DEBIAN-CVE-2024-50268

In the Linux kernel, the following vulnerability has been resolved: usb: typec: fix potential out of bounds in ucsiccgupdatesetnewcamcmd The "cmd" variable can be controlled by the user via debugfs. That means "newcam" can be as high as 255 while the size of the uc-updated array is UCSIMAXALTMODE...

UBUNTU-CVE-2024-50282

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: add missing size check in amdgpudebugfsgprwaveread Avoid a possible buffer overflow if size is larger than 4K. cherry picked from commit f5d873f5825b40d886d03bd2aede91d4cf002434...

UBUNTU-CVE-2024-50268

In the Linux kernel, the following vulnerability has been resolved: usb: typec: fix potential out of bounds in ucsiccgupdatesetnewcamcmd The "cmd" variable can be controlled by the user via debugfs. That means "newcam" can be as high as 255 while the size of the uc-updated array is UCSIMAXALTMODE...

CVE-2024-50268 usb: typec: fix potential out of bounds in ucsi_ccg_update_set_new_cam_cmd()

In the Linux kernel, the following vulnerability has been resolved: usb: typec: fix potential out of bounds in ucsiccgupdatesetnewcamcmd The "cmd" variable can be controlled by the user via debugfs. That means "newcam" can be as high as 255 while the size of the uc-updated array is UCSIMAXALTMODE...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a missing size check in the amdgpudebugfsgprwaveread function. No details of the vulnerability are provided ...

Vulnerability of the sched/debug components of the Linux operating system’s kernel, allowing attackers to access confidential information

The vulnerability of the sched/debug components in the Linux operating system’s kernel is related to the disclosure of information through the updatescheddomain Debugfs function. Exploiting this vulnerability can allow an attacker to gain access to confidential information...

kernel: thermal/debugfs: Prevent use-after-free from occurring after cdev removal

In the Linux kernel, the following vulnerability has been resolved: thermal/debugfs: Prevent use-after-free from occurring after cdev removal Since thermaldebugcdevremove does not run under cdev-lock, it can run in parallel with thermaldebugcdevstateupdate and it may free the struct thermaldebugf...

kernel: drm/amdgpu: Fix a null pointer access when the smc_rreg pointer is NULL

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Fix a null pointer access when the smcrreg pointer is NULL In certain types of chips, such as VEGA20, reading the amdgpuregssmc file could result in an abnormal null pointer access when the smcrreg pointer is NULL...

kernel: tty: pcn_uart: fix memory leak with using debugfs_lookup()

In the Linux kernel, the following vulnerability has been resolved: tty: pcnuart: fix memory leak with using debugfslookup When calling debugfslookup the result must have dput called on it, otherwise the memory will leak over time. To make things simpler, just call debugfslookupandremove instead...

kernel: kernel/printk/index.c: fix memory leak with using debugfs_lookup()

In the Linux kernel, the following vulnerability has been resolved: kernel/printk/index.c: fix memory leak with using debugfslookup When calling debugfslookup the result must have dput called on it, otherwise the memory will leak over time. To make things simpler, just call debugfslookupandremove...

kernel: thermal/debugfs: Fix two locking issues with thermal zone debug

In the Linux kernel, the following vulnerability has been resolved: thermal/debugfs: Fix two locking issues with thermal zone debug With the current thermal zone locking arrangement in the debugfs code, user space can open the "mitigations" file for a thermal zone before the zone's debugfs pointe...

kernel: thermal/debugfs: Free all thermal zone debug memory on zone removal

In the Linux kernel, the following vulnerability has been resolved: thermal/debugfs: Free all thermal zone debug memory on zone removal Because thermaldebugtzremove does not free all memory allocated for thermal zone diagnostics, some of that memory becomes unreachable after freeing the thermal...

kernel: drm/vmwgfx: Create debugfs ttm_resource_manager entry only if needed

A flaw was found in the vmwgfx module in the Linux kernel. Trying to read the /sys/kernel/debug/dri/0/mobttm file when the ttmresourcemanager is not allocated will cause a crash, resulting in a denial of service...

PT-2024-35650

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A potential array underflow issue has been identified in the Linux kernel, specifically in the ucsi ccg sync control function. The command variable can be controlled by the user via...

ntb: intel: Fix the NULL vs IS_ERR() bug for debugfs_create_dir()

...

AZL-52980 CVE-2024-50159 affecting package kernel for versions less than 6.6.64.2-1

In the Linux kernel, the following vulnerability has been resolved: firmware: armscmi: Fix the double free in scmidebugfscommonsetup Clang static checkerscan-build throws below warning： | drivers/firmware/armscmi/driver.c:line 2915, column 2 | Attempt to free released memory. When...

UBUNTU-CVE-2024-50159

In the Linux kernel, the following vulnerability has been resolved: firmware: armscmi: Fix the double free in scmidebugfscommonsetup Clang static checkerscan-build throws below warning： | drivers/firmware/armscmi/driver.c:line 2915, column 2 | Attempt to free released memory. When...

Linux kernel 资源管理错误漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A resource management error vulnerability exists in Linux kernel that stems from a double release issue in the scmidebugfscommonsetup function...

The vulnerability of the debugfs_remove_recursive() function in the Linux operating system allows a hacker to trigger a service failure.

The vulnerability of the debugfsremoverecursive function in the Linux operating system is related to errors during resource release. Exploiting this vulnerability can allow an attacker to cause a service failure...

OESA-2024-2325 kernel security update

The Linux Kernel, the operating system core itself. Security Fixes: In the Linux kernel, the following vulnerability has been resolved: ntb: intel: Fix the NULL vs ISERR bug for debugfscreatedir The debugfscreatedir function returns error pointers. It never returns NULL. So use ISERR to check...