1703 matches found
DEBIAN-CVE-2024-50282
In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: add missing size check in amdgpudebugfsgprwaveread Avoid a possible buffer overflow if size is larger than 4K. cherry picked from commit f5d873f5825b40d886d03bd2aede91d4cf002434...
AZL-53501 CVE-2024-50282 affecting package kernel for versions less than 6.6.64.2-1
In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: add missing size check in amdgpudebugfsgprwaveread Avoid a possible buffer overflow if size is larger than 4K. cherry picked from commit f5d873f5825b40d886d03bd2aede91d4cf002434...
AZL-53691 CVE-2024-50282 affecting package kernel for versions less than 5.15.173.1-1
In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: add missing size check in amdgpudebugfsgprwaveread Avoid a possible buffer overflow if size is larger than 4K. cherry picked from commit f5d873f5825b40d886d03bd2aede91d4cf002434...
AZL-53618 CVE-2024-50268 affecting package kernel for versions less than 5.15.173.1-1
In the Linux kernel, the following vulnerability has been resolved: usb: typec: fix potential out of bounds in ucsiccgupdatesetnewcamcmd The "cmd" variable can be controlled by the user via debugfs. That means "newcam" can be as high as 255 while the size of the uc-updated array is UCSIMAXALTMODE...
DEBIAN-CVE-2024-50268
In the Linux kernel, the following vulnerability has been resolved: usb: typec: fix potential out of bounds in ucsiccgupdatesetnewcamcmd The "cmd" variable can be controlled by the user via debugfs. That means "newcam" can be as high as 255 while the size of the uc-updated array is UCSIMAXALTMODE...
UBUNTU-CVE-2024-50268
In the Linux kernel, the following vulnerability has been resolved: usb: typec: fix potential out of bounds in ucsiccgupdatesetnewcamcmd The "cmd" variable can be controlled by the user via debugfs. That means "newcam" can be as high as 255 while the size of the uc-updated array is UCSIMAXALTMODE...
UBUNTU-CVE-2024-50282
In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: add missing size check in amdgpudebugfsgprwaveread Avoid a possible buffer overflow if size is larger than 4K. cherry picked from commit f5d873f5825b40d886d03bd2aede91d4cf002434...
CVE-2024-50268 usb: typec: fix potential out of bounds in ucsi_ccg_update_set_new_cam_cmd()
In the Linux kernel, the following vulnerability has been resolved: usb: typec: fix potential out of bounds in ucsiccgupdatesetnewcamcmd The "cmd" variable can be controlled by the user via debugfs. That means "newcam" can be as high as 255 while the size of the uc-updated array is UCSIMAXALTMODE...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a missing size check in the amdgpudebugfsgprwaveread function. No details of the vulnerability are provided ...
Vulnerability of the sched/debug components of the Linux operating system’s kernel, allowing attackers to access confidential information
The vulnerability of the sched/debug components in the Linux operating system’s kernel is related to the disclosure of information through the updatescheddomain Debugfs function. Exploiting this vulnerability can allow an attacker to gain access to confidential information...
kernel: kernel/printk/index.c: fix memory leak with using debugfs_lookup()
In the Linux kernel, the following vulnerability has been resolved: kernel/printk/index.c: fix memory leak with using debugfslookup When calling debugfslookup the result must have dput called on it, otherwise the memory will leak over time. To make things simpler, just call debugfslookupandremove...
kernel: drm/vmwgfx: Create debugfs ttm_resource_manager entry only if needed
A flaw was found in the vmwgfx module in the Linux kernel. Trying to read the /sys/kernel/debug/dri/0/mobttm file when the ttmresourcemanager is not allocated will cause a crash, resulting in a denial of service...
kernel: thermal/debugfs: Prevent use-after-free from occurring after cdev removal
In the Linux kernel, the following vulnerability has been resolved: thermal/debugfs: Prevent use-after-free from occurring after cdev removal Since thermaldebugcdevremove does not run under cdev-lock, it can run in parallel with thermaldebugcdevstateupdate and it may free the struct thermaldebugf...
kernel: thermal/debugfs: Free all thermal zone debug memory on zone removal
In the Linux kernel, the following vulnerability has been resolved: thermal/debugfs: Free all thermal zone debug memory on zone removal Because thermaldebugtzremove does not free all memory allocated for thermal zone diagnostics, some of that memory becomes unreachable after freeing the thermal...
kernel: thermal/debugfs: Fix two locking issues with thermal zone debug
In the Linux kernel, the following vulnerability has been resolved: thermal/debugfs: Fix two locking issues with thermal zone debug With the current thermal zone locking arrangement in the debugfs code, user space can open the "mitigations" file for a thermal zone before the zone's debugfs pointe...
kernel: tty: pcn_uart: fix memory leak with using debugfs_lookup()
In the Linux kernel, the following vulnerability has been resolved: tty: pcnuart: fix memory leak with using debugfslookup When calling debugfslookup the result must have dput called on it, otherwise the memory will leak over time. To make things simpler, just call debugfslookupandremove instead...
kernel: drm/amdgpu: Fix a null pointer access when the smc_rreg pointer is NULL
In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Fix a null pointer access when the smcrreg pointer is NULL In certain types of chips, such as VEGA20, reading the amdgpuregssmc file could result in an abnormal null pointer access when the smcrreg pointer is NULL...
PT-2024-35650
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A potential array underflow issue has been identified in the Linux kernel, specifically in the ucsi ccg sync control function. The command variable can be controlled by the user via...
CVE-2023-52917
...
AZL-52980 CVE-2024-50159 affecting package kernel for versions less than 6.6.64.2-1
In the Linux kernel, the following vulnerability has been resolved: firmware: armscmi: Fix the double free in scmidebugfscommonsetup Clang static checkerscan-build throws below warning: | drivers/firmware/armscmi/driver.c:line 2915, column 2 | Attempt to free released memory. When...