Page 686 of 4329 results (0.013 seconds)

CVSS: -EPSS: 0%CPEs: 4EXPL: 0

In the Linux kernel, the following vulnerability has been resolved: memory: renesas-rpc-if: fix possible NULL pointer dereference of resource The platform_get_resource_byname() can return NULL which would be immediately dereferenced by resource_size(). Instead dereference it after validating the resource. Addresses-Coverity: Dereference null return value En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: memoria: renesas-rpc-if: corrige posible desreferencia del puntero NULL del recurso Platform_get_resource_byname() puede devolver NULL, que sería inmediatamente desreferenciado por Resource_size(). En su lugar, elimine la referencia después de validar el recurso. Direcciones-Cobertura: Desreferencia valor de retorno nulo • https://git.kernel.org/stable/c/ca7d8b980b67f133317525c4273e144116ee1ae5 https://git.kernel.org/stable/c/71bcc1b4a1743534d8abdcb57ff912e6bc390438 https://git.kernel.org/stable/c/e16acc3a37f09e18835dc5d8014942c2ef6ca957 https://git.kernel.org/stable/c/a74cb41af7dbe019e4096171f8bc641c7ce910ad https://git.kernel.org/stable/c/59e27d7c94aa02da039b000d33c304c179395801 •

CVSS: -EPSS: 0%CPEs: 5EXPL: 0

In the Linux kernel, the following vulnerability has been resolved: Drivers: hv: vmbus: Use after free in __vmbus_open() The "open_info" variable is added to the &vmbus_connection.chn_msg_list, but the error handling frees "open_info" without removing it from the list. This will result in a use after free. First remove it from the list, and then free it. En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: Controladores: hv: vmbus: Usar después de liberar en __vmbus_open() La variable "open_info" se agrega a &vmbus_connection.chn_msg_list, pero el manejo de errores libera "open_info" sin eliminarlo de la lista. Esto resultará en un uso posterior gratuito. • https://git.kernel.org/stable/c/6f3d791f300618caf82a2be0c27456edd76d5164 https://git.kernel.org/stable/c/6b32d45bd59982751beb8220e442b40b2706647f https://git.kernel.org/stable/c/d5c7b42c9f56ca46b286daa537d181bd7f69214f https://git.kernel.org/stable/c/f37dd5d1b5d38a79a4f7b8dd7bbb705505f05560 https://git.kernel.org/stable/c/2728f289b3270b0e273292b46c534421a33bbfd5 https://git.kernel.org/stable/c/3e9bf43f7f7a46f21ec071cb47be92d0874c48da •

CVSS: -EPSS: 0%CPEs: 4EXPL: 0

In the Linux kernel, the following vulnerability has been resolved: spi: spi-zynqmp-gqspi: fix use-after-free in zynqmp_qspi_exec_op When handling op->addr, it is using the buffer "tmpbuf" which has been freed. This will trigger a use-after-free KASAN warning. Let's use temporary variables to store op->addr.val and op->cmd.opcode to fix this issue. En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: spi: spi-zynqmp-gqspi: corrige use-after-free en zynqmp_qspi_exec_op Al manejar op->addr, se utiliza el buffer "tmpbuf" que ha sido liberado. Esto activará una advertencia de KASAN de use-after-free. • https://git.kernel.org/stable/c/1c26372e5aa9e53391a1f8fe0dc7cd93a7e5ba9e https://git.kernel.org/stable/c/1231279389b5e638bc3b66b9741c94077aed4b5a https://git.kernel.org/stable/c/d67e0d6bd92ebbb0294e7062bbf5cdc773764e62 https://git.kernel.org/stable/c/23269ac9f123eca3aea7682d3345c02e71ed696c https://git.kernel.org/stable/c/a2c5bedb2d55dd27c642c7b9fb6886d7ad7bdb58 •

CVSS: -EPSS: 0%CPEs: 4EXPL: 0

In the Linux kernel, the following vulnerability has been resolved: spi: spi-zynqmp-gqspi: return -ENOMEM if dma_map_single fails The spi controller supports 44-bit address space on AXI in DMA mode, so set dma_addr_t width to 44-bit to avoid using a swiotlb mapping. In addition, if dma_map_single fails, it should return immediately instead of continuing doing the DMA operation which bases on invalid address. This fixes the following crash which occurs in reading a big block from flash: [ 123.633577] zynqmp-qspi ff0f0000.spi: swiotlb buffer is full (sz: 4194304 bytes), total 32768 (slots), used 0 (slots) [ 123.644230] zynqmp-qspi ff0f0000.spi: ERR:rxdma:memory not mapped [ 123.784625] Unable to handle kernel paging request at virtual address 00000000003fffc0 [ 123.792536] Mem abort info: [ 123.795313] ESR = 0x96000145 [ 123.798351] EC = 0x25: DABT (current EL), IL = 32 bits [ 123.803655] SET = 0, FnV = 0 [ 123.806693] EA = 0, S1PTW = 0 [ 123.809818] Data abort info: [ 123.812683] ISV = 0, ISS = 0x00000145 [ 123.816503] CM = 1, WnR = 1 [ 123.819455] user pgtable: 4k pages, 48-bit VAs, pgdp=0000000805047000 [ 123.825887] [00000000003fffc0] pgd=0000000803b45003, p4d=0000000803b45003, pud=0000000000000000 [ 123.834586] Internal error: Oops: 96000145 [#1] PREEMPT SMP En el kernel de Linux, se resolvió la siguiente vulnerabilidad: spi: spi-zynqmp-gqspi: devuelve -ENOMEM si falla dma_map_single El controlador spi admite espacio de direcciones de 44 bits en AXI en modo DMA, por lo tanto, configure el ancho de dma_addr_t en 44 bits para Evite el uso de un mapeo swiotlb. Además, si dma_map_single falla, debería regresar inmediatamente en lugar de continuar realizando la operación DMA que se basa en una dirección no válida. Esto corrige el siguiente fallo que se produce al leer un bloque grande desde flash: [123.633577] zynqmp-qspi ff0f0000.spi: el búfer swiotlb está lleno (tamaño: 4194304 bytes), total 32768 (ranuras), usado 0 (ranuras) [123.644230] zynqmp-qspi ff0f0000.spi: ERR:rxdma:memoria no asignada [123.784625] No se puede manejar la solicitud de paginación del kernel en la dirección virtual 00000000003fffc0 [123.792536] Información de cancelación de memoria: [123.795313] ESR = 0x96000145 [1 23.798351] EC = 0x25: DABT (actual EL), IL = 32 bits [ 123.803655] SET = 0, FnV = 0 [ 123.806693] EA = 0, S1PTW = 0 [ 123.809818] Información de cancelación de datos: [ 123.812683] ISV = 0, ISS = 0x00000145 [ 123.816503] CM = 1 , WnR = 1 [ 123.819455] tabla de páginas de usuario: 4k páginas, VA de 48 bits, pgdp=0000000805047000 [ 123.825887] [00000000003fffc0] pgd=0000000803b45003, p4d=000000080 3b45003, pud=0000000000000000 [123.834586] Error interno: Ups: 96000145 [#1 ] ADVERTENCIA SMP • https://git.kernel.org/stable/c/1c26372e5aa9e53391a1f8fe0dc7cd93a7e5ba9e https://git.kernel.org/stable/c/5980a3b9c933408bc22b0e349b78c3ebd7cbf880 https://git.kernel.org/stable/c/c26c026eb496261dbc0adbf606cc81989cd2038c https://git.kernel.org/stable/c/bad5a23cf2b477fa78b85fd392736dae09a1e818 https://git.kernel.org/stable/c/126bdb606fd2802454e6048caef1be3e25dd121e •

CVSS: -EPSS: 0%CPEs: 4EXPL: 0

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Fix off by one in hdmi_14_process_transaction() The hdcp_i2c_offsets[] array did not have an entry for HDCP_MESSAGE_ID_WRITE_CONTENT_STREAM_TYPE so it led to an off by one read overflow. I added an entry and copied the 0x0 value for the offset from similar code in drivers/gpu/drm/amd/display/modules/hdcp/hdcp_ddc.c. I also declared several of these arrays as having HDCP_MESSAGE_ID_MAX entries. This doesn't change the code, but it's just a belt and suspenders approach to try future proof the code. En el kernel de Linux, se resolvió la siguiente vulnerabilidad: drm/amd/display: corrección por uno en hdmi_14_process_transaction() La matriz hdcp_i2c_offsets[] no tenía una entrada para HDCP_MESSAGE_ID_WRITE_CONTENT_STREAM_TYPE, por lo que provocó un desbordamiento de lectura desactivado por uno. Agregué una entrada y copié el valor 0x0 para el desplazamiento de un código similar en drivers/gpu/drm/amd/display/modules/hdcp/hdcp_ddc.c. • https://git.kernel.org/stable/c/4c283fdac08abf3211533f70623c90a34f41d08d https://git.kernel.org/stable/c/403c4528e5887af3deb9838cb77a557631d1e138 https://git.kernel.org/stable/c/6a58310d5d1e5b02d0fc9b393ba540c9367bced5 https://git.kernel.org/stable/c/080bd41d6478a64edf96704fddcda52b1fd5fed7 https://git.kernel.org/stable/c/8e6fafd5a22e7a2eb216f5510db7aab54cc545c1 •