In the Linux kernel, the following vulnerability has been resolved:
drm: Set old handle to NULL before prime swap in change_handle
There was a potential race condition in change_handle. The ioctl
br
In the Linux kernel, the following vulnerability has been resolved:
drm: Do not allow userspace to trigger kernel warnings in drm_gem_change_handle_ioctl()
Since GEM bo handles are u32 in the uapi a
In the Linux kernel, the following vulnerability has been resolved:
drm/virtio: Fix GEM handle creation UAF
Userspace can guess the handle value and try to race GEM object creation
with handle close
In the Linux kernel, the following vulnerability has been resolved:
jbd2: fix data-race and null-ptr-deref in jbd2_journal_dirty_metadata()
Since handle->h_transaction may be a NULL pointer, so we s
In the Linux kernel, the following vulnerability has been resolved:
Revert "drm/prime: Use dma_buf from GEM object instance"
This reverts commit f83a9b8c7fd0557b0c50784bfdc1bbe9140c9bf8.
The dma_bu
In the Linux kernel, the following vulnerability has been resolved:
Revert "drm/gem-dma: Use dma_buf from GEM object instance"
This reverts commit e8afa1557f4f963c9a511bd2c6074a941c308685.
The dma_
In the Linux kernel, the following vulnerability has been resolved:
Revert "drm/gem-shmem: Use dma_buf from GEM object instance"
This reverts commit 1a148af06000e545e714fe3210af3d77ff903c11.
The dm
In the Linux kernel, the following vulnerability has been resolved:
Revert "drm/gem-framebuffer: Use dma_buf from GEM object instance"
This reverts commit cce16fcd7446dcff7480cd9d2b6417075ed81065.
In the Linux kernel, the following vulnerability has been resolved:
drm/v3d: Assign job pointer to NULL before signaling the fence
In commit e4b5ccd392b9 ("drm/v3d: Ensure job pointer is set to NULL
In the Linux kernel, the following vulnerability has been resolved:
drm/amdgpu: Fix use-after-free race in VM acquire
Replace non-atomic vm->process_info assignment with cmpxchg()
to prevent race wh
In the Linux kernel, the following vulnerability has been resolved:
drm/amdgpu: fix nullptr err of vm_handle_moved
If a amdgpu_bo_va is fpriv->prt_va, the bo of this one is always NULL.
So, such kin
In the Linux kernel, the following vulnerability has been resolved:
drm/panthor: Fix race condition when gathering fdinfo group samples
Commit e16635d88fa0 ("drm/panthor: add DRM fdinfo support") fa
In the Linux kernel, the following vulnerability has been resolved:
drm/lima: mask irqs in timeout path before hard reset
There is a race condition in which a rendering job might take just long
enou
In the Linux kernel, the following vulnerability has been resolved:
drm/ttm: check null pointer before accessing when swapping
Add a check to avoid null pointer dereference as below:
[ 90.002283]
In the Linux kernel, the following vulnerability has been resolved:
drm/i915: fix race condition UAF in i915_perf_add_config_ioctl
Userspace can guess the id value and try to race oa_config object c
In the Linux kernel, the following vulnerability has been resolved:
drm/panthor: Fix race when converting group handle to group object
XArray provides it's own internal lock which protects the inter
In the Linux kernel, the following vulnerability has been resolved:
drm: Fix potential null-ptr-deref in drm_vblank_destroy_worker()
drm_vblank_init() call drmm_add_action_or_reset() with
drm_vblank
In the Linux kernel, the following vulnerability has been resolved:
media: em28xx: fix use-after-free in em28xx_v4l2_open()
em28xx_v4l2_open() reads dev->v4l2 without holding dev->lock,
creating a r
In the Linux kernel, the following vulnerability has been resolved:
drm/panfrost: Fix GEM handle creation ref-counting
panfrost_gem_create_with_handle() previously returned a BO but with the
only re
In the Linux kernel, the following vulnerability has been resolved:
smb: client: fix race with concurrent opens in rename(2)
Besides sending the rename request to the server, the rename process
also
Page 1+ Next →