In the Linux kernel, the following vulnerability has been resolved:
tee: add overflow check in register_shm_helper()
With special lengths supplied by user space, register_shm_helper() has
an integer
In the Linux kernel, the following vulnerability has been resolved:
tee: fix register_shm_helper()
In register_shm_helper(), fix incorrect error handling for a call to
iov_iter_extract_pages(). A ca
In the Linux kernel, the following vulnerability has been resolved:
tee: fix NULL pointer dereference in tee_shm_put
tee_shm_put have NULL pointer dereference:
__optee_disable_shm_cache -->
shm =
In the Linux kernel, the following vulnerability has been resolved:
io_uring: check for overflows in io_pin_pages
WARNING: CPU: 0 PID: 5834 at io_uring/memmap.c:144 io_pin_pages+0x149/0x180 io_uring
In the Linux kernel, the following vulnerability has been resolved:
iommufd: Check for uptr overflow
syzkaller found that setting up a map with a user VA that wraps past zero
can trigger WARN_ONs, p
In the Linux kernel, the following vulnerability has been resolved:
x86/sgx: Add overflow check in sgx_validate_offset_length()
sgx_validate_offset_length() function verifies "offset" and "length"
a
In the Linux kernel, the following vulnerability has been resolved:
block: reject bs > ps block devices when THP is disabled
If THP is disabled and when a block device with logical block size >
page
In the Linux kernel, the following vulnerability has been resolved:
netfilter: iptables: Fix potential null-ptr-deref in ip6table_nat_table_init().
ip6table_nat_table_init() accesses net->gen->ptr[i
In the Linux kernel, the following vulnerability has been resolved:
xsk: Add missing overflow check in xdp_umem_reg
The number of chunks can overflow u32. Make sure to return -EINVAL on
overflow. Al
In the Linux kernel, the following vulnerability has been resolved:
module: Fix kernel panic when a symbol st_shndx is out of bounds
The module loader doesn't check for bounds of the ELF section ind
In the Linux kernel, the following vulnerability has been resolved:
blk-throttle: fix access race during throttle policy activation
On repeated cold boots we occasionally hit a NULL pointer crash in
In the Linux kernel, the following vulnerability has been resolved:
drm/ttm: check null pointer before accessing when swapping
Add a check to avoid null pointer dereference as below:
[ 90.002283]
In the Linux kernel, the following vulnerability has been resolved:
io_uring: prevent reg-wait speculations
With *ENTER_EXT_ARG_REG instead of passing a user pointer with arguments
for the waiting l
In the Linux kernel, the following vulnerability has been resolved:
drm/amdgpu/cs: make commands with 0 chunks illegal behaviour.
Submitting a cs with 0 chunks, causes an oops later, found trying
to
In the Linux kernel, the following vulnerability has been resolved:
cgroup/dmem: fix NULL pointer dereference when setting max
An issue was triggered:
BUG: kernel NULL pointer dereference, address
In the Linux kernel, the following vulnerability has been resolved:
s390/sclp: Add check for get_zeroed_page()
Add check for the return value of get_zeroed_page() in
sclp_console_init() to prevent n
In the Linux kernel, the following vulnerability has been resolved:
uprobe: avoid out-of-bounds memory access of fetching args
Uprobe needs to fetch args into a percpu buffer, and then copy to ring
In the Linux kernel, the following vulnerability has been resolved:
fs/ntfs3: Enhance sanity check while generating attr_list
ni_create_attr_list uses WARN_ON to catch error cases while generating
a
In the Linux kernel, the following vulnerability has been resolved:
drm/admgpu: fix dereferencing null pointer context
When user space sets an invalid ta type, the pointer context will be empty.
So
In the Linux kernel, the following vulnerability has been resolved:
mm/hugetlb: fix kernel NULL pointer dereference when replacing free hugetlb folios
A kernel crash was observed when replacing free
Page 1+ Next →