15 matches found
DEBIAN-CVE-2025-21998
In the Linux kernel, the following vulnerability has been resolved: firmware: qcom: uefisecapp: fix efivars registration race Since the conversion to using the TZ allocator, the efivars service is registered before the memory pool has been allocated, something which can lead to a NULL-pointer...
CVE-2025-21998 firmware: qcom: uefisecapp: fix efivars registration race
In the Linux kernel, the following vulnerability has been resolved: firmware: qcom: uefisecapp: fix efivars registration race Since the conversion to using the TZ allocator, the efivars service is registered before the memory pool has been allocated, something which can lead to a NULL-pointer...
SUSE CVE-2024-58084
In the Linux kernel, the following vulnerability has been resolved: firmware: qcom: scm: Fix missing read barrier in qcomscmgettzmempool Commit 2e4955167ec5 "firmware: qcom: scm: Fix scm and waitq completion variable initialization" introduced a write barrier in probe function to store global 'sc...
DEBIAN-CVE-2024-58084
In the Linux kernel, the following vulnerability has been resolved: firmware: qcom: scm: Fix missing read barrier in qcomscmgettzmempool Commit 2e4955167ec5 "firmware: qcom: scm: Fix scm and waitq completion variable initialization" introduced a write barrier in probe function to store global 'sc...
UBUNTU-CVE-2024-58084
In the Linux kernel, the following vulnerability has been resolved: firmware: qcom: scm: Fix missing read barrier in qcomscmgettzmempool Commit 2e4955167ec5 "firmware: qcom: scm: Fix scm and waitq completion variable initialization" introduced a write barrier in probe function to store global 'sc...
UBUNTU-CVE-2024-57852
In the Linux kernel, the following vulnerability has been resolved: firmware: qcom: scm: smc: Handle missing SCM device Commit ca61d6836e6f "firmware: qcom: scm: fix a NULL-pointer dereference" makes it explicit that qcomscmgettzmempool can return NULL, therefore its users should handle this...
CVE-2024-57852 firmware: qcom: scm: smc: Handle missing SCM device
In the Linux kernel, the following vulnerability has been resolved: firmware: qcom: scm: smc: Handle missing SCM device Commit ca61d6836e6f "firmware: qcom: scm: fix a NULL-pointer dereference" makes it explicit that qcomscmgettzmempool can return NULL, therefore its users should handle this...
CVE-2024-57852
CVE-2024-57852 affects the Linux kernel firmware: qcom: scm: smc handling of missing SCM device. The root cause is a NULL pointer dereference in qcom_scm_get_tzmem_pool(), which may return NULL and requires callers to handle it. The issue is addressed by the commit ca61d6836e6f, which makes the n...
SUSE CVE-2024-53069
In the Linux kernel, the following vulnerability has been resolved: firmware: qcom: scm: fix a NULL-pointer dereference Some SCM calls can be invoked with scm being NULL the driver may not have been and will not be probed as there's no SCM entry in device-tree. Make sure we don't dereference a NU...
SUSE CVE-2024-46868
In the Linux kernel, the following vulnerability has been resolved: firmware: qcom: uefisecapp: Fix deadlock in qcuefiacquire If the qcuefi pointer is not set, then in the original code, we would hold onto the lock. That means that if we tried to set it later, then it would cause a deadlock. Drop...
DEBIAN-CVE-2024-46868
In the Linux kernel, the following vulnerability has been resolved: firmware: qcom: uefisecapp: Fix deadlock in qcuefiacquire If the qcuefi pointer is not set, then in the original code, we would hold onto the lock. That means that if we tried to set it later, then it would cause a deadlock. Drop...
SUSE CVE-2024-46692
In the Linux kernel, the following vulnerability has been resolved: firmware: qcom: scm: Mark getwqctx as atomic call Currently getwqctx is wrongly configured as a standard call. When two SMC calls are in sleep and one SMC wakes up, it calls getwqctx to resume the corresponding sleeping thread. B...
UBUNTU-CVE-2024-46692
In the Linux kernel, the following vulnerability has been resolved: firmware: qcom: scm: Mark getwqctx as atomic call Currently getwqctx is wrongly configured as a standard call. When two SMC calls are in sleep and one SMC wakes up, it calls getwqctx to resume the corresponding sleeping thread. B...
CVE-2024-35994
In the Linux kernel, the following vulnerability has been resolved: firmware: qcom: uefisecapp: Fix memory related IO errors and crashes It turns out that while the QSEECOM APPSEND command has specific fields for request and response buffers, uefisecapp expects them both to be in a single memory...
UBUNTU-CVE-2023-52684
In the Linux kernel, the following vulnerability has been resolved: firmware: qcom: qseecom: fix memory leaks in error paths Fix instances of returning error codes directly instead of jumping to the relevant labels where memory allocated for the SCM calls would be freed...