1233 matches found
GSD-2023-1000865 drm/i915/gvt: fix gvt debugfs destroy
drm/i915/gvt: fix gvt debugfs destroy This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.15.87 by commit ae9a61511736cc71a99f01e8b7b90f6fb6128ed...
GSD-2023-1000702 IB/mad: Don't call to function that might sleep while in atomic context
IB/mad: Don't call to function that might sleep while in atomic context This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v6.0.16 by commit...
GSD-2023-1000643 power: supply: cw2015: Fix potential null-ptr-deref in cw_bat_probe()
power: supply: cw2015: Fix potential null-ptr-deref in cwbatprobe This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v6.0.16 by commit...
GSD-2023-1000600 acct: fix potential integer overflow in encode_comp_t()
acct: fix potential integer overflow in encodecompt This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v6.0.16 by commit...
GSD-2023-1000596 brcmfmac: return error when getting invalid max_flowrings from dongle
brcmfmac: return error when getting invalid maxflowrings from dongle This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v6.0.16 by commit...
GSD-2023-1000569 nvme-auth: don't override ctrl keys before validation
nvme-auth: don't override ctrl keys before validation This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v6.0.16 by commit...
GSD-2023-1000477 dm cache: Fix UAF in destroy()
dm cache: Fix UAF in destroy This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v6.0.18 by commit 6ac4f36910764cb510bafc4c3768544f86ca48ca, it was...
GSD-2023-1000317 net: hisilicon: Fix potential use-after-free in hisi_femac_rx()
net: hisilicon: Fix potential use-after-free in hisifemacrx This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v4.19.269 by commit...
GSD-2023-1000214 af_unix: Get user_ns from in_skb in unix_diag_get_exact().
afunix: Get userns from inskb in unixdiaggetexact. This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.10.159 by commit...
GSD-2023-1000208 net: hisilicon: Fix potential use-after-free in hisi_femac_rx()
net: hisilicon: Fix potential use-after-free in hisifemacrx This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.10.159 by commit...
GSD-2023-1000046 net: mana: Fix race on per-CQ variable napi work_done
net: mana: Fix race on per-CQ variable napi workdone This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v6.0.13 by commit...
PT-2023-33938 · Linux · Linux Kernel
Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v5.15.87 Description: The issue is related to a crash caused by a flush request when blktrace is enabled, potentially affecting the nvme module. The actual impact and attack plausibility have not yet been proven...
PT-2023-34093 · Linux · Linux Kernel
Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v5.15.86 Description: The issue is related to the bpf component in the Linux Kernel, specifically when redirecting to a tunneling device. It ensures that skb-len is not equal to 0. The actual impact and attack...
PT-2023-33860 · Linux · Linux Kernel
Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v6.0.16 Description: The issue is related to preventing signed BPG offsets from bleeding into adjacent bits in the drm/msm/dsi component. The actual impact and attack plausibility have not yet been proven...
PT-2023-33154 · Linux · Linux Kernel
Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v6.0.12 Description: The issue is related to the asus-ec-sensors component in the Linux Kernel, specifically with the devm kcalloc function. The actual impact and attack plausibility have not yet been proven...
PT-2023-33350 · Linux · Linux Kernel
Name of the Vulnerable Software and Affected Versions: Linux Kernel versions 2.6.24 through 5.4.226 Description: The issue is related to a potential security problem in the xen-netfront component. It was introduced in version v2.6.24 and fixed in version v5.4.227. The actual impact and attack...
PT-2023-33501 · Linux · Linux Kernel
Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v6.0.19 Description: The issue is related to the VF promisc mode not being updated when the mac table is full. This problem was introduced in version v5.14 and is fixed in Linux Kernel version v6.0.19. The actua...
PT-2023-33374 · Linux · Linux Kernel
Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v5.4.226 Description: The issue provides a little extra FRAME WARN leeway when KASAN is enabled. The actual impact and attack plausibility have not yet been proven. Recommendations: For Linux Kernel versions pri...
PT-2023-34393 · Libbpf · Libbpf
Name of the Vulnerable Software and Affected Versions: libbpf versions prior to v5.10.163 Description: The issue concerns enum forward-declarations in the public API when libbpf is used in C++ mode. It has been fixed in Linux Kernel version v5.10.163. Recommendations: For versions prior to...
PT-2023-33566 · Linux · Linux Kernel
Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v6.0.18 Description: The issue is related to the initialization process in the cpufreq component, where the completion of initialization occurs before the kobject init and add function is called. This problem wa...