6 matches found
SUSE CVE-2021-42327
dplinksettingswrite in drivers/gpu/drm/amd/display/amdgpudm/amdgpudmdebugfs.c in the Linux kernel through 5.14.14 allows a heap-based buffer overflow by an attacker who can write a string to the AMD GPU display drivers debug filesystem. There are no checks on size within parsewritebufferintoparam...
UVI-2021-1001910 dm: fix mempool NULL pointer race when completing IO
dm: fix mempool NULL pointer race when completing IO This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.14.14 by commit...
GSD-2021-1001903 mlxsw: thermal: Fix out-of-bounds memory accesses
mlxsw: thermal: Fix out-of-bounds memory accesses This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.14.14 by commit...
GSD-2021-1001902 NFC: digital: fix possible memory leak in digital_in_send_sdd_req()
NFC: digital: fix possible memory leak in digitalinsendsddreq This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.14.14 by commit...
GSD-2021-1001896 mptcp: fix possible stall on recvmsg()
mptcp: fix possible stall on recvmsg This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.14.14 by commit 1a4554e94f0deff9fc1dc5addf93fa579cc29711...
dp_link_settings_write in drivers/gpu/drm/amd/display/amdgpu_dm/amdgpu_dm_debugfs.c in the Linux kernel through 5.14.14 allows a heap-based buffer overflow by an attacker who can write a string to the AMD GPU display drivers debug filesystem. There are no checks on size within parse_write_buffer_into_params when it uses the size of copy_from_user to copy a userspace buffer into a 40-byte heap buffer.
...