719 matches found
GSD-2023-1002396 net/usb: kalmia: Don't pass act_len in usb_bulk_msg error path
net/usb: kalmia: Don't pass actlen in usbbulkmsg error path This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.4.232 by commit...
GSD-2023-1002387 net: USB: Fix wrong-direction WARNING in plusb.c
net: USB: Fix wrong-direction WARNING in plusb.c This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.10.168 by commit...
GHSA-368X-WMMG-HQ5C Apollo has potential access control security issue in eureka
Impact If users expose the apollo-configservice to the internetwhich is not recommended, there are potential security issues since there is no authentication feature enabled for the built-in eureka service. Malicious hackers may access eureka directly to mock apollo-configservice and...
GSD-2023-1002282 dmaengine: Fix double increment of client_count in dma_chan_get()
dmaengine: Fix double increment of clientcount in dmachanget This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v4.14.305 by commit...
GSD-2023-1002279 tracing: Make sure trace_printk() can output as soon as it can be used
tracing: Make sure traceprintk can output as soon as it can be used This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v4.14.305 by commit...
GSD-2023-1002253 w1: fix WARNING after calling w1_process()
w1: fix WARNING after calling w1process This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v4.19.272 by commit...
GSD-2023-1002237 nfc: pn533: Wait for out_urb's completion in pn533_usb_send_frame()
nfc: pn533: Wait for outurb's completion in pn533usbsendframe This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.4.229 by commit...
GSD-2023-1002180 btrfs: always report error in run_one_delayed_ref()
btrfs: always report error in runonedelayedref This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.10.165 by commit...
GSD-2023-1002149 w1: fix WARNING after calling w1_process()
w1: fix WARNING after calling w1process This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.10.166 by commit...
GSD-2023-1002138 net/sched: sch_taprio: do not schedule in taprio_reset()
net/sched: schtaprio: do not schedule in taprioreset This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.10.166 by commit...
GSD-2023-1002137 x86/i8259: Mark legacy PIC interrupts with IRQ_LEVEL
x86/i8259: Mark legacy PIC interrupts with IRQLEVEL This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.10.166 by commit...
GSD-2023-1002136 perf/x86/amd: fix potential integer overflow on shift of a int
perf/x86/amd: fix potential integer overflow on shift of a int This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.10.166 by commit...
GSD-2023-1002078 net: mdio: validate parameter addr in mdiobus_get_phy()
net: mdio: validate parameter addr in mdiobusgetphy This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.15.91 by commit...
GSD-2023-1002052 perf/x86/amd: fix potential integer overflow on shift of a int
perf/x86/amd: fix potential integer overflow on shift of a int This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.15.91 by commit...
GSD-2023-1002051 bpf: Skip task with pid=1 in send_signal_common()
bpf: Skip task with pid=1 in sendsignalcommon This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.15.92 by commit...
GSD-2023-1002041 squashfs: harden sanity check in squashfs_read_xattr_id_table
squashfs: harden sanity check in squashfsreadxattridtable This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.15.93 by commit...
GSD-2023-1002029 mm/swapfile: add cond_resched() in get_swap_pages()
mm/swapfile: add condresched in getswappages This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.15.93 by commit...
GSD-2023-1001986 efi: fix NULL-deref in init error path
efi: fix NULL-deref in init error path This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v6.1.7 by commit adc96d30f6503d30dc68670c013716f1d9fcc747...
GSD-2023-1001951 HID: intel_ish-hid: Add check for ishtp_dma_tx_map
HID: intelish-hid: Add check for ishtpdmatxmap This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v6.1.9 by commit...
GSD-2023-1001948 EDAC/highbank: Fix memory leak in highbank_mc_probe()
EDAC/highbank: Fix memory leak in highbankmcprobe This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v6.1.9 by commit...