null pointer dereference for smu7 optimize the code to avoid pass a null pointer (hwmgr->backend) to function smu7_update_edc_leakage_table. Andy Nguyen discovered that the Bluetooth L2CAP ... • https://git.kernel.org/stable/c/37b9df457cbcf095963d18f17d6cb7dfa0a03fce •
CVSS: 5.5EPSS: 0%CPEs: 7EXPL: 0CVE-2024-43908 – drm/amdgpu: Fix the null pointer dereference to ras_manager
https://notcve.org/view.php?id=CVE-2024-43908
26 Aug 2024 — In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Fix the null pointer dereference to ras_manager Check ras_manager before using it Ubuntu Security Notice 7154-1 - Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. • https://git.kernel.org/stable/c/ff5c4eb71ee8951c789b079f6e948f86708b04ed •
CVSS: 5.5EPSS: 0%CPEs: 6EXPL: 0CVE-2024-43907 – drm/amdgpu/pm: Fix the null pointer dereference in apply_state_adjust_rules
https://notcve.org/view.php?id=CVE-2024-43907
26 Aug 2024 — In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu/pm: Fix the null pointer dereference in apply_state_adjust_rules Check the pointer value to fix potential null pointer dereference In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu/pm: Fix the null pointer dereference in apply_state_adjust_rules Check the pointer value to fix potential null pointer dereference Ubuntu Security Notice 7156-1 - Chenyuan Yang discovered that the USB Gadget subsystem in th... • https://git.kernel.org/stable/c/c1749313f35b98e2e655479f037db37f19756622 •
CVSS: 5.5EPSS: 0%CPEs: 6EXPL: 0CVE-2024-43905 – drm/amd/pm: Fix the null pointer dereference for vega10_hwmgr
https://notcve.org/view.php?id=CVE-2024-43905
26 Aug 2024 — In the Linux kernel, the following vulnerability has been resolved: drm/amd/pm: Fix the null pointer dereference for vega10_hwmgr Check return value and conduct null pointer handling to avoid null pointer dereference. Ubuntu Security Notice 7144-1 - Supraja Sridhara, Benedict Schlüter, Mark Kuhne, Andrin Bertschi, and Shweta Shinde discovered that the Confidential Computing framework in the Linux kernel for x86 platforms did not properly handle 32-bit emulation on TDX and SEV. An attacker with access to the... • https://git.kernel.org/stable/c/2ac9deb7e087f0b461c3559d9eaa6b9cf19d3fa8 •
CVSS: 5.5EPSS: 0%CPEs: 4EXPL: 0CVE-2024-43904 – drm/amd/display: Add null checks for 'stream' and 'plane' before dereferencing
https://notcve.org/view.php?id=CVE-2024-43904
26 Aug 2024 — In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Add null checks for 'stream' and 'plane' before dereferencing This commit adds null checks for the 'stream' and 'plane' variables in the dcn30_apply_idle_power_optimizations function. These variables were previously assumed to be null at line 922, but they were used later in the code without checking if they were null. This could potentially lead to a null pointer dereference, which would cause a crash. The null checks ensu... • https://git.kernel.org/stable/c/5e84eda48ffb2363437db44bbd0235594f8a58f9 •
CVSS: 5.5EPSS: 0%CPEs: 5EXPL: 0CVE-2024-43902 – drm/amd/display: Add null checker before passing variables
https://notcve.org/view.php?id=CVE-2024-43902
26 Aug 2024 — In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Add null checker before passing variables Checks null pointer before passing variables to functions. This fixes 3 NULL_RETURNS issues reported by Coverity. Andy Nguyen discovered that the Bluetooth L2CAP implementation in the Linux kernel contained a type-confusion error. A physically proximate remote attacker could use this to cause a denial of service or possibly execute arbitrary code. Andy Nguyen discovered that the Blu... • https://git.kernel.org/stable/c/d0b8b23b9c2ebec693a36fea518d8f13493ad655 •