Threat and Vulnerability Intelligence Database

RSS Feed

Example Searches:

CVE
Threat Actors
Countries
Vendors
Severity
Known Exploited

CVE-2023-52687
crypto: safexcel - Add error handling for dma_map_sg() calls
Description: In the Linux kernel, the following vulnerability has been resolved: crypto: safexcel - Add error handling for dma_map_sg() calls Macro dma_map_sg() may return 0 on error. This patch enables checks in case of the macro failure and ensures unmapping of previously mapped buffers with dma_unmap_sg(). Found by Linux Verification Center (linuxtesting.org) with static analysis tool SVACE.

EPSS Score: 0.05%

Source: CVE
December 20th, 2024 (4 months ago)

CVE-2023-52686
powerpc/powernv: Add a null pointer check in opal_event_init()
Description: In the Linux kernel, the following vulnerability has been resolved: powerpc/powernv: Add a null pointer check in opal_event_init() kasprintf() returns a pointer to dynamically allocated memory which can be NULL upon failure.

EPSS Score: 0.04%

Source: CVE
December 20th, 2024 (4 months ago)

CVE-2023-52684
firmware: qcom: qseecom: fix memory leaks in error paths
Description: In the Linux kernel, the following vulnerability has been resolved: firmware: qcom: qseecom: fix memory leaks in error paths Fix instances of returning error codes directly instead of jumping to the relevant labels where memory allocated for the SCM calls would be freed.

EPSS Score: 0.04%

Source: CVE
December 20th, 2024 (4 months ago)

CVE-2023-52683
ACPI: LPIT: Avoid u32 multiplication overflow
Description: In the Linux kernel, the following vulnerability has been resolved: ACPI: LPIT: Avoid u32 multiplication overflow In lpit_update_residency() there is a possibility of overflow in multiplication, if tsc_khz is large enough (> UINT_MAX/1000). Change multiplication to mul_u32_u32(). Found by Linux Verification Center (linuxtesting.org) with SVACE.

EPSS Score: 0.04%

Source: CVE
December 20th, 2024 (4 months ago)

CVE-2023-52682
f2fs: fix to wait on block writeback for post_read case
Description: In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to wait on block writeback for post_read case If inode is compressed, but not encrypted, it missed to call f2fs_wait_on_block_writeback() to wait for GCed page writeback in IPU write path. Thread A GC-Thread - f2fs_gc - do_garbage_collect - gc_data_segment - move_data_block - f2fs_submit_page_write migrate normal cluster's block via meta_inode's page cache - f2fs_write_single_data_page - f2fs_do_write_data_page - f2fs_inplace_write_data - f2fs_submit_page_bio IRQ - f2fs_read_end_io IRQ old data overrides new data due to out-of-order GC and common IO. - f2fs_read_end_io

EPSS Score: 0.05%

Source: CVE
December 20th, 2024 (4 months ago)

CVE-2023-52681
efivarfs: Free s_fs_info on unmount
Description: In the Linux kernel, the following vulnerability has been resolved: efivarfs: Free s_fs_info on unmount Now that we allocate a s_fs_info struct on fs context creation, we should ensure that we free it again when the superblock goes away.

EPSS Score: 0.05%

Source: CVE
December 20th, 2024 (4 months ago)

CVE-2023-52680
ALSA: scarlett2: Add missing error checks to *_ctl_get()
Description: In the Linux kernel, the following vulnerability has been resolved: ALSA: scarlett2: Add missing error checks to *_ctl_get() The *_ctl_get() functions which call scarlett2_update_*() were not checking the return value. Fix to check the return value and pass to the caller.

EPSS Score: 0.05%

Source: CVE
December 20th, 2024 (4 months ago)

CVE-2023-52679
of: Fix double free in of_parse_phandle_with_args_map
Description: In the Linux kernel, the following vulnerability has been resolved: of: Fix double free in of_parse_phandle_with_args_map In of_parse_phandle_with_args_map() the inner loop that iterates through the map entries calls of_node_put(new) to free the reference acquired by the previous iteration of the inner loop. This assumes that the value of "new" is NULL on the first iteration of the inner loop. Make sure that this is true in all iterations of the outer loop by setting "new" to NULL after its value is assigned to "cur". Extend the unittest to detect the double free and add an additional test case that actually triggers this path.

EPSS Score: 0.04%

Source: CVE
December 20th, 2024 (4 months ago)

CVE-2023-52678
drm/amdkfd: Confirm list is non-empty before utilizing list_first_entry in kfd_topology.c
Description: In the Linux kernel, the following vulnerability has been resolved: drm/amdkfd: Confirm list is non-empty before utilizing list_first_entry in kfd_topology.c Before using list_first_entry, make sure to check that list is not empty, if list is empty return -ENODATA. Fixes the below: drivers/gpu/drm/amd/amdgpu/../amdkfd/kfd_topology.c:1347 kfd_create_indirect_link_prop() warn: can 'gpu_link' even be NULL? drivers/gpu/drm/amd/amdgpu/../amdkfd/kfd_topology.c:1428 kfd_add_peer_prop() warn: can 'iolink1' even be NULL? drivers/gpu/drm/amd/amdgpu/../amdkfd/kfd_topology.c:1433 kfd_add_peer_prop() warn: can 'iolink2' even be NULL?

EPSS Score: 0.05%

Source: CVE
December 20th, 2024 (4 months ago)

CVE-2023-52677
riscv: Check if the code to patch lies in the exit section
Description: In the Linux kernel, the following vulnerability has been resolved: riscv: Check if the code to patch lies in the exit section Otherwise we fall through to vmalloc_to_page() which panics since the address does not lie in the vmalloc region.

EPSS Score: 0.05%

Source: CVE
December 20th, 2024 (4 months ago)