CVE-2024-53128

In the Linux kernel, the following vulnerability has been resolved: sched/taskstack: fix objectisonstack for KASAN tagged pointers When CONFIGKASANSWTAGS and CONFIGKASANSTACK are enabled, the objectisonstack function may produce incorrect results due to the presence of tags in the obj pointer,...

DEBIAN-CVE-2024-53128

In the Linux kernel, the following vulnerability has been resolved: sched/taskstack: fix objectisonstack for KASAN tagged pointers When CONFIGKASANSWTAGS and CONFIGKASANSTACK are enabled, the objectisonstack function may produce incorrect results due to the presence of tags in the obj pointer,...

UBUNTU-CVE-2024-53128

In the Linux kernel, the following vulnerability has been resolved: sched/taskstack: fix objectisonstack for KASAN tagged pointers When CONFIGKASANSWTAGS and CONFIGKASANSTACK are enabled, the objectisonstack function may produce incorrect results due to the presence of tags in the obj pointer,...

CVE-2024-53133 drm/amd/display: Handle dml allocation failure to avoid crash

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Handle dml allocation failure to avoid crash Why In the case where a dml allocation fails for any reason, the current state's dml contexts would no longer be valid. Then subsequent calls dcstatecopyinternal would...

CVE-2024-53128 sched/task_stack: fix object_is_on_stack() for KASAN tagged pointers

In the Linux kernel, the following vulnerability has been resolved: sched/taskstack: fix objectisonstack for KASAN tagged pointers When CONFIGKASANSWTAGS and CONFIGKASANSTACK are enabled, the objectisonstack function may produce incorrect results due to the presence of tags in the obj pointer,...

CVE-2024-53128

The CVE-2024-53128 issue is in the Linux kernel’s sched/task_stack path: when CONFIG_KASAN_SW_TAGS and CONFIG_KASAN_STACK are enabled, object_is_on_stack() may yield incorrect results because tagged pointers in the object could differ from the untagged stack pointer. The result can trigger warnin...

kernel: scsi: ses: Fix slab-out-of-bounds in ses_enclosure_data_process()

An out-of-bounds read vulnerability was found in the SCSI Enclosure Services SES driver in the Linux kernel. The sesenclosuredataprocess function lacks proper bounds checking when processing additional descriptor pointers, allowing reads beyond allocated slab memory when handling malformed...

PT-2024-40952 · Pprof · Pprof

Name of the Vulnerable Software and Affected Versions: pprof versions prior to 0.14.0 Description: The issue arises from the unsafe usage of the std::slice::from raw parts API, specifically in the TempFdArrayIterator.next function and when validating addresses with type c void. This can lead to t...

PT-2024-25081 · Qualcomm · Qualcomm Snapdragon Auto To Xr2 5G Platform

Name of the Vulnerable Software and Affected Versions: Qualcomm Snapdragon Auto to XR2 5G Platform affected versions not specified Description: The issue involves memory corruption when analyzing sensor packets in the camera driver. A user-space variable is used while allocating memory in the...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from the fact that tlsgetctx may return invalid pointers...

SUSE CVE-2024-53078

In the Linux kernel, the following vulnerability has been resolved: drm/tegra: Fix NULL vs ISERR check in probe The iommupagingdomainalloc function doesn't return NULL pointers, it returns error pointers. Update the check to match...

UBUNTU-CVE-2024-53078

In the Linux kernel, the following vulnerability has been resolved: drm/tegra: Fix NULL vs ISERR check in probe The iommupagingdomainalloc function doesn't return NULL pointers, it returns error pointers. Update the check to match...

CVE-2024-53078 drm/tegra: Fix NULL vs IS_ERR() check in probe()

In the Linux kernel, the following vulnerability has been resolved: drm/tegra: Fix NULL vs ISERR check in probe The iommupagingdomainalloc function doesn't return NULL pointers, it returns error pointers. Update the check to match...

CVE-2024-53078 drm/tegra: Fix NULL vs IS_ERR() check in probe()

In the Linux kernel, the following vulnerability has been resolved: drm/tegra: Fix NULL vs ISERR check in probe The iommupagingdomainalloc function doesn't return NULL pointers, it returns error pointers. Update the check to match...

CVE-2024-50293

Technical details about CVE-2024-50293 (net/smc dangling sk in __smc_create) are not publicly provided in the supplied documents. Monitor for updates from official advisories.

Cesanta Mongoose Web Server 安全漏洞

Cesanta Mongoose Web Server is a cross-platform embedded server and web library written in C from Cesanta Ireland. A security vulnerability exists in Cesanta Mongoose Web Server version v7.14, which stems from the presence of out-of-range pointer offsets that allow an attacker to send unexpected...

Cesanta Mongoose Web Server 安全漏洞

Cesanta Mongoose Web Server is a cross-platform embedded server and web library written in C from Cesanta Ireland. A security vulnerability exists in Cesanta Mongoose Web Server version v7.14, which stems from the presence of out-of-range pointer offsets, allowing an attacker to send unexpected T...

Security update for the Linux Kernel

The SUSE Linux Enterprise 15 SP6 RT kernel was updated to receive various security bugfixes. The following security bugs were fixed: CVE-2024-36244: net/sched: taprio: extend minimum interval restriction to entire cycle too bsc1226797. CVE-2024-41031: mm/filemap: skip to create PMD-sized page cac...

drm/msm/adreno: Assign msm_gpu->pdev earlier to avoid nullptrs

...

AMD NPU driver 安全漏洞

AMD NPU driver is a driver for an NPU module from UltraMicroelectronics AMD. A security vulnerability exists in AMD NPU driver that stems from incorrect input validation. An attacker exploiting the vulnerability could provide specially crafted pointers that could lead to arbitrary code execution...