CVSS: 5.5EPSS: 0%CPEs: 9EXPL: 0CVE-2023-52806 – ALSA: hda: Fix possible null-ptr-deref when assigning a stream
https://notcve.org/view.php?id=CVE-2023-52806
21 May 2024 — In the Linux kernel, the following vulnerability has been resolved: ALSA: hda: Fix possible null-ptr-deref when assigning a stream While AudioDSP drivers assign streams exclusively of HOST or LINK type, nothing blocks a user to attempt to assign a COUPLED stream. In the Linux kernel, the following vulnerability has been resolved: ALSA: hda: Fix possible null-ptr-deref when assigning a stream While AudioDSP drivers assign streams exclusively of HOST or LINK type, nothing blocks a user to attemp... • https://git.kernel.org/stable/c/7de25112de8222fd20564769e6c99dc9f9738a0b • CWE-476: NULL Pointer Dereference •
CVSS: 7.8EPSS: 0%CPEs: 9EXPL: 0CVE-2023-52805 – jfs: fix array-index-out-of-bounds in diAlloc
https://notcve.org/view.php?id=CVE-2023-52805
21 May 2024 — In the Linux kernel, the following vulnerability has been resolved: jfs: fix array-index-out-of-bounds in diAlloc Currently there is not check against the agno of the iag while allocating new inodes to avoid fragmentation problem. In the Linux kernel, the following vulnerability has been resolved: jfs: fix array-index-out-of-bounds in diAlloc Currently there is not check against the agno of the iag while allocating new inodes to avoid fragmentation problem. ... En el kernel de Linux, se... • https://git.kernel.org/stable/c/2308d0fb0dc32446b4e6ca37cd09c30374bb64e9 •
CVSS: 5.3EPSS: 0%CPEs: 9EXPL: 0CVE-2023-52804 – fs/jfs: Add validity check for db_maxag and db_agpref
https://notcve.org/view.php?id=CVE-2023-52804
21 May 2024 — In the Linux kernel, the following vulnerability has been resolved: fs/jfs: Add validity check for db_maxag and db_agpref Both db_maxag and db_agpref are used as the index of the db_agfree array, but there is currently no validity check for db_maxag and db_agpref, which can lead to errors. In the Linux kernel, the following vulnerability has been resolved: fs/jfs: Add validity check for db_maxag and db_agpref Both db_maxag and db_agpref are used as the index of the db_agfree array, but there i... • https://git.kernel.org/stable/c/a0649e2dd4a3595b5595a29d0064d047c2fae2fb •
CVSS: 5.9EPSS: 0%CPEs: 8EXPL: 0CVE-2023-52803 – SUNRPC: Fix RPC client cleaned up the freed pipefs dentries
https://notcve.org/view.php?id=CVE-2023-52803
21 May 2024 — In the Linux kernel, the following vulnerability has been resolved: SUNRPC: Fix RPC client cleaned up the freed pipefs dentries RPC client pipefs dentries cleanup is in separated rpc_remove_pipedir() workqueue,which takes care about pipefs superblock locking. In some special scenarios, when kernel frees the pipefs sb of the current client and immediately alloctes a new pipefs sb, rpc_remove_pipedir function would misjudge the existence of pipefs sb which is not the one it used to hold. ... • https://git.kernel.org/stable/c/0157d021d23a087eecfa830502f81cfe843f0d16 • CWE-416: Use After Free •
CVSS: 9.1EPSS: 0%CPEs: 3EXPL: 0CVE-2023-52801 – iommufd: Fix missing update of domains_itree after splitting iopt_area
https://notcve.org/view.php?id=CVE-2023-52801
21 May 2024 — In the Linux kernel, the following vulnerability has been resolved: iommufd: Fix missing update of domains_itree after splitting iopt_area In iopt_area_split(), if the original iopt_area has filled a domain and is linked to domains_itree, pages_nodes have to be properly reinserted. In the Linux kernel, the following vulnerability has been resolved: iommufd: Fix missing update of domains_itree after splitting iopt_area In iopt_area_split(), if the original iopt_area has filled a domain and is l... • https://git.kernel.org/stable/c/51fe6141f0f64ae0bbc096a41a07572273e8c0ef • CWE-99: Improper Control of Resource Identifiers ('Resource Injection') CWE-284: Improper Access Control •
CVSS: 5.9EPSS: 0%CPEs: 6EXPL: 0CVE-2023-52800 – wifi: ath11k: fix htt pktlog locking
https://notcve.org/view.php?id=CVE-2023-52800
21 May 2024 — In the Linux kernel, the following vulnerability has been resolved: wifi: ath11k: fix htt pktlog locking The ath11k active pdevs are protected by RCU but the htt pktlog handling code calling ath11k_mac_get_ar_by_pdev_id() was not marked as a read-side critical section. In the Linux kernel, the following vulnerability has been resolved: wifi: ath11k: fix htt pktlog locking The ath11k active pdevs are protected by RCU but the htt pktlog handling code calling ath11k_mac_get_ar_by_pdev_id() was no... • https://git.kernel.org/stable/c/d5c65159f2895379e11ca13f62feabe93278985d • CWE-413: Improper Resource Locking CWE-416: Use After Free •
CVSS: 7.8EPSS: 0%CPEs: 9EXPL: 0CVE-2023-52799 – jfs: fix array-index-out-of-bounds in dbFindLeaf
https://notcve.org/view.php?id=CVE-2023-52799
21 May 2024 — In the Linux kernel, the following vulnerability has been resolved: jfs: fix array-index-out-of-bounds in dbFindLeaf Currently while searching for dmtree_t for sufficient free blocks there is an array out of bounds while getting element in tp->dm_stree. In the Linux kernel, the following vulnerability has been resolved: jfs: fix array-index-out-of-bounds in dbFindLeaf Currently while searching for dmtree_t for sufficient free blocks there is an array out of bounds while getting element in tp->... • https://git.kernel.org/stable/c/20f9310a18e3e99fc031e036fcbed67105ae1859 •
CVSS: 8.8EPSS: 0%CPEs: 6EXPL: 0CVE-2023-52798 – wifi: ath11k: fix dfs radar event locking
https://notcve.org/view.php?id=CVE-2023-52798
21 May 2024 — In the Linux kernel, the following vulnerability has been resolved: wifi: ath11k: fix dfs radar event locking The ath11k active pdevs are protected by RCU but the DFS radar event handling code calling ath11k_mac_get_ar_by_pdev_id() was not marked as a read-side critical section. In the Linux kernel, the following vulnerability has been resolved: wifi: ath11k: fix dfs radar event locking The ath11k active pdevs are protected by RCU but the DFS radar event handling code calling ath11k_mac_get_ar... • https://git.kernel.org/stable/c/d5c65159f2895379e11ca13f62feabe93278985d • CWE-416: Use After Free •
CVSS: 4.7EPSS: 0%CPEs: 3EXPL: 0CVE-2023-52797 – drivers: perf: Check find_first_bit() return value
https://notcve.org/view.php?id=CVE-2023-52797
21 May 2024 — In the Linux kernel, the following vulnerability has been resolved: drivers: perf: Check find_first_bit() return value We must check the return value of find_first_bit() before using the return value as an index array since it happens to overflow the array and then panic: [ 107.318430] Kernel BUG [#1] [ 107.319434] CPU: 3 PID: 1238 Comm: kill Tainted: G E 6.6.0-rc6ubuntu-defconfig #2 [ 107.319465] Hardware name: riscv-virtio,qemu (DT) [ 107.319551] epc : pmu_sbi_ovf_handler+0x3a4/0x3ae [ 107.319840] ... • https://git.kernel.org/stable/c/4905ec2fb7e6421c14c9fb7276f5aa92f60f2b98 •
CVSS: 4.6EPSS: 0%CPEs: 8EXPL: 0CVE-2023-52796 – ipvlan: add ipvlan_route_v6_outbound() helper
https://notcve.org/view.php?id=CVE-2023-52796
21 May 2024 — BUG: TASK stack guard page was hit at ffffc9000e803ff8 (stack is ffffc9000e804000..ffffc9000e808000) stack guard page: 0000 [#1] SMP KASAN CPU: 0 PID: 13442 Comm: syz-executor.4 Not tainted 6.1.52-syzkaller #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/09/2023 RIP: 0010:kasan_check_range+0x4/0x2a0 mm/kasan/generic.c:188 Code: 48 01 c6 48 89 c7 e8 db 4e c1 03 31 c0 5d c3 cc 0f 0b eb 02 0f 0b b8 ea ff ff ff 5d c3 cc 00 00 cc cc 00 00 cc cc 55 48 89 e5 <41> 57 41 56 41 55... • https://git.kernel.org/stable/c/2ad7bf3638411cb547f2823df08166c13ab04269 • CWE-121: Stack-based Buffer Overflow •