CVSS: -EPSS: 0%CPEs: 2EXPL: 0CVE-2024-42263 – drm/v3d: Fix potential memory leak in the timestamp extension
https://notcve.org/view.php?id=CVE-2024-42263
In the Linux kernel, the following vulnerability has been resolved: drm/v3d: Fix potential memory leak in the timestamp extension If fetching of userspace memory fails during the main loop, all drm sync objs looked up until that point will be leaked because of the missing drm_syncobj_put. Fix it by exporting and using a common cleanup helper. (cherry picked from commit 753ce4fea62182c77e1691ab4f9022008f25b62e) • https://git.kernel.org/stable/c/9ba0ff3e083f6a4a0b6698f06bfff74805fefa5f https://git.kernel.org/stable/c/9b5033ee2c5af6d1135a403df32d219ab57e55f9 https://git.kernel.org/stable/c/0e50fcc20bd87584840266e8004f9064a8985b4f •
CVSS: -EPSS: 0%CPEs: 2EXPL: 0CVE-2024-42262 – drm/v3d: Fix potential memory leak in the performance extension
https://notcve.org/view.php?id=CVE-2024-42262
In the Linux kernel, the following vulnerability has been resolved: drm/v3d: Fix potential memory leak in the performance extension If fetching of userspace memory fails during the main loop, all drm sync objs looked up until that point will be leaked because of the missing drm_syncobj_put. Fix it by exporting and using a common cleanup helper. (cherry picked from commit 484de39fa5f5b7bd0c5f2e2c5265167250ef7501) • https://git.kernel.org/stable/c/bae7cb5d68001a8d4ceec5964dda74bb9aab7220 https://git.kernel.org/stable/c/ad5fdc48f7a63b8a98493c667505fe4d3864ae21 https://git.kernel.org/stable/c/32df4abc44f24dbec239d43e2b26d5768c5d1a78 •
CVSS: -EPSS: 0%CPEs: 2EXPL: 0CVE-2024-42261 – drm/v3d: Validate passed in drm syncobj handles in the timestamp extension
https://notcve.org/view.php?id=CVE-2024-42261
In the Linux kernel, the following vulnerability has been resolved: drm/v3d: Validate passed in drm syncobj handles in the timestamp extension If userspace provides an unknown or invalid handle anywhere in the handle array the rest of the driver will not handle that well. Fix it by checking handle was looked up successfully or otherwise fail the extension by jumping into the existing unwind. (cherry picked from commit 8d1276d1b8f738c3afe1457d4dff5cc66fc848a3) • https://git.kernel.org/stable/c/9ba0ff3e083f6a4a0b6698f06bfff74805fefa5f https://git.kernel.org/stable/c/5c56f104edd02a537e9327dc543574e55713e1d7 https://git.kernel.org/stable/c/023d22e8bb0cdd6900382ad1ed06df3b6c2ea791 •
CVSS: -EPSS: 0%CPEs: 2EXPL: 0CVE-2024-42260 – drm/v3d: Validate passed in drm syncobj handles in the performance extension
https://notcve.org/view.php?id=CVE-2024-42260
In the Linux kernel, the following vulnerability has been resolved: drm/v3d: Validate passed in drm syncobj handles in the performance extension If userspace provides an unknown or invalid handle anywhere in the handle array the rest of the driver will not handle that well. Fix it by checking handle was looked up successfully or otherwise fail the extension by jumping into the existing unwind. (cherry picked from commit a546b7e4d73c23838d7e4d2c92882b3ca902d213) • https://git.kernel.org/stable/c/bae7cb5d68001a8d4ceec5964dda74bb9aab7220 https://git.kernel.org/stable/c/5d4aa25f47cd05e9eeac272906588728588605dd https://git.kernel.org/stable/c/4ecc24a84d7e0254efd150ec23e0b89638386516 •
CVSS: -EPSS: 0%CPEs: 8EXPL: 0CVE-2024-42259 – drm/i915/gem: Fix Virtual Memory mapping boundaries calculation
https://notcve.org/view.php?id=CVE-2024-42259
In the Linux kernel, the following vulnerability has been resolved: drm/i915/gem: Fix Virtual Memory mapping boundaries calculation Calculating the size of the mapped area as the lesser value between the requested size and the actual size does not consider the partial mapping offset. This can cause page fault access. Fix the calculation of the starting and ending addresses, the total size is now deduced from the difference between the end and start addresses. Additionally, the calculations have been rewritten in a clearer and more understandable form. [Joonas: Add Requires: tag] Requires: 60a2066c5005 ("drm/i915/gem: Adjust vma offset for framebuffer mmap offset") (cherry picked from commit 97b6784753da06d9d40232328efc5c5367e53417) Linux i915 suffers from an out-of-bounds PTE write in vm_fault_gtt() that leads to a PTE use-after-free vulnerability. • https://git.kernel.org/stable/c/c58305af1835095ddc25ee6f548ac05915e66ac5 https://git.kernel.org/stable/c/3e06073d24807f04b4694108a8474decb7b99e60 https://git.kernel.org/stable/c/a256d019eaf044864c7e50312f0a65b323c24f39 https://git.kernel.org/stable/c/50111a8098fb9ade621eeff82228a997d42732ab https://git.kernel.org/stable/c/911f8055f175c82775d0fd8cedcd0b75413f4ba7 https://git.kernel.org/stable/c/e8a68aa842d3f8dd04a46b9d632e5f67fde1da9b https://git.kernel.org/stable/c/4b09513ce93b3dcb590baaaff2ce96f2d098312d https://git.kernel.org/stable/c/ead9289a51ea82eb5b27029fcf4c34b2d •