192 matches found
GSD-2023-1001917 bnxt: Do not read past the end of test names
bnxt: Do not read past the end of test names This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v6.1.9 by commit...
GSD-2023-1001906 drm/drm_vma_manager: Add drm_vma_node_allow_once()
drm/drmvmamanager: Add drmvmanodeallowonce This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v6.1.9 by commit...
GSD-2023-1001739 tty: serial: qcom-geni-serial: fix slab-out-of-bounds on RX FIFO buffer
tty: serial: qcom-geni-serial: fix slab-out-of-bounds on RX FIFO buffer This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.15.90 by commit...
GSD-2023-1001730 io_uring/poll: add hash if ready poll request can't complete inline
iouring/poll: add hash if ready poll request can't complete inline This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v6.1.7 by commit...
GSD-2023-1001700 net/mlx5: Fix command stats access after free
net/mlx5: Fix command stats access after free This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v6.1.7 by commit...
PT-2023-34751 · Linux · Linux Kernel
Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v6.1.8 Description: The issue concerns the handling of PTE markers in the hugetlb change protection function. It was introduced in version v5.19 and fixed in version v6.1.8. The actual impact and attack...
PT-2023-34853 · Linux · Linux Kernel
Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v5.10.165 Description: A use-after-free race condition issue exists in the fastrpc component for maps. The actual impact and attack plausibility have not yet been proven. This issue was introduced in version v5....
GSD-2023-1001191 platform/x86: mxm-wmi: fix memleak in mxm_wmi_call_mx[ds|mx]()
platform/x86: mxm-wmi: fix memleak in mxmwmicallmxds|mx This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.15.86 by commit...
GSD-2023-1001064 i2c: mux: reg: check return value after calling platform_get_resource()
i2c: mux: reg: check return value after calling platformgetresource This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.15.86 by commit...
GSD-2023-1000865 drm/i915/gvt: fix gvt debugfs destroy
drm/i915/gvt: fix gvt debugfs destroy This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.15.87 by commit ae9a61511736cc71a99f01e8b7b90f6fb6128ed...
GSD-2023-1000702 IB/mad: Don't call to function that might sleep while in atomic context
IB/mad: Don't call to function that might sleep while in atomic context This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v6.0.16 by commit...
GSD-2023-1000643 power: supply: cw2015: Fix potential null-ptr-deref in cw_bat_probe()
power: supply: cw2015: Fix potential null-ptr-deref in cwbatprobe This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v6.0.16 by commit...
GSD-2023-1000600 acct: fix potential integer overflow in encode_comp_t()
acct: fix potential integer overflow in encodecompt This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v6.0.16 by commit...
GSD-2023-1000596 brcmfmac: return error when getting invalid max_flowrings from dongle
brcmfmac: return error when getting invalid maxflowrings from dongle This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v6.0.16 by commit...
GSD-2023-1000569 nvme-auth: don't override ctrl keys before validation
nvme-auth: don't override ctrl keys before validation This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v6.0.16 by commit...
GSD-2023-1000477 dm cache: Fix UAF in destroy()
dm cache: Fix UAF in destroy This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v6.0.18 by commit 6ac4f36910764cb510bafc4c3768544f86ca48ca, it was...
GSD-2023-1000317 net: hisilicon: Fix potential use-after-free in hisi_femac_rx()
net: hisilicon: Fix potential use-after-free in hisifemacrx This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v4.19.269 by commit...
GSD-2023-1000214 af_unix: Get user_ns from in_skb in unix_diag_get_exact().
afunix: Get userns from inskb in unixdiaggetexact. This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.10.159 by commit...
GSD-2023-1000046 net: mana: Fix race on per-CQ variable napi work_done
net: mana: Fix race on per-CQ variable napi workdone This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v6.0.13 by commit...
PT-2023-33115 · Linux · Linux Kernel
Name of the Vulnerable Software and Affected Versions: Linux Kernel versions v5.12 through v6.0.12 Description: The issue concerns a NULL pointer dereference in the can rcv filter function. This problem was introduced in version v5.12 and is fixed in version v6.0.13. The actual impact and potenti...