deb package

ubuntu/linux-oem-6.5

pkg:deb/ubuntu/linux-oem-6.5

Vulnerabilities (122)

CVE	Sev	CVSS	Affected versions	Fixed in	Published	Description
CVE-2023-52486		—	< 6.5.0-1022.23	6.5.0-1022.23	Feb 29, 2024	In the Linux kernel, the following vulnerability has been resolved: drm: Don't unref the same fb many times by mistake due to deadlock handling If we get a deadlock after the fb lookup in drm_mode_page_flip_ioctl() we proceed to unref the fb and then retry the whole thing from
CVE-2024-26607		—	< 6.5.0-1022.23	6.5.0-1022.23	Feb 29, 2024	In the Linux kernel, the following vulnerability has been resolved: drm/bridge: sii902x: Fix probing race issue A null pointer dereference crash has been observed rarely on TI platforms using sii9022 bridge: [ 53.271356] sii902x_get_edid+0x34/0x70 [sii902x] [ 53.276066]
CVE-2023-52473		—	< 6.5.0-1022.23	6.5.0-1022.23	Feb 25, 2024	In the Linux kernel, the following vulnerability has been resolved: thermal: core: Fix NULL pointer dereference in zone registration error path If device_register() in thermal_zone_device_register_with_trips() returns an error, the tz variable is set to NULL and subsequently de
CVE-2023-52472		—	< 6.5.0-1022.23	6.5.0-1022.23	Feb 25, 2024	In the Linux kernel, the following vulnerability has been resolved: crypto: rsa - add a check for allocation failure Static checkers insist that the mpi_alloc() allocation can fail so add a check to prevent a NULL dereference. Small allocations like this can't actually fail in
CVE-2023-52470		—	< 6.5.0-1022.23	6.5.0-1022.23	Feb 25, 2024	In the Linux kernel, the following vulnerability has been resolved: drm/radeon: check the alloc_workqueue return value in radeon_crtc_init() check the alloc_workqueue return value in radeon_crtc_init() to avoid null-ptr-deref.
CVE-2023-52469		—	< 6.5.0-1022.23	6.5.0-1022.23	Feb 25, 2024	In the Linux kernel, the following vulnerability has been resolved: drivers/amd/pm: fix a use-after-free in kv_parse_power_table When ps allocated by kzalloc equals to NULL, kv_parse_power_table frees adev->pm.dpm.ps that allocated before. However, after the control flow goes t
CVE-2023-52468		—	< 6.5.0-1022.23	6.5.0-1022.23	Feb 25, 2024	In the Linux kernel, the following vulnerability has been resolved: class: fix use-after-free in class_register() The lock_class_key is still registered and can be found in lock_keys_hash hlist after subsys_private is freed in error handler path.A task who iterate over the lock
CVE-2023-52467		—	< 6.5.0-1022.23	6.5.0-1022.23	Feb 25, 2024	In the Linux kernel, the following vulnerability has been resolved: mfd: syscon: Fix null pointer dereference in of_syscon_register() kasprintf() returns a pointer to dynamically allocated memory which can be NULL upon failure.
CVE-2023-52465		—	< 6.5.0-1022.23	6.5.0-1022.23	Feb 25, 2024	In the Linux kernel, the following vulnerability has been resolved: power: supply: Fix null pointer dereference in smb2_probe devm_kasprintf and devm_kzalloc return a pointer to dynamically allocated memory which can be NULL upon failure.
CVE-2023-52458	Med	5.5	< 6.5.0-1022.23	6.5.0-1022.23	Feb 23, 2024	In the Linux kernel, the following vulnerability has been resolved: block: add check that partition length needs to be aligned with block size Before calling add partition or resize partition, there is no check on whether the length is aligned with the logical block size. If th
