CVE-2023-52693 – ACPI: video: check for error while searching for backlight device parent
https://notcve.org/view.php?id=CVE-2023-52693
In the Linux kernel, the following vulnerability has been resolved: ACPI: video: check for error while searching for backlight device parent If acpi_get_parent() called in acpi_video_dev_register_backlight() fails, for example, because acpi_ut_acquire_mutex() fails inside acpi_get_parent), this can lead to incorrect (uninitialized) acpi_parent handle being passed to acpi_get_pci_dev() for detecting the parent pci device. Check acpi_get_parent() result and set parent device only in case of success. Found by Linux Verification Center (linuxtesting.org) with SVACE. En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: ACPI: vídeo: comprueba si hay errores al buscar el dispositivo de retroiluminación principal. ... Encontrado por el Centro de verificación de Linux (linuxtesting.org) con SVACE. • https://git.kernel.org/stable/c/9661e92c10a9775243c1ecb73373528ed8725a10 https://git.kernel.org/stable/c/556f02699d33c1f40b1b31bd25828ce08fa165d8 https://git.kernel.org/stable/c/1e3a2b9b4039bb4d136dca59fb31e06465e056f3 https://git.kernel.org/stable/c/c4e1a0ef0b4782854c9b77a333ca912b392bed2f https://git.kernel.org/stable/c/3a370502a5681986f9828e43be75ce26c6ab24af https://git.kernel.org/stable/c/2124c5bc22948fc4d09a23db4a8acdccc7d21e95 https://git.kernel.org/stable/c/39af144b6d01d9b40f52e5d773e653957e6c379c https://git.kernel.org/stable/c/72884ce4e10417b1233b614bf134da852 •
CVE-2023-52692 – ALSA: scarlett2: Add missing error check to scarlett2_usb_set_config()
https://notcve.org/view.php?id=CVE-2023-52692
In the Linux kernel, the following vulnerability has been resolved: ALSA: scarlett2: Add missing error check to scarlett2_usb_set_config() scarlett2_usb_set_config() calls scarlett2_usb_get() but was not checking the result. ... En el kernel de Linux, se resolvió la siguiente vulnerabilidad: ALSA: scarlett2: Añadida verificación de error faltante a scarlett2_usb_set_config() scarlett2_usb_set_config() llama a scarlett2_usb_get() pero no verifica el resultado. • https://git.kernel.org/stable/c/9e15fae6c51a362418f8b3054f1322c54675df94 https://git.kernel.org/stable/c/51d5697e1c0380d482c3eab002bfc8d0be177e99 https://git.kernel.org/stable/c/be96acd3eaa790d10a5b33e65267f52d02f6ad88 https://git.kernel.org/stable/c/996fde492ad9b9563ee483b363af40d7696a8467 https://git.kernel.org/stable/c/145c5aa51486171025ab47f35cff34bff8d0cea3 https://git.kernel.org/stable/c/ca459dfa7d4ed9098fcf13e410963be6ae9b6bf3 •
CVE-2023-52691 – drm/amd/pm: fix a double-free in si_dpm_init
https://notcve.org/view.php?id=CVE-2023-52691
In the Linux kernel, the following vulnerability has been resolved: drm/amd/pm: fix a double-free in si_dpm_init When the allocation of adev->pm.dpm.dyn_state.vddc_dependency_on_dispclk.entries fails, amdgpu_free_extended_power_table is called to free some fields of adev. However, when the control flow returns to si_dpm_sw_init, it goes to label dpm_failed and calls si_dpm_fini, which calls amdgpu_free_extended_power_table again and free those fields again. ... En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: drm/amd/pm: corrige una double free en si_dpm_init Cuando fallo la asignación de adev->pm.dpm.dyn_state.vddc_dependency_on_dispclk.entries, se llama a amdgpu_free_extended_power_table para liberar algunos campos de adev. • https://git.kernel.org/stable/c/841686df9f7d2942cfd94d024b8591fa3f74ef7c https://git.kernel.org/stable/c/afe9f5b871f86d58ecdc45b217b662227d7890d0 https://git.kernel.org/stable/c/06d95c99d5a4f5accdb79464076efe62e668c706 https://git.kernel.org/stable/c/aeed2b4e4a70c7568d4a5eecd6a109713c0dfbf4 https://git.kernel.org/stable/c/2bf47c89bbaca2bae16581ef1b28aaec0ade0334 https://git.kernel.org/stable/c/f957a1be647f7fc65926cbf572992ec2747a93f2 https://git.kernel.org/stable/c/fb1936cb587262cd539e84b34541abb06e42b2f9 https://git.kernel.org/stable/c/ca8e2e251c65e5a712f6025e27bd9b26d •
CVE-2023-52690 – powerpc/powernv: Add a null pointer check to scom_debug_init_one()
https://notcve.org/view.php?id=CVE-2023-52690
In the Linux kernel, the following vulnerability has been resolved: powerpc/powernv: Add a null pointer check to scom_debug_init_one() kasprintf() returns a pointer to dynamically allocated memory which can be NULL upon failure. Add a null pointer check, and release 'ent' to avoid memory leaks. En el kernel de Linux, se resolvió la siguiente vulnerabilidad: powerpc/powernv: agregue una verificación de puntero null a scom_debug_init_one() kasprintf() devuelve un puntero a la memoria asignada dinámicamente que puede ser NULL en caso de fallo. • https://git.kernel.org/stable/c/bfd2f0d49aef8abfe6bf58f12719f39912993cc6 https://git.kernel.org/stable/c/f84c1446daa552e9699da8d1f8375eac0f65edc7 https://git.kernel.org/stable/c/1eefa93faf69188540b08b024794fa90b1d82e8b https://git.kernel.org/stable/c/2a82c4439b903639e0a1f21990cd399fb0a49c19 https://git.kernel.org/stable/c/ed8d023cfa97b559db58c0e1afdd2eec7a83d8f2 https://git.kernel.org/stable/c/dd8422ff271c22058560832fc3006324ded895a9 https://git.kernel.org/stable/c/a9c05cbb6644a2103c75b6906e9dafb9981ebd13 https://git.kernel.org/stable/c/9a260f2dd827bbc82cc60eb4f4d8c2270 •
CVE-2023-52689 – ALSA: scarlett2: Add missing mutex lock around get meter levels
https://notcve.org/view.php?id=CVE-2023-52689
In the Linux kernel, the following vulnerability has been resolved: ALSA: scarlett2: Add missing mutex lock around get meter levels As scarlett2_meter_ctl_get() uses meter_level_map[], the data_mutex should be locked while accessing it. En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: ALSA: scarlett2: agrega un bloqueo mutex faltante alrededor de los niveles de obtención de medidores. • https://git.kernel.org/stable/c/3473185f31df29ac572be94fdb87ad8267108bec https://git.kernel.org/stable/c/74e3de7cdcc31ce75ab42350ae0946eff62a2da2 https://git.kernel.org/stable/c/993f7b42fa066b055e3a19b7f76ad8157c0927a0 https://access.redhat.com/security/cve/CVE-2023-52689 https://bugzilla.redhat.com/show_bug.cgi?id=2281305 •