UBUNTU-CVE-2022-49005

In the Linux kernel, the following vulnerability has been resolved: ASoC: ops: Fix bounds check for sx controls For sx controls the semantics of the max field is not the usual one, max is the number of steps rather than the maximum value. This means that our check in sndsocputvolswsx needs to jus...

UBUNTU-CVE-2024-49922

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Check null pointers before using them WHAT & HOW These pointers are null checked previously in the same function, indicating they might be null as reported by Coverity. As a result, they need to be checked when...

UBUNTU-CVE-2024-47738

In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211: don't use rate mask for offchannel TX either Like the commit ab9177d83c04 "wifi: mac80211: don't use rate mask for scanning", ignore incorrect settings to avoid no supported rate warning reported by syzbot. The...

UBUNTU-CVE-2024-47661

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Avoid overflow from uint32t to uint8t WHAT & HOW dmubrbcmd's rampingboundary has size of uint8t and it is assigned 0xFFFF. Fix it by changing it to uint8t with value of 0xFF. This fixes 2 INTEGEROVERFLOW issues...

UBUNTU-CVE-2024-46844

In the Linux kernel, the following vulnerability has been resolved: um: line: always fill errorout in setuponeline The pointer isn't initialized by callers, but I have encountered cases where it's still printed; initialize it in all possible cases in setuponeline...

UBUNTU-CVE-2024-46865

In the Linux kernel, the following vulnerability has been resolved: fou: fix initialization of grc The grc must be initialize first. There can be a condition where if fou is NULL, goto out will be executed and grc would be used uninitialized...

UBUNTU-CVE-2024-46703

In the Linux kernel, the following vulnerability has been resolved: Revert "serial: 8250omap: Set the console genpd always on if no console suspend" This reverts commit 68e6939ea9ec3d6579eadeab16060339cdeaf940. Kevin reported that this causes a crash during suspend on platforms that dont use PM...

UBUNTU-CVE-2024-44932

In the Linux kernel, the following vulnerability has been resolved: idpf: fix UAFs when destroying the queues The second tagged commit started sometimes very rarely, but possible throwing WARNs from net/core/pagepool.c:pagepooldisabledirectrecycling. Turned out idpf frees interrupt vectors with...

UBUNTU-CVE-2024-43908

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Fix the null pointer dereference to rasmanager Check rasmanager before using it...

UBUNTU-CVE-2022-48903

In the Linux kernel, the following vulnerability has been resolved: btrfs: fix relocation crash due to premature return from btrfscommittransaction We are seeing crashes similar to the following trace: 38.969182 WARNING: CPU: 20 PID: 2105 at fs/btrfs/relocation.c:4070...

UBUNTU-CVE-2023-52897

In the Linux kernel, the following vulnerability has been resolved: btrfs: qgroup: do not warn on record without oldroots populated BUG There are some reports from the mailing list that since v6.1 kernel, the WARNON inside btrfsqgroupaccountextent gets triggered during rescan: WARNING: CPU: 3 PID...

UBUNTU-CVE-2022-48885

In the Linux kernel, the following vulnerability has been resolved: ice: Fix potential memory leak in icegnssttywrite The icegnssttywrite return directly if the writebuf alloc failed, leaking the cmdbuf. Fix by free cmdbuf if writebuf alloc failed...

UBUNTU-CVE-2022-48899

In the Linux kernel, the following vulnerability has been resolved: drm/virtio: Fix GEM handle creation UAF Userspace can guess the handle value and try to race GEM object creation with handle close, resulting in a use-after-free if we dereference the object after dropping the handle's reference...

UBUNTU-CVE-2024-42298

In the Linux kernel, the following vulnerability has been resolved: ASoC: fsl: fslqmcaudio: Check devmkasprintf returned value devmkasprintf can return a NULL pointer on failure but this returned value is not checked. Fix this lack and check the returned value...

UBUNTU-CVE-2024-42223

In the Linux kernel, the following vulnerability has been resolved: media: dvb-frontends: tda10048: Fix integer overflow state-xtalhz can be up to 16M, so it can overflow a 32 bit integer when multiplied by pllmfactor. Create a new 64 bit variable to hold the calculations...

UBUNTU-CVE-2022-48835

In the Linux kernel, the following vulnerability has been resolved: scsi: mpt3sas: Page fault in reply q processing A page fault was encountered in mpt3sas on a LUN reset error path: 145.763216 mpt3sascm1: Task abort tm failed: handle0x0002,timeout30 trmethod0x0 smid3 msixindex0 145.778932 scsi...

UBUNTU-CVE-2024-41003

In the Linux kernel, the following vulnerability has been resolved: bpf: Fix regsetminmax corruption of fakereg Juan reported that after doing some changes to buzzer 0 and implementing a new fuzzing strategy guided by coverage, they noticed the following in one of the probes: ... 13: 79 r6 = u64 ...

UBUNTU-CVE-2024-36481

In the Linux kernel, the following vulnerability has been resolved: tracing/probes: fix error check in parsebtffield btffindstructmember might return NULL or an error via the ERRPTR macro. However, its caller in parsebtffield only checks for the NULL condition. Fix this by using ISERR and returni...

UBUNTU-CVE-2024-38625

In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: Check 'folio' pointer for NULL It can be NULL if bmap is called...

UBUNTU-CVE-2022-48718

In the Linux kernel, the following vulnerability has been resolved: drm: mxsfb: Fix NULL pointer dereference mxsfb should not ever dereference the NULL pointer which drmatomicgetnewbridgestate is allowed to return. Assume a fixed format instead...