CVSS: 5.5EPSS: 0%CPEs: 8EXPL: 0CVE-2023-52698 – calipso: fix memory leak in netlbl_calipso_add_pass()
https://notcve.org/view.php?id=CVE-2023-52698
In the Linux kernel, the following vulnerability has been resolved: calipso: fix memory leak in netlbl_calipso_add_pass() If IPv6 support is disabled at boot (ipv6.disable=1), the calipso_init() -> netlbl_calipso_ops_register() function isn't called, and the netlbl_calipso_ops_get() function always returns NULL. In this case, the netlbl_calipso_add_pass() function allocates memory for the doi_def variable but doesn't free it with the calipso_doi_free(). BUG: memory leak unreferenced object 0xffff888011d68180 (size 64): comm "syz-executor.1", pid 10746, jiffies 4295410986 (age 17.928s) hex dump (first 32 bytes): 00 00 00 00 02 00 00 00 00 00 00 00 00 00 00 00 ................ 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ backtrace: [<...>] kmalloc include/linux/slab.h:552 [inline] [<...>] netlbl_calipso_add_pass net/netlabel/netlabel_calipso.c:76 [inline] [<...>] netlbl_calipso_add+0x22e/0x4f0 net/netlabel/netlabel_calipso.c:111 [<...>] genl_family_rcv_msg_doit+0x22f/0x330 net/netlink/genetlink.c:739 [<...>] genl_family_rcv_msg net/netlink/genetlink.c:783 [inline] [<...>] genl_rcv_msg+0x341/0x5a0 net/netlink/genetlink.c:800 [<...>] netlink_rcv_skb+0x14d/0x440 net/netlink/af_netlink.c:2515 [<...>] genl_rcv+0x29/0x40 net/netlink/genetlink.c:811 [<...>] netlink_unicast_kernel net/netlink/af_netlink.c:1313 [inline] [<...>] netlink_unicast+0x54b/0x800 net/netlink/af_netlink.c:1339 [<...>] netlink_sendmsg+0x90a/0xdf0 net/netlink/af_netlink.c:1934 [<...>] sock_sendmsg_nosec net/socket.c:651 [inline] [<...>] sock_sendmsg+0x157/0x190 net/socket.c:671 [<...>] ____sys_sendmsg+0x712/0x870 net/socket.c:2342 [<...>] ___sys_sendmsg+0xf8/0x170 net/socket.c:2396 [<...>] __sys_sendmsg+0xea/0x1b0 net/socket.c:2429 [<...>] do_syscall_64+0x30/0x40 arch/x86/entry/common.c:46 [<...>] entry_SYSCALL_64_after_hwframe+0x61/0xc6 Found by InfoTeCS on behalf of Linux Verification Center (linuxtesting.org) with Syzkaller [PM: merged via the LSM tree at Jakub Kicinski request] En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: calipso: corrige la pérdida de memoria en netlbl_calipso_add_pass() Si la compatibilidad con IPv6 está deshabilitada en el arranque (ipv6.disable=1), no se llama a la función calipso_init() -> netlbl_calipso_ops_register() y la función netlbl_calipso_ops_get() siempre devuelve NULL. ... >] kmalloc include/linux/slab.h:552 [en línea] [<...... >] Entry_SYSCALL_64_after_hwframe+0x61/0xc6 Encontrado por InfoTeCS en nombre del Centro de verificación de Linux (linuxtesting.org) con Syzkaller [PM: fusionado a través del árbol LSM a petición de Jakub Kicinski] • https://git.kernel.org/stable/c/cb72d38211eacda2dd90b09540542b6582da614e https://git.kernel.org/stable/c/9a8f811a146aa2a0230f8edb2e9f4b6609aab8da https://git.kernel.org/stable/c/36e19f84634aaa94f543fedc0a07588949638d53 https://git.kernel.org/stable/c/44a88650ba55e6a7f2ec485d2c2413ba7e216f01 https://git.kernel.org/stable/c/a4529a08d3704c17ea9c7277d180e46b99250ded https://git.kernel.org/stable/c/321b3a5592c8a9d6b654c7c64833ea67dbb33149 https://git.kernel.org/stable/c/408bbd1e1746fe33e51f4c81c2febd7d3841d031 https://git.kernel.org/stable/c/f14d36e6e97fe935a20e0ceb159c100f9 •
CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 0CVE-2023-52697 – ASoC: Intel: sof_sdw_rt_sdca_jack_common: ctx->headset_codec_dev = NULL
https://notcve.org/view.php?id=CVE-2023-52697
