GSD-2022-1006194 loop: Check for overflow while configuring loop

loop: Check for overflow while configuring loop This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v4.14.292 by commit...

GSD-2022-1006127 tee: add overflow check in register_shm_helper()

tee: add overflow check in registershmhelper This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v4.19.256 by commit...

GSD-2022-1006034 drm/msm/mdp5: Fix global state lock backoff

drm/msm/mdp5: Fix global state lock backoff This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.4.211 by commit...

GSD-2022-1005961 um: add "noreboot" command line option for PANIC_TIMEOUT=-1 setups

um: add "noreboot" command line option for PANICTIMEOUT=-1 setups This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.4.211 by commit...

GSD-2022-1005802 can: j1939: j1939_session_destroy(): fix memory leak of skbs

can: j1939: j1939sessiondestroy: fix memory leak of skbs This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.10.138 by commit...

GSD-2022-1005727 net/af_packet: check len when min_header_len equals to 0

net/afpacket: check len when minheaderlen equals to 0 This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.10.141 by commit...

GSD-2022-1005608 mtd: parsers: ofpart: Fix refcount leak in bcm4908_partitions_fw_offset

mtd: parsers: ofpart: Fix refcount leak in bcm4908partitionsfwoffset This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.15.61 by commit...

PT-2022-34216 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v5.4.211 Description: The issue concerns a potential security problem with the ext4 file system, specifically related to handling corrupted directories. The actual impact and likelihood of an attack have not bee...

PT-2022-34175 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v5.10.137 Description: The issue is related to a warning in the isl29028 remove function. The actual impact and attack plausibility have not yet been proven. Recommendations: For Linux Kernel versions prior to...

PT-2022-33839 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v5.15.61 Description: The issue is related to a potential security vulnerability in the jbd2 module of the Linux Kernel. The problem arises when a journal is aborted, leading to an assertion failure. The actual...

PT-2022-33848 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v5.15.61 Description: A potential memory leak was identified in the qedr alloc mr function. The actual impact and attack plausibility have not yet been proven. Recommendations: For Linux Kernel versions prior to...

GSD-2022-1005055 ice: xsk: prohibit usage of non-balanced queue id

ice: xsk: prohibit usage of non-balanced queue id This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.19.6 by commit...

GSD-2022-1004978 Input: iforce - wake up after clearing IFORCE_XMIT_RUNNING flag

Input: iforce - wake up after clearing IFORCEXMITRUNNING flag This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.19.8 by commit...

GSD-2022-1004972 vt: Clear selection before changing the font

vt: Clear selection before changing the font This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.19.8 by commit...

GSD-2022-1004963 tty: n_gsm: avoid call of sleeping functions from atomic context

tty: ngsm: avoid call of sleeping functions from atomic context This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.19.8 by commit...

PT-2022-33368 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux Kernel versions 4.18 through 5.19.3 Description: The issue is related to preventing underflow when computing packet sizes in the drm/sun4i dsi component. The actual impact and attack plausibility have not yet been proven. Recommendation...

PT-2022-33342 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v5.19.4 Description: The issue is related to the ext4 file system, where a block range must be validated before use in the ext4 mb clear bb function. The actual impact and attack plausibility have not yet been...

PT-2022-33493 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v5.19.2 Description: The issue is related to the cdns3 gadget driver in the Linux Kernel. It involves the assignment of 'priv ep' in the cdns3 gadget ep dequeue and cdns3 gadget ep enable functions. The actual...

PT-2022-33639 · Linux · Kvm

Name of the Vulnerable Software and Affected Versions: KVM versions prior to v5.19.2 Description: The issue concerns the nVMX snapshot pre-VM-Enter BNDCFGS for the !nested run pending case. The actual impact and attack plausibility have not yet been proven. Recommendations: For versions prior to...

GSD-2022-1004926 xen/netfront: force data bouncing when backend is untrusted

xen/netfront: force data bouncing when backend is untrusted This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v4.9.322 by commit...