CVE-2022-50849

In the Linux kernel, the following vulnerability has been resolved: pstore: Avoid kcore oops by vmaping with VMIOREMAP An oops can be induced by running 'cat /proc/kcore /dev/null' on devices using pstore with the ram backend because kmapatomic assumes lowmem pages are accessible with va. Unable ...

UBUNTU-CVE-2022-50849

In the Linux kernel, the following vulnerability has been resolved: pstore: Avoid kcore oops by vmaping with VMIOREMAP An oops can be induced by running 'cat /proc/kcore /dev/null' on devices using pstore with the ram backend because kmapatomic assumes lowmem pages are accessible with va. Unable ...

CVE-2023-54326 misc: pci_endpoint_test: Free IRQs before removing the device

In the Linux kernel, the following vulnerability has been resolved: misc: pciendpointtest: Free IRQs before removing the device In pciendpointtestremove, freeing the IRQs after removing the device creates a small race window for IRQs to be received with the test device memory already released,...

CVE-2023-54308

The CVE-2023-54308 issue affects the Linux kernel ALSA ymfpci: the removal of snd_card_ymfpci_remove() and the missing replacement of snd_card_new() with snd_devm_card_new() can leave resource cleanup incomplete when unloading the module, risking a kernel Oops due to a null page fault. Public rec...

CVE-2023-54308 ALSA: ymfpci: Create card with device-managed snd_devm_card_new()

In the Linux kernel, the following vulnerability has been resolved: ALSA: ymfpci: Create card with device-managed snddevmcardnew sndcardymfpciremove was removed in commit c6e6bb5eab74 "ALSA: ymfpci: Allocate resources with device-managed APIs", but the call to sndcardnew was not replaced with...

CVE-2023-54298 thermal: intel: quark_dts: fix error pointer dereference

In the Linux kernel, the following vulnerability has been resolved: thermal: intel: quarkdts: fix error pointer dereference If allocsocdts fails, then we can just return. Trying to free "socdts" will lead to an Oops...

CVE-2022-50879 objtool: Fix SEGFAULT

In the Linux kernel, the following vulnerability has been resolved: objtool: Fix SEGFAULT findinsn will return NULL in case of failure. Check insn in order to avoid a kernel Oops for NULL pointer dereference...

CVE-2022-50879 objtool: Fix SEGFAULT

In the Linux kernel, the following vulnerability has been resolved: objtool: Fix SEGFAULT findinsn will return NULL in case of failure. Check insn in order to avoid a kernel Oops for NULL pointer dereference...

CVE-2023-54263 drm/nouveau/kms/nv50-: init hpd_irq_lock for PIOR DP

In the Linux kernel, the following vulnerability has been resolved: drm/nouveau/kms/nv50-: init hpdirqlock for PIOR DP Fixes OOPS on boards with ANX9805 DP encoders...

CVE-2023-54258

In the Linux kernel, the following vulnerability has been resolved: cifs: fix potential oops in cifsoplockbreak With deferred close we can have closes that race with lease breaks, and so with the current checks for whether to send the lease response, oplockresponse, this can mean that an unmount...

CVE-2023-54258 cifs: fix potential oops in cifs_oplock_break

In the Linux kernel, the following vulnerability has been resolved: cifs: fix potential oops in cifsoplockbreak With deferred close we can have closes that race with lease breaks, and so with the current checks for whether to send the lease response, oplockresponse, this can mean that an unmount...

CVE-2023-54244 ACPI: EC: Fix oops when removing custom query handlers

In the Linux kernel, the following vulnerability has been resolved: ACPI: EC: Fix oops when removing custom query handlers When removing custom query handlers, the handler might still be used inside the EC query workqueue, causing a kernel oops if the module holding the callback function was...

CVE-2023-54244 ACPI: EC: Fix oops when removing custom query handlers

In the Linux kernel, the following vulnerability has been resolved: ACPI: EC: Fix oops when removing custom query handlers When removing custom query handlers, the handler might still be used inside the EC query workqueue, causing a kernel oops if the module holding the callback function was...

CVE-2023-54244

CVE-2023-54244 affects the Linux kernel ACPI EC subsystem. The issue occurs when removing custom ACPI query handlers, as the handler could still be used in the EC query workqueue after the module owning the callback was unloaded, leading to a kernel oops. The mitigation is to flush the EC query w...

CVE-2022-50849 pstore: Avoid kcore oops by vmap()ing with VM_IOREMAP

In the Linux kernel, the following vulnerability has been resolved: pstore: Avoid kcore oops by vmaping with VMIOREMAP An oops can be induced by running 'cat /proc/kcore /dev/null' on devices using pstore with the ram backend because kmapatomic assumes lowmem pages are accessible with va. Unable ...

CVE-2022-50849

In the Linux kernel, the following vulnerability has been resolved: pstore: Avoid kcore oops by vmaping with VMIOREMAP An oops can be induced by running 'cat /proc/kcore /dev/null' on devices using pstore with the ram backend because kmapatomic assumes lowmem pages are accessible with va. Unable ...

CVE-2022-50849

CVE-2022-50849: In the Linux kernel, pstore ram-backend backends can trigger an oops when reading /proc/kcore due to kmap_atomic() assuming lowmem pages are addressable via __va(). The bug arises when vmap() is used without mapping the ramoops lowmem pages; read_kcore and aligned_vread can pass a...

CVE-2023-54233 ASoC: SOF: avoid a NULL dereference with unsupported widgets

In the Linux kernel, the following vulnerability has been resolved: ASoC: SOF: avoid a NULL dereference with unsupported widgets If an IPC4 topology contains an unsupported widget, its .moduleinfo field won't be set, then sofipc4routesetup will cause a kernel Oops trying to dereference it. Add a...

CVE-2023-54220 serial: 8250: Fix oops for port->pm on uart_change_pm()

In the Linux kernel, the following vulnerability has been resolved: serial: 8250: Fix oops for port-pm on uartchangepm Unloading a hardware specific 8250 driver can produce error "Unable to handle kernel paging request at virtual address" about ten seconds after unloading the driver. This happens...

Linux Distros Unpatched Vulnerability : CVE-2023-54233

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ASoC: SOF: avoid a NULL dereference with unsupported widgets If an IPC4 topology contains an unsupported widget, its .moduleinfo field won't be set, then...