EUVD-2023-60295

In the Linux kernel, the following vulnerability has been resolved: drm/amd: Fix an out of bounds error in BIOS parser The array is hardcoded to 8 in atomfirmware.h, but firmware provides a bigger one sometimes. Deferencing the larger array causes an out of bounds error. commit 4fc1ba4aa589...

EUVD-2023-60310

In the Linux kernel, the following vulnerability has been resolved: mapletree: fix potential out-of-bounds access in maswrendpiv Check the write offset end bounds before using it as the offset into the pivot array. This avoids a possible out-of-bounds access on the pivot array if the write extend...

EUVD-2023-60355

In the Linux kernel, the following vulnerability has been resolved: ixgbe: Fix panic during XDPTX with 64 CPUs Commit 4fe815850bdc "ixgbe: let the xdpdrv work with more than 64 cpus" adds support to allow XDP programs to run on systems with more than 64 CPUs by locking the XDP TX rings and indexi...

CVE-2023-54150

In the Linux kernel, the following vulnerability has been resolved: drm/amd: Fix an out of bounds error in BIOS parser The array is hardcoded to 8 in atomfirmware.h, but firmware provides a bigger one sometimes. Deferencing the larger array causes an out of bounds error. commit 4fc1ba4aa589...

CVE-2023-54135

In the Linux kernel, the following vulnerability has been resolved: mapletree: fix potential out-of-bounds access in maswrendpiv Check the write offset end bounds before using it as the offset into the pivot array. This avoids a possible out-of-bounds access on the pivot array if the write extend...

CVE-2023-54056

In the Linux kernel, the following vulnerability has been resolved: kheaders: Use array declaration instead of char Under CONFIGFORTIFYSOURCE, memcpy will check the size of destination and source buffers. Defining kernelheadersdata as "char" would trip this check. Since these addresses are treate...

CVE-2023-54135

In the Linux kernel, the following vulnerability has been resolved: mapletree: fix potential out-of-bounds access in maswrendpiv Check the write offset end bounds before using it as the offset into the pivot array. This avoids a possible out-of-bounds access on the pivot array if the write extend...

CVE-2023-54150

In the Linux kernel, the following vulnerability has been resolved: drm/amd: Fix an out of bounds error in BIOS parser The array is hardcoded to 8 in atomfirmware.h, but firmware provides a bigger one sometimes. Deferencing the larger array causes an out of bounds error. commit 4fc1ba4aa589...

CVE-2022-50715

In the Linux kernel, the following vulnerability has been resolved: md/raid1: stop mdxraid1 thread when raid1 array run failed fail run raid1 array when we assemble array with the inactive disk only, but the mdxraid1 thread were not stop, Even if the associated resources have been released. it wi...

CVE-2023-54150 drm/amd: Fix an out of bounds error in BIOS parser

In the Linux kernel, the following vulnerability has been resolved: drm/amd: Fix an out of bounds error in BIOS parser The array is hardcoded to 8 in atomfirmware.h, but firmware provides a bigger one sometimes. Deferencing the larger array causes an out of bounds error. commit 4fc1ba4aa589...

CVE-2023-54150

Technical details for CVE-2023-54150 are not publicly available in the provided documents. No connected entries specify affected products/versions or fixes beyond the initial description; monitor for updates from vendors.

CVE-2023-54135 maple_tree: fix potential out-of-bounds access in mas_wr_end_piv()

In the Linux kernel, the following vulnerability has been resolved: mapletree: fix potential out-of-bounds access in maswrendpiv Check the write offset end bounds before using it as the offset into the pivot array. This avoids a possible out-of-bounds access on the pivot array if the write extend...

CVE-2023-54135

Technical details about CVE-2023-54135 are not provided in the supplied documents. The Linux kernel mapletree out-of-bounds fix is described at a high level; monitor vendor advisories for affected products, impact, and remediation specifics.

CVE-2022-50781 amdgpu/pm: prevent array underflow in vega20_odn_edit_dpm_table()

In the Linux kernel, the following vulnerability has been resolved: amdgpu/pm: prevent array underflow in vega20odneditdpmtable In the PPODEDITVDDCCURVE case the "inputindex" variable is capped at 2 but not checked for negative values so it results in an out of bounds read. This value comes from...

CVE-2022-50781

CVE-2022-50781 (Linux kernel, amdgpu driver) : The issue occurs in amdgpu/pm within the Vega 20 DPM table handling (PP_OD_EDIT_VDDC_CURVE). The root cause is that input_index is capped at 2 but not checked for negative values, leading to an out-of-bounds read when the value is supplied by user sp...

CVE-2022-50781 amdgpu/pm: prevent array underflow in vega20_odn_edit_dpm_table()

In the Linux kernel, the following vulnerability has been resolved: amdgpu/pm: prevent array underflow in vega20odneditdpmtable In the PPODEDITVDDCCURVE case the "inputindex" variable is capped at 2 but not checked for negative values so it results in an out of bounds read. This value comes from...

CVE-2023-54056 kheaders: Use array declaration instead of char

In the Linux kernel, the following vulnerability has been resolved: kheaders: Use array declaration instead of char Under CONFIGFORTIFYSOURCE, memcpy will check the size of destination and source buffers. Defining kernelheadersdata as "char" would trip this check. Since these addresses are treate...

CVE-2023-54056 kheaders: Use array declaration instead of char

In the Linux kernel, the following vulnerability has been resolved: kheaders: Use array declaration instead of char Under CONFIGFORTIFYSOURCE, memcpy will check the size of destination and source buffers. Defining kernelheadersdata as "char" would trip this check. Since these addresses are treate...

CVE-2023-54056

The CVE-2023-54056 entry concerns the Linux kernel kheaders path. The underlying issue was that kernel_headers_data was defined as a char array, which trips FortifySource checks during memcpy by treating addresses as byte arrays; the fix is to define them as proper arrays (as with other code path...

CVE-2022-50715 md/raid1: stop mdx_raid1 thread when raid1 array run failed

In the Linux kernel, the following vulnerability has been resolved: md/raid1: stop mdxraid1 thread when raid1 array run failed fail run raid1 array when we assemble array with the inactive disk only, but the mdxraid1 thread were not stop, Even if the associated resources have been released. it wi...