CVE-2024-50206 net: ethernet: mtk_eth_soc: fix memory corruption during fq dma init

In the Linux kernel, the following vulnerability has been resolved: net: ethernet: mtkethsoc: fix memory corruption during fq dma init The loop responsible for allocating up to MTKFQDMALENGTH buffers must only touch as many descriptors, otherwise it ends up corrupting unrelated memory. Fix the lo...

SUSE CVE-2024-50171

In the Linux kernel, the following vulnerability has been resolved: net: systemport: fix potential memory leak in bcmsysportxmit The bcmsysportxmit returns NETDEVTXOK without freeing skb in case of dmamapsingle fails, add devkfreeskb to fix it...

AZL-53073 CVE-2024-50171 affecting package kernel for versions less than 5.15.173.1-1

In the Linux kernel, the following vulnerability has been resolved: net: systemport: fix potential memory leak in bcmsysportxmit The bcmsysportxmit returns NETDEVTXOK without freeing skb in case of dmamapsingle fails, add devkfreeskb to fix it...

AZL-53498 CVE-2024-50158 affecting package kernel for versions less than 6.6.64.2-1

In the Linux kernel, the following vulnerability has been resolved: RDMA/bnxtre: Fix out of bound check Driver exports pacing stats only on GenP5 and P7 adapters. But while parsing the pacing stats, driver has a check for "rdev-dbrpacing". This caused a trace when KASAN is enabled. BUG: KASAN:...

AZL-52598 CVE-2024-50101 affecting package kernel for versions less than 6.6.64.2-1

In the Linux kernel, the following vulnerability has been resolved: iommu/vt-d: Fix incorrect pciforeachdmaalias for non-PCI devices Previously, the domaincontextclear function incorrectly called pciforeachdmaalias to set up context entries for non-PCI devices. This could lead to kernel hangs or...

kernel: dma-direct: Leak pages on dma_set_decrypted() failure

In the Linux kernel, the following vulnerability has been resolved: dma-direct: Leak pages on dmasetdecrypted failure The Linux kernel CVE team has assigned CVE-2024-35939 to this issue. Upstream advisory: https://lore.kernel.org/linux-cve-announce/2024051919-CVE-2024-35939-f877@gregkh/T...

SUSE CVE-2024-50001

In the Linux kernel, the following vulnerability has been resolved: net/mlx5: Fix error path in multi-packet WQE transmit Remove the erroneous unmap in case no DMA mapping was established The multi-packet WQE transmit code attempts to obtain a DMA mapping for the skb. This could fail, e.g. under...

UBUNTU-CVE-2022-48958

In the Linux kernel, the following vulnerability has been resolved: ethernet: aeroflex: fix potential skb leak in grethinitrings The grethinitrings function won't free the newly allocated skb when dmamappingerror returns error, so add devkfreeskb to fix it. Compile tested only...

DEBIAN-CVE-2024-50001

In the Linux kernel, the following vulnerability has been resolved: net/mlx5: Fix error path in multi-packet WQE transmit Remove the erroneous unmap in case no DMA mapping was established The multi-packet WQE transmit code attempts to obtain a DMA mapping for the skb. This could fail, e.g. under...

AZL-51986 CVE-2024-50001 affecting package kernel for versions less than 5.15.173.1-1

In the Linux kernel, the following vulnerability has been resolved: net/mlx5: Fix error path in multi-packet WQE transmit Remove the erroneous unmap in case no DMA mapping was established The multi-packet WQE transmit code attempts to obtain a DMA mapping for the skb. This could fail, e.g. under...

UBUNTU-CVE-2024-49973

In the Linux kernel, the following vulnerability has been resolved: r8169: add tally counter fields added with RTL8125 RTL8125 added fields to the tally counter, what may result in the chip dma'ing these new fields to unallocated memory. Therefore make sure that the allocated memory area is big...

UBUNTU-CVE-2024-47735

In the Linux kernel, the following vulnerability has been resolved: RDMA/hns: Fix spinunlockirqrestore called with IRQs enabled Fix missuse of spinlockirq/spinunlockirq when spinlockirqsave/spinlockirqrestore was hold. This was discovered through the lock debugging, and the corresponding log is a...

Linux kernel 资源管理错误漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from an rsvqp reference that is released immediately after the RDMA/hns component is used on HIP08...

CVE-2024-44984

...

CVE-2024-45012

...

PT-2024-30627 · Imagination Technologies · Imagination Technologies Graphics Ddk

Name of the Vulnerable Software and Affected Versions: Imagination Technologies Graphics DDK affected versions not specified Description: The issue allows software installed and run as a non-privileged user to conduct GPU system calls, enabling the reading and writing of freed physical memory fro...

The vulnerability of the RDMA/hns component of the Linux operating system allows a hacker to trigger a service failure or execute arbitrary code.

The vulnerability of the RDMA/hns component of the Linux operating system is related to improper locking mechanisms. Exploiting this vulnerability can allow an attacker to cause a service failure or execute arbitrary code...

kernel: usb-storage: alauda: Fix uninit-value in alauda_check_media()

An uninitialized value vulnerability was found in the alauda USB storage driver in the Linux kernel. In alaudacheckmedia, the function does not verify that USB transfer operations succeeded before using the received data. If a transfer fails, uninitialized memory may be accessed, leading to...

The vulnerability of the array_index_nospec function in the DMA-BUF driver of the Linux operating system allows a hacker to gain unauthorized access to protected information or cause service failures.

The vulnerability of the arrayindexnospec function in the Linux kernel’s DMA-buf driver is related to a memory leak. Exploiting this vulnerability can allow an attacker to gain unauthorized access to protected information or cause service failures...

drm/fbdev-dma: Only set smem_start is enable per module option

...