CVE-2022-48945

CVE-2022-48945 is associated with a Linux kernel vulnerability in the media/vivid driver where the compose height adjustment could cause a boundary overrun in V4L2_SEL_TGT_CROP handling. The root cause is a missing boundary check after adjust compose->height, which could lead to memory access ...

CVE-2022-48945 media: vivid: fix compose size exceed boundary

In the Linux kernel, the following vulnerability has been resolved: media: vivid: fix compose size exceed boundary syzkaller found a bug: BUG: unable to handle page fault for address: ffffc9000a3b1000 PF: supervisor write access in kernel mode PF: errorcode0x0002 - not-present page PGD 100000067...

CVE-2024-46721 apparmor: fix possible NULL pointer dereference

In the Linux kernel, the following vulnerability has been resolved: apparmor: fix possible NULL pointer dereference profile-parent-dentsAAFSPROFDIR could be NULL only if its parent is made from createmissingancestors.. and 'ent-old' is NULL in aareplaceprofiles... In that case, it must return an...

CVE-2024-46721

CVE-2024-46721 covers a NULL-pointer dereference in the Linux kernel’s AppArmor path when creating profiles. The issue arises in aafs_create.constprop.0 within aa_replace_profiles, where profile->parent->dents[AAFS_PROF_DIR] could be NULL if the parent was created by __create_missing_ancest...

CVE-2024-46694 drm/amd/display: avoid using null object of framebuffer

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: avoid using null object of framebuffer Instead of using state-fb-obj0 directly, get object from framebuffer by calling drmgemfbgetobj and return error code when object is null to avoid using null object of...

CVE-2024-46694 drm/amd/display: avoid using null object of framebuffer

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: avoid using null object of framebuffer Instead of using state-fb-obj0 directly, get object from framebuffer by calling drmgemfbgetobj and return error code when object is null to avoid using null object of...

SUSE CVE-2024-45028

In the Linux kernel, the following vulnerability has been resolved: mmc: mmctest: Fix NULL dereference on allocation failure If the "test-highmem = allocpages" allocation fails then calling freepagestest-highmem will result in a NULL dereference. Also change the error code to -ENOMEM instead of...

CVE-2024-45028

In the Linux kernel, the following vulnerability has been resolved: mmc: mmctest: Fix NULL dereference on allocation failure If the "test-highmem = allocpages" allocation fails then calling freepagestest-highmem will result in a NULL dereference. Also change the error code to -ENOMEM instead of...

UBUNTU-CVE-2024-45028

In the Linux kernel, the following vulnerability has been resolved: mmc: mmctest: Fix NULL dereference on allocation failure If the "test-highmem = allocpages" allocation fails then calling freepagestest-highmem will result in a NULL dereference. Also change the error code to -ENOMEM instead of...

CVE-2023-52900 nilfs2: fix general protection fault in nilfs_btree_insert()

In the Linux kernel, the following vulnerability has been resolved: nilfs2: fix general protection fault in nilfsbtreeinsert If nilfs2 reads a corrupted disk image and tries to reads a b-tree node block by calling nilfsbtreegetblock against an invalid virtual block address, it returns -ENOENT...

CVE-2024-43874 crypto: ccp - Fix null pointer dereference in __sev_snp_shutdown_locked

In the Linux kernel, the following vulnerability has been resolved: crypto: ccp - Fix null pointer dereference in sevsnpshutdownlocked Fix a null pointer dereference induced by DEBUGTESTDRIVERREMOVE. Return from sevsnpshutdownlocked if the pspdevice or the sevdevice structs are not initialized...

CVE-2024-42275

In the Linux kernel, the following vulnerability has been resolved: drm/client: Fix error code in drmclientbuffervmaplocal This function accidentally returns zero/success on the failure path. It leads to locking issues and an uninitialized mapcopy in the caller...

CVE-2024-42275

In the Linux kernel, the following vulnerability has been resolved: drm/client: Fix error code in drmclientbuffervmaplocal This function accidentally returns zero/success on the failure path. It leads to locking issues and an uninitialized mapcopy in the caller...

CVE-2024-42275

In the Linux kernel, the following vulnerability has been resolved: drm/client: Fix error code in drmclientbuffervmaplocal This function accidentally returns zero/success on the failure path. It leads to locking issues and an uninitialized mapcopy in the caller...

CVE-2024-42287 scsi: qla2xxx: Complete command early within lock

In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Complete command early within lock A crash was observed while performing NPIV and FW reset, BUG: kernel NULL pointer dereference, address: 000000000000001c PF: supervisor read access in kernel mode PF:...

CVE-2023-52889 apparmor: Fix null pointer deref when receiving skb during sock creation

In the Linux kernel, the following vulnerability has been resolved: apparmor: Fix null pointer deref when receiving skb during sock creation The panic below is observed when receiving ICMP packets with secmark set while an ICMP raw socket is being created. SKCTXsk-label is updated in...

CVE-2024-42275 drm/client: Fix error code in drm_client_buffer_vmap_local()

In the Linux kernel, the following vulnerability has been resolved: drm/client: Fix error code in drmclientbuffervmaplocal This function accidentally returns zero/success on the failure path. It leads to locking issues and an uninitialized mapcopy in the caller...

CVE-2024-42275

In CVE-2024-42275, the Linux kernel’s drm/client path fixes an error code in drm_client_buffer_vmap_local() that previously returned success on a failure path, causing locking issues and an uninitialized map_copy in the caller. The vulnerability is resolved by the upstream kernel fix. No exploits...

CVE-2024-42275

In the Linux kernel, the following vulnerability has been resolved: drm/client: Fix error code in drmclientbuffervmaplocal This function accidentally returns zero/success on the failure path. It leads to locking issues and an uninitialized mapcopy in the caller...

DEBIAN-CVE-2024-42239

In the Linux kernel, the following vulnerability has been resolved: bpf: Fail bpftimercancel when callback is being cancelled Given a schedule: timer1 cb timer2 cb bpftimercanceltimer2; bpftimercanceltimer1; Both bpftimercancel calls would wait for the other callback to finish executing,...