Vulnerabilities > Linux > Linux Kernel > 4.12.13

DATE CVE VULNERABILITY TITLE RISK
2024-10-09 CVE-2024-46870 Race Condition vulnerability in Linux Kernel
In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Disable DMCUB timeout for DCN35 [Why] DMCUB can intermittently take longer than expected to process commands. Old ASIC policy was to continue while logging a diagnostic error - which works fine for ASIC without IPS, but with IPS this could lead to a race condition where we attempt to access DCN state while it's inaccessible, leading to a system hang when the NIU port is not disabled or register accesses that timeout and the display configuration in an undefined state. [How] We need to investigate why these accesses take longer than expected, but for now we should disable the timeout on DCN35 to avoid this race condition.
local
high complexity
linux CWE-362
4.7
2024-10-09 CVE-2024-46871 Improper Validation of Array Index vulnerability in Linux Kernel
In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Correct the defined value for AMDGPU_DMUB_NOTIFICATION_MAX [Why & How] It actually exposes '6' types in enum dmub_notification_type.
local
low complexity
linux CWE-129
7.8
2024-10-09 CVE-2024-47658 Unspecified vulnerability in Linux Kernel
In the Linux kernel, the following vulnerability has been resolved: crypto: stm32/cryp - call finalize with bh disabled The finalize operation in interrupt mode produce a produces a spinlock recursion warning.
local
low complexity
linux
5.5
2024-10-09 CVE-2024-47659 Unspecified vulnerability in Linux Kernel
In the Linux kernel, the following vulnerability has been resolved: smack: tcp: ipv4, fix incorrect labeling Currently, Smack mirrors the label of incoming tcp/ipv4 connections: when a label 'foo' connects to a label 'bar' with tcp/ipv4, 'foo' always gets 'foo' in returned ipv4 packets.
network
low complexity
linux
8.8
2024-10-09 CVE-2024-47660 Race Condition vulnerability in Linux Kernel
In the Linux kernel, the following vulnerability has been resolved: fsnotify: clear PARENT_WATCHED flags lazily In some setups directories can have many (usually negative) dentries. Hence __fsnotify_update_child_dentry_flags() function can take a significant amount of time.
local
high complexity
linux CWE-362
4.7
2024-09-27 CVE-2024-46802 NULL Pointer Dereference vulnerability in Linux Kernel
In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: added NULL check at start of dc_validate_stream [Why] prevent invalid memory access [How] check if dc and stream are NULL
local
low complexity
linux CWE-476
5.5
2024-09-27 CVE-2024-46803 NULL Pointer Dereference vulnerability in Linux Kernel
In the Linux kernel, the following vulnerability has been resolved: drm/amdkfd: Check debug trap enable before write dbg_ev_file In interrupt context, write dbg_ev_file will be run by work queue.
local
low complexity
linux CWE-476
5.5
2024-09-27 CVE-2024-46804 Improper Validation of Array Index vulnerability in Linux Kernel
In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Add array index check for hdcp ddc access [Why] Coverity reports OVERRUN warning.
local
low complexity
linux CWE-129
7.8
2024-09-27 CVE-2024-46805 NULL Pointer Dereference vulnerability in Linux Kernel
In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: fix the waring dereferencing hive Check the amdgpu_hive_info *hive that maybe is NULL.
local
low complexity
linux CWE-476
5.5
2024-09-27 CVE-2024-46806 Divide By Zero vulnerability in Linux Kernel
In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Fix the warning division or modulo by zero Checks the partition mode and returns an error for an invalid mode.
local
low complexity
linux CWE-369
5.5