CVE-2022-48707 cxl/region: Fix null pointer dereference for resetting decoder

In the Linux kernel, the following vulnerability has been resolved: cxl/region: Fix null pointer dereference for resetting decoder Not all decoders have a reset callback. The CXL specification allows a host bridge with a single root port to have no explicit HDM decoders. Currently the region driv...

CVE-2022-48707

CVE-2022-48707 (Linux kernel, cxl/region) : The issue arises when destroying a region that includes a host bridge with a single root port and a decoupled HDM/CXL device, where the region driver creates a special pass-through decoder without a commit/reset callback. Before the fix, the ->reset(...

SUSE CVE-2024-35920

In the Linux kernel, the following vulnerability has been resolved: media: mediatek: vcodec: adding lock to protect decoder context list Add a lock for the ctxlist, to avoid accessing a NULL pointer within the 'vpudecipihandler' function when the ctxlist has been deleted due to an unexpected...

SUSE CVE-2024-35921

In the Linux kernel, the following vulnerability has been resolved: media: mediatek: vcodec: Fix oops when HEVC init fails The stateless HEVC decoder saves the instance pointer in the context regardless if the initialization worked or not. This caused a use after free, when the pointer is freed i...

SUSE SLES12 Security Update : gdk-pixbuf (SUSE-SU-2024:1699-1)

The remote SUSE Linux SLES12 / SLESSAP12 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2024:1699-1 advisory. - In GNOME GdkPixbuf aka gdk-pixbuf through 2.42.10, the ANI Windows animated cursor decoder encounters heap memory corruption in aniloadchu...

CVE-2024-35921

A vulnerability was found in the Linux kernel's MediaTek vdechevcreqmultiif.c driver in the vdechevcsliceinit function, where a lack of proper checking can lead to a use-after-free scenario. This issue occurs when the stateless HEVC decoder saves the instance pointer in the context without checki...

CVE-2024-35920

A vulnerability was found in the Linux kernel's MediaTek VCodec driver, caused by the absence of a lock to protect the decoder context list ctxlist. This issue can lead to a NULL pointer dereference in the vpudecipihandler function, resulting in a kernel panic. Mitigation Mitigation for this issu...

DEBIAN-CVE-2024-35920

In the Linux kernel, the following vulnerability has been resolved: media: mediatek: vcodec: adding lock to protect decoder context list Add a lock for the ctxlist, to avoid accessing a NULL pointer within the 'vpudecipihandler' function when the ctxlist has been deleted due to an unexpected...

CVE-2024-35920

In the Linux kernel, the following vulnerability has been resolved: media: mediatek: vcodec: adding lock to protect decoder context list Add a lock for the ctxlist, to avoid accessing a NULL pointer within the 'vpudecipihandler' function when the ctxlist has been deleted due to an unexpected...

CVE-2024-35921

In the Linux kernel, the following vulnerability has been resolved: media: mediatek: vcodec: Fix oops when HEVC init fails The stateless HEVC decoder saves the instance pointer in the context regardless if the initialization worked or not. This caused a use after free, when the pointer is freed i...

DEBIAN-CVE-2024-35921

In the Linux kernel, the following vulnerability has been resolved: media: mediatek: vcodec: Fix oops when HEVC init fails The stateless HEVC decoder saves the instance pointer in the context regardless if the initialization worked or not. This caused a use after free, when the pointer is freed i...

CVE-2024-35921

In the Linux kernel, the following vulnerability has been resolved: media: mediatek: vcodec: Fix oops when HEVC init fails The stateless HEVC decoder saves the instance pointer in the context regardless if the initialization worked or not. This caused a use after free, when the pointer is freed i...

UBUNTU-CVE-2024-35920

In the Linux kernel, the following vulnerability has been resolved: media: mediatek: vcodec: adding lock to protect decoder context list Add a lock for the ctxlist, to avoid accessing a NULL pointer within the 'vpudecipihandler' function when the ctxlist has been deleted due to an unexpected...

CVE-2024-35921

In the Linux kernel, the following vulnerability has been resolved: media: mediatek: vcodec: Fix oops when HEVC init fails The stateless HEVC decoder saves the instance pointer in the context regardless if the initialization worked or not. This caused a use after free, when the pointer is freed i...

CVE-2024-35921 media: mediatek: vcodec: Fix oops when HEVC init fails

In the Linux kernel, the following vulnerability has been resolved: media: mediatek: vcodec: Fix oops when HEVC init fails The stateless HEVC decoder saves the instance pointer in the context regardless if the initialization worked or not. This caused a use after free, when the pointer is freed i...

CVE-2024-35921 media: mediatek: vcodec: Fix oops when HEVC init fails

In the Linux kernel, the following vulnerability has been resolved: media: mediatek: vcodec: Fix oops when HEVC init fails The stateless HEVC decoder saves the instance pointer in the context regardless if the initialization worked or not. This caused a use after free, when the pointer is freed i...

CVE-2024-35920 media: mediatek: vcodec: adding lock to protect decoder context list

In the Linux kernel, the following vulnerability has been resolved: media: mediatek: vcodec: adding lock to protect decoder context list Add a lock for the ctxlist, to avoid accessing a NULL pointer within the 'vpudecipihandler' function when the ctxlist has been deleted due to an unexpected...

CVE-2024-35920

CVE-2024-35920 refers to a Linux kernel issue in the media: mediatek: vcodec driver. The root cause is a race/NULL-pointer risk in vpu_dec_ipi_handler when the decoder context list (ctx_list) could be deleted due to SCP IP block behavior. The patch adds a lock around ctx_list to prevent illegal a...

CVE-2024-35920 media: mediatek: vcodec: adding lock to protect decoder context list

In the Linux kernel, the following vulnerability has been resolved: media: mediatek: vcodec: adding lock to protect decoder context list Add a lock for the ctxlist, to avoid accessing a NULL pointer within the 'vpudecipihandler' function when the ctxlist has been deleted due to an unexpected...

Slackware Linux 15.0 / current gdk-pixbuf2 Vulnerability (SSA:2024-136-01)

The version of gdk-pixbuf2 installed on the remote host is prior to 2.42.12. It is, therefore, affected by a vulnerability as referenced in the SSA:2024-136-01 advisory. - In GNOME GdkPixbuf aka gdk-pixbuf through 2.42.10, the ANI Windows animated cursor decoder encounters heap memory corruption ...