Vulnerabilities > Linux > High

DATE CVE VULNERABILITY TITLE RISK
2024-10-21 CVE-2024-47719 Out-of-bounds Write vulnerability in Linux Kernel
In the Linux kernel, the following vulnerability has been resolved: iommufd: Protect against overflow of ALIGN() during iova allocation Userspace can supply an iova and uptr such that the target iova alignment becomes really big and ALIGN() overflows which corrupts the selected area range during allocation.
local
low complexity
linux CWE-787
7.8
2024-10-21 CVE-2024-47721 Out-of-bounds Read vulnerability in Linux Kernel
In the Linux kernel, the following vulnerability has been resolved: wifi: rtw89: remove unused C2H event ID RTW89_MAC_C2H_FUNC_READ_WOW_CAM to prevent out-of-bounds reading The handler of firmware C2H event RTW89_MAC_C2H_FUNC_READ_WOW_CAM isn't implemented, but driver expects number of handlers is NUM_OF_RTW89_MAC_C2H_FUNC_WOW causing out-of-bounds access.
local
low complexity
linux CWE-125
7.1
2024-10-09 CVE-2024-47670 Out-of-bounds Write vulnerability in Linux