4828 matches found
CVE-2024-56575 media: imx-jpeg: Ensure power suppliers be suspended before detach them
In the Linux kernel, the following vulnerability has been resolved: media: imx-jpeg: Ensure power suppliers be suspended before detach them The power suppliers are always requested to suspend asynchronously, devpmdomaindetach requires the caller to ensure proper synchronization of this function...
CVE-2024-56575 media: imx-jpeg: Ensure power suppliers be suspended before detach them
In the Linux kernel, the following vulnerability has been resolved: media: imx-jpeg: Ensure power suppliers be suspended before detach them The power suppliers are always requested to suspend asynchronously, devpmdomaindetach requires the caller to ensure proper synchronization of this function...
CVE-2024-56575
CVE-2024-56575 affects the Linux kernel component media: imx-jpeg. The issue is triggered when power suppliers are detached without proper synchronization with power management callbacks, risking kernel panic from a NULL-pointer dereference during dev_pm_domain_detach(). A fix ensures power suppl...
CVE-2024-56560 slab: Fix too strict alignment check in create_cache()
In the Linux kernel, the following vulnerability has been resolved: slab: Fix too strict alignment check in createcache On m68k, where the minimum alignment of unsigned long is 2 bytes: Kernel panic - not syncing: kmemcachecreateargs: Failed to create slab 'iokiocb'. Error -22 CPU: 0 UID: 0 PID: ...
DEBIAN-CVE-2024-53224
In the Linux kernel, the following vulnerability has been resolved: RDMA/mlx5: Move events notifier registration to be after device registration Move pkey change work initialization and cleanup from device resources stage to notifier stage, since this is the stage which handles this work events...
CVE-2024-53224
In the Linux kernel, the following vulnerability has been resolved: RDMA/mlx5: Move events notifier registration to be after device registration Move pkey change work initialization and cleanup from device resources stage to notifier stage, since this is the stage which handles this work events...
CVE-2024-53183
In the Linux kernel, the following vulnerability has been resolved: um: net: Do not use drvdata in release The drvdata is not available in release. Let's just use containerof to get the umlnet instance. Otherwise, removing a network device will result in a crash: RIP:...
CVE-2024-53181
In the Linux kernel, the following vulnerability has been resolved: um: vector: Do not use drvdata in release The drvdata is not available in release. Let's just use containerof to get the vectordevice instance. Otherwise, removing a vector device will result in a crash: RIP:...
DEBIAN-CVE-2024-53183
In the Linux kernel, the following vulnerability has been resolved: um: net: Do not use drvdata in release The drvdata is not available in release. Let's just use containerof to get the umlnet instance. Otherwise, removing a network device will result in a crash: RIP:...
CVE-2024-53224 RDMA/mlx5: Move events notifier registration to be after device registration
In the Linux kernel, the following vulnerability has been resolved: RDMA/mlx5: Move events notifier registration to be after device registration Move pkey change work initialization and cleanup from device resources stage to notifier stage, since this is the stage which handles this work events...
CVE-2024-53224 RDMA/mlx5: Move events notifier registration to be after device registration
In the Linux kernel, the following vulnerability has been resolved: RDMA/mlx5: Move events notifier registration to be after device registration Move pkey change work initialization and cleanup from device resources stage to notifier stage, since this is the stage which handles this work events...
CVE-2024-53224 RDMA/mlx5: Move events notifier registration to be after device registration
In the Linux kernel, the following vulnerability has been resolved: RDMA/mlx5: Move events notifier registration to be after device registration Move pkey change work initialization and cleanup from device resources stage to notifier stage, since this is the stage which handles this work events...
CVE-2024-53189 wifi: nl80211: fix bounds checker error in nl80211_parse_sched_scan
In the Linux kernel, the following vulnerability has been resolved: wifi: nl80211: fix bounds checker error in nl80211parseschedscan The channels array in the cfg80211scanrequest has a countedby attribute attached to it, which points to the nchannels variable. This attribute is used in bounds...
CVE-2024-53184 um: ubd: Do not use drvdata in release
In the Linux kernel, the following vulnerability has been resolved: um: ubd: Do not use drvdata in release The drvdata is not available in release. Let's just use containerof to get the ubd instance. Otherwise, removing a ubd device will result in a crash: RIP: 0033:blkmqfreetagset+0x1f/0xba RSP:...
CVE-2024-53183 um: net: Do not use drvdata in release
In the Linux kernel, the following vulnerability has been resolved: um: net: Do not use drvdata in release The drvdata is not available in release. Let's just use containerof to get the umlnet instance. Otherwise, removing a network device will result in a crash: RIP:...
CVE-2024-53183 um: net: Do not use drvdata in release
In the Linux kernel, the following vulnerability has been resolved: um: net: Do not use drvdata in release The drvdata is not available in release. Let's just use containerof to get the umlnet instance. Otherwise, removing a network device will result in a crash: RIP:...
CVE-2024-53181
CVE-2024-53181 refers to a Linux kernel vulnerability where vector_device_release could crash due to using drvdata after release. The fix removes drvdata access in release and uses container_of() to obtain the vector_device instance, preventing a crash and kernel panic from a segfault. The issue ...
PT-2024-36865 · Linux · Linux Kernel
Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 6.12.0 Description: The issue is related to a too strict alignment check in the create cache function, which can cause a kernel panic on certain systems, such as m68k, where the minimum alignment of unsigned lon...
PT-2024-36926 · Linux +2 · Linux Kernel +2
Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 6.12.0-rc2-0.0.0-devel-00004-g8b1b79e88956 Description: A vulnerability in the Linux kernel has been resolved, related to the pmdomain: imx: gpcv2: Adjust delay after power up handshake. The udelay5 is not enoug...
The Qualcomm DSP Driver - Unexpectedly Excavating an Exploit
Posted by Seth Jenkins, Google Project Zero This blog post provides a technical analysis of exploit artifacts provided to us by Google's Threat Analysis Group TAG from Amnesty International. Amnesty’s report on these exploits is available here. Thanks to both Amnesty International and Google's...