260 matches found
DEBIAN-CVE-2022-49935
In the Linux kernel, the following vulnerability has been resolved: dma-buf/dma-resv: check if the new fence is really later Previously when we added a fence to a dmaresv object we always assumed the the newer than all the existing fences. With Jason's work to add an UAPI to explicit export/impor...
DEBIAN-CVE-2022-49940
In the Linux kernel, the following vulnerability has been resolved: tty: ngsm: add sanity check for gsm-receive in gsmreceivebuf A null pointer dereference can happen when attempting to access the "gsm-receive" function in gsmldreceivebuf. Currently, the code assumes that gsm-recieve is only call...
UBUNTU-CVE-2022-49983
In the Linux kernel, the following vulnerability has been resolved: udmabuf: Set the DMA mask for the udmabuf device v2 If the DMA mask is not set explicitly, the following warning occurs when the userspace tries to access the dma-buf via the CPU as reported by syzbot here: WARNING: CPU: 1 PID:...
CVE-2022-49935
CVE-2022-49935 affects the Linux kernel’s dma-buf/dma-resv code. The vulnerability arises from assuming a newly added fence is newer than all existing fences; with the explicit UAPI export/import, this assumption was removed, creating a path where userspace could force the kernel into a use-after...
CVE-2022-49935 dma-buf/dma-resv: check if the new fence is really later
In the Linux kernel, the following vulnerability has been resolved: dma-buf/dma-resv: check if the new fence is really later Previously when we added a fence to a dmaresv object we always assumed the the newer than all the existing fences. With Jason's work to add an UAPI to explicit export/impor...
CVE-2022-49935
In the Linux kernel, the following vulnerability has been resolved: dma-buf/dma-resv: check if the new fence is really later Previously when we added a fence to a dmaresv object we always assumed the the newer than all the existing fences. With Jason's work to add an UAPI to explicit export/impor...
CVE-2023-53084
In the Linux kernel, the following vulnerability has been resolved: drm/shmem-helper: Remove another errant put in error path drmgemshmemmmap doesn't own reference in error code path, resulting in the dma-buf shmem GEM object getting prematurely freed leading to a later use-after-free...
SUSE CVE-2023-53084
In the Linux kernel, the following vulnerability has been resolved: drm/shmem-helper: Remove another errant put in error path drmgemshmemmmap doesn't own reference in error code path, resulting in the dma-buf shmem GEM object getting prematurely freed leading to a later use-after-free...
DEBIAN-CVE-2023-53084
In the Linux kernel, the following vulnerability has been resolved: drm/shmem-helper: Remove another errant put in error path drmgemshmemmmap doesn't own reference in error code path, resulting in the dma-buf shmem GEM object getting prematurely freed leading to a later use-after-free...
CVE-2023-53084
CVE-2023-53084 – Linux kernel (drm/shmem) 손상 문제 확인 Impact: In the Linux kernel, the error path in drm_gem_shmem_mmap() could fail to drop a reference, causing a dma-buf shmem GEM object to be freed prematurely and potentially leading to a use-after-free. Affected component: drm/shmem-helper and r...
CVE-2023-53084 drm/shmem-helper: Remove another errant put in error path
In the Linux kernel, the following vulnerability has been resolved: drm/shmem-helper: Remove another errant put in error path drmgemshmemmmap doesn't own reference in error code path, resulting in the dma-buf shmem GEM object getting prematurely freed leading to a later use-after-free...
PT-2025-28637 · Git +1 · Tarantool
Name of the Vulnerable Software and Affected Versions: luajit affected versions not specified Description: The software contains a heap-buffer-overflow read issue. The crash state involves lj buf ruleb128, lj bcread, and cpparser. Recommendations: At the moment, there is no information about a...
SUSE CVE-2022-49743
In the Linux kernel, the following vulnerability has been resolved: ovl: Use "buf" flexible array for memcpy destination The "buf" flexible array needs to be the memcpy destination to avoid false positive run-time warning from the recent FORTIFYSOURCE hardening: memcpy: detected field-spanning...
CVE-2022-49743
In the Linux kernel, the following vulnerability has been resolved: ovl: Use "buf" flexible array for memcpy destination The "buf" flexible array needs to be the memcpy destination to avoid false positive run-time warning from the recent FORTIFYSOURCE hardening: memcpy: detected field-spanning...
UBUNTU-CVE-2022-49743
In the Linux kernel, the following vulnerability has been resolved: ovl: Use "buf" flexible array for memcpy destination The "buf" flexible array needs to be the memcpy destination to avoid false positive run-time warning from the recent FORTIFYSOURCE hardening: memcpy: detected field-spanning...
Linux Distros Unpatched Vulnerability : CVE-2024-27400
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - drm/amdgpu: once more fix the call oder in amdgputtmmove v2 This reverts drm/amdgpu: fix ftrace event amdgpubomove always move on same heap. The basic problem...
Linux Distros Unpatched Vulnerability : CVE-2024-43863
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: drm/vmwgfx: Fix a deadlock in dma buf fence polling Introduce a version of the fence ops tha...
CVE-2024-58017 printk: Fix signed integer overflow when defining LOG_BUF_LEN_MAX
In the Linux kernel, the following vulnerability has been resolved: printk: Fix signed integer overflow when defining LOGBUFLENMAX Shifting 1 31 on a 32-bit int causes signed integer overflow, which leads to undefined behavior. To prevent this, cast 1 to u32 before performing the shift, ensuring...
CVE-2024-58017
In the Linux kernel, the following vulnerability has been resolved: printk: Fix signed integer overflow when defining LOGBUFLENMAX Shifting 1 31 on a 32-bit int causes signed integer overflow, which leads to undefined behavior. To prevent this, cast 1 to u32 before performing the shift, ensuring...
kernel: tipc: fix a possible memleak in tipc_buf_append
In the Linux kernel, the following vulnerability has been resolved: tipc: fix a possible memleak in tipcbufappend skblinearize doesn't free the skb when it fails, so move 'buf = NULL' after skblinearize, so that the skb can be freed on the err path...