CVSS: 4.7EPSS: 0%CPEs: 2EXPL: 0CVE-2024-36024 – drm/amd/display: Disable idle reallow as part of command/gpint execution
https://notcve.org/view.php?id=CVE-2024-36024
30 May 2024 — In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Disable idle reallow as part of command/gpint execution [Why] Workaroud for a race condition where DMCUB is in the process of committing to IPS1 during the handshake causing us to miss the transition into IPS2 and touch the INBOX1 RPTR causing a HW hang. [How] Disable the reallow to ensure that we have enough of a gap between entry and exit and we're not seeing back-to-back wake_and_executes. En el kernel de Linux, se resol... • https://git.kernel.org/stable/c/2aac387445610d6dfd681f5214388e86f5677ef7 •
CVSS: 5.5EPSS: 0%CPEs: 4EXPL: 0CVE-2024-36023 – Julia Lawall reported this null pointer dereference, this should fix it.
https://notcve.org/view.php?id=CVE-2024-36023
30 May 2024 — In the Linux kernel, the following vulnerability has been resolved: Julia Lawall reported this null pointer dereference, this should fix it. En el kernel de Linux, se resolvió la siguiente vulnerabilidad: Julia Lawall informó esta desreferencia de puntero nulo, esto debería solucionarlo. • https://git.kernel.org/stable/c/2e2177f94c0e0bc41323d7b6975a5f4820ed347e • CWE-476: NULL Pointer Dereference •
CVSS: 7.2EPSS: 0%CPEs: 2EXPL: 0CVE-2024-36022 – drm/amdgpu: Init zone device and drm client after mode-1 reset on reload
https://notcve.org/view.php?id=CVE-2024-36022
30 May 2024 — In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Init zone device and drm client after mode-1 reset on reload In passthrough environment, when amdgpu is reloaded after unload, mode-1 is triggered after initializing the necessary IPs, That init does not include KFD, and KFD init waits until the reset is completed. KFD init is called in the reset handler, but in this case, the zone device and drm client is not initialized, causing app to create kernel panic. v2: Removing the ini... • https://git.kernel.org/stable/c/4f8154f775197d0021b690c2945d6a4d8094c8f6 • CWE-908: Use of Uninitialized Resource •
CVSS: 7.7EPSS: 0%CPEs: 9EXPL: 0CVE-2024-36016 – tty: n_gsm: fix possible out-of-bounds in gsm0_receive()
https://notcve.org/view.php?id=CVE-2024-36016
29 May 2024 — In the Linux kernel, the following vulnerability has been resolved: tty: n_gsm: fix possible out-of-bounds in gsm0_receive() Assuming the following: - side A configures the n_gsm in basic option mode - side B sends the header of a basic option mode frame with data length 1 - side A switches to advanced option mode - side B sends 2 data bytes which exceeds gsm->len Reason: gsm->len is not used in advanced option mode. - side A switches to basic option mode - side B keeps sending until gsm0_receive() writes p... • https://git.kernel.org/stable/c/e1eaea46bb4020b38a141b84f88565d4603f8dd0 • CWE-125: Out-of-bounds Read CWE-787: Out-of-bounds Write •
CVSS: 6.1EPSS: 0%CPEs: 11EXPL: 0CVE-2023-52881 – tcp: do not accept ACK of bytes we never sent
https://notcve.org/view.php?id=CVE-2023-52881
29 May 2024 — In the Linux kernel, the following vulnerability has been resolved: tcp: do not accept ACK of bytes we never sent This patch is based on a detailed report and ideas from Yepeng Pan and Christian Rossow. ACK seq validation is currently following RFC 5961 5.2 guidelines: The ACK value is considered acceptable only if it is in the range of ((SND.UNA - MAX.SND.WND) <= SEG.ACK <= SND.NXT). All incoming segments whose ACK value doesn't satisfy the above condition MUST be discarded and an ACK sent back. It needs t... • https://git.kernel.org/stable/c/354e4aa391ed50a4d827ff6fc11e0667d0859b25 •
CVSS: 7.2EPSS: 0%CPEs: 6EXPL: 0CVE-2023-52880 – tty: n_gsm: require CAP_NET_ADMIN to attach N_GSM0710 ldisc
https://notcve.org/view.php?id=CVE-2023-52880
