46 matches found
CVE-2025-37905
CVE-2025-37905 affects the Linux kernel in the firmware: arm_scmi subsystem, where destroying SCMI devices via device_find_child() creates an unbalanced device refcount because device_find_child() performs an implicit get_device(). This prevents release methods from running during destruction, ca...
CVE-2024-53068
In the Linux kernel, the following vulnerability has been resolved: firmware: armscmi: Fix slab-use-after-free in scmibusnotifier The scmidev-name is released prematurely in scmidevicedestroy, which causes slab-use-after-free when accessing scmidev-name in scmibusnotifier. So move the release of...
CVE-2024-53068
In the Linux kernel, the following vulnerability has been resolved: firmware: armscmi: Fix slab-use-after-free in scmibusnotifier The scmidev-name is released prematurely in scmidevicedestroy, which causes slab-use-after-free when accessing scmidev-name in scmibusnotifier. So move the release of...
CVE-2024-53068 firmware: arm_scmi: Fix slab-use-after-free in scmi_bus_notifier()
In the Linux kernel, the following vulnerability has been resolved: firmware: armscmi: Fix slab-use-after-free in scmibusnotifier The scmidev-name is released prematurely in scmidevicedestroy, which causes slab-use-after-free when accessing scmidev-name in scmibusnotifier. So move the release of...
CVE-2024-53068 firmware: arm_scmi: Fix slab-use-after-free in scmi_bus_notifier()
In the Linux kernel, the following vulnerability has been resolved: firmware: armscmi: Fix slab-use-after-free in scmibusnotifier The scmidev-name is released prematurely in scmidevicedestroy, which causes slab-use-after-free when accessing scmidev-name in scmibusnotifier. So move the release of...
CVE-2024-53068
CVE-2024-53068 affects the Linux kernel’s ARM SCMI subsystem. The issue is a slab-use-after-free in scmi_bus_notifier caused by prematurely freeing scmi_dev->name in __scmi_device_destroy(); the release of scmi_dev->name is moved to scmi_device_release() to prevent use-after-free, per the p...
CVE-2024-50159
In the Linux kernel, the following vulnerability has been resolved: firmware: armscmi: Fix the double free in scmidebugfscommonsetup Clang static checkerscan-build throws below warning: | drivers/firmware/armscmi/driver.c:line 2915, column 2 | Attempt to free released memory. When...
CVE-2024-50159 firmware: arm_scmi: Fix the double free in scmi_debugfs_common_setup()
In the Linux kernel, the following vulnerability has been resolved: firmware: armscmi: Fix the double free in scmidebugfscommonsetup Clang static checkerscan-build throws below warning: | drivers/firmware/armscmi/driver.c:line 2915, column 2 | Attempt to free released memory. When...
CVE-2024-50159
CVE-2024-50159 relates to the Linux kernel firmware subsystem for ARM SCMI. The vulnerability arises from a double-free in the ARM SCMI debugfs setup path: when devm_add_action_or_reset() fails, scmi_debugfs_common_cleanup() can run twice, leading to freeing the same memory (dbg->name) twice. ...
CVE-2024-50159 firmware: arm_scmi: Fix the double free in scmi_debugfs_common_setup()
In the Linux kernel, the following vulnerability has been resolved: firmware: armscmi: Fix the double free in scmidebugfscommonsetup Clang static checkerscan-build throws below warning: | drivers/firmware/armscmi/driver.c:line 2915, column 2 | Attempt to free released memory. When...
CVE-2024-49853
In the Linux kernel, the following vulnerability has been resolved: firmware: armscmi: Fix double free in OPTEE transport Channels can be shared between protocols, avoid freeing the same channel descriptors twice when unloading the stack...
CVE-2024-49853
In the Linux kernel, the following vulnerability has been resolved: firmware: armscmi: Fix double free in OPTEE transport Channels can be shared between protocols, avoid freeing the same channel descriptors twice when unloading the stack...
CVE-2024-49853 firmware: arm_scmi: Fix double free in OPTEE transport
In the Linux kernel, the following vulnerability has been resolved: firmware: armscmi: Fix double free in OPTEE transport Channels can be shared between protocols, avoid freeing the same channel descriptors twice when unloading the stack...
CVE-2024-49853 firmware: arm_scmi: Fix double free in OPTEE transport
In the Linux kernel, the following vulnerability has been resolved: firmware: armscmi: Fix double free in OPTEE transport Channels can be shared between protocols, avoid freeing the same channel descriptors twice when unloading the stack...
CVE-2024-49853
CVE-2024-49853 affects the Linux kernel firmware/arm_scmi path (OPTEE transport). The issue is a double-free in the OPTEE transport where channel descriptors can be freed twice when unloading the stack, due to channels being shared between protocols. This can lead to memory corruption or potentia...
CVE-2024-49853
In the Linux kernel, the following vulnerability has been resolved: firmware: armscmi: Fix double free in OPTEE transport Channels can be shared between protocols, avoid freeing the same channel descriptors twice when unloading the stack...
CVE-2022-48655
In the Linux kernel, the following vulnerability has been resolved: firmware: armscmi: Harden accesses to the reset domains Accessing reset domains descriptors by the index upon the SCMI drivers requests through the SCMI reset operations interface can potentially lead to out-of-bound violations i...
CVE-2022-48655
In the Linux kernel, the following vulnerability has been resolved: firmware: armscmi: Harden accesses to the reset domains Accessing reset domains descriptors by the index upon the SCMI drivers requests through the SCMI reset operations interface can potentially lead to out-of-bound violations i...
CVE-2022-48655
In the Linux kernel, the following vulnerability has been resolved: firmware: armscmi: Harden accesses to the reset domains Accessing reset domains descriptors by the index upon the SCMI drivers requests through the SCMI reset operations interface can potentially lead to out-of-bound violations i...
CVE-2022-48655
In the Linux kernel, the following vulnerability has been resolved: firmware: armscmi: Harden accesses to the reset domains Accessing reset domains descriptors by the index upon the SCMI drivers requests through the SCMI reset operations interface can potentially lead to out-of-bound violations i...