2nd Gen AMD EPYC™ Security Vulnerabilities

GHSA-8R3F-844C-MC37 vulnerabilities

Vulnerabilities for packages: cadvisor, gitness, docker, restic, crossplane, k8sgpt, capslock, kubeadm-controlplane-controller, flux-image-automation-controller, k9s, velero, nodetaint, rqlite, buildkitd, cluster-proportional-autoscaler, gh, gomplate, secrets-store-csi-driver-provider-gcp,...

CVE-2023-45289 vulnerabilities

Vulnerabilities for packages: cadvisor, gitness, nri-elasticsearch, hey, nri-mongodb, crossplane, sbom-scorecard, k8sgpt, kubebuilder, capslock, kubeadm-controlplane-controller, flux-image-automation-controller, ytt, paranoia, velero, esbuild, wazero, nodetaint, rqlite, buildkitd,...

CVE-2024-24786 vulnerabilities

Vulnerabilities for packages: cadvisor, gitness, docker, restic, crossplane, k8sgpt, capslock, kubeadm-controlplane-controller, flux-image-automation-controller, k9s, velero, nodetaint, rqlite, buildkitd, cluster-proportional-autoscaler, gh, gomplate, secrets-store-csi-driver-provider-gcp,...

CVE-2023-45285 vulnerabilities

Vulnerabilities for packages: docker-cli, hey, kubernetes-dashboard-metrics-scraper, sbom-scorecard, nsc, kind, aws-flb-kinesis, gosu, render-template, docker-credential-ecr-login, grpcurl, sonobuoy, petname, k3d, gke-gcloud-auth-plugin, smarter-device-manager, goreleaser, go-md2man, helm-push,...

GHSA-RR6R-CFGF-GC6H vulnerabilities

Vulnerabilities for packages: cadvisor, gitness, nri-elasticsearch, hey, nri-mongodb, crossplane, sbom-scorecard, k8sgpt, kubebuilder, capslock, kubeadm-controlplane-controller, flux-image-automation-controller, ytt, paranoia, velero, esbuild, wazero, nodetaint, rqlite, buildkitd,...

CVE-2024-24784 vulnerabilities

Vulnerabilities for packages: cadvisor, gitness, nri-elasticsearch, hey, nri-mongodb, crossplane, sbom-scorecard, k8sgpt, kubebuilder, capslock, kubeadm-controlplane-controller, flux-image-automation-controller, ytt, paranoia, velero, esbuild, wazero, nodetaint, rqlite, buildkitd,...

CVE-2023-45288 vulnerabilities

Vulnerabilities for packages: cadvisor, nri-elasticsearch, nri-mongodb, restic, kubeadm-controlplane-controller, esbuild, wazero, nri-kafka, kyverno-policy-reporter-ui, gcsfuse, oauth2-proxy, nfs-subdir-external-provisioner, terraform-provider-azurerm, src, kuberay-operator, kubevela,...

GHSA-4V7X-PQXF-CX7M vulnerabilities

Vulnerabilities for packages: cadvisor, nri-elasticsearch, nri-mongodb, restic, kubeadm-controlplane-controller, esbuild, wazero, nri-kafka, kyverno-policy-reporter-ui, gcsfuse, oauth2-proxy, nfs-subdir-external-provisioner, terraform-provider-azurerm, src, kuberay-operator, kubevela,...

GHSA-3Q2C-PVP5-3CQP vulnerabilities

Vulnerabilities for packages: cadvisor, gitness, nri-elasticsearch, hey, nri-mongodb, crossplane, sbom-scorecard, k8sgpt, kubebuilder, capslock, kubeadm-controlplane-controller, flux-image-automation-controller, ytt, paranoia, velero, esbuild, wazero, nodetaint, rqlite, buildkitd,...

GHSA-FGQ5-Q76C-GX78 vulnerabilities

Vulnerabilities for packages: cadvisor, gitness, nri-elasticsearch, hey, nri-mongodb, crossplane, sbom-scorecard, k8sgpt, kubebuilder, capslock, kubeadm-controlplane-controller, flux-image-automation-controller, ytt, paranoia, velero, esbuild, wazero, nodetaint, rqlite, buildkitd,...

GHSA-J6M3-GC37-6R6Q vulnerabilities

Vulnerabilities for packages: cadvisor, gitness, nri-elasticsearch, hey, nri-mongodb, crossplane, sbom-scorecard, k8sgpt, kubebuilder, capslock, kubeadm-controlplane-controller, flux-image-automation-controller, ytt, paranoia, velero, esbuild, wazero, nodetaint, rqlite, buildkitd,...

