6426 matches found
EUVD-2023-60419
In the Linux kernel, the following vulnerability has been resolved: hte: tegra-194: Fix off by one in tegrahtemaptolineid The "mapsz" is the number of elements in the "m" array so the comparison needs to be changed to = to prevent an out of bounds read...
EUVD-2022-55916
In the Linux kernel, the following vulnerability has been resolved: wifi: ath10k: add peer map clean up for peer delete in ath10kstastate When peer delete failed in a disconnect operation, use-after-free detected by KFENCE in below log. It is because for each vdevid and address, it has only one...
CVE-2023-54222
In the Linux kernel, the following vulnerability has been resolved: hte: tegra-194: Fix off by one in tegrahtemaptolineid The "mapsz" is the number of elements in the "m" array so the comparison needs to be changed to = to prevent an out of bounds read...
CVE-2022-50880
In the Linux kernel, the following vulnerability has been resolved: wifi: ath10k: add peer map clean up for peer delete in ath10kstastate When peer delete failed in a disconnect operation, use-after-free detected by KFENCE in below log. It is because for each vdevid and address, it has only one...
UBUNTU-CVE-2023-54222
In the Linux kernel, the following vulnerability has been resolved: hte: tegra-194: Fix off by one in tegrahtemaptolineid The "mapsz" is the number of elements in the "m" array so the comparison needs to be changed to = to prevent an out of bounds read...
CVE-2023-54283
In the Linux kernel, the following vulnerability has been resolved: bpf: Address KCSAN report on bpflrulist KCSAN reported a data-race when accessing node-ref. Although node-ref does not have to be accurate, take this chance to use a more common READONCE and WRITEONCE pattern instead of datarace...
CVE-2022-50880
In the Linux kernel, the following vulnerability has been resolved: wifi: ath10k: add peer map clean up for peer delete in ath10kstastate When peer delete failed in a disconnect operation, use-after-free detected by KFENCE in below log. It is because for each vdevid and address, it has only one...
CVE-2023-54222
In the Linux kernel, the following vulnerability has been resolved: hte: tegra-194: Fix off by one in tegrahtemaptolineid The "mapsz" is the number of elements in the "m" array so the comparison needs to be changed to = to prevent an out of bounds read...
UBUNTU-CVE-2023-54283
In the Linux kernel, the following vulnerability has been resolved: bpf: Address KCSAN report on bpflrulist KCSAN reported a data-race when accessing node-ref. Although node-ref does not have to be accurate, take this chance to use a more common READONCE and WRITEONCE pattern instead of datarace...
UBUNTU-CVE-2022-50880
In the Linux kernel, the following vulnerability has been resolved: wifi: ath10k: add peer map clean up for peer delete in ath10kstastate When peer delete failed in a disconnect operation, use-after-free detected by KFENCE in below log. It is because for each vdevid and address, it has only one...
CVE-2023-54283 bpf: Address KCSAN report on bpf_lru_list
In the Linux kernel, the following vulnerability has been resolved: bpf: Address KCSAN report on bpflrulist KCSAN reported a data-race when accessing node-ref. Although node-ref does not have to be accurate, take this chance to use a more common READONCE and WRITEONCE pattern instead of datarace...
CVE-2022-50880 wifi: ath10k: add peer map clean up for peer delete in ath10k_sta_state()
In the Linux kernel, the following vulnerability has been resolved: wifi: ath10k: add peer map clean up for peer delete in ath10kstastate When peer delete failed in a disconnect operation, use-after-free detected by KFENCE in below log. It is because for each vdevid and address, it has only one...
CVE-2022-50880
Mode C CVE-2022-50880 affects the Linux kernel wifi driver ath10k. The issue arises from a use-after-free in ath10k_sta_state() when deleting peers: for a given vdev_id/address, multiple HTT_T2H peer_map entries could map to the same ath10k_peer, causing the first peer to be freed while a second ...
CVE-2022-50880 wifi: ath10k: add peer map clean up for peer delete in ath10k_sta_state()
In the Linux kernel, the following vulnerability has been resolved: wifi: ath10k: add peer map clean up for peer delete in ath10kstastate When peer delete failed in a disconnect operation, use-after-free detected by KFENCE in below log. It is because for each vdevid and address, it has only one...
CVE-2023-54222
CVE-2023-54222 affects the Linux kernel: a bug in the Tegra hte map driver (hte: tegra-194: tegra_hte_map_to_line_id) allowed an out-of-bounds read due to an off-by-one in the size check. The root cause is that the code compared against the size of the m array with a ‘>’ and needed a ‘>=’ i...
CVE-2023-54222 hte: tegra-194: Fix off by one in tegra_hte_map_to_line_id()
In the Linux kernel, the following vulnerability has been resolved: hte: tegra-194: Fix off by one in tegrahtemaptolineid The "mapsz" is the number of elements in the "m" array so the comparison needs to be changed to = to prevent an out of bounds read...
CVE-2023-54222 hte: tegra-194: Fix off by one in tegra_hte_map_to_line_id()
In the Linux kernel, the following vulnerability has been resolved: hte: tegra-194: Fix off by one in tegrahtemaptolineid The "mapsz" is the number of elements in the "m" array so the comparison needs to be changed to = to prevent an out of bounds read...
CVE-2023-54165
In the Linux kernel, the following vulnerability has been resolved: zsmalloc: move LRU update from zsmapobject to zsmalloc Under memory pressure, we sometimes observe the following crash: 5694.832838 ------------ cut here ------------ 5694.842093 listdel corruption, ffff888014b6a448-next is...
PT-2025-54051
In the Linux kernel, the following vulnerability has been resolved: hte: tegra-194: Fix off by one in tegra hte map to line id The "map sz" is the number of elements in the "m" array so the comparison needs to be changed to = to prevent an out of bounds read...
PT-2025-54116
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains a flaw within the ath10k driver related to peer map management during peer deletion. Specifically, when a peer delete operation fails, a use-after-free conditio...