5.5
CVE-2023-54087 - ubi: Fix possible null-ptr-deref in ubi_free_volume()
In the Linux kernel, the following vulnerability has been resolved: ubi: Fix possible null-ptr-deref in ubi_free_volume() It willl cause null-ptr-deref in the following case: uif_init() ubi_add_volume() cdev_add() -> if it fails, call kill_volumes() device_register() kill_volumes() ->β¦
0.0
CVE-2023-54059 - soc: mediatek: mtk-svs: Enable the IRQ later
In the Linux kernel, the following vulnerability has been resolved: soc: mediatek: mtk-svs: Enable the IRQ later If the system does not come from reset (like when is booted via kexec()), the peripheral might triger an IRQ before the data structures are initialised. [ 0.227710] Unable to handβ¦
5.5
CVE-2023-54045 - audit: fix possible soft lockup in __audit_inode_child()
In the Linux kernel, the following vulnerability has been resolved: audit: fix possible soft lockup in __audit_inode_child() Tracefs or debugfs maybe cause hundreds to thousands of PATH records, too many PATH records maybe cause soft lockup. For example: 1. CONFIG_KASAN=y && CONFIG_PREEMPTION=β¦
7.0
CVE-2023-54038 - Bluetooth: hci_conn: return ERR_PTR instead of NULL when there is no link
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hci_conn: return ERR_PTR instead of NULL when there is no link hci_connect_sco currently returns NULL when there is no link (i.e. when hci_conn_link() returns NULL). sco_connect() expects an ERR_PTR in case of any errβ¦
5.5
CVE-2023-54023 - btrfs: fix race between balance and cancel/pause
In the Linux kernel, the following vulnerability has been resolved: btrfs: fix race between balance and cancel/pause Syzbot reported a panic that looks like this: assertion failed: fs_info->exclusive_operation == BTRFS_EXCLOP_BALANCE_PAUSED, in fs/btrfs/ioctl.c:465 ------------[ cut here ]--β¦
7.0
CVE-2023-54016 - wifi: ath12k: Fix memory leak in rx_desc and tx_desc
In the Linux kernel, the following vulnerability has been resolved: wifi: ath12k: Fix memory leak in rx_desc and tx_desc Currently when ath12k_dp_cc_desc_init() is called we allocate memory to rx_descs and tx_descs. In ath12k_dp_cc_cleanup(), during descriptor cleanup rx_descs and tx_descs memoryβ¦
5.5
CVE-2022-50733 - usb: idmouse: fix an uninit-value in idmouse_open
In the Linux kernel, the following vulnerability has been resolved: usb: idmouse: fix an uninit-value in idmouse_open In idmouse_create_image, if any ftip_command fails, it will go to the reset label. However, this leads to the data in bulk_in_buffer[HEADER..IMGSIZE] uninitialized. And the check β¦
7.0
CVE-2022-50721 - dmaengine: qcom-adm: fix wrong calling convention for prep_slave_sg
In the Linux kernel, the following vulnerability has been resolved: dmaengine: qcom-adm: fix wrong calling convention for prep_slave_sg The calling convention for pre_slave_sg is to return NULL on error and provide an error log to the system. Qcom-adm instead provide error pointer when an error oβ¦
0.0
CVE-2023-54151 - f2fs: Fix system crash due to lack of free space in LFS
In the Linux kernel, the following vulnerability has been resolved: f2fs: Fix system crash due to lack of free space in LFS When f2fs tries to checkpoint during foreground gc in LFS mode, system crash occurs due to lack of free space if the amount of dirty node and dentry pages generated by data β¦
5.5
CVE-2022-50702 - vdpa_sim: fix possible memory leak in vdpasim_net_init() and vdpasim_blk_init()
In the Linux kernel, the following vulnerability has been resolved: vdpa_sim: fix possible memory leak in vdpasim_net_init() and vdpasim_blk_init() Inject fault while probing module, if device_register() fails in vdpasim_net_init() or vdpasim_blk_init(), but the refcount of kobject is not decreasβ¦