97 matches found
CVE-2022-49915
In the Linux kernel, the following vulnerability has been resolved: mISDN: fix possible memory leak in mISDNregisterdevice Afer commit 1fa5ae857bb1 "driver core: get rid of struct device's busid string array", the name of device is allocated dynamically, add putdevice to give up the reference, so...
CVE-2024-53681 nvmet: Don't overflow subsysnqn
In the Linux kernel, the following vulnerability has been resolved: nvmet: Don't overflow subsysnqn nvmetrootdiscoverynqnstore treats the subsysnqn string like a fixed size buffer, even though it is dynamically allocated to the size of the string. Create a new string with kstrndup instead of usin...
CVE-2024-53681 nvmet: Don't overflow subsysnqn
In the Linux kernel, the following vulnerability has been resolved: nvmet: Don't overflow subsysnqn nvmetrootdiscoverynqnstore treats the subsysnqn string like a fixed size buffer, even though it is dynamically allocated to the size of the string. Create a new string with kstrndup instead of usin...
SUSE CVE-2024-56695
In the Linux kernel, the following vulnerability has been resolved: drm/amdkfd: Use dynamic allocation for CU occupancy array in 'kfdgetcuoccupancy' The kfdgetcuoccupancy function previously declared a large cuoccupancy array as a local variable, which could lead to stack overflows due to excessi...
UBUNTU-CVE-2024-56695
In the Linux kernel, the following vulnerability has been resolved: drm/amdkfd: Use dynamic allocation for CU occupancy array in 'kfdgetcuoccupancy' The kfdgetcuoccupancy function previously declared a large cuoccupancy array as a local variable, which could lead to stack overflows due to excessi...
CVE-2024-56695
In the Linux kernel, the following vulnerability has been resolved: drm/amdkfd: Use dynamic allocation for CU occupancy array in 'kfdgetcuoccupancy' The kfdgetcuoccupancy function previously declared a large cuoccupancy array as a local variable, which could lead to stack overflows due to excessi...
CVE-2024-56695 drm/amdkfd: Use dynamic allocation for CU occupancy array in 'kfd_get_cu_occupancy()'
In the Linux kernel, the following vulnerability has been resolved: drm/amdkfd: Use dynamic allocation for CU occupancy array in 'kfdgetcuoccupancy' The kfdgetcuoccupancy function previously declared a large cuoccupancy array as a local variable, which could lead to stack overflows due to excessi...
CVE-2024-56695 drm/amdkfd: Use dynamic allocation for CU occupancy array in 'kfd_get_cu_occupancy()'
In the Linux kernel, the following vulnerability has been resolved: drm/amdkfd: Use dynamic allocation for CU occupancy array in 'kfdgetcuoccupancy' The kfdgetcuoccupancy function previously declared a large cuoccupancy array as a local variable, which could lead to stack overflows due to excessi...
PT-2024-37005 · Linux · Linux Kernel
Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: The issue concerns the kfd get cu occupancy function, which previously declared a large cu occupancy array as a local variable. This could lead to stack overflows due to excessive stac...
kernel: drm/amdgpu: change vm->task_info handling
In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: change vm-taskinfo handling This patch changes the handling and lifecycle of vm-taskinfo object. The major changes are: - vm-taskinfo is a dynamically allocated ptr now, and its uasge is reference counted. - introduci...
CVE-2024-50254
In the Linux kernel, the following vulnerability has been resolved: bpf: Free dynamically allocated bits in bpfiterbitsdestroy bpfiterbitsdestroy uses "kit-nrbits kmemleakalloc+0x4b/0x80 kmallocnodenoprof+0x480/0x5c0 alloc.isra.0+0x89/0xb0 allocbulk+0x2af/0x720 prefillmemcache+0x7f/0xb0...
CVE-2024-48986
An issue was discovered in MBed OS 6.16.0. Its hci parsing software dynamically determines the length of certain hci packets by reading a byte from its header. Certain events cause a callback, the logic for which allocates a buffer the length of which is determined by looking up the event type in...
CVE-2024-48982
An issue was discovered in MBed OS 6.16.0. Its hci parsing software dynamically determines the length of certain hci packets by reading a byte from its header. This value is assumed to be greater than or equal to 3, but the software doesn't ensure that this is the case. Supplying a length less th...
CVE-2024-48983
An issue was discovered in MBed OS 6.16.0. During processing of HCI packets, the software dynamically determines the length of the packet data by reading 2 bytes from the packet header. A buffer is then allocated to contain the entire packet, the size of which is calculated as the length of the...
CVE-2024-48986
An issue was discovered in MBed OS 6.16.0. Its hci parsing software dynamically determines the length of certain hci packets by reading a byte from its header. Certain events cause a callback, the logic for which allocates a buffer the length of which is determined by looking up the event type in...
kernel: drm/amdgpu: change vm->task_info handling
In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: change vm-taskinfo handling This patch changes the handling and lifecycle of vm-taskinfo object. The major changes are: - vm-taskinfo is a dynamically allocated ptr now, and its uasge is reference counted. - introduci...
UBUNTU-CVE-2024-50254
In the Linux kernel, the following vulnerability has been resolved: bpf: Free dynamically allocated bits in bpfiterbitsdestroy bpfiterbitsdestroy uses "kit-nrbits kmemleakalloc+0x4b/0x80 kmallocnodenoprof+0x480/0x5c0 alloc.isra.0+0x89/0xb0 allocbulk+0x2af/0x720 prefillmemcache+0x7f/0xb0...
CVE-2024-50254 bpf: Free dynamically allocated bits in bpf_iter_bits_destroy()
In the Linux kernel, the following vulnerability has been resolved: bpf: Free dynamically allocated bits in bpfiterbitsdestroy bpfiterbitsdestroy uses "kit-nrbits kmemleakalloc+0x4b/0x80 kmallocnodenoprof+0x480/0x5c0 alloc.isra.0+0x89/0xb0 allocbulk+0x2af/0x720 prefillmemcache+0x7f/0xb0...
CVE-2024-50254
CVE-2024-50254 : In the Linux kernel, the bpf_iter_bits_destroy() path incorrectly used kit->nr_bits bit = kit->nr_bits on completion, uses !nr_bits || bits >= nr_bits to determine completion, and keeps nr_bits > 64 to indicate dynamic allocation. It also changes kit->nr_bits from ...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a faulty dynamic allocation bit release in the bpfiterbitsdestroy function...