11 matches found
CVE-2024-44931
In the Linux kernel, the following vulnerability has been resolved: gpio: prevent potential speculation leaks in gpiodevicegetdesc Userspace may trigger a speculative read of an address outside the gpio descriptor array. Users can do that by calling gpioioctl with an offset out of range. Offset i...
CVE-2024-44931 gpio: prevent potential speculation leaks in gpio_device_get_desc()
In the Linux kernel, the following vulnerability has been resolved: gpio: prevent potential speculation leaks in gpiodevicegetdesc Userspace may trigger a speculative read of an address outside the gpio descriptor array. Users can do that by calling gpioioctl with an offset out of range. Offset i...
CVE-2024-42090
In the Linux kernel, the following vulnerability has been resolved: pinctrl: fix deadlock in createpinctrl when handling -EPROBEDEFER In createpinctrl, pinctrlmapsmutex is acquired before calling addsetting. If addsetting returns -EPROBEDEFER, createpinctrl calls pinctrlfree. However, pinctrlfree...
CVE-2024-42090 pinctrl: fix deadlock in create_pinctrl() when handling -EPROBE_DEFER
In the Linux kernel, the following vulnerability has been resolved: pinctrl: fix deadlock in createpinctrl when handling -EPROBEDEFER In createpinctrl, pinctrlmapsmutex is acquired before calling addsetting. If addsetting returns -EPROBEDEFER, createpinctrl calls pinctrlfree. However, pinctrlfree...
CVE-2024-42090 pinctrl: fix deadlock in create_pinctrl() when handling -EPROBE_DEFER
In the Linux kernel, the following vulnerability has been resolved: pinctrl: fix deadlock in createpinctrl when handling -EPROBEDEFER In createpinctrl, pinctrlmapsmutex is acquired before calling addsetting. If addsetting returns -EPROBEDEFER, createpinctrl calls pinctrlfree. However, pinctrlfree...
CVE-2024-42090
The CVE CVE-2024-42090 affects the Linux kernel pinctrl subsystem. Root cause: in create_pinctrl(), pinctrl_maps_mutex is held when add_setting() can return -EPROBE_DEFER, and the code then calls pinctrl_free(), which attempts to re-acquire pinctrl_maps_mutex, risking a deadlock. The patch fixes ...
CVE-2024-39499 vmci: prevent speculation leaks by sanitizing event in event_deliver()
In the Linux kernel, the following vulnerability has been resolved: vmci: prevent speculation leaks by sanitizing event in eventdeliver Coverity spotted that eventmsg is controlled by user-space, eventmsg-eventdata.event is passed to eventdeliver and used as an index without sanitization. This...
CVE-2024-33619
In the Linux kernel, the following vulnerability has been resolved: efi: libstub: only free priv.runtimemap when allocated priv.runtimemap is only allocated when efinovamap is not set. Otherwise, it is an uninitialized value. In the error path, it is freed unconditionally. Avoid passing an...
CVE-2024-33619 efi: libstub: only free priv.runtime_map when allocated
In the Linux kernel, the following vulnerability has been resolved: efi: libstub: only free priv.runtimemap when allocated priv.runtimemap is only allocated when efinovamap is not set. Otherwise, it is an uninitialized value. In the error path, it is freed unconditionally. Avoid passing an...
CVE-2024-33619 efi: libstub: only free priv.runtime_map when allocated
In the Linux kernel, the following vulnerability has been resolved: efi: libstub: only free priv.runtimemap when allocated priv.runtimemap is only allocated when efinovamap is not set. Otherwise, it is an uninitialized value. In the error path, it is freed unconditionally. Avoid passing an...
CVE-2024-33619 efi: libstub: only free priv.runtime_map when allocated
In the Linux kernel, the following vulnerability has been resolved: efi: libstub: only free priv.runtimemap when allocated priv.runtimemap is only allocated when efinovamap is not set. Otherwise, it is an uninitialized value. In the error path, it is freed unconditionally. Avoid passing an...