CVE-2023-54305 ext4: refuse to create ea block when umounted

In the Linux kernel, the following vulnerability has been resolved: ext4: refuse to create ea block when umounted The ea block expansion need to access sroot while it is already set as NULL when umount is triggered. Refuse this request to avoid panic...

CVE-2023-54287 tty: serial: imx: disable Ageing Timer interrupt request irq

In the Linux kernel, the following vulnerability has been resolved: tty: serial: imx: disable Ageing Timer interrupt request irq There maybe pending USR interrupt before requesting irq, however uartaddoneport has not executed, so there will be kernel panic: 0.795668 Unable to handle kernel NULL...

CVE-2023-54256

...

CVE-2023-54255

CVE-2023-54255 affects the Linux kernel with SH3/SH4/SH4A DMAC implementations. The vulnerability arises from incorrect DMA channel offset calculations when multiple DMA channels are distributed across up to two DMAC modules, which can trigger kernel panics. The described fix rewrites dma_base_ad...

CVE-2023-54253 btrfs: set page extent mapped after read_folio in relocate_one_page

In the Linux kernel, the following vulnerability has been resolved: btrfs: set page extent mapped after readfolio in relocateonepage One of the CI runs triggered the following panic assertion failed: PagePrivatepage && page-private, in fs/btrfs/subpage.c:229 ------------ cut here ------------...

CVE-2022-50786

In the Linux kernel, the following vulnerability has been resolved: media: s5p-mfc: Clear workbit to handle error condition During error on CLOSEINSTANCE command, ctxworkbits was not getting cleared. During consequent mfc execution NULL pointer dereferencing of this context led to kernel panic...

CVE-2022-50870 powerpc/rtas: avoid device tree lookups in rtas_os_term()

In the Linux kernel, the following vulnerability has been resolved: powerpc/rtas: avoid device tree lookups in rtasosterm rtasosterm is called during panic. Its behavior depends on a couple of conditions in the /rtas node of the device tree, the traversal of which entails locking and local IRQ...

CVE-2022-50870 powerpc/rtas: avoid device tree lookups in rtas_os_term()

In the Linux kernel, the following vulnerability has been resolved: powerpc/rtas: avoid device tree lookups in rtasosterm rtasosterm is called during panic. Its behavior depends on a couple of conditions in the /rtas node of the device tree, the traversal of which entails locking and local IRQ...

CVE-2022-50870

CVE-2022-50870: In the Linux kernel (powerpc RTAS), rtas_os_term() could hang during panic due to risky device-tree traversal when devtree_lock is held. The fix caches relevant RTAS/DT characteristics at boot and changes the ibm,extended-os-term lookup to a boolean property via of_property_read_b...

CVE-2022-50864 nilfs2: fix shift-out-of-bounds due to too large exponent of block size

In the Linux kernel, the following vulnerability has been resolved: nilfs2: fix shift-out-of-bounds due to too large exponent of block size If field slogblocksize of superblock data is corrupted and too large, initnilfs and loadnilfs still can trigger a shift-out-of-bounds warning followed by a...

CVE-2022-50864 nilfs2: fix shift-out-of-bounds due to too large exponent of block size

In the Linux kernel, the following vulnerability has been resolved: nilfs2: fix shift-out-of-bounds due to too large exponent of block size If field slogblocksize of superblock data is corrupted and too large, initnilfs and loadnilfs still can trigger a shift-out-of-bounds warning followed by a...

CVE-2022-50864

CVE-2022-50864 affects the Linux kernel nilfs2 where a corrupted s_log_block_size in the superblock could trigger a shift-out-of-bounds warning and kernel panic during init_nilfs() or load_nilfs(), due to a too-large exponent for a 32-bit int (exponent 38973). The issue has been resolved by addin...

UBUNTU-CVE-2022-50786

In the Linux kernel, the following vulnerability has been resolved: media: s5p-mfc: Clear workbit to handle error condition During error on CLOSEINSTANCE command, ctxworkbits was not getting cleared. During consequent mfc execution NULL pointer dereferencing of this context led to kernel panic...

CVE-2022-50786

In the Linux kernel, the following vulnerability has been resolved: media: s5p-mfc: Clear workbit to handle error condition During error on CLOSEINSTANCE command, ctxworkbits was not getting cleared. During consequent mfc execution NULL pointer dereferencing of this context led to kernel panic...

CVE-2023-54237

CVE-2023-54237 affects the Linux kernel net/smc component. The root cause described across connected documents is that smc_llc_srv_add_link() could be invoked without proper protection, potentially allowing a second link to be added to a link group and thereby breaking the security environment pr...

CVE-2023-54237 net/smc: fix potential panic dues to unprotected smc_llc_srv_add_link()

In the Linux kernel, the following vulnerability has been resolved: net/smc: fix potential panic dues to unprotected smcllcsrvaddlink There is a certain chance to trigger the following panic: PID: 5900 TASK: ffff88c1c8af4100 CPU: 1 COMMAND: "kworker/1:48" 0 ffff9456c1cc79a0 machinekexec at...

CVE-2023-54237

In the Linux kernel, the following vulnerability has been resolved: net/smc: fix potential panic dues to unprotected smcllcsrvaddlink There is a certain chance to trigger the following panic: PID: 5900 TASK: ffff88c1c8af4100 CPU: 1 COMMAND: "kworker/1:48" 0 ffff9456c1cc79a0 machinekexec at...

CVE-2023-54199

CVE-2023-54199 affects Linux kernel DRM/Adreno code. The issue is a null pointer dereference in adreno_gpu_cleanup() during driver bind/init (a6xx_gpu_init/adreno_bind path), leading to kernel Oops and a kernel panic. Public advisories confirm a fix has been applied in the kernel stack (adreno_gp...

CVE-2023-54199 drm/msm/adreno: Fix null ptr access in adreno_gpu_cleanup()

In the Linux kernel, the following vulnerability has been resolved: drm/msm/adreno: Fix null ptr access in adrenogpucleanup Fix the below kernel panic due to null pointer access: 18.504431 Unable to handle kernel NULL pointer dereference at virtual address 0000000000000048 18.513464 Mem abort inf...

CVE-2023-54199 drm/msm/adreno: Fix null ptr access in adreno_gpu_cleanup()

In the Linux kernel, the following vulnerability has been resolved: drm/msm/adreno: Fix null ptr access in adrenogpucleanup Fix the below kernel panic due to null pointer access: 18.504431 Unable to handle kernel NULL pointer dereference at virtual address 0000000000000048 18.513464 Mem abort inf...