CVE-2024-26598		—	< 6.5.0-1022.23	6.5.0-1022.23	Feb 23, 2024	In the Linux kernel, the following vulnerability has been resolved: KVM: arm64: vgic-its: Avoid potential UAF in LPI translation cache There is a potential UAF scenario in the case of an LPI translation cache hit racing with an operation that invalidates the cache, such as a DI
CVE-2024-26595		—	< 6.5.0-1022.23	6.5.0-1022.23	Feb 23, 2024	In the Linux kernel, the following vulnerability has been resolved: mlxsw: spectrum_acl_tcam: Fix NULL pointer dereference in error path When calling mlxsw_sp_acl_tcam_region_destroy() from an error path after failing to attach the region to an ACL group, we hit a NULL pointer
CVE-2023-52464		—	< 6.5.0-1022.23	6.5.0-1022.23	Feb 23, 2024	In the Linux kernel, the following vulnerability has been resolved: EDAC/thunderx: Fix possible out-of-bounds string access Enabling -Wstringop-overflow globally exposes a warning for a common bug in the usage of strncat(): drivers/edac/thunderx_edac.c: In function 'thunderx
CVE-2023-52463		—	< 6.5.0-1022.23	6.5.0-1022.23	Feb 23, 2024	In the Linux kernel, the following vulnerability has been resolved: efivarfs: force RO when remounting if SetVariable is not supported If SetVariable at runtime is not supported by the firmware we never assign a callback for that function. At the same time mount the efivarfs as
CVE-2023-52462		—	< 6.5.0-1022.23	6.5.0-1022.23	Feb 23, 2024	In the Linux kernel, the following vulnerability has been resolved: bpf: fix check for attempt to corrupt spilled pointer When register is spilled onto a stack as a 1/2/4-byte register, we set slot_type[BPF_REG_SIZE - 1] (plus potentially few more below it, depending on actual
CVE-2023-52457		—	< 6.5.0-1022.23	6.5.0-1022.23	Feb 23, 2024	In the Linux kernel, the following vulnerability has been resolved: serial: 8250: omap: Don't skip resource freeing if pm_runtime_resume_and_get() failed Returning an error code from .remove() makes the driver core emit the little helpful error message: remove callback return
CVE-2023-52456		—	< 6.5.0-1022.23	6.5.0-1022.23	Feb 23, 2024	In the Linux kernel, the following vulnerability has been resolved: serial: imx: fix tx statemachine deadlock When using the serial port as RS485 port, the tx statemachine is used to control the RTS pin to drive the RS485 transceiver TX_EN pin. When the TTY port is closed in th
CVE-2023-52455		—	< 6.5.0-1022.23	6.5.0-1022.23	Feb 23, 2024	In the Linux kernel, the following vulnerability has been resolved: iommu: Don't reserve 0-length IOVA region When the bootloader/firmware doesn't setup the framebuffers, their address and size are 0 in "iommu-addresses" property. If IOVA region is reserved with 0 length, then
CVE-2023-52454		—	< 6.5.0-1022.23	6.5.0-1022.23	Feb 23, 2024	In the Linux kernel, the following vulnerability has been resolved: nvmet-tcp: Fix a kernel panic when host sends an invalid H2C PDU length If the host sends an H2CData command with an invalid DATAL, the kernel may crash in nvmet_tcp_build_pdu_iovec(). Unable to handle kernel
CVE-2023-52453		—	< 6.5.0-1022.23	6.5.0-1022.23	Feb 23, 2024	In the Linux kernel, the following vulnerability has been resolved: hisi_acc_vfio_pci: Update migration data pointer correctly on saving/resume When the optional PRE_COPY support was added to speed up the device compatibility check, it failed to update the saving/resuming data

