5.5
CVE-2024-42087 - drm/panel: ilitek-ili9881c: Fix warning with GPIO controllers that sleep
In the Linux kernel, the following vulnerability has been resolved: drm/panel: ilitek-ili9881c: Fix warning with GPIO controllers that sleep The ilitek-ili9881c controls the reset GPIO using the non-sleeping gpiod_set_value() function. This complains loudly when the GPIO controller needs to sleepβ¦
5.5
CVE-2024-42080 - RDMA/restrack: Fix potential invalid address access
In the Linux kernel, the following vulnerability has been resolved: RDMA/restrack: Fix potential invalid address access struct rdma_restrack_entry's kern_name was set to KBUILD_MODNAME in ib_create_cq(), while if the module exited but forgot del this rdma_restrack_entry, it would cause a invalid β¦
5.5
CVE-2024-41095 - drm/nouveau/dispnv04: fix null pointer dereference in nv17_tv_get_ld_modes
In the Linux kernel, the following vulnerability has been resolved: drm/nouveau/dispnv04: fix null pointer dereference in nv17_tv_get_ld_modes In nv17_tv_get_ld_modes(), the return value of drm_mode_duplicate() is assigned to mode, which will lead to a possible NULL pointer dereference on failureβ¦
5.5
CVE-2024-41037 - ASoC: SOF: Intel: hda: fix null deref on system suspend entry
In the Linux kernel, the following vulnerability has been resolved: ASoC: SOF: Intel: hda: fix null deref on system suspend entry When system enters suspend with an active stream, SOF core calls hw_params_upon_resume(). On Intel platforms with HDA DMA used to manage the link DMA, this leads to caβ¦
3.3
CVE-2024-41027 - Fix userfaultfd_api to return EINVAL as expected
In the Linux kernel, the following vulnerability has been resolved: Fix userfaultfd_api to return EINVAL as expected Currently if we request a feature that is not set in the Kernel config we fail silently and return all the available features. However, the man page indicates we should return an β¦
5.5
CVE-2024-42091 - drm/xe: Check pat.ops before dumping PAT settings
In the Linux kernel, the following vulnerability has been resolved: drm/xe: Check pat.ops before dumping PAT settings We may leave pat.ops unset when running on brand new platform or when running as a VF. While the former is unlikely, the latter is valid (future) use case and will cause NPD whenβ¦
7.8
CVE-2024-42088 - ASoC: mediatek: mt8195: Add platform entry for ETDM1_OUT_BE dai link
In the Linux kernel, the following vulnerability has been resolved: ASoC: mediatek: mt8195: Add platform entry for ETDM1_OUT_BE dai link Commit e70b8dd26711 ("ASoC: mediatek: mt8195: Remove afe-dai component and rework codec link") removed the codec entry for the ETDM1_OUT_BE dai link entirely inβ¦
5.5
CVE-2024-41032 - mm: vmalloc: check if a hash-index is in cpu_possible_mask
In the Linux kernel, the following vulnerability has been resolved: mm: vmalloc: check if a hash-index is in cpu_possible_mask The problem is that there are systems where cpu_possible_mask has gaps between set CPUs, for example SPARC. In this scenario addr_to_vb_xa() hash function can return an β¦
8.7
CVE-2024-7173 - TOTOLINK A3600R cstecgi.cgi loginauth buffer overflow
A vulnerability, which was classified as critical, has been found in TOTOLINK A3600R 4.1.2cu.5182_B20201102. Affected by this issue is the function loginauth of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument password/http_host leads to buffer overflow. The attack may be launched reβ¦
8.7
CVE-2024-7172 - TOTOLINK A3600R getSaveConfig buffer overflow
A vulnerability classified as critical was found in TOTOLINK A3600R 4.1.2cu.5182_B20201102. Affected by this vulnerability is the function getSaveConfig of the file /cgi-bin/cstecgi.cgi?action=save&setting. The manipulation of the argument http_host leads to buffer overflow. The attack can be launcβ¦