CVSS: 7.3EPSS: 0%CPEs: 2EXPL: 0CVE-2024-50177 – drm/amd/display: fix a UBSAN warning in DML2.1
https://notcve.org/view.php?id=CVE-2024-50177
08 Nov 2024 — In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: fix a UBSAN warning in DML2.1 When programming phantom pipe, since cursor_width is explicity set to 0, this causes calculation logic to trigger overflow for an unsigned int triggering the kernel's UBSAN check as below: [ 40.962845] UBSAN: shift-out-of-bounds in /tmp/amd.EfpumTkO/amd/amdgpu/../display/dc/dml2/dml21/src/dml2_core/dml2_core_dcn4_calcs.c:3312:34 [ 40.962849] shift exponent 4294967170 is too large for 32-bit typ... • https://git.kernel.org/stable/c/27bc3da5eae57e3af8f5648b4498ffde48781434 •
CVSS: 5.5EPSS: 0%CPEs: 6EXPL: 0CVE-2024-50176 – remoteproc: k3-r5: Fix error handling when power-up failed
https://notcve.org/view.php?id=CVE-2024-50176
08 Nov 2024 — In the Linux kernel, the following vulnerability has been resolved: remoteproc: k3-r5: Fix error handling when power-up failed By simply bailing out, the driver was violating its rule and internal assumptions that either both or no rproc should be initialized. E.g., this could cause the first core to be available but not the second one, leading to crashes on its shutdown later on while trying to dereference that second instance. In the Linux kernel, the following vulnerability has been resolved: remoteproc:... • https://git.kernel.org/stable/c/2a1ec20b174c0f613224c59e694639ac07308b53 •
CVSS: 5.5EPSS: 0%CPEs: 4EXPL: 0CVE-2024-50175 – media: qcom: camss: Remove use_count guard in stop_streaming
https://notcve.org/view.php?id=CVE-2024-50175
08 Nov 2024 — In the Linux kernel, the following vulnerability has been resolved: media: qcom: camss: Remove use_count guard in stop_streaming The use_count check was introduced so that multiple concurrent Raw Data Interfaces RDIs could be driven by different virtual channels VCs on the CSIPHY input driving the video pipeline. This is an invalid use of use_count though as use_count pertains to the number of times a video entity has been opened by user-space not the number of active streams. If use_count and stream-on cou... • https://git.kernel.org/stable/c/89013969e23247661f0514c77f26d60fa083216c •
CVSS: 5.4EPSS: 0%CPEs: 3EXPL: 0CVE-2024-50174 – drm/panthor: Fix race when converting group handle to group object
https://notcve.org/view.php?id=CVE-2024-50174
08 Nov 2024 — In the Linux kernel, the following vulnerability has been resolved: drm/panthor: Fix race when converting group handle to group object XArray provides it's own internal lock which protects the internal array when entries are being simultaneously added and removed. However there is still a race between retrieving the pointer from the XArray and incrementing the reference count. To avoid this race simply hold the internal XArray lock when incrementing the reference count, this ensures there cannot be a racing... • https://git.kernel.org/stable/c/de85488138247d034eb3241840424a54d660926b •
CVSS: 7.1EPSS: 0%CPEs: 3EXPL: 0CVE-2024-50173 – drm/panthor: Fix access to uninitialized variable in tick_ctx_cleanup()
https://notcve.org/view.php?id=CVE-2024-50173
08 Nov 2024 — In the Linux kernel, the following vulnerability has been resolved: drm/panthor: Fix access to uninitialized variable in tick_ctx_cleanup() The group variable can't be used to retrieve ptdev in our second loop, because it points to the previously iterated list_head, not a valid group. Get the ptdev object from the scheduler instead. In the Linux kernel, the following vulnerability has been resolved: drm/panthor: Fix access to uninitialized variable in tick_ctx_cleanup() The group variable can't be used to r... • https://git.kernel.org/stable/c/d72f049087d4f973f6332b599c92177e718107de •
CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 0CVE-2024-50172 – RDMA/bnxt_re: Fix a possible memory leak
https://notcve.org/view.php?id=CVE-2024-50172
07 Nov 2024 — In the Linux kernel, the following vulnerability has been resolved: RDMA/bnxt_re: Fix a possible memory leak In bnxt_re_setup_chip_ctx() when bnxt_qplib_map_db_bar() fails driver is not freeing the memory allocated for "rdev->chip_ctx". En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: RDMA/bnxt_re: Se corrige una posible pérdida de memoria En bnxt_re_setup_chip_ctx() cuando bnxt_qplib_map_db_bar() falla, el controlador no libera la memoria asignada para "rdev->chip_ctx". In the Linux ke... • https://git.kernel.org/stable/c/0ac20faf5d837b59fb4c041ea320932ed47fd67f •
CVSS: 5.5EPSS: 0%CPEs: 8EXPL: 0CVE-2024-50171 – net: systemport: fix potential memory leak in bcm_sysport_xmit()
https://notcve.org/view.php?id=CVE-2024-50171
07 Nov 2024 — In the Linux kernel, the following vulnerability has been resolved: net: systemport: fix potential memory leak in bcm_sysport_xmit() The bcm_sysport_xmit() returns NETDEV_TX_OK without freeing skb in case of dma_map_single() fails, add dev_kfree_skb() to fix it. En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: net: systemport: corrige una posible pérdida de memoria en bcm_sysport_xmit(). Bcm_sysport_xmit() devuelve NETDEV_TX_OK sin liberar skb en caso de que dma_map_single() falle. Agregue... • https://git.kernel.org/stable/c/80105befdb4b8cea924711b40b2462b87df65b62 •
CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 0CVE-2024-50170 – net: bcmasp: fix potential memory leak in bcmasp_xmit()
https://notcve.org/view.php?id=CVE-2024-50170
07 Nov 2024 — In the Linux kernel, the following vulnerability has been resolved: net: bcmasp: fix potential memory leak in bcmasp_xmit() The bcmasp_xmit() returns NETDEV_TX_OK without freeing skb in case of mapping fails, add dev_kfree_skb() to fix it. En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: net: bcmasp: corrige una posible pérdida de memoria en bcmasp_xmit(). bcmasp_xmit() devuelve NETDEV_TX_OK sin liberar skb en caso de que falle el mapeo, agregue dev_kfree_skb() para solucionarlo. In the Li... • https://git.kernel.org/stable/c/490cb412007de593e07c1d3e2b1ec4233886707c •
CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 0CVE-2024-50169 – vsock: Update rx_bytes on read_skb()
https://notcve.org/view.php?id=CVE-2024-50169
07 Nov 2024 — In the Linux kernel, the following vulnerability has been resolved: vsock: Update rx_bytes on read_skb() Make sure virtio_transport_inc_rx_pkt() and virtio_transport_dec_rx_pkt() calls are balanced (i.e. virtio_vsock_sock::rx_bytes doesn't lie) after vsock_transport::read_skb(). While here, also inform the peer that we've freed up space and it has more credit. Failing to update rx_bytes after packet is dequeued leads to a warning on SOCK_STREAM recv(): [ 233.396654] rx_queue is empty, but rx_bytes is non-ze... • https://git.kernel.org/stable/c/634f1a7110b439c65fd8a809171c1d2d28bcea6f •
CVSS: 5.5EPSS: 0%CPEs: 8EXPL: 0CVE-2024-50168 – net/sun3_82586: fix potential memory leak in sun3_82586_send_packet()
https://notcve.org/view.php?id=CVE-2024-50168
07 Nov 2024 — In the Linux kernel, the following vulnerability has been resolved: net/sun3_82586: fix potential memory leak in sun3_82586_send_packet() The sun3_82586_send_packet() returns NETDEV_TX_OK without freeing skb in case of skb->len being too long, add dev_kfree_skb() to fix it. En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: net/sun3_82586: corrige una posible pérdida de memoria en sun3_82586_send_packet(). sun3_82586_send_packet() devuelve NETDEV_TX_OK sin liberar skb en caso de que skb->... • https://git.kernel.org/stable/c/1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 •