CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 0CVE-2024-46825 – wifi: iwlwifi: mvm: use IWL_FW_CHECK for link ID check
https://notcve.org/view.php?id=CVE-2024-46825
27 Sep 2024 — In the Linux kernel, the following vulnerability has been resolved: wifi: iwlwifi: mvm: use IWL_FW_CHECK for link ID check The lookup function iwl_mvm_rcu_fw_link_id_to_link_conf() is normally called with input from the firmware, so it should use IWL_FW_CHECK() instead of WARN_ON(). In the Linux kernel, the following vulnerability has been resolved: wifi: iwlwifi: mvm: use IWL_FW_CHECK for link ID check The lookup function iwl_mvm_rcu_fw_link_id_to_link_conf() is normally called with input from the firmware... • https://git.kernel.org/stable/c/415f3634d53c7fb4cf07d2f5a0be7f2e15e6da33 •
CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 0CVE-2024-46823 – kunit/overflow: Fix UB in overflow_allocation_test
https://notcve.org/view.php?id=CVE-2024-46823
27 Sep 2024 — In the Linux kernel, the following vulnerability has been resolved: kunit/overflow: Fix UB in overflow_allocation_test The 'device_name' array doesn't exist out of the 'overflow_allocation_test' function scope. However, it is being used as a driver name when calling 'kunit_driver_create' from 'kunit_device_register'. It produces the kernel panic with KASAN enabled. Since this variable is used in one place only, remove it and pass the device name into kunit_device_register directly as an ascii string. In the... • https://git.kernel.org/stable/c/d1207f07decc66546a7fa463d2f335a856c986ef •
CVSS: 5.5EPSS: 0%CPEs: 7EXPL: 0CVE-2024-46822 – arm64: acpi: Harden get_cpu_for_acpi_id() against missing CPU entry
https://notcve.org/view.php?id=CVE-2024-46822
27 Sep 2024 — In the Linux kernel, the following vulnerability has been resolved: arm64: acpi: Harden get_cpu_for_acpi_id() against missing CPU entry In a review discussion of the changes to support vCPU hotplug where a check was added on the GICC being enabled if was online, it was noted that there is need to map back to the cpu and use that to index into a cpumask. As such, a valid ID is needed. If an MPIDR check fails in acpi_map_gic_cpu_interface() it is possible for the entry in cpu_madt_gicc[cpu] == NULL. This func... • https://git.kernel.org/stable/c/f57769ff6fa7f97f1296965f20e8a2bb3ee9fd0f •
CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 0CVE-2024-46821 – drm/amd/pm: Fix negative array index read
https://notcve.org/view.php?id=CVE-2024-46821
27 Sep 2024 — In the Linux kernel, the following vulnerability has been resolved: drm/amd/pm: Fix negative array index read Avoid using the negative values for clk_idex as an index into an array pptable->DpmDescriptor. V2: fix clk_index return check (Tim Huang) In the Linux kernel, the following vulnerability has been resolved: drm/amd/pm: Fix negative array index read Avoid using the negative values for clk_idex as an index into an array pptable->DpmDescriptor. V2: fix clk_index return check (Tim Huang) Ubuntu Security ... • https://git.kernel.org/stable/c/60f4a4bc3329e5cb8c4df0cc961f0d5ffd96e22d •
CVSS: 5.5EPSS: 0%CPEs: 6EXPL: 0CVE-2024-46819 – drm/amdgpu: the warning dereferencing obj for nbio_v7_4
https://notcve.org/view.php?id=CVE-2024-46819
27 Sep 2024 — In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: the warning dereferencing obj for nbio_v7_4 if ras_manager obj null, don't print NBIO err data Ubuntu Security Notice 7144-1 - Supraja Sridhara, Benedict Schlüter, Mark Kuhne, Andrin Bertschi, and Shweta Shinde discovered that the Confidential Computing framework in the Linux kernel for x86 platforms did not properly handle 32-bit emulation on TDX and SEV. An attacker with access to the VMM could use this to cause a denial of se... • https://git.kernel.org/stable/c/614564a5b28983de53b23a358ebe6c483a2aa21e •
CVSS: 7.8EPSS: 0%CPEs: 7EXPL: 0CVE-2024-46818 – drm/amd/display: Check gpio_id before used as array index
https://notcve.org/view.php?id=CVE-2024-46818
27 Sep 2024 — In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Check gpio_id before used as array index [WHY & HOW] GPIO_ID_UNKNOWN (-1) is not a valid value for array index and therefore should be checked in advance. This fixes 5 OVERRUN issues reported by Coverity. In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Check gpio_id before used as array index [WHY & HOW] GPIO_ID_UNKNOWN (-1) is not a valid value for array index and therefore should be ch... • https://git.kernel.org/stable/c/8520fdc8ecc38f240a8e9e7af89cca6739c3e790 •
CVSS: 5.5EPSS: 0%CPEs: 7EXPL: 0CVE-2024-46817 – drm/amd/display: Stop amdgpu_dm initialize when stream nums greater than 6
https://notcve.org/view.php?id=CVE-2024-46817
27 Sep 2024 — In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Stop amdgpu_dm initialize when stream nums greater than 6 [Why] Coverity reports OVERRUN warning. Should abort amdgpu_dm initialize. [How] Return failure to amdgpu_dm_init. In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Stop amdgpu_dm initialize when stream nums greater than 6 [Why] Coverity reports OVERRUN warning. Should abort amdgpu_dm initialize. • https://git.kernel.org/stable/c/d619b91d3c4af60ac422f1763ce53d721fb91262 •
CVSS: 7.1EPSS: 0%CPEs: 2EXPL: 0CVE-2024-46816 – drm/amd/display: Stop amdgpu_dm initialize when link nums greater than max_links
https://notcve.org/view.php?id=CVE-2024-46816
27 Sep 2024 — In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Stop amdgpu_dm initialize when link nums greater than max_links [Why] Coverity report OVERRUN warning. There are only max_links elements within dc->links. link count could up to AMDGPU_DM_MAX_DISPLAY_INDEX 31. [How] Make sure link count less than max_links. In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Stop amdgpu_dm initialize when link nums greater than max_links [Why] Coverity repor... • https://git.kernel.org/stable/c/36c39a8dcce210649f2f45f252abaa09fcc1ae87 •
CVSS: 7.8EPSS: 0%CPEs: 7EXPL: 0CVE-2024-46815 – drm/amd/display: Check num_valid_sets before accessing reader_wm_sets[]
https://notcve.org/view.php?id=CVE-2024-46815
27 Sep 2024 — In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Check num_valid_sets before accessing reader_wm_sets[] [WHY & HOW] num_valid_sets needs to be checked to avoid a negative index when accessing reader_wm_sets[num_valid_sets - 1]. This fixes an OVERRUN issue reported by Coverity. In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Check num_valid_sets before accessing reader_wm_sets[] [WHY & HOW] num_valid_sets needs to be checked to avoid a ... • https://git.kernel.org/stable/c/a72d4996409569027b4609414a14a87679b12267 •
CVSS: 7.8EPSS: 0%CPEs: 6EXPL: 0CVE-2024-46814 – drm/amd/display: Check msg_id before processing transcation
https://notcve.org/view.php?id=CVE-2024-46814
27 Sep 2024 — In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Check msg_id before processing transcation [WHY & HOW] HDCP_MESSAGE_ID_INVALID (-1) is not a valid msg_id nor is it a valid array index, and it needs checking before used. This fixes 4 OVERRUN issues reported by Coverity. In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Check msg_id before processing transcation [WHY & HOW] HDCP_MESSAGE_ID_INVALID (-1) is not a valid msg_id nor is it a va... • https://git.kernel.org/stable/c/916083054670060023d3f8a8ace895d710e268f4 •