6 matches found
CVE-2023-53376
CVE-2023-53376 affects the Linux kernel scsi mpi3mr driver, where bitmap sizing used bytes instead of bits caused slab-out-of-bounds access (notably during firmware download to eHBA-9600) via find_first_zero_bit() in mpi3mr_send_event_ack(). The fix switches bitmap management to number-of-bits ar...
CVE-2023-53376 scsi: mpi3mr: Use number of bits to manage bitmap sizes
In the Linux kernel, the following vulnerability has been resolved: scsi: mpi3mr: Use number of bits to manage bitmap sizes To allocate bitmaps, the mpi3mr driver calculates sizes of bitmaps using byte as unit. However, bitmap helper functions assume that bitmaps are allocated using unsigned long...
DEBIAN-CVE-2022-50025
In the Linux kernel, the following vulnerability has been resolved: cxl: Fix a memory leak in an error handling path A bitmapzalloc must be balanced by a corresponding bitmapfree in the error handling path of afuallocateirqs...
CVE-2024-36899
In the Linux kernel, the following vulnerability has been resolved: gpiolib: cdev: Fix use after free in lineinfochangednotify The use-after-free issue occurs as follows: when the GPIO chip device file is being closed by invoking gpiochrdevrelease, watchedlines is freed by bitmapfree, but the...
CVE-2024-36899 gpiolib: cdev: Fix use after free in lineinfo_changed_notify
In the Linux kernel, the following vulnerability has been resolved: gpiolib: cdev: Fix use after free in lineinfochangednotify The use-after-free issue occurs as follows: when the GPIO chip device file is being closed by invoking gpiochrdevrelease, watchedlines is freed by bitmapfree, but the...
CVE-2024-36899 gpiolib: cdev: Fix use after free in lineinfo_changed_notify
In the Linux kernel, the following vulnerability has been resolved: gpiolib: cdev: Fix use after free in lineinfochangednotify The use-after-free issue occurs as follows: when the GPIO chip device file is being closed by invoking gpiochrdevrelease, watchedlines is freed by bitmapfree, but the...