CVE-2024-47753 – media: mediatek: vcodec: Fix VP8 stateless decoder smatch warning
https://notcve.org/view.php?id=CVE-2024-47753
In the Linux kernel, the following vulnerability has been resolved: media: mediatek: vcodec: Fix VP8 stateless decoder smatch warning Fix a smatch static checker warning on vdec_vp8_req_if.c. Which leads to a kernel crash when fb is NULL. • https://git.kernel.org/stable/c/7a7ae26fd458397d04421756dd19e5b8cf29a08f https://git.kernel.org/stable/c/dbe5b7373801c261f3ea118145fbb2caac5f9324 https://git.kernel.org/stable/c/35cc704622b3a9bc02a4755d5ba80238eee3cdc2 https://git.kernel.org/stable/c/3167aa42941b68405a092df114453ef0f1b09c2c https://git.kernel.org/stable/c/b113bc7c0e83b32f4dd2d291a2b6c4803e0a2c44 •
CVE-2024-47752 – media: mediatek: vcodec: Fix H264 stateless decoder smatch warning
https://notcve.org/view.php?id=CVE-2024-47752
In the Linux kernel, the following vulnerability has been resolved: media: mediatek: vcodec: Fix H264 stateless decoder smatch warning Fix a smatch static checker warning on vdec_h264_req_if.c. Which leads to a kernel crash when fb is NULL. • https://git.kernel.org/stable/c/06fa5f757dc5a5687e1cdd13097c3265735f60bf https://git.kernel.org/stable/c/c6b9f971b43980de8893610f606d751131fb5d86 https://git.kernel.org/stable/c/18181b0c1c5bd43846e5e0ae3d61a4a1adceab03 https://git.kernel.org/stable/c/790d1848fac5ac3b1c474f66162598ab07a20c21 https://git.kernel.org/stable/c/7878d3a385efab560dce793b595447867fb163f2 •
CVE-2024-47751 – PCI: kirin: Fix buffer overflow in kirin_pcie_parse_port()
https://notcve.org/view.php?id=CVE-2024-47751
In the Linux kernel, the following vulnerability has been resolved: PCI: kirin: Fix buffer overflow in kirin_pcie_parse_port() Within kirin_pcie_parse_port(), the pcie->num_slots is compared to pcie->gpio_id_reset size (MAX_PCI_SLOTS) which is correct and would lead to an overflow. Thus, fix condition to pcie->num_slots + 1 >= MAX_PCI_SLOTS and move pcie->num_slots increment below the if-statement to avoid out-of-bounds array access. Found by Linux Verification Center (linuxtesting.org) with SVACE. [kwilczynski: commit log] • https://git.kernel.org/stable/c/b22dbbb24571c052364f476381dbac110bdca4d5 https://git.kernel.org/stable/c/a5f795f9412854df28e66679c5e6b68b0b79c229 https://git.kernel.org/stable/c/95248d7497bcbfe7deed4805469c6ff6ddd7f9d1 https://git.kernel.org/stable/c/6dcc5b49d6607a741a14122bf3105f3ac50d259e https://git.kernel.org/stable/c/aeb0335971806e15ac91e838ca471936c8e7efd5 https://git.kernel.org/stable/c/c500a86693a126c9393e602741e348f80f1b0fc5 •
CVE-2024-47750 – RDMA/hns: Fix Use-After-Free of rsv_qp on HIP08
https://notcve.org/view.php?id=CVE-2024-47750
In the Linux kernel, the following vulnerability has been resolved: RDMA/hns: Fix Use-After-Free of rsv_qp on HIP08 Currently rsv_qp is freed before ib_unregister_device() is called on HIP08. During the time interval, users can still dereg MR and rsv_qp will be used in this process, leading to a UAF. Move the release of rsv_qp after calling ib_unregister_device() to fix it. • https://git.kernel.org/stable/c/70f92521584f1d1e8268311ee84413307b0fdea8 https://git.kernel.org/stable/c/2ccf1c75d39949d8ea043d04a2e92d7100ea723d https://git.kernel.org/stable/c/d2d9c5127122745da6e887f451dd248cfeffca33 https://git.kernel.org/stable/c/dac2723d8bfa9cf5333f477741e6e5fa1ed34645 https://git.kernel.org/stable/c/60595923371c2ebe7faf82536c47eb0c967e3425 https://git.kernel.org/stable/c/fd8489294dd2beefb70f12ec4f6132aeec61a4d0 •
CVE-2024-47749 – RDMA/cxgb4: Added NULL check for lookup_atid
https://notcve.org/view.php?id=CVE-2024-47749
In the Linux kernel, the following vulnerability has been resolved: RDMA/cxgb4: Added NULL check for lookup_atid The lookup_atid() function can return NULL if the ATID is invalid or does not exist in the identifier table, which could lead to dereferencing a null pointer without a check in the `act_establish()` and `act_open_rpl()` functions. Add a NULL check to prevent null pointer dereferencing. Found by Linux Verification Center (linuxtesting.org) with SVACE. • https://git.kernel.org/stable/c/cfdda9d764362ab77b11a410bb928400e6520d57 https://git.kernel.org/stable/c/b12e25d91c7f97958341538c7dc63ee49d01548f https://git.kernel.org/stable/c/4e1fe68d695af367506ea3c794c5969630f21697 https://git.kernel.org/stable/c/dd598ac57dcae796cb58551074660c39b43fb155 https://git.kernel.org/stable/c/b11318dc8a1ec565300bb1a9073095af817cc508 https://git.kernel.org/stable/c/39cb9f39913566ec5865581135f3e8123ad1aee1 https://git.kernel.org/stable/c/0d50ae281a1712b9b2ca72830a96b8f11882358d https://git.kernel.org/stable/c/54aaa3ed40972511e423b604324b88142 •