CVE-2024-36968

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: L2CAP: Fix div-by-zero in l2capleflowctlinit l2capleflowctlinit can cause both div-by-zero and an integer overflow since hdev-lemtu may not fall in the valid range. Move MTU from hcidev to hciconn to validate MTU and...

CVE-2024-36968 Bluetooth: L2CAP: Fix div-by-zero in l2cap_le_flowctl_init()

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: L2CAP: Fix div-by-zero in l2capleflowctlinit l2capleflowctlinit can cause both div-by-zero and an integer overflow since hdev-lemtu may not fall in the valid range. Move MTU from hcidev to hciconn to validate MTU and...

CVE-2024-36968

CVE-2024-36968 (Linux kernel) : A Bluetooth L2CAP issue in the kernel could cause div-by-zero and integer overflow due to hdev->le_mtu potentially being out of range. The fix moves MTU validation from hci_dev to hci_conn, halting connection setup when MTU is invalid, and adds validation in rea...

SUSE CVE-2024-36014

In the Linux kernel, the following vulnerability has been resolved: drm/arm/malidp: fix a possible null pointer dereference In malidpmwconnectorreset, new memory is allocated with kzalloc, but no check is performed. In order to prevent null pointer dereferencing, ensure that mwstate is checked...

UBUNTU-CVE-2024-36014

In the Linux kernel, the following vulnerability has been resolved: drm/arm/malidp: fix a possible null pointer dereference In malidpmwconnectorreset, new memory is allocated with kzalloc, but no check is performed. In order to prevent null pointer dereferencing, ensure that mwstate is checked...

DEBIAN-CVE-2021-47451

In the Linux kernel, the following vulnerability has been resolved: netfilter: xtIDLETIMER: fix panic that occurs when timertype has garbage value Currently, when the rule related to IDLETIMER is added, idletimertg timer structure is initialized by kmalloc on executing idletimertgcreate function...

CVE-2021-47451

CVE-2021-47451 relates to a Linux kernel netfilter xt_IDLETIMER panic caused by idletimer_tg.timer_type containing garbage values when a rule is added. The fixed version initializes timer_type with kzalloc instead of kmalloc to prevent the NULL/D garbage read that leads to a kernel panic. Public ...

CVE-2021-47250

In the Linux kernel, the following vulnerability has been resolved: net: ipv4: fix memory leak in netlblcipsov4addstd Reported by syzkaller: BUG: memory leak unreferenced object 0xffff888105df7000 size 64: comm "syz-executor842", pid 360, jiffies 4294824824 age 22.546s hex dump first 32 bytes: 00...

CVE-2021-47250

In the Linux kernel, the following vulnerability has been resolved: net: ipv4: fix memory leak in netlblcipsov4addstd Reported by syzkaller: BUG: memory leak unreferenced object 0xffff888105df7000 size 64: comm "syz-executor842", pid 360, jiffies 4294824824 age 22.546s hex dump first 32 bytes: 00...

SUSE CVE-2024-35886

In the Linux kernel, the following vulnerability has been resolved: ipv6: Fix infinite recursion in fib6dumpdone. syzkaller reported infinite recursive calls of fib6dumpdone during netlink socket destruction. 1 From the log, syzkaller sent an AFUNSPEC RTMGETROUTE message, and then the response wa...

SUSE CVE-2024-35972

In the Linux kernel, the following vulnerability has been resolved: bnxten: Fix possible memory leak in bnxtrdmaauxdeviceinit If ulp = kzalloc fails, the allocated edev will leak because it is not properly assigned and the cleanup path will not be able to free it. Fix it by assigning it properly...

AZL-42204 CVE-2024-35972 affecting package kernel for versions less than 5.15.158.1-1

In the Linux kernel, the following vulnerability has been resolved: bnxten: Fix possible memory leak in bnxtrdmaauxdeviceinit If ulp = kzalloc fails, the allocated edev will leak because it is not properly assigned and the cleanup path will not be able to free it. Fix it by assigning it properly...

UBUNTU-CVE-2024-35972

In the Linux kernel, the following vulnerability has been resolved: bnxten: Fix possible memory leak in bnxtrdmaauxdeviceinit If ulp = kzalloc fails, the allocated edev will leak because it is not properly assigned and the cleanup path will not be able to free it. Fix it by assigning it properly...

DEBIAN-CVE-2024-35886

In the Linux kernel, the following vulnerability has been resolved: ipv6: Fix infinite recursion in fib6dumpdone. syzkaller reported infinite recursive calls of fib6dumpdone during netlink socket destruction. 1 From the log, syzkaller sent an AFUNSPEC RTMGETROUTE message, and then the response wa...

UBUNTU-CVE-2024-35886

In the Linux kernel, the following vulnerability has been resolved: ipv6: Fix infinite recursion in fib6dumpdone. syzkaller reported infinite recursive calls of fib6dumpdone during netlink socket destruction. 1 From the log, syzkaller sent an AFUNSPEC RTMGETROUTE message, and then the response wa...

DEBIAN-CVE-2024-27048

In the Linux kernel, the following vulnerability has been resolved: wifi: brcm80211: handle pmkop allocation failure The kzalloc in brcmfpmksav3op will return null if the physical memory has run out. As a result, if we dereference the null value, the null pointer dereference bug will happen. Retu...

CVE-2024-27048

In the Linux kernel, the following vulnerability has been resolved: wifi: brcm80211: handle pmkop allocation failure The kzalloc in brcmfpmksav3op will return null if the physical memory has run out. As a result, if we dereference the null value, the null pointer dereference bug will happen. Retu...

CVE-2024-27048

In the Linux kernel, the following vulnerability has been resolved: wifi: brcm80211: handle pmkop allocation failure The kzalloc in brcmfpmksav3op will return null if the physical memory has run out. As a result, if we dereference the null value, the null pointer dereference bug will happen. Retu...

UBUNTU-CVE-2024-26964

In the Linux kernel, the following vulnerability has been resolved: usb: xhci: Add error handling in xhcimapurbfordma Currently xhcimapurbfordma creates a temporary buffer and copies the SG list to the new linear buffer. But if the kzallocnode fails, then the following sgpcopytobuffer can lead to...

PT-2024-29757

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A vulnerability in the Linux kernel has been resolved by adding a NULL pointer check for kzalloc in the drm/amd/display module. The issue was addressed by checking the return pointer of...