CVE-2023-39326 vulnerabilities

Vulnerabilities for packages: docker-cli, hey, kubernetes-dashboard-metrics-scraper, sbom-scorecard, nsc, kind, aws-flb-kinesis, gosu, render-template, docker-credential-ecr-login, grpcurl, sonobuoy, petname, k3d, gke-gcloud-auth-plugin, smarter-device-manager, goreleaser, go-md2man, helm-push,...

GHSA-9F76-WG39-X86H vulnerabilities

Vulnerabilities for packages: docker-cli, hey, kubernetes-dashboard-metrics-scraper, sbom-scorecard, nsc, kind, aws-flb-kinesis, gosu, render-template, docker-credential-ecr-login, grpcurl, sonobuoy, petname, k3d, gke-gcloud-auth-plugin, smarter-device-manager, goreleaser, go-md2man, helm-push,...

GHSA-5F94-VHJQ-RPG8 vulnerabilities

Vulnerabilities for packages: docker-cli, hey, kubernetes-dashboard-metrics-scraper, sbom-scorecard, nsc, kind, aws-flb-kinesis, gosu, render-template, docker-credential-ecr-login, grpcurl, sonobuoy, petname, k3d, gke-gcloud-auth-plugin, smarter-device-manager, goreleaser, go-md2man, helm-push,...

GHSA-32CH-6X54-Q4H9 vulnerabilities

Vulnerabilities for packages: cadvisor, gitness, nri-elasticsearch, hey, nri-mongodb, crossplane, sbom-scorecard, k8sgpt, kubebuilder, capslock, kubeadm-controlplane-controller, flux-image-automation-controller, ytt, paranoia, velero, esbuild, wazero, nodetaint, rqlite, buildkitd,...

CVE-2024-24783 vulnerabilities

Vulnerabilities for packages: cadvisor, gitness, nri-elasticsearch, hey, nri-mongodb, crossplane, sbom-scorecard, k8sgpt, kubebuilder, capslock, kubeadm-controlplane-controller, flux-image-automation-controller, ytt, paranoia, velero, esbuild, wazero, nodetaint, rqlite, buildkitd,...

CVE-2024-24785 vulnerabilities

Vulnerabilities for packages: cadvisor, gitness, nri-elasticsearch, hey, nri-mongodb, crossplane, sbom-scorecard, k8sgpt, kubebuilder, capslock, kubeadm-controlplane-controller, flux-image-automation-controller, ytt, paranoia, velero, esbuild, wazero, nodetaint, rqlite, buildkitd,...

CVE-2023-45290 vulnerabilities

Vulnerabilities for packages: cadvisor, gitness, nri-elasticsearch, hey, nri-mongodb, crossplane, sbom-scorecard, k8sgpt, kubebuilder, capslock, kubeadm-controlplane-controller, flux-image-automation-controller, ytt, paranoia, velero, esbuild, wazero, nodetaint, rqlite, buildkitd,...

CVE-2024-35928

In the Linux kernel, the following vulnerability has been resolved: drm/amd/amdgpu: Fix potential ioremap() memory leaks in amdgpu_device_init() This ensures that the memory mapped by ioremap for adev->rmmio, is properly handled in amdgpu_device_init(). If the function exits early due to an erro...

CVE-2024-35928

drm/amd/amdgpu: Fix potential ioremap() memory leaks in...

CVE-2024-35928

In the Linux kernel, the following vulnerability has been resolved: drm/amd/amdgpu: Fix potential ioremap() memory leaks in amdgpu_device_init() This ensures that the memory mapped by ioremap for adev->rmmio, is properly handled in amdgpu_device_init(). If the function exits early due to an erro...

CVE-2024-35928 drm/amd/amdgpu: Fix potential ioremap() memory leaks in amdgpu_device_init()

In the Linux kernel, the following vulnerability has been resolved: drm/amd/amdgpu: Fix potential ioremap() memory leaks in amdgpu_device_init() This ensures that the memory mapped by ioremap for adev->rmmio, is properly handled in amdgpu_device_init(). If the function exits early due to an erro...

CVE-2024-35906

drm/amd/display: Send DTBCLK disable message on first...

CVE-2024-35906

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Send DTBCLK disable message on first commit [Why] Previous patch to allow DTBCLK disable didn't address boot case. Driver thinks DTBCLK is disabled by default, so we don't send disable message to PMFW. DTBCLK is...

CVE-2024-35881

Revert "drm/amd/display: Send DTBCLK disable message on first...

CVE-2024-35881

In the Linux kernel, the following vulnerability has been resolved: Revert "drm/amd/display: Send DTBCLK disable message on first commit" This reverts commit f341055b10bd8be55c3c995dff5f770b236b8ca9. System hang observed, this commit is thought to be the regression...

