PT-2024-4008

Name of the Vulnerable Software and Affected Versions: Arm Mali GPU Kernel Driver versions r34p0 through r40p0 Valhall GPU Kernel Driver versions r34p0 through r40p0 Description: The issue is related to a Use-After-Free vulnerability in the Arm Mali GPU Kernel Driver, which can allow a local...

kernel: i2c: i801: Fix block process call transactions

In the Linux kernel, the following vulnerability has been resolved: i2c: i801: Fix block process call transactions According to the Intel datasheets, software must reset the block buffer index twice for block process call transactions: once before writing the outgoing data to the buffer, and once...

SUSE CVE-2024-36949

In the Linux kernel, the following vulnerability has been resolved: amd/amdkfd: sync all devices to wait all processes being evicted If there are more than one device doing reset in parallel, the first device will call kfdsuspendallprocesses to evict all processes on all devices, this call takes...

SUSE CVE-2024-36951

In the Linux kernel, the following vulnerability has been resolved: drm/amdkfd: range check cp bad op exception interrupts Due to a CP interrupt bug, bad packet garbage exception codes are raised. Do a range check so that the debugger and runtime do not receive garbage codes. Update the user api ...

DEBIAN-CVE-2024-36962

In the Linux kernel, the following vulnerability has been resolved: net: ks8851: Queue RX packets in IRQ handler instead of disabling BHs Currently the driver uses localbhdisable/localbhenable in its IRQ handler to avoid triggering netrxaction softirq on exit from netifrx. The netrxaction could...

SUSE CVE-2021-47551

In the Linux kernel, the following vulnerability has been resolved: drm/amd/amdkfd: Fix kernel panic when reset failed and been triggered again In SRIOV configuration, the reset may failed to bring asic back to normal but stop cpsch already been called, the startcpsch will not be called since the...

CVE-2021-47272

In the Linux kernel, the following vulnerability has been resolved: usb: dwc3: gadget: Bail from dwc3gadgetexit if dwc-gadget is NULL There exists a possible scenario in which dwc3gadgetinit can fail: during during host - peripheral mode switch in dwc3setmode, and a pending gadget driver fails to...

kernel: net/mlx5e: fix memory leak in mlx5e_ptp_open

A flaw was found in the Linux kernel net/mlx5e Ethernet driver’s mlx5eptpopen function. When memory allocation via kvzallocnode or kvzalloc fails, previously allocated resources c or cparams were not properly freed, leading to a memory leak in the error path. An unprivileged local user interactin...

kernel: cxgb4: use-after-free in ch_flower_stats_cb()

A use-after-free vulnerability was found in the cxgb4 driver in the Linux kernel. The bug occurs when the cxgb4 device is detaching due to a possible rearming of the flowerstatstimer from the work queue. This flaw allows a local user to crash the system, causing a denial of service condition...

CVE-2021-47272

In the Linux kernel, the following vulnerability has been resolved: usb: dwc3: gadget: Bail from dwc3gadgetexit if dwc-gadget is NULL There exists a possible scenario in which dwc3gadgetinit can fail: during during host - peripheral mode switch in dwc3setmode, and a pending gadget driver fails to...

CVE-2021-47272

In the Linux kernel, the following vulnerability has been resolved: usb: dwc3: gadget: Bail from dwc3gadgetexit if dwc-gadget is NULL There exists a possible scenario in which dwc3gadgetinit can fail: during during host - peripheral mode switch in dwc3setmode, and a pending gadget driver fails to...

UBUNTU-CVE-2021-47231

In the Linux kernel, the following vulnerability has been resolved: can: mcbausb: fix memory leak in mcbausb Syzbot reported memory leak in SocketCAN driver for Microchip CAN BUS Analyzer Tool. The problem was in unfreed usbcoherent. In mcbausbstart 20 coherent buffers are allocated and there is...

The vulnerability of the qla2x00_els_dcmd_sp_free() function in the drivers/scsi/qla2xxx/qla_iocb.c module of the QLogic QLA2XXX Linux operating system kernel allows a attacker to cause a service failure or exert other effects.

The vulnerability of the qla2x00elsdcmdspfree function in the drivers/scsi/qla2xxx/qlaiocb.c module of the QLogic QLA2XXX Linux kernel driver is related to the re-release of previously released memory. Exploiting this vulnerability could allow an attacker to cause a service failure or have other...

The vulnerability of the dm_sw_fini() function in the drivers/gpu/drm/amd/display/amdgpu_dm/amdgpu_dm.c file of the amdgpu kernel driver for the Linux operating system, which allows a hacker to disclose protected information.

The vulnerability of the dmswfini function in the drivers/gpu/drm/amd/display/amdgpudm/amdgpudm.c file of the amdgpu kernel in the Linux operating system is related to a memory leak. Exploiting this vulnerability could allow an attacker to disclose sensitive information that is protected by...

The vulnerability of the Linux operating system’s Intel Hardware Feedback Interface driver allows attackers to compromise the integrity and accessibility of protected information.

The vulnerability of the Intel Hardware Feedback Interface driver in the drivers/thermal/intel/intelhfi.c file of the Linux kernel is related to the improper use of a reserved buffer after resuming from sleep mode. Exploiting this vulnerability could allow an attacker to compromise the integrity...

The vulnerability of the wilc_netdev_cleanup() function in the drivers/net/wireless/microchip/wilc1000/netdev.c driver of the Atmel WILC1000 Linux operating system allows a hacker to cause a service failure.

The vulnerability of the wilcnetdevcleanup function in the drivers/net/wireless/microchip/wilc1000/netdev.c file of the Atmel WILC1000 Linux kernel driver is related to the reutilization of previously freed memory. Exploiting this vulnerability could allow an attacker to cause a service failure...

The vulnerability of the qla2x00_mem_alloc() function in the drivers/scsi/qla2xxx/qla_os.c module of the QLogic QLA2XXX kernel driver for the Linux operating system allows a hacker to cause service failure or exert other adverse effects.

The vulnerability of the qla2x00memalloc function in the drivers/scsi/qla2xxx/qlaos.c file of the QLogic QLA2XXX kernel in the Linux operating system is related to the reallocation of previously released memory. Exploiting this vulnerability could allow an attacker to cause a service failure or...

PT-2024-22931 · Bluerisc · Bluerisc Windowsscope Cyber Forensics

Name of the Vulnerable Software and Affected Versions: BlueRiSC WindowsSCOPE Cyber Forensics versions prior to 3.3 Description: The issue is related to an improper DACL being applied to the device created by the briscKernelDriver.sys driver, allowing a local attacker to execute arbitrary code...

CVE-2023-6363

Use After Free vulnerability in Arm Ltd Valhall GPU Kernel Driver, Arm Ltd Arm 5th Gen GPU Architecture Kernel Driver allows a local non-privileged user to make improper GPU memory processing operations. If the system’s memory is carefully prepared by the user, then this in turn could give them...

CVE-2024-1395

Use After Free vulnerability in Arm Ltd Arm 5th Gen GPU Architecture Kernel Driver allows a local non-privileged user to make improper GPU memory processing operations. If the system’s memory is carefully prepared by the user, then this in turn could give them access to already freed memory. This...