Vulnerabilities > Linux > Linux Kernel > 4.3.3

DATE CVE VULNERABILITY TITLE RISK
2024-09-27 CVE-2024-46821 Improper Validation of Array Index vulnerability in Linux Kernel
In the Linux kernel, the following vulnerability has been resolved: drm/amd/pm: Fix negative array index read Avoid using the negative values for clk_idex as an index into an array pptable->DpmDescriptor. V2: fix clk_index return check (Tim Huang)
local
low complexity
linux CWE-129
7.8
2024-09-27 CVE-2024-46822 NULL Pointer Dereference vulnerability in Linux Kernel
In the Linux kernel, the following vulnerability has been resolved: arm64: acpi: Harden get_cpu_for_acpi_id() against missing CPU entry In a review discussion of the changes to support vCPU hotplug where a check was added on the GICC being enabled if was online, it was noted that there is need to map back to the cpu and use that to index into a cpumask.
local
low complexity
linux CWE-476
5.5
2024-09-27 CVE-2024-46823 Unspecified vulnerability in Linux Kernel
In the Linux kernel, the following vulnerability has been resolved: kunit/overflow: Fix UB in overflow_allocation_test The 'device_name' array doesn't exist out of the 'overflow_allocation_test' function scope.
local
low complexity
linux
5.5
2024-09-27 CVE-2024-46826 Unspecified vulnerability in Linux Kernel
In the Linux kernel, the following vulnerability has been resolved: ELF: fix kernel.randomize_va_space double read ELF loader uses "randomize_va_space" twice.
local
low complexity
linux
5.5
2024-09-27 CVE-2024-46827 Unspecified vulnerability in Linux Kernel
In the Linux kernel, the following vulnerability has been resolved: wifi: ath12k: fix firmware crash due to invalid peer nss Currently, if the access point receives an association request containing an Extended HE Capabilities Information Element with an invalid MCS-NSS, it triggers a firmware crash. This issue arises when EHT-PHY capabilities shows support for a bandwidth and MCS-NSS set for that particular bandwidth is filled by zeros and due to this, driver obtains peer_nss as 0 and sending this value to firmware causes crash. Address this issue by implementing a validation step for the peer_nss value before passing it to the firmware.
local
low complexity
linux
5.5
2024-09-27 CVE-2024-46829 Improper Locking vulnerability in Linux Kernel
In the Linux kernel, the following vulnerability has been resolved: rtmutex: Drop rt_mutex::wait_lock before scheduling rt_mutex_handle_deadlock() is called with rt_mutex::wait_lock held.
local
low complexity
linux CWE-667
5.5
2024-09-27 CVE-2024-46832 Unspecified vulnerability in Linux Kernel
In the Linux kernel, the following vulnerability has been resolved: MIPS: cevt-r4k: Don't call get_c0_compare_int if timer irq is installed This avoids warning: [ 0.118053] BUG: sleeping function called from invalid context at kernel/locking/mutex.c:283 Caused by get_c0_compare_int on secondary CPU. We also skipped saving IRQ number to struct clock_event_device *cd as it's never used by clockevent core, as per comments it's only meant for "non CPU local devices".
local
low complexity
linux
5.5
2024-09-27 CVE-2024-46833 Improper Validation of Array Index vulnerability in Linux Kernel
In the Linux kernel, the following vulnerability has been resolved: net: hns3: void array out of bound when loop tnl_num When query reg inf of SSU, it loops tnl_num times.
local
low complexity
linux CWE-129
7.8
2024-09-27 CVE-2024-46834 Unspecified vulnerability in Linux Kernel
In the Linux kernel, the following vulnerability has been resolved: ethtool: fail closed if we can't get max channel used in indirection tables Commit 0d1b7d6c9274 ("bnxt: fix crashes when reducing ring count with active RSS contexts") proves that allowing indirection table to contain channels with out of bounds IDs may lead to crashes.
local
low complexity
linux
5.5
2024-09-27 CVE-2024-46835 NULL Pointer Dereference vulnerability in Linux Kernel
In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Fix smatch static checker warning adev->gfx.imu.funcs could be NULL
local
low complexity
linux CWE-476
5.5