CVE-2023-52486Feb 29, 2024
affected < 6.5.0-1022.23fixed 6.5.0-1022.23
In the Linux kernel, the following vulnerability has been resolved: drm: Don't unref the same fb many times by mistake due to deadlock handling If we get a deadlock after the fb lookup in drm_mode_page_flip_ioctl() we proceed to unref the fb and then retry the whole thing from
CVE-2024-26607Feb 29, 2024
affected < 6.5.0-1022.23fixed 6.5.0-1022.23
In the Linux kernel, the following vulnerability has been resolved: drm/bridge: sii902x: Fix probing race issue A null pointer dereference crash has been observed rarely on TI platforms using sii9022 bridge: [ 53.271356] sii902x_get_edid+0x34/0x70 [sii902x] [ 53.276066]
CVE-2023-52473Feb 25, 2024
affected < 6.5.0-1022.23fixed 6.5.0-1022.23
In the Linux kernel, the following vulnerability has been resolved: thermal: core: Fix NULL pointer dereference in zone registration error path If device_register() in thermal_zone_device_register_with_trips() returns an error, the tz variable is set to NULL and subsequently de
CVE-2023-52472Feb 25, 2024
affected < 6.5.0-1022.23fixed 6.5.0-1022.23
In the Linux kernel, the following vulnerability has been resolved: crypto: rsa - add a check for allocation failure Static checkers insist that the mpi_alloc() allocation can fail so add a check to prevent a NULL dereference. Small allocations like this can't actually fail in
CVE-2023-52470Feb 25, 2024
affected < 6.5.0-1022.23fixed 6.5.0-1022.23
In the Linux kernel, the following vulnerability has been resolved: drm/radeon: check the alloc_workqueue return value in radeon_crtc_init() check the alloc_workqueue return value in radeon_crtc_init() to avoid null-ptr-deref.
CVE-2023-52469Feb 25, 2024
affected < 6.5.0-1022.23fixed 6.5.0-1022.23
In the Linux kernel, the following vulnerability has been resolved: drivers/amd/pm: fix a use-after-free in kv_parse_power_table When ps allocated by kzalloc equals to NULL, kv_parse_power_table frees adev->pm.dpm.ps that allocated before. However, after the control flow goes t
CVE-2023-52468Feb 25, 2024
affected < 6.5.0-1022.23fixed 6.5.0-1022.23
In the Linux kernel, the following vulnerability has been resolved: class: fix use-after-free in class_register() The lock_class_key is still registered and can be found in lock_keys_hash hlist after subsys_private is freed in error handler path.A task who iterate over the lock
CVE-2023-52467Feb 25, 2024
affected < 6.5.0-1022.23fixed 6.5.0-1022.23
In the Linux kernel, the following vulnerability has been resolved: mfd: syscon: Fix null pointer dereference in of_syscon_register() kasprintf() returns a pointer to dynamically allocated memory which can be NULL upon failure.
CVE-2023-52465Feb 25, 2024
affected < 6.5.0-1022.23fixed 6.5.0-1022.23
In the Linux kernel, the following vulnerability has been resolved: power: supply: Fix null pointer dereference in smb2_probe devm_kasprintf and devm_kzalloc return a pointer to dynamically allocated memory which can be NULL upon failure.
CVE-2023-52458MedFeb 23, 2024
affected < 6.5.0-1022.23fixed 6.5.0-1022.23
In the Linux kernel, the following vulnerability has been resolved: block: add check that partition length needs to be aligned with block size Before calling add partition or resize partition, there is no check on whether the length is aligned with the logical block size. If th
CVE-2024-26598Feb 23, 2024
affected < 6.5.0-1022.23fixed 6.5.0-1022.23
In the Linux kernel, the following vulnerability has been resolved: KVM: arm64: vgic-its: Avoid potential UAF in LPI translation cache There is a potential UAF scenario in the case of an LPI translation cache hit racing with an operation that invalidates the cache, such as a DI
CVE-2024-26595Feb 23, 2024
affected < 6.5.0-1022.23fixed 6.5.0-1022.23
In the Linux kernel, the following vulnerability has been resolved: mlxsw: spectrum_acl_tcam: Fix NULL pointer dereference in error path When calling mlxsw_sp_acl_tcam_region_destroy() from an error path after failing to attach the region to an ACL group, we hit a NULL pointer
CVE-2023-52464Feb 23, 2024
affected < 6.5.0-1022.23fixed 6.5.0-1022.23
In the Linux kernel, the following vulnerability has been resolved: EDAC/thunderx: Fix possible out-of-bounds string access Enabling -Wstringop-overflow globally exposes a warning for a common bug in the usage of strncat(): drivers/edac/thunderx_edac.c: In function 'thunderx
CVE-2023-52463Feb 23, 2024
affected < 6.5.0-1022.23fixed 6.5.0-1022.23
In the Linux kernel, the following vulnerability has been resolved: efivarfs: force RO when remounting if SetVariable is not supported If SetVariable at runtime is not supported by the firmware we never assign a callback for that function. At the same time mount the efivarfs as
CVE-2023-52462Feb 23, 2024
affected < 6.5.0-1022.23fixed 6.5.0-1022.23
In the Linux kernel, the following vulnerability has been resolved: bpf: fix check for attempt to corrupt spilled pointer When register is spilled onto a stack as a 1/2/4-byte register, we set slot_type[BPF_REG_SIZE - 1] (plus potentially few more below it, depending on actual
CVE-2023-52457Feb 23, 2024
affected < 6.5.0-1022.23fixed 6.5.0-1022.23
In the Linux kernel, the following vulnerability has been resolved: serial: 8250: omap: Don't skip resource freeing if pm_runtime_resume_and_get() failed Returning an error code from .remove() makes the driver core emit the little helpful error message: remove callback return
CVE-2023-52456Feb 23, 2024
affected < 6.5.0-1022.23fixed 6.5.0-1022.23
In the Linux kernel, the following vulnerability has been resolved: serial: imx: fix tx statemachine deadlock When using the serial port as RS485 port, the tx statemachine is used to control the RTS pin to drive the RS485 transceiver TX_EN pin. When the TTY port is closed in th
CVE-2023-52455Feb 23, 2024
affected < 6.5.0-1022.23fixed 6.5.0-1022.23
In the Linux kernel, the following vulnerability has been resolved: iommu: Don't reserve 0-length IOVA region When the bootloader/firmware doesn't setup the framebuffers, their address and size are 0 in "iommu-addresses" property. If IOVA region is reserved with 0 length, then
CVE-2023-52454Feb 23, 2024
affected < 6.5.0-1022.23fixed 6.5.0-1022.23
In the Linux kernel, the following vulnerability has been resolved: nvmet-tcp: Fix a kernel panic when host sends an invalid H2C PDU length If the host sends an H2CData command with an invalid DATAL, the kernel may crash in nvmet_tcp_build_pdu_iovec(). Unable to handle kernel
CVE-2023-52453Feb 23, 2024
affected < 6.5.0-1022.23fixed 6.5.0-1022.23
In the Linux kernel, the following vulnerability has been resolved: hisi_acc_vfio_pci: Update migration data pointer correctly on saving/resume When the optional PRE_COPY support was added to speed up the device compatibility check, it failed to update the saving/resuming data

Page 5 of 7