854 matches found
DEBIAN-CVE-2021-47272
In the Linux kernel, the following vulnerability has been resolved: usb: dwc3: gadget: Bail from dwc3gadgetexit if dwc-gadget is NULL There exists a possible scenario in which dwc3gadgetinit can fail: during during host - peripheral mode switch in dwc3setmode, and a pending gadget driver fails to...
UBUNTU-CVE-2021-47372
In the Linux kernel, the following vulnerability has been resolved: net: macb: fix use after free on rmmod platdev-dev-platformdata is released by platformdeviceunregister, use of pclk and hclk is a use-after-free. Since device unregister won't need a clk device we adjust the function call sequen...
CVE-2021-47272 usb: dwc3: gadget: Bail from dwc3_gadget_exit() if dwc->gadget is NULL
In the Linux kernel, the following vulnerability has been resolved: usb: dwc3: gadget: Bail from dwc3gadgetexit if dwc-gadget is NULL There exists a possible scenario in which dwc3gadgetinit can fail: during during host - peripheral mode switch in dwc3setmode, and a pending gadget driver fails to...
SUSE CVE-2024-35809
In the Linux kernel, the following vulnerability has been resolved: PCI/PM: Drain runtime-idle callbacks before driver removal A race condition between the .runtimeidle callback and the .remove callback in the rtsxpcr PCI driver leads to a kernel crash due to an unhandled page fault 1. The proble...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. Linux kernel has a security vulnerability that stems from a vulnerability in the spi module...
PT-2024-11277 · Linux +1 · Linux Kernel +1
Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A possible scenario exists where dwc3 gadget init can fail during a host to peripheral mode switch in dwc3 set mode, and a pending gadget driver fails to bind. If the DRD undergoes...
DEBIAN-CVE-2024-35809
In the Linux kernel, the following vulnerability has been resolved: PCI/PM: Drain runtime-idle callbacks before driver removal A race condition between the .runtimeidle callback and the .remove callback in the rtsxpcr PCI driver leads to a kernel crash due to an unhandled page fault 1. The proble...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from passing an incorrect uninitialized acpiparent to acpigetpcidev for detection of the parent pci device...
SUSE CVE-2022-48696
In the Linux kernel, the following vulnerability has been resolved: regmap: spi: Reserve space for register address/padding Currently the maxrawread and maxrawwrite limits in regmapspi struct do not take into account the additional size of the transmitted register address and padding. This may...
SUSE CVE-2024-27028
In the Linux kernel, the following vulnerability has been resolved: spi: spi-mt65xx: Fix NULL pointer access in interrupt handler The TX buffer in spitransfer can be a NULL pointer, so the interrupt handler may end up writing to the invalid memory and cause crashes. Add a check to trans-txbuf...
kernel: hwmon: (coretemp) fix pci device refcount leak in nv1a_ram_new()
A counting logic flaw exists in the Linux kernel. When cigetdomainbusandslot is called, it returns a pci device with refcount incremented. When finishing it, the caller must decrement the reference count by calling pcidevput, leading to the loss of confidentiality of the system...
PT-2024-5604 · Dell · Dell Peripheral Manager
Name of the Vulnerable Software and Affected Versions: Dell Peripheral Manager versions prior to 1.7.6 Description: The issue is related to an uncontrolled search path element in the software. This could allow an attacker to potentially exploit the vulnerability through preloading malicious DLL o...
PT-2024-3511 · Amd · Amdpspp2Cmboxv2
Name of the Vulnerable Software and Affected Versions: AmdPspP2CmboxV2 affected versions not specified Description: The issue is related to an exposed SMI handler in AmdPspP2CmboxV2, which can be leveraged to bypass protections put in place by previous UEFI phases, allowing direct access to the S...
SUSE CVE-2021-47195
In the Linux kernel, the following vulnerability has been resolved: spi: fix use-after-free of the addlock mutex Commit 6098475d4cb4 "spi: Fix deadlock when adding SPI controllers on SPI buses" introduced a per-controller mutex. But mutexunlock of said lock is called after the controller is alrea...
SUSE CVE-2024-26738
In the Linux kernel, the following vulnerability has been resolved: powerpc/pseries/iommu: DLPAR add doesn't completely initialize pcicontroller When a PCI device is dynamically added, the kernel oopses with a NULL pointer dereference: BUG: Kernel NULL pointer dereference on read at 0x00000030...
SUSE CVE-2024-27437
In the Linux kernel, the following vulnerability has been resolved: vfio/pci: Disable auto-enable of exclusive INTx IRQ Currently for devices requiring masking at the irqchip for INTx, ie. devices without DisINTx support, the IRQ is enabled in requestirq and subsequently disabled as necessary to...
CVE-2021-47195
In the Linux kernel, the following vulnerability has been resolved: spi: fix use-after-free of the addlock mutex Commit 6098475d4cb4 "spi: Fix deadlock when adding SPI controllers on SPI buses" introduced a per-controller mutex. But mutexunlock of said lock is called after the controller is alrea...
UBUNTU-CVE-2021-47147
In the Linux kernel, the following vulnerability has been resolved: ptp: ocp: Fix a resource leak in an error handling path If an error occurs after a successful 'pciioremapbar' call, it must be undone by a corresponding 'pciiounmap' call, as already done in the remove function...
ALPINE-CVE-2023-46839
PCI devices can make use of a functionality called phantom functions, that when enabled allows the device to generate requests using the IDs of functions that are otherwise unpopulated. This allows a device to extend the number of outstanding requests. Such phantom functions need an IOMMU context...
UBUNTU-CVE-2023-46839
PCI devices can make use of a functionality called phantom functions, that when enabled allows the device to generate requests using the IDs of functions that are otherwise unpopulated. This allows a device to extend the number of outstanding requests. Such phantom functions need an IOMMU context...