1234 matches found
GSD-2023-1001064 i2c: mux: reg: check return value after calling platform_get_resource()
i2c: mux: reg: check return value after calling platformgetresource This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.15.86 by commit...
GSD-2023-1000865 drm/i915/gvt: fix gvt debugfs destroy
drm/i915/gvt: fix gvt debugfs destroy This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.15.87 by commit ae9a61511736cc71a99f01e8b7b90f6fb6128ed...
GSD-2023-1000702 IB/mad: Don't call to function that might sleep while in atomic context
IB/mad: Don't call to function that might sleep while in atomic context This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v6.0.16 by commit...
GSD-2023-1000643 power: supply: cw2015: Fix potential null-ptr-deref in cw_bat_probe()
power: supply: cw2015: Fix potential null-ptr-deref in cwbatprobe This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v6.0.16 by commit...
GSD-2023-1000600 acct: fix potential integer overflow in encode_comp_t()
acct: fix potential integer overflow in encodecompt This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v6.0.16 by commit...
GSD-2023-1000596 brcmfmac: return error when getting invalid max_flowrings from dongle
brcmfmac: return error when getting invalid maxflowrings from dongle This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v6.0.16 by commit...
GSD-2023-1000569 nvme-auth: don't override ctrl keys before validation
nvme-auth: don't override ctrl keys before validation This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v6.0.16 by commit...
GSD-2023-1000477 dm cache: Fix UAF in destroy()
dm cache: Fix UAF in destroy This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v6.0.18 by commit 6ac4f36910764cb510bafc4c3768544f86ca48ca, it was...
GSD-2023-1000317 net: hisilicon: Fix potential use-after-free in hisi_femac_rx()
net: hisilicon: Fix potential use-after-free in hisifemacrx This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v4.19.269 by commit...
GSD-2023-1000214 af_unix: Get user_ns from in_skb in unix_diag_get_exact().
afunix: Get userns from inskb in unixdiaggetexact. This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.10.159 by commit...
GSD-2023-1000208 net: hisilicon: Fix potential use-after-free in hisi_femac_rx()
net: hisilicon: Fix potential use-after-free in hisifemacrx This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.10.159 by commit...
GSD-2023-1000046 net: mana: Fix race on per-CQ variable napi work_done
net: mana: Fix race on per-CQ variable napi workdone This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v6.0.13 by commit...
PT-2023-34093 · Linux · Linux Kernel
Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v5.15.86 Description: The issue is related to the bpf component in the Linux Kernel, specifically when redirecting to a tunneling device. It ensures that skb-len is not equal to 0. The actual impact and attack...
PT-2023-33154 · Linux · Linux Kernel
Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v6.0.12 Description: The issue is related to the asus-ec-sensors component in the Linux Kernel, specifically with the devm kcalloc function. The actual impact and attack plausibility have not yet been proven...
PT-2023-33115 · Linux · Linux Kernel
Name of the Vulnerable Software and Affected Versions: Linux Kernel versions v5.12 through v6.0.12 Description: The issue concerns a NULL pointer dereference in the can rcv filter function. This problem was introduced in version v5.12 and is fixed in version v6.0.13. The actual impact and potenti...
PT-2023-33501 · Linux · Linux Kernel
Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v6.0.19 Description: The issue is related to the VF promisc mode not being updated when the mac table is full. This problem was introduced in version v5.14 and is fixed in Linux Kernel version v6.0.19. The actua...
PT-2023-33087 · Linux · Linux Kernel
Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v6.0.15 Description: The issue is related to the addition of a sentinel to the quirks table in the PCI mt7621 driver. It was introduced in version v5.5 and fixed in version v6.0.15. The actual impact and attack...
PT-2023-33350 · Linux · Linux Kernel
Name of the Vulnerable Software and Affected Versions: Linux Kernel versions 2.6.24 through 5.4.226 Description: The issue is related to a potential security problem in the xen-netfront component. It was introduced in version v2.6.24 and fixed in version v5.4.227. The actual impact and attack...
PT-2023-33860 · Linux · Linux Kernel
Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v6.0.16 Description: The issue is related to preventing signed BPG offsets from bleeding into adjacent bits in the drm/msm/dsi component. The actual impact and attack plausibility have not yet been proven...
PT-2023-33374 · Linux · Linux Kernel
Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v5.4.226 Description: The issue provides a little extra FRAME WARN leeway when KASAN is enabled. The actual impact and attack plausibility have not yet been proven. Recommendations: For Linux Kernel versions pri...