AZL-53778 CVE-2023-52921 affecting package kernel 5.15.200.1-1

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: fix possible UAF in amdgpucspass1 Since the gangsize check is outside of chunk parsing loop, we need to reset i before we free the chunk data. Suggested by Ye Zhang @VAR10CK of Baidu Security...

UBUNTU-CVE-2023-52921

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: fix possible UAF in amdgpucspass1 Since the gangsize check is outside of chunk parsing loop, we need to reset i before we free the chunk data. Suggested by Ye Zhang @VAR10CK of Baidu Security...

CVE-2024-50282 drm/amdgpu: add missing size check in amdgpu_debugfs_gprwave_read()

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: add missing size check in amdgpudebugfsgprwaveread Avoid a possible buffer overflow if size is larger than 4K. cherry picked from commit f5d873f5825b40d886d03bd2aede91d4cf002434...

CVE-2023-52921 drm/amdgpu: fix possible UAF in amdgpu_cs_pass1()

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: fix possible UAF in amdgpucspass1 Since the gangsize check is outside of chunk parsing loop, we need to reset i before we free the chunk data. Suggested by Ye Zhang @VAR10CK of Baidu Security...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a missing size check in the amdgpudebugfsgprwaveread function. No details of the vulnerability are provided ...

The vulnerability of Linux operating system’s DRM/AMDGPU cores allows a hacker to trigger a service failure.

The vulnerability of the DRM/AMDGPU kernel components in the Linux operating system is related to errors in the resource management of the amdgputtmgartbind function. Exploiting this vulnerability can allow a hacker to cause service failures...

OESA-2024-2423 kernel security update

The Linux Kernel, the operating system core itself. Security Fixes: In the Linux kernel, the following vulnerability has been resolved: usb: typec: ucsi: Fix null pointer dereference in trace ucsiregisteraltmode checks ISERR for the alt pointer and treats NULL as valid. When CONFIGTYPECDPALTMODE ...

Fedora 41 : linux-firmware (2024-3cd42e9e29)

The remote Fedora 41 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2024-3cd42e9e29 advisory. Update to upstream 20240909: i915: Update MTL DMC v2.23 cirrus: cs35l56: Add firmware for Cirrus CS35L54 for some HP laptops amdgpu: Revert sienna cichlid...

kernel: drm/amdgpu: use-after-free vulnerability

A failure flaw was found in the Linux kernel’s AMDGPU driver in how a user sends ioctl with an invalid address and size when using the AMD GPU. This flaw allows a local user to crash the system...

kernel: drm/amdgpu: use-after-free vulnerability

A failure flaw was found in the Linux kernel’s AMDGPU driver in how a user sends ioctl with an invalid address and size when using the AMD GPU. This flaw allows a local user to crash the system...

kernel: drm/amdgpu: use-after-free vulnerability

A failure flaw was found in the Linux kernel’s AMDGPU driver in how a user sends ioctl with an invalid address and size when using the AMD GPU. This flaw allows a local user to crash the system...

CLSA-2024-1731431756 kernel: Fix of 30 CVEs

tty: ngsm: Fix use-after-free in gsmcleanupmux CVE-2024-50073 - drm/amdkfd: amdkfdfreegttmem clear the correct pointer CVE-2024-49991 - ext4: fix timer use-after-free on failed mount CVE-2024-49960 - ext4: avoid use-after-free in ext4extshowleaf CVE-2024-49889 - ext4: fix slab-use-after-free in...

kernel: drm/amdgpu: Using uninitialized value *size when calling amdgpu_vce_cs_reloc

A vulnerability was found in the Linux kernel's amdgpu driver in the amdgpuvceringparsecs function where the size variable is initialized with a pointer that may not be properly set before use. This issue could lead to unpredictable behavior in the system...

kernel: drm/amdgpu: avoid using null object of framebuffer

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: avoid using null object of framebuffer Instead of using state-fb-obj0 directly, get object from framebuffer by calling drmgemfbgetobj and return error code when object is null to avoid using null object of framebuffer...

kernel: drm/amdgpu: add error handle to avoid out-of-bounds

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: add error handle to avoid out-of-bounds if the sdmav40irqidtoseq return -EINVAL, the process should be stop to avoid out-of-bounds read, so directly return -EINVAL...

kernel: drm/amdgpu/mes: fix use-after-free issue

A flaw was found in the Linux kernel. This issue is due to a possible use-after-free in drivers/gpu/drm/amd/amdgpu/amdgpumes.c...

kernel: drm/amdgpu: Skip do PCI error slot reset during RAS recovery

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Skip do PCI error slot reset during RAS recovery The Linux kernel CVE team has assigned CVE-2024-35931 to this issue. Upstream advisory: https://lore.kernel.org/linux-cve-announce/2024051916-CVE-2024-35931-430d@gregkh...

kernel: drm/amdgpu: fix double free err_addr pointer warnings

A vulnerability was found in the amdgpuumchandlebadpages function in the Linux kernel's amdgpu driver. If the function is called multiple times in quick succession, a double free error can occur because the errdata-erraddr pointer that is being freed is not being set to NULL in between calls. Thi...

kernel: drm/amdgpu: change vm->task_info handling

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: change vm-taskinfo handling This patch changes the handling and lifecycle of vm-taskinfo object. The major changes are: - vm-taskinfo is a dynamically allocated ptr now, and its uasge is reference counted. - introduci...

kernel: drm/amdgpu: fix deadlock while reading mqd from debugfs

A flaw was found in the drm/amdgpu subsystem in the Linux kernel, involving a deadlock occurring when reading the Memory Queue Descriptor MQD from debugfs. This issue could cause the system to hang during debug operations...