Certain HP Enterprise LaserJet MFP Products – Potential Buffer Overflow, Remote Code Execution

A potential security vulnerability has been identified for certain HP multifunction printers MFPs. The vulnerability may lead to Buffer Overflow and/or Remote Code Execution when running HP Workpath solutions on potentially affected products. Update the printer firmware...

GSD-2023-1002418 net/usb: kalmia: Don't pass act_len in usb_bulk_msg error path

net/usb: kalmia: Don't pass actlen in usbbulkmsg error path This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v4.14.306 by commit...

GSD-2023-1002279 tracing: Make sure trace_printk() can output as soon as it can be used

tracing: Make sure traceprintk can output as soon as it can be used This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v4.14.305 by commit...

GSD-2023-1002138 net/sched: sch_taprio: do not schedule in taprio_reset()

net/sched: schtaprio: do not schedule in taprioreset This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.10.166 by commit...

GSD-2023-1002136 perf/x86/amd: fix potential integer overflow on shift of a int

perf/x86/amd: fix potential integer overflow on shift of a int This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.10.166 by commit...

GSD-2023-1002052 perf/x86/amd: fix potential integer overflow on shift of a int

perf/x86/amd: fix potential integer overflow on shift of a int This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.15.91 by commit...

GSD-2023-1002029 mm/swapfile: add cond_resched() in get_swap_pages()

mm/swapfile: add condresched in getswappages This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.15.93 by commit...

GSD-2023-1001878 block: ublk: extending queue_size to fix overflow

block: ublk: extending queuesize to fix overflow This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v6.1.11 by commit...

GSD-2023-1001792 powerpc/imc-pmu: Fix use of mutex in IRQs disabled section

powerpc/imc-pmu: Fix use of mutex in IRQs disabled section This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.10.164 by commit...

GSD-2023-1001358 video: hyperv_fb: Avoid taking busy spinlock on panic path

video: hypervfb: Avoid taking busy spinlock on panic path This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.10.163 by commit...

GSD-2023-1001338 wifi: brcmfmac: Fix potential shift-out-of-bounds in brcmf_fw_alloc_request()

wifi: brcmfmac: Fix potential shift-out-of-bounds in brcmffwallocrequest This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.10.163 by commit...

GSD-2023-1001291 cpufreq: Init completion before kobject_init_and_add()

cpufreq: Init completion before kobjectinitandadd This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.10.163 by commit...

GSD-2023-1001226 arm64: mm: kfence: only handle translation faults

arm64: mm: kfence: only handle translation faults This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.15.86 by commit...

GSD-2023-1001008 s390/netiucv: Fix return type of netiucv_tx()

s390/netiucv: Fix return type of netiucvtx This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.15.86 by commit...

GSD-2023-1000992 ASoC: rt5670: Remove unbalanced pm_runtime_put()

ASoC: rt5670: Remove unbalanced pmruntimeput This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.15.86 by commit...

GSD-2023-1000935 dm thin: Use last transaction's pmd->root when commit failed

dm thin: Use last transaction's pmd-root when commit failed This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.15.87 by commit...

GSD-2023-1000792 media: i2c: ov5648: Free V4L2 fwnode data on unbind

media: i2c: ov5648: Free V4L2 fwnode data on unbind This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v6.0.16 by commit...

GSD-2023-1000725 mmc: omap_hsmmc: fix return value check of mmc_add_host()

mmc: omaphsmmc: fix return value check of mmcaddhost This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v6.0.16 by commit...

GSD-2023-1000678 class: fix possible memory leak in __class_register()

class: fix possible memory leak in classregister This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v6.0.16 by commit...

GSD-2023-1000590 drm/rockchip: use pm_runtime_resume_and_get() instead of pm_runtime_get_sync()

drm/rockchip: use pmruntimeresumeandget instead of pmruntimegetsync This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v6.0.16 by commit...