USN-7671-1: Linux kernel vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ACPI drivers; - GPU drivers; - SMB network file system; - Memory management; - Netfilter; - Network traffic control...

USN-7516-7: Linux kernel (AWS) vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - PowerPC architecture; - Block layer subsystem; - Drivers core; - Network block device driver;...

USN-7305-1: Linux kernel vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - x86 architecture; - Block layer subsystem; - ACPI drivers; - GPU drivers; - HID subsystem; -...

CVE-2024-49914

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Add null check for pipectx-planestate in dcn20programpipe This commit addresses a null pointer dereference issue in the dcn20programpipe function. The issue could occur when pipectx-planestate is null. The fix ad...

USN-7029-1: Linux kernel vulnerabilities

Chenyuan Yang discovered that the CEC driver driver in the Linux kernel contained a use-after-free vulnerability. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2024-23848 It was discovered that the JFS file system contained an...

CVE-2023-52912

CVE-2023-52912 relates to the Linux kernel’s DRM amdgpu subsystem. The issue arises during unloading of amdgpu where a bug in drm_buddy_free_block can trigger a kernel BUG and invalid opcode, as shown in the stack trace and kernel log snippet. The impact is a potentially local disruption of a sys...

CVE-2023-52912 drm/amdgpu: Fixed bug on error when unloading amdgpu

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Fixed bug on error when unloading amdgpu Fixed bug on error when unloading amdgpu. The error message is as follows: 377.706202 kernel BUG at drivers/gpu/drm/drmbuddy.c:278! 377.706215 invalid opcode: 0000 1 PREEMPT SM...

CVE-2024-40916

In the Linux kernel, the following vulnerability has been resolved: drm/exynos: hdmi: report safe 640x480 mode as a fallback when no EDID found When reading EDID fails and driver reports no modes available, the DRM core adds an artificial 1024x786 mode to the connector. Unfortunately some variant...

CVE-2024-27045

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Fix a potential buffer overflow in 'dpdscclockenread' Tell snprintf to store at most 10 bytes in the output buffer instead of 30. Fixes the below:...

CVE-2024-26937 drm/i915/gt: Reset queue_priority_hint on parking

In the Linux kernel, the following vulnerability has been resolved: drm/i915/gt: Reset queuepriorityhint on parking Originally, with strict in order execution, we could complete execution only when the queue was empty. Preempt-to-busy allows replacement of an active request that may complete befo...

CVE-2023-3355 Null pointer dereference in submit_lookup_cmds() in drivers/gpu/drm/msm/msm_gem_submit.c

A NULL pointer dereference flaw was found in the Linux kernel's drivers/gpu/drm/msm/msmgemsubmit.c code in the submitlookupcmds function, which fails because it lacks a check of the return value of kmalloc. This issue allows a local user to crash the system...

CVE-2023-3220

An issue was discovered in the Linux kernel through 6.1-rc8. dpucrtcatomiccheck in drivers/gpu/drm/msm/disp/dpu1/dpucrtc.c lacks check of the return value of kzalloc and will cause the NULL Pointer Dereference...

CVE-2022-3115

An issue was discovered in the Linux kernel through 5.16-rc6. malidpcrtcreset in drivers/gpu/drm/arm/malidpcrtc.c lacks check of the return value of kzalloc and will cause the null pointer dereference...

Design/Logic Flaw

A use-after-free vulnerability was found in drmleaseheld in drivers/gpu/drm/drmlease.c in the Linux kernel due to a race problem. This flaw allows a local user privilege attacker to cause a denial of service DoS or a kernel information leak...

openSUSE Security Update : the Linux Kernel (openSUSE-2020-2193)

The openSUSE Leap 15.2 kernel was updated to receive various security and bugfixes. The following security bugs were fixed : - CVE-2020-29371: An issue was discovered in romfsdevread in fs/romfs/storage.c where uninitialized memory leaks to userspace, aka CID-bcf85fcedfdd bnc1179429. -...

CVE-2018-8781

A an integer overflow vulnerability was discovered in the Linux kernel, from version 3.4 through 4.15, in the drivers/gpu/drm/udl/udlfb.c:udlfbmmap function. An attacker with access to the udldrmfb driver could exploit this to obtain full read and write permissions on kernel physical pages,...

Huawei EulerOS: Security Advisory for kernel (EulerOS-SA-2019-1526)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2020-7053

In the Linux kernel 4.14 longterm through 4.14.165 and 4.19 longterm through 4.19.96 and 5.x before 5.2, there is a use-after-free write in the i915ppgttclose function in drivers/gpu/drm/i915/i915gemgtt.c, aka CID-7dc40713618c. This is related to i915gemcontextdestroyioctl in...

Design/Logic Flaw

Memory leaks in clocksourcecreate functions under drivers/gpu/drm/amd/display/dc in the Linux kernel before 5.3.8 allow attackers to cause a denial of service memory consumption. This affects the dce112clocksourcecreate function in drivers/gpu/drm/amd/display/dc/dce112/dce112resource.c, the...

CVE-2019-12881

i915gemuserptrgetpages in drivers/gpu/drm/i915/i915gemuserptr.c in the Linux kernel 4.15.0 on Ubuntu 18.04.2 allows local users to cause a denial of service NULL pointer dereference and BUG or possibly have unspecified other impact via crafted ioctl calls to /dev/dri/card0...