CVSS: -EPSS: 0%CPEs: 3EXPL: 0CVE-2024-50058 – serial: protect uart_port_dtr_rts() in uart_shutdown() too
https://notcve.org/view.php?id=CVE-2024-50058
In the Linux kernel, the following vulnerability has been resolved: serial: protect uart_port_dtr_rts() in uart_shutdown() too Commit af224ca2df29 (serial: core: Prevent unsafe uart port access, part 3) added few uport == NULL checks. It added one to uart_shutdown(), so the commit assumes, uport can be NULL in there. But right after that protection, there is an unprotected "uart_port_dtr_rts(uport, false);" call. That is invoked only if HUPCL is set, so I assume that is the reason why we do not see lots of these reports. Or it cannot be NULL at this point at all for some reason :P. Until the above is investigated, stay on the safe side and move this dereference to the if too. I got this inconsistency from Coverity under CID 1585130. Thanks. • https://git.kernel.org/stable/c/e418d91195d29d5f9c9685ff309b92b04b41dc40 https://git.kernel.org/stable/c/76ed24a34223bb2c6b6162e1d8389ec4e602a290 https://git.kernel.org/stable/c/602babaa84d627923713acaf5f7e9a4369e77473 •
CVSS: -EPSS: 0%CPEs: 3EXPL: 0CVE-2024-50057 – usb: typec: tipd: Free IRQ only if it was requested before
https://notcve.org/view.php?id=CVE-2024-50057
In the Linux kernel, the following vulnerability has been resolved: usb: typec: tipd: Free IRQ only if it was requested before In polling mode, if no IRQ was requested there is no need to free it. Call devm_free_irq() only if client->irq is set. This fixes the warning caused by the tps6598x module removal: WARNING: CPU: 2 PID: 333 at kernel/irq/devres.c:144 devm_free_irq+0x80/0x8c ... ... Call trace: devm_free_irq+0x80/0x8c tps6598x_remove+0x28/0x88 [tps6598x] i2c_device_remove+0x2c/0x9c device_remove+0x4c/0x80 device_release_driver_internal+0x1cc/0x228 driver_detach+0x50/0x98 bus_remove_driver+0x6c/0xbc driver_unregister+0x30/0x60 i2c_del_driver+0x54/0x64 tps6598x_i2c_driver_exit+0x18/0xc3c [tps6598x] __arm64_sys_delete_module+0x184/0x264 invoke_syscall+0x48/0x110 el0_svc_common.constprop.0+0xc8/0xe8 do_el0_svc+0x20/0x2c el0_svc+0x28/0x98 el0t_64_sync_handler+0x13c/0x158 el0t_64_sync+0x190/0x194 • https://git.kernel.org/stable/c/b72bf5cade51ba4055c8a8998d275e72e6b521ce https://git.kernel.org/stable/c/4d4b23c119542fbaed2a16794d3801cb4806ea02 https://git.kernel.org/stable/c/db63d9868f7f310de44ba7bea584e2454f8b4ed0 •
CVSS: -EPSS: 0%CPEs: 2EXPL: 0CVE-2024-50056 – usb: gadget: uvc: Fix ERR_PTR dereference in uvc_v4l2.c
https://notcve.org/view.php?id=CVE-2024-50056
In the Linux kernel, the following vulnerability has been resolved: usb: gadget: uvc: Fix ERR_PTR dereference in uvc_v4l2.c Fix potential dereferencing of ERR_PTR() in find_format_by_pix() and uvc_v4l2_enum_format(). Fix the following smatch errors: drivers/usb/gadget/function/uvc_v4l2.c:124 find_format_by_pix() error: 'fmtdesc' dereferencing possible ERR_PTR() drivers/usb/gadget/function/uvc_v4l2.c:392 uvc_v4l2_enum_format() error: 'fmtdesc' dereferencing possible ERR_PTR() Also, fix similar issue in uvc_v4l2_try_format() for potential dereferencing of ERR_PTR(). • https://git.kernel.org/stable/c/cedeb36c3ff4acd0f3d09918dfd8ed1df05efdd6 https://git.kernel.org/stable/c/a7bb96b18864225a694e3887ac2733159489e4b0 •
CVSS: -EPSS: 0%CPEs: 3EXPL: 0CVE-2024-50055 – driver core: bus: Fix double free in driver API bus_register()
https://notcve.org/view.php?id=CVE-2024-50055
In the Linux kernel, the following vulnerability has been resolved: driver core: bus: Fix double free in driver API bus_register() For bus_register(), any error which happens after kset_register() will cause that @priv are freed twice, fixed by setting @priv with NULL after the first free. • https://git.kernel.org/stable/c/d885c464c25018b81a6b58f5d548fc2e3ef87dd1 https://git.kernel.org/stable/c/9ce15f68abedfae7ae0a35e95895aeddfd0f0c6a https://git.kernel.org/stable/c/bfa54a793ba77ef696755b66f3ac4ed00c7d1248 •
CVSS: -EPSS: 0%CPEs: 6EXPL: 0CVE-2024-50049 – drm/amd/display: Check null pointer before dereferencing se
https://notcve.org/view.php?id=CVE-2024-50049
In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Check null pointer before dereferencing se [WHAT & HOW] se is null checked previously in the same function, indicating it might be null; therefore, it must be checked when used again. This fixes 1 FORWARD_NULL issue reported by Coverity. • https://git.kernel.org/stable/c/f4149eec960110ffd5bcb161075dd9f1d7773075 https://git.kernel.org/stable/c/c643ef59390e49f1dfab35e8ea65f5db5e527d64 https://git.kernel.org/stable/c/97a79933fb08a002ba9400d1a7a5df707ecdb896 https://git.kernel.org/stable/c/65b2d49e55fe13ae56da3a7685bdccadca31134a https://git.kernel.org/stable/c/a9b4fd1946678fa0e069e442f3c5a7d3fa446fac https://git.kernel.org/stable/c/ff599ef6970ee000fa5bc38d02fa5ff5f3fc7575 •