5.5
CVE-2023-52750 - arm64: Restrict CPU_BIG_ENDIAN to GNU as or LLVM IAS 15.x or newer
In the Linux kernel, the following vulnerability has been resolved: arm64: Restrict CPU_BIG_ENDIAN to GNU as or LLVM IAS 15.x or newer Prior to LLVM 15.0.0, LLVM's integrated assembler would incorrectly byte-swap NOP when compiling for big-endian, and the resulting series of bytes happened to matβ¦
7.8
CVE-2023-52835 - perf/core: Bail out early if the request AUX area is out of bound
In the Linux kernel, the following vulnerability has been resolved: perf/core: Bail out early if the request AUX area is out of bound When perf-record with a large AUX area, e.g 4GB, it fails with: #perf record -C 0 -m ,4G -e arm_spe_0// -- sleep 1 failed to mmap with 12 (Cannot allocateβ¦
5.3
CVE-2021-47326 - kernel: x86/signal: Detect and prevent an alternate signal stack overflow
This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.
7.1
CVE-2023-52827 - wifi: ath12k: fix possible out-of-bound read in ath12k_htt_pull_ppdu_stats()
In the Linux kernel, the following vulnerability has been resolved: wifi: ath12k: fix possible out-of-bound read in ath12k_htt_pull_ppdu_stats() len is extracted from HTT message and could be an unexpected value in case errors happen, so add validation before using to avoid possible out-of-bound β¦
5.5
CVE-2023-52825 - drm/amdkfd: Fix a race condition of vram buffer unref in svm code
In the Linux kernel, the following vulnerability has been resolved: drm/amdkfd: Fix a race condition of vram buffer unref in svm code prange->svm_bo unref can happen in both mmu callback and a callback after migrate to system ram. Both are async call in different tasks. Sync svm_bo unref operatioβ¦
5.5
CVE-2021-47269 - usb: dwc3: ep0: fix NULL pointer exception
In the Linux kernel, the following vulnerability has been resolved: usb: dwc3: ep0: fix NULL pointer exception There is no validation of the index from dwc3_wIndex_to_dep() and we might be referring a non-existing ep and trigger a NULL pointer exception. In certain configurations we might use fewβ¦
4.4
CVE-2023-52793 - kernel: samples/bpf: syscall_tp_user: Fix array out-of-bound access
This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.
6.5
CVE-2021-47308 - scsi: libfc: Fix array index out of bound exception
In the Linux kernel, the following vulnerability has been resolved: scsi: libfc: Fix array index out of bound exception Fix array index out of bound exception in fc_rport_prli_resp().
5.5
CVE-2023-52806 - ALSA: hda: Fix possible null-ptr-deref when assigning a stream
In the Linux kernel, the following vulnerability has been resolved: ALSA: hda: Fix possible null-ptr-deref when assigning a stream While AudioDSP drivers assign streams exclusively of HOST or LINK type, nothing blocks a user to attempt to assign a COUPLED stream. As supplied substream instance maβ¦
5.5
CVE-2021-47409 - usb: dwc2: check return value after calling platform_get_resource()
In the Linux kernel, the following vulnerability has been resolved: usb: dwc2: check return value after calling platform_get_resource() It will cause null-ptr-deref if platform_get_resource() returns NULL, we need check the return value.