21 matches found
GSD-2023-1000191 iio: health: afe4404: Fix oob read in afe4404_[read|write]_raw
iio: health: afe4404: Fix oob read in afe4404read|writeraw This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.15.82 by commit...
GSD-2023-1000190 libbpf: Handle size overflow for ringbuf mmap
libbpf: Handle size overflow for ringbuf mmap This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.15.82 by commit...
GSD-2023-1000189 hwmon: (ibmpex) Fix possible UAF when ibmpex_register_bmc() fails
hwmon: ibmpex Fix possible UAF when ibmpexregisterbmc fails This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.15.82 by commit...
GSD-2023-1000187 fm10k: Fix error handling in fm10k_init_module()
fm10k: Fix error handling in fm10kinitmodule This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.15.82 by commit...
GSD-2023-1000184 can: m_can: pci: add missing m_can_class_free_dev() in probe/remove methods
can: mcan: pci: add missing mcanclassfreedev in probe/remove methods This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.15.82 by commit...
GSD-2023-1000182 net/mlx5e: Fix use-after-free when reverting termination table
net/mlx5e: Fix use-after-free when reverting termination table This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.15.82 by commit...
GSD-2023-1000181 wifi: cfg80211: don't allow multi-BSSID in S1G
wifi: cfg80211: don't allow multi-BSSID in S1G This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.15.82 by commit...
GSD-2023-1000179 net: phy: fix null-ptr-deref while probe() failed
net: phy: fix null-ptr-deref while probe failed This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.15.82 by commit...
GSD-2023-1000174 net: mdiobus: fix unbalanced node reference count
net: mdiobus: fix unbalanced node reference count This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.15.82 by commit...
GSD-2023-1000171 hwmon: (coretemp) fix pci device refcount leak in nv1a_ram_new()
hwmon: coretemp fix pci device refcount leak in nv1aramnew This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.15.82 by commit...
GSD-2023-1000170 hwmon: (coretemp) Check for null before removing sysfs attrs
hwmon: coretemp Check for null before removing sysfs attrs This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.15.82 by commit...
GSD-2023-1000166 Kconfig.debug: provide a little extra FRAME_WARN leeway when KASAN is enabled
Kconfig.debug: provide a little extra FRAMEWARN leeway when KASAN is enabled This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.15.82 by commit...
GSD-2023-1000165 riscv: Sync efi page table's kernel mappings before switching
riscv: Sync efi page table's kernel mappings before switching This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.15.82 by commit...
GSD-2023-1000163 riscv: fix race when vmap stack overflow
riscv: fix race when vmap stack overflow This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.15.82 by commit...
GSD-2023-1000160 ipv4: Handle attempt to delete multipath route when fib_info contains an nh reference
ipv4: Handle attempt to delete multipath route when fibinfo contains an nh reference This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.15.82 by...
GSD-2023-1000157 char: tpm: Protect tpm_pm_suspend with locks
char: tpm: Protect tpmpmsuspend with locks This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.15.82 by commit...
PT-2023-33256 · Linux · Linux Kernel
Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v5.15.82 Description: A potential security issue exists due to a null pointer dereference when the probe function fails. The actual impact and attack plausibility have not yet been proven. Recommendations: For...
PT-2023-33241 · Linux · Linux Kernel
Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v5.15.82 Description: A bounds check issue in the ASoC: ops for sx controls has been identified. The actual impact and attack plausibility have not yet been proven. Recommendations: For Linux Kernel versions pri...
PT-2023-33249 · Linux · Linux Kernel
Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v5.15.82 Description: A memory leak issue exists in the sctp stream outq migrate function. The actual impact and attack plausibility have not yet been proven. Recommendations: For Linux Kernel versions prior to...
PT-2023-33261 · Linux · Linux Kernel
Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v5.15.82 Description: A potential security issue is identified in the Linux Kernel, related to the m can class free dev function in probe/remove methods. The actual impact and attack plausibility have not yet be...