4 matches found
CVE-2024-26926
CVE-2024-26926 : The Linux kernel vulnerability concerns the binder subsystem. After commit 6d98eb95, an offset alignment check was removed from binder_alloc_copy_from_buffer()/check_buffer(), and answers were copied in binder_get_object() via copy_from_user(), which now requires an explicit offs...
CVE-2024-46740
CVE-2024-46740 affects the Linux kernel binder subsystem. The issue arises when copying raw data between binder objects during transactions: there is no bounds check for data outside the target data section, so excess raw data can overwrite the offsets section. This can corrupt object indices dur...
CVE-2022-48987
CVE-2022-48987 affects the Linux kernel in media: v4l2-dv-timings.c. The issue was a misapplied blanking sanity check: when userspace supplies only a total blanking value, the total could be assigned to front porch, backporch, or sync fields, causing an overflow check to fail. The fix adds maximu...
CVE-2023-53590
CVE-2023-53590 affects the Linux kernel SCTP scheduler code. The root cause was a missing reference counter in sctp_stream_priorities, which could cause a nested loop when freeing a stream priority (potential heavy CPU usage). The advisory notes that a refcnt is now added in sctp_stream_prioritie...