DEBIAN-CVE-2024-50117

In the Linux kernel, the following vulnerability has been resolved: drm/amd: Guard against bad data for ATIF ACPI method If a BIOS provides bad data in response to an ATIF method call this causes a NULL pointer dereference in the caller. ? showregs arch/x86/kernel/dumpstack.c:478 discriminator 1 ...

UBUNTU-CVE-2024-50117

In the Linux kernel, the following vulnerability has been resolved: drm/amd: Guard against bad data for ATIF ACPI method If a BIOS provides bad data in response to an ATIF method call this causes a NULL pointer dereference in the caller. ? showregs arch/x86/kernel/dumpstack.c:478 discriminator 1 ...

CVE-2024-50117

CVE-2024-50117 affects the Linux kernel DRM/AMDGPU path (ATIF ACPI method). The vulnerability stems from bad data returned by BIOS ACPI ATIF calls, which could cause a NULL pointer dereference in the caller when amdgpu_atif_query_backlight_caps processes the result. The issue was resolved by guar...

CVE-2024-50117 drm/amd: Guard against bad data for ATIF ACPI method

In the Linux kernel, the following vulnerability has been resolved: drm/amd: Guard against bad data for ATIF ACPI method If a BIOS provides bad data in response to an ATIF method call this causes a NULL pointer dereference in the caller. ? showregs arch/x86/kernel/dumpstack.c:478 discriminator 1 ...

CVE-2024-50117 drm/amd: Guard against bad data for ATIF ACPI method

In the Linux kernel, the following vulnerability has been resolved: drm/amd: Guard against bad data for ATIF ACPI method If a BIOS provides bad data in response to an ATIF method call this causes a NULL pointer dereference in the caller. ? showregs arch/x86/kernel/dumpstack.c:478 discriminator 1 ...

kernel: drm/amdgpu: avoid using null object of framebuffer

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: avoid using null object of framebuffer Instead of using state-fb-obj0 directly, get object from framebuffer by calling drmgemfbgetobj and return error code when object is null to avoid using null object of framebuffer...

kernel: drm/amdgpu: avoid using null object of framebuffer

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: avoid using null object of framebuffer Instead of using state-fb-obj0 directly, get object from framebuffer by calling drmgemfbgetobj and return error code when object is null to avoid using null object of framebuffer...

SUSE-SU-2024:3880-1 Security update for the Linux Kernel (Live Patch 0 for SLE 15 SP6)

This update for the Linux Kernel 6.4.0-15060021 fixes several issues. The following security issues were fixed: - CVE-2024-35905: Fixed int overflow for stack access size bsc1226327. - CVE-2024-42133: Bluetooth: Ignore too large handle values in BIG bsc1231419 - CVE-2024-35863: Fixed potential UA...

Security update for rubygem-actionpack-5_1

This update for rubygem-actionpack-51 fixes the following issues: CVE-2024-47887: Fixed Possible ReDoS vulnerability in HTTP Token authentication in Action Controller bsc1231729. CVE-2024-42228: Fixed uninitialized value size when calling amdgpuvcecsreloc bsc1228667. Patch Instructions: To instal...

ROS-20241101-01

A vulnerability in the sysfs component of the Linux operating system kernel is related to excessive output in the sysfsbreakactiveprotection function in fs/sysfs/file.c. Exploitation of the vulnerability could allow an attacker to gain access to sensitive information Vulnerability in the clk...

SUSE-SU-2024:3851-1 Security update for the Linux Kernel (Live Patch 25 for SLE 15 SP4)

This update for the Linux Kernel 5.14.21-15040024116 fixes several issues. The following security issues were fixed: - CVE-2024-35905: Fixed int overflow for stack access size bsc1226327. - CVE-2021-47598: schcake: do not call cakedestroy from cakeinit bsc1227471. - CVE-2024-35863: Fixed potentia...

SUSE CVE-2024-49989

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: fix double free issue during amdgpu module unload Flexible endpoints use DIGs from available inflexible endpoints, so only the encoders of inflexible links need to be freed. Otherwise, a double free issue may occ...

ROS-20241028-03

The vulnerability of the quota component of the Linux kernel is related to the NULL pointer dereferencing in the functions dquotmarkdquotdirty, dquotallocspace, dquotallocinode, EXPORTSYMBOL, dquotclaimspacenodirty, dquotreclaimspacenodirty, dquotfreespace, dquotfreeinode, and dquottransfer in...

SUSE CVE-2024-49895

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Fix index out of bounds in DCN30 degamma hardware format translation This commit addresses a potential index out of bounds issue in the cm3helpertranslatecurvetodegammahwformat function in the DCN30 color...

SUSE CVE-2024-49904

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: add list empty check to avoid null pointer issue Add list empty check to avoid null pointer issues in some corner cases. - listforeachentrysafe...

SUSE CVE-2024-49905

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Add null check for 'afb' in amdgpudmplanehandlecursorupdate v2 This commit adds a null check for the 'afb' variable in the amdgpudmplanehandlecursorupdate function. Previously, 'afb' was assumed to be null, but w...

SUSE CVE-2024-49908

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Add null check for 'afb' in amdgpudmupdatecursor v2 This commit adds a null check for the 'afb' variable in the amdgpudmupdatecursor function. Previously, 'afb' was assumed to be null at line 8388, but was used...

SUSE CVE-2024-49991

In the Linux kernel, the following vulnerability has been resolved: drm/amdkfd: amdkfdfreegttmem clear the correct pointer Pass pointer reference to amdgpubounref to clear the correct pointer, otherwise amdgpubounref clear the local variable, the original pointer not set to NULL, this could cause...

SUSE CVE-2024-49896

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Check stream before comparing them WHAT & HOW amdgpudm can pass a null stream to dcisstreamunchanged. It is necessary to check for null before dereferencing them. This fixes 1 FORWARDNULL issue reported by Coveri...

The vulnerability of the dcn302_fpu_update_bw_bounding_box() function in the amdgpu kernel of the Linux operating system allows a attacker to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the dcn302fpuupdatebwboundingbox function in the drivers/gpu/drm/amd/display/dc/dml/dcn302/dcn302fpu.c file of the amdgpu kernel in the Linux operating system is related to incorrect calculation of the index. Exploiting this vulnerability may allow an attacker to compromise t...