24 May 2024 — In the Linux kernel, the following vulnerability has been resolved: tty: n_gsm: require CAP_NET_ADMIN to attach N_GSM0710 ldisc Any unprivileged user can attach N_GSM0710 ldisc, but it requires CAP_NET_ADMIN to create a GSM network anyway. Require initial namespace CAP_NET_ADMIN to do that. En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: tty: n_gsm: requiere CAP_NET_ADMIN para adjuntar el ldisc N_GSM0710. Cualquier usuario sin privilegios puede adjuntar el ldisc N_GSM0710, pero de todos m... • https://git.kernel.org/stable/c/7d303dee473ba3529d75b63491e9963342107bed • CWE-99: Improper Control of Resource Identifiers ('Resource Injection') •
CVSS: 7.8EPSS: 0%CPEs: 8EXPL: 0CVE-2021-47571 – staging: rtl8192e: Fix use after free in _rtl92e_pci_disconnect()
https://notcve.org/view.php?id=CVE-2021-47571
24 May 2024 — In the Linux kernel, the following vulnerability has been resolved: staging: rtl8192e: Fix use after free in _rtl92e_pci_disconnect() The free_rtllib() function frees the "dev" pointer so there is use after free on the next line. Re-arrange things to avoid that. En el kernel de Linux se ha resuelto la siguiente vulnerabilidad: staging: rtl8192e: Corrige el use after free en _rtl92e_pci_disconnect() La función free_rtllib() libera el puntero "dev" para que haya use after free en la siguiente línea. Reorganic... • https://git.kernel.org/stable/c/66898177e7e5486dc77a4ba742efa4e2e9e900a4 • CWE-416: Use After Free •
CVSS: 5.5EPSS: 0%CPEs: 8EXPL: 0CVE-2021-47566 – proc/vmcore: fix clearing user buffer by properly using clear_user()
https://notcve.org/view.php?id=CVE-2021-47566
24 May 2024 — In the Linux kernel, the following vulnerability has been resolved: proc/vmcore: fix clearing user buffer by properly using clear_user() To clear a user buffer we cannot simply use memset, we have to use clear_user(). With a virtio-mem device that registers a vmcore_cb and has some logically unplugged memory inside an added Linux memory block, I can easily trigger a BUG by copying the vmcore via "cp": systemd[1]: Starting Kdump Vmcore Save Service... kdump[420]: Kdump is using the default log level(3). kdum... • https://git.kernel.org/stable/c/997c136f518c5debd63847e78e2a8694f56dcf90 • CWE-501: Trust Boundary Violation •
CVSS: 4.7EPSS: 0%CPEs: 8EXPL: 0CVE-2021-47565 – scsi: mpt3sas: Fix kernel panic during drive powercycle test
https://notcve.org/view.php?id=CVE-2021-47565
24 May 2024 — In the Linux kernel, the following vulnerability has been resolved: scsi: mpt3sas: Fix kernel panic during drive powercycle test While looping over shost's sdev list it is possible that one of the drives is getting removed and its sas_target object is freed but its sdev object remains intact. Consequently, a kernel panic can occur while the driver is trying to access the sas_address field of sas_target object without also checking the sas_target object for NULL. En el kernel de Linux, se resolvió la siguien... • https://git.kernel.org/stable/c/f92363d12359498f9a9960511de1a550f0ec41c2 •
CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 0CVE-2021-47552 – blk-mq: cancel blk-mq dispatch work in both blk_cleanup_queue and disk_release()
https://notcve.org/view.php?id=CVE-2021-47552
24 May 2024 — In the Linux kernel, the following vulnerability has been resolved: blk-mq: cancel blk-mq dispatch work in both blk_cleanup_queue and disk_release() For avoiding to slow down queue destroy, we don't call blk_mq_quiesce_queue() in blk_cleanup_queue(), instead of delaying to cancel dispatch work in blk_release_queue(). However, this way has caused kernel oops[1], reported by Changhui. The log shows that scsi_device can be freed before running blk_release_queue(), which is expected too since scsi_device is rel... • https://git.kernel.org/stable/c/e03513f58919d9e2bc6df765ca2c9da863d03d90 •