In the Linux kernel, the following vulnerability has been resolved: ASoC: Intel: sof_sdw_rt_sdca_jack_common: ctx->headset_codec_dev = NULL sof_sdw_rt_sdca_jack_exit() are used by different codecs, and some of them use the same dai name. For example, rt712 and rt713 both use "rt712-sdca-aif1" and sof_sdw_rt_sdca_jack_exit(). As a result, sof_sdw_rt_sdca_jack_exit() will be called twice by mc_dailink_exit_loop(). ... En el kernel de Linux se ha resuelto la siguiente vulnerabilidad: ASoC: Intel: sof_sdw_rt_sdca_jack_common: ctx->headset_codec_dev = NULL sof_sdw_rt_sdca_jack_exit() son usados por diferentes códecs, y algunos de ellos usan el mismo nombre dai. • https://git.kernel.org/stable/c/5360c67046385f90406ec17e367ba9aeb42d5459 https://git.kernel.org/stable/c/a410d58117d6da4b7d41f3c91365f191d006bc3d https://git.kernel.org/stable/c/582231a8c4f73ac153493687ecc1bed853e9c9ef https://git.kernel.org/stable/c/e38e252dbceeef7d2f848017132efd68e9ae1416 https://access.redhat.com/security/cve/CVE-2023-52697 https://bugzilla.redhat.com/show_bug.cgi?id=2281288 •
CVSS: 7.5EPSS: 0%CPEs: 7EXPL: 0CVE-2023-52696 – powerpc/powernv: Add a null pointer check in opal_powercap_init()
https://notcve.org/view.php?id=CVE-2023-52696
In the Linux kernel, the following vulnerability has been resolved: powerpc/powernv: Add a null pointer check in opal_powercap_init() kasprintf() returns a pointer to dynamically allocated memory which can be NULL upon failure. En el kernel de Linux, se resolvió la siguiente vulnerabilidad: powerpc/powernv: agregue una verificación de puntero null en opal_powercap_init() kasprintf() devuelve un puntero a la memoria asignada dinámicamente que puede ser NULL en caso de fallo. • https://git.kernel.org/stable/c/b9ef7b4b867f56114bedbe6bf104cfaba0ca818e https://git.kernel.org/stable/c/9da4a56dd3772570512ca58aa8832b052ae910dc https://git.kernel.org/stable/c/a67a04ad05acb56640798625e73fa54d6d41cce1 https://git.kernel.org/stable/c/6b58d16037217d0c64a2a09b655f370403ec7219 https://git.kernel.org/stable/c/f152a6bfd187f67afeffc9fd68cbe46f51439be0 https://git.kernel.org/stable/c/69f95c5e9220f77ce7c540686b056c2b49e9a664 https://git.kernel.org/stable/c/b02ecc35d01a76b4235e008d2dd292895b28ecab https://git.kernel.org/stable/c/e123015c0ba859cf48aa7f89c5016cc6e • CWE-476: NULL Pointer Dereference •
CVSS: -EPSS: 0%CPEs: 2EXPL: 0CVE-2023-52695 – drm/amd/display: Check writeback connectors in create_validate_stream_for_sink
https://notcve.org/view.php?id=CVE-2023-52695
In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Check writeback connectors in create_validate_stream_for_sink [WHY & HOW] This is to check connector type to avoid unhandled null pointer for writeback connectors. En el kernel de Linux, se resolvió la siguiente vulnerabilidad: drm/amd/display: Verifique los conectores de reescritura en create_validate_stream_for_sink [POR QUÉ Y CÓMO] Esto es para verificar el tipo de conector para evitar punteros nulos no controlados para los conectores de reescritura. • https://git.kernel.org/stable/c/60e034f28600399705d79d4629dddcc301076e54 https://git.kernel.org/stable/c/0fe85301b95077ac4fa4a91909d38b7341e81187 https://git.kernel.org/stable/c/dbf5d3d02987faa0eec3710dd687cd912362d7b5 •
CVSS: -EPSS: 0%CPEs: 6EXPL: 0CVE-2023-52694 – drm/bridge: tpd12s015: Drop buggy __exit annotation for remove function
https://notcve.org/view.php?id=CVE-2023-52694
In the Linux kernel, the following vulnerability has been resolved: drm/bridge: tpd12s015: Drop buggy __exit annotation for remove function With tpd12s015_remove() marked with __exit this function is discarded when the driver is compiled as a built-in. ... En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: drm/bridge: tpd12s015: Eliminar anotación __exit con errores para eliminar función Con tpd12s015_remove() marcado con __exit, esta función se descarta cuando el controlador se compila como integrado. • https://git.kernel.org/stable/c/cff5e6f7e83f6271ed75972e9a2920e2c7f62d6c https://git.kernel.org/stable/c/53926e2a39629702f7f809d614b3ca89c2478205 https://git.kernel.org/stable/c/08ccff6ece35f08e8107e975903c370d849089e5 https://git.kernel.org/stable/c/81f1bd85960b7a089a91e679ff7cd2524390bbf1 https://git.kernel.org/stable/c/a8657406e12aa10412134622c58977ac657f16d2 https://git.kernel.org/stable/c/e00ec5901954d85b39b5f10f94e60ab9af463eb1 https://git.kernel.org/stable/c/ce3e112e7ae854249d8755906acc5f27e1542114 https://lists.debian.org/debian-lts-announce/2024/06/ •