CVE-2024-35906 drm/amd/display: Send DTBCLK disable message on first commit

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Send DTBCLK disable message on first commit [Why] Previous patch to allow DTBCLK disable didn't address boot case. Driver thinks DTBCLK is disabled by default, so we don't send disable message to PMFW. DTBCLK is...

CVE-2024-35881 Revert "drm/amd/display: Send DTBCLK disable message on first commit"

In the Linux kernel, the following vulnerability has been resolved: Revert "drm/amd/display: Send DTBCLK disable message on first commit" This reverts commit f341055b10bd8be55c3c995dff5f770b236b8ca9. System hang observed, this commit is thought to be the regression...

CVE-2024-24785 vulnerabilities

Vulnerabilities for packages: keda-fips, datadog-agent, dataplaneapi, cluster-api-controller, gobuster, kubernetes-csi-node-driver-registrar, configmap-reload, kubernetes-csi-livenessprobe-fips, gitlab-logger, dynamic-localpv-provisioner, azure-aad-pod-identity-mic, spark-operator, goreleaser,...

CVE-2023-45290 vulnerabilities

Vulnerabilities for packages: keda-fips, datadog-agent, dataplaneapi, cluster-api-controller, gobuster, kubernetes-csi-node-driver-registrar, configmap-reload, kubernetes-csi-livenessprobe-fips, gitlab-logger, dynamic-localpv-provisioner, azure-aad-pod-identity-mic, spark-operator, goreleaser,...

GHSA-3Q2C-PVP5-3CQP vulnerabilities

Vulnerabilities for packages: keda-fips, datadog-agent, dataplaneapi, cluster-api-controller, gobuster, kubernetes-csi-node-driver-registrar, configmap-reload, kubernetes-csi-livenessprobe-fips, gitlab-logger, dynamic-localpv-provisioner, azure-aad-pod-identity-mic, spark-operator, goreleaser,...

CVE-2023-45285 vulnerabilities

Vulnerabilities for packages: prometheus-adapter-fips, tigera-operator, bank-vaults-fips, gobuster, aws-ebs-csi-driver, metrics-server, configmap-reload, kubernetes-csi-livenessprobe-fips, kubernetes-csi-node-driver-registrar-fips, gosu, gitlab-logger, nri-discovery-kubernetes, goreleaser,...

GHSA-8R3F-844C-MC37 vulnerabilities

Vulnerabilities for packages: keda-fips, datadog-agent, tekton-pipelines, kubernetes-csi-node-driver-registrar, configmap-reload, kubernetes-csi-livenessprobe-fips, docker, aws-flb-kinesis-fips, azure-aad-pod-identity-mic, dynamic-localpv-provisioner, cilium, goreleaser, spark-operator, k8sgpt,...

CVE-2024-24786 vulnerabilities

Vulnerabilities for packages: keda-fips, datadog-agent, tekton-pipelines, kubernetes-csi-node-driver-registrar, configmap-reload, kubernetes-csi-livenessprobe-fips, docker, aws-flb-kinesis-fips, azure-aad-pod-identity-mic, dynamic-localpv-provisioner, cilium, goreleaser, spark-operator, k8sgpt,...

GHSA-32CH-6X54-Q4H9 vulnerabilities

Vulnerabilities for packages: keda-fips, datadog-agent, dataplaneapi, cluster-api-controller, gobuster, kubernetes-csi-node-driver-registrar, configmap-reload, kubernetes-csi-livenessprobe-fips, gitlab-logger, dynamic-localpv-provisioner, azure-aad-pod-identity-mic, spark-operator, goreleaser,...

CVE-2023-45289 vulnerabilities

Vulnerabilities for packages: keda-fips, datadog-agent, dataplaneapi, cluster-api-controller, gobuster, kubernetes-csi-node-driver-registrar, configmap-reload, kubernetes-csi-livenessprobe-fips, gitlab-logger, dynamic-localpv-provisioner, azure-aad-pod-identity-mic, spark-operator, goreleaser,...

CVE-2024-24783 vulnerabilities

Vulnerabilities for packages: keda-fips, datadog-agent, dataplaneapi, cluster-api-controller, gobuster, kubernetes-csi-node-driver-registrar, configmap-reload, kubernetes-csi-livenessprobe-fips, gitlab-logger, dynamic-localpv-provisioner, azure-aad-pod-identity-mic, spark-operator, goreleaser,...

GHSA-5F94-VHJQ-RPG8 vulnerabilities

Vulnerabilities for packages: prometheus-adapter-fips, tigera-operator, bank-vaults-fips, gobuster, aws-ebs-csi-driver, metrics-server, configmap-reload, kubernetes-csi-livenessprobe-fips, kubernetes-csi-node-driver-registrar-fips, gosu, gitlab-logger, nri-discovery-kubernetes, goreleaser,...

CVE-2023-45288 vulnerabilities

Vulnerabilities for packages: keda-fips, datadog-agent, dataplaneapi, cluster-api-controller, tekton-pipelines, gobuster, kubernetes-csi-node-driver-registrar, configmap-reload, kubernetes-csi-livenessprobe-fips, gitlab-logger, dynamic-localpv-provisioner, azure-aad-pod-identity-mic,...

CVE-2024-24784 vulnerabilities

Vulnerabilities for packages: keda-fips, datadog-agent, dataplaneapi, cluster-api-controller, gobuster, kubernetes-csi-node-driver-registrar, configmap-reload, kubernetes-csi-livenessprobe-fips, gitlab-logger, dynamic-localpv-provisioner, azure-aad-pod-identity-mic, spark-operator, goreleaser,...

GHSA-RR6R-CFGF-GC6H vulnerabilities

Vulnerabilities for packages: keda-fips, datadog-agent, dataplaneapi, cluster-api-controller, gobuster, kubernetes-csi-node-driver-registrar, configmap-reload, kubernetes-csi-livenessprobe-fips, gitlab-logger, dynamic-localpv-provisioner, azure-aad-pod-identity-mic, spark-operator, goreleaser,...

GHSA-J6M3-GC37-6R6Q vulnerabilities

Vulnerabilities for packages: keda-fips, datadog-agent, dataplaneapi, cluster-api-controller, gobuster, kubernetes-csi-node-driver-registrar, configmap-reload, kubernetes-csi-livenessprobe-fips, gitlab-logger, dynamic-localpv-provisioner, azure-aad-pod-identity-mic, spark-operator, goreleaser,...

CVE-2023-39326 vulnerabilities

Vulnerabilities for packages: prometheus-adapter-fips, tigera-operator, bank-vaults-fips, gobuster, aws-ebs-csi-driver, metrics-server, configmap-reload, kubernetes-csi-livenessprobe-fips, kubernetes-csi-node-driver-registrar-fips, gosu, gitlab-logger, nri-discovery-kubernetes, goreleaser,...

GHSA-4V7X-PQXF-CX7M vulnerabilities

Vulnerabilities for packages: keda-fips, datadog-agent, dataplaneapi, cluster-api-controller, tekton-pipelines, gobuster, kubernetes-csi-node-driver-registrar, configmap-reload, kubernetes-csi-livenessprobe-fips, gitlab-logger, dynamic-localpv-provisioner, azure-aad-pod-identity-mic,...

GHSA-FGQ5-Q76C-GX78 vulnerabilities

Vulnerabilities for packages: keda-fips, datadog-agent, dataplaneapi, cluster-api-controller, gobuster, kubernetes-csi-node-driver-registrar, configmap-reload, kubernetes-csi-livenessprobe-fips, gitlab-logger, dynamic-localpv-provisioner, azure-aad-pod-identity-mic, spark-operator, goreleaser,...

GHSA-9F76-WG39-X86H vulnerabilities

Vulnerabilities for packages: prometheus-adapter-fips, tigera-operator, bank-vaults-fips, gobuster, aws-ebs-csi-driver, metrics-server, configmap-reload, kubernetes-csi-livenessprobe-fips, kubernetes-csi-node-driver-registrar-fips, gosu, gitlab-logger, nri-discovery-kubernetes, goreleaser,...

CVE-2023-52663

In the Linux kernel, the following vulnerability has been resolved: ASoC: SOF: amd: Fix memory leak in amd_sof_acp_probe() Driver uses kasprintf() to initialize fw_{code,data}_bin members of struct acp_dev_data, but kfree() is never called to deallocate the memory, which results in a memory leak......

CVE-2023-52678

In the Linux kernel, the following vulnerability has been resolved: drm/amdkfd: Confirm list is non-empty before utilizing list_first_entry in kfd_topology.c Before using list_first_entry, make sure to check that list is not empty, if list is empty return -ENODATA. Fixes the below:...

CVE-2023-52673

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Fix a debugfs null pointer error [WHY & HOW] Check whether get_subvp_en() callback exists before calling it. Mitigation...

CVE-2023-52671

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Fix hang/underflow when transitioning to ODM4:1 [Why] Under some circumstances, disabling an OPTC and attempting to reclaim its OPP(s) for a different OPTC could cause a hang/underflow due to OPPs not being...