CVE-2024-26866 spi: lpspi: Avoid potential use-after-free in probe()

In the Linux kernel, the following vulnerability has been resolved: spi: lpspi: Avoid potential use-after-free in probe fsllpspiprobe is allocating/disposing memory manually with spiallochost/spialloctarget, but uses devmspiregistercontroller. In case of error after the latter call the memory wil...

CVE-2024-26866 spi: lpspi: Avoid potential use-after-free in probe()

In the Linux kernel, the following vulnerability has been resolved: spi: lpspi: Avoid potential use-after-free in probe fsllpspiprobe is allocating/disposing memory manually with spiallochost/spialloctarget, but uses devmspiregistercontroller. In case of error after the latter call the memory wil...

CVE-2024-26855 net: ice: Fix potential NULL pointer dereference in ice_bridge_setlink()

In the Linux kernel, the following vulnerability has been resolved: net: ice: Fix potential NULL pointer dereference in icebridgesetlink The function icebridgesetlink may encounter a NULL pointer dereference if nlmsgfindattr returns NULL and brspec is dereferenced subsequently in nlaforeachnested...

CVE-2024-26700

CV E-2024-26700 is a Linux kernel issue: drm/amd/display had a fix to prevent MST null-pointer dereference on RV platforms. The crash trace shows a NULL pointer dereference in drm_dp_atomic_find_time_slots during DP MST time-slot calculation, leading to a kernel oops. Affected code path involves ...

CVE-2024-26700 drm/amd/display: Fix MST Null Ptr for RV

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Fix MST Null Ptr for RV The change try to fix below error specific to RV platform: BUG: kernel NULL pointer dereference, address: 0000000000000008 PGD 0 P4D 0 Oops: 0000 1 PREEMPT SMP NOPTI CPU: 4 PID: 917 Comm:...

CVE-2021-47127

In the Linux kernel, the following vulnerability has been resolved: ice: track AFXDP ZC enabled queues in bitmap Commit c7a219048e45 "ice: Remove xskbuffpool from VSI structure" silently introduced a regression and broke the Tx side of AFXDP in copy mode. xskpool on icering is set only based on t...

CVE-2024-26615

In the Linux kernel, the following vulnerability has been resolved: net/smc: fix illegal rmbdesc access in SMC-D connection dump A crash was found when dumping SMC-D connections. It can be reproduced by following steps: - run nginx/wrk test: smcrun nginx smcrun wrk -t 16 -c 1000 -d -H 'Connection...

CVE-2023-52489

In the Linux kernel, the following vulnerability has been resolved: mm/sparsemem: fix race in accessing memorysection-usage The below race is observed on a PFN which falls into the device memory region with the system memory configuration where PFN's are such that ZONENORMAL ZONEDEVICE ZONENORMAL...

PT-2024-4107 · Linux +2 · Linux Kernel +2

Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 6.8.0-rc6+ Description: The vulnerability is related to the SUNRPC module in the Linux kernel, specifically with the TCP TLS functionality. A missing rpc stat for TCP TLS can cause a kernel NULL pointer...

CVE-2023-52523

In the Linux kernel, the following vulnerability has been resolved: bpf, sockmap: Reject skmsg egress redirects to non-TCP sockets With a SOCKMAP/SOCKHASH map and an skmsg program user can steer messages sent from one TCP socket s1 to actually egress from another TCP socket s2: tcpbpfsendmsgs1 //...

CVE-2023-52568 x86/sgx: Resolves SECS reclaim vs. page fault for EAUG race

In the Linux kernel, the following vulnerability has been resolved: x86/sgx: Resolves SECS reclaim vs. page fault for EAUG race The SGX EPC reclaimer ksgxd may reclaim the SECS EPC page for an enclave and set secs.epcpage to NULL. The SECS page is used for EAUG and ELDU in the SGX page fault...

CVE-2024-26615 net/smc: fix illegal rmb_desc access in SMC-D connection dump

In the Linux kernel, the following vulnerability has been resolved: net/smc: fix illegal rmbdesc access in SMC-D connection dump A crash was found when dumping SMC-D connections. It can be reproduced by following steps: - run nginx/wrk test: smcrun nginx smcrun wrk -t 16 -c 1000 -d -H 'Connection...

CVE-2024-26615 net/smc: fix illegal rmb_desc access in SMC-D connection dump

In the Linux kernel, the following vulnerability has been resolved: net/smc: fix illegal rmbdesc access in SMC-D connection dump A crash was found when dumping SMC-D connections. It can be reproduced by following steps: - run nginx/wrk test: smcrun nginx smcrun wrk -t 16 -c 1000 -d -H 'Connection...

CVE-2023-52489 mm/sparsemem: fix race in accessing memory_section->usage

In the Linux kernel, the following vulnerability has been resolved: mm/sparsemem: fix race in accessing memorysection-usage The below race is observed on a PFN which falls into the device memory region with the system memory configuration where PFN's are such that ZONENORMAL ZONEDEVICE ZONENORMAL...

CVE-2023-52477

In the Linux kernel, the following vulnerability has been resolved: usb: hub: Guard against accesses to uninitialized BOS descriptors Many functions in drivers/usb/core/hub.c and drivers/usb/core/hub.h access fields inside udev-bos without checking if it was allocated and initialized. If...

CVE-2024-26591

CVE-2024-26591: Linux kernel vulnerability in bpf_tracing_prog_attach can crash with NULL pointer dereference due to missing attach_btf when attaching tracing programs (rawtp/fentry chain). The issue arises in a sequence of loading a rawtp program, loading an fentry with rawtp as target, creating...

NVIDIA GPU Display Driver Security Vulnerability

NVIDIA GPU Display Driver is a driver from NVIDIA Corporation that is used to provide interactive support for graphics card display modules in operating systems. A security vulnerability exists in NVIDIA GPU Display Driver, which stems from a vulnerability in the kernel layer, where a null pointe...

NVIDIA GPU Display Driver Security Vulnerability

NVIDIA GPU Display Driver is a driver from NVIDIA Corporation for interactive support of graphics card display modules in operating systems. A security vulnerability exists in NVIDIA GPU Display Driver, which stems from a flaw in the kernel layer that could cause a null pointer dereference by an...

OESA-2023-1437 kernel security update

The Linux Kernel, the operating system core itself. Security Fixes: A heap out-of-bounds write vulnerability in the Linux Kernel ipvlan network driver can be exploited to achieve local privilege escalation. The out-of-bounds write is caused by missing skb-cb initialization in the ipvlan network...

UBUNTU-CVE-2023-0190

NVIDIA GPU Display Driver for Linux contains a vulnerability in the kernel mode layer, where a NULL pointer dereference may lead to denial of service...