7.0
CVE-2022-50721 - dmaengine: qcom-adm: fix wrong calling convention for prep_slave_sg
In the Linux kernel, the following vulnerability has been resolved: dmaengine: qcom-adm: fix wrong calling convention for prep_slave_sg The calling convention for pre_slave_sg is to return NULL on error and provide an error log to the system. Qcom-adm instead provide error pointer when an error oβ¦
7.0
CVE-2022-50717 - nvmet-tcp: add bounds check on Transfer Tag
In the Linux kernel, the following vulnerability has been resolved: nvmet-tcp: add bounds check on Transfer Tag ttag is used as an index to get cmd in nvmet_tcp_handle_h2c_data_pdu(), add a bounds check to avoid out-of-bounds access.
7.0
CVE-2022-50709 - wifi: ath9k: avoid uninit memory read in ath9k_htc_rx_msg()
In the Linux kernel, the following vulnerability has been resolved: wifi: ath9k: avoid uninit memory read in ath9k_htc_rx_msg() syzbot is reporting uninit value at ath9k_htc_rx_msg() [1], for ioctl(USB_RAW_IOCTL_EP_WRITE) can call ath9k_hif_usb_rx_stream() with pkt_len = 0 but ath9k_hif_usb_rx_stβ¦
7.0
CVE-2022-50700 - wifi: ath10k: Delay the unmapping of the buffer
In the Linux kernel, the following vulnerability has been resolved: wifi: ath10k: Delay the unmapping of the buffer On WCN3990, we are seeing a rare scenario where copy engine hardware is sending a copy complete interrupt to the host driver while still processing the buffer that the driver has seβ¦
0.0
CVE-2023-54158 - btrfs: don't free qgroup space unless specified
In the Linux kernel, the following vulnerability has been resolved: btrfs: don't free qgroup space unless specified Boris noticed in his simple quotas testing that he was getting a leak with Sweet Tea's change to subvol create that stopped doing a transaction commit. This was just a side effect β¦
0.0
CVE-2023-54140 - nilfs2: fix WARNING in mark_buffer_dirty due to discarded buffer reuse
In the Linux kernel, the following vulnerability has been resolved: nilfs2: fix WARNING in mark_buffer_dirty due to discarded buffer reuse A syzbot stress test using a corrupted disk image reported that mark_buffer_dirty() called from __nilfs_mark_inode_dirty() or nilfs_palloc_commit_alloc_entry(β¦
7.0
CVE-2023-54136 - serial: sprd: Fix DMA buffer leak issue
In the Linux kernel, the following vulnerability has been resolved: serial: sprd: Fix DMA buffer leak issue Release DMA buffer when _probe() returns failure to avoid memory leak.
0.0
CVE-2023-54133 - nfp: clean mc addresses in application firmware when closing port
In the Linux kernel, the following vulnerability has been resolved: nfp: clean mc addresses in application firmware when closing port When moving devices from one namespace to another, mc addresses are cleaned in software while not removed from application firmware. Thus the mc addresses are remaβ¦
0.0
CVE-2023-54115 - pcmcia: rsrc_nonstatic: Fix memory leak in nonstatic_release_resource_db()
In the Linux kernel, the following vulnerability has been resolved: pcmcia: rsrc_nonstatic: Fix memory leak in nonstatic_release_resource_db() When nonstatic_release_resource_db() frees all resources associated with an PCMCIA socket, it forgets to free socket_data too, causing a memory leak obserβ¦
5.5
CVE-2023-54114 - net: nsh: Use correct mac_offset to unwind gso skb in nsh_gso_segment()
In the Linux kernel, the following vulnerability has been resolved: net: nsh: Use correct mac_offset to unwind gso skb in nsh_gso_segment() As the call trace shows, skb_panic was caused by wrong skb->mac_header in nsh_gso_segment(): invalid opcode: 0000 [#1] PREEMPT SMP KASAN PTI CPU: 3 PID: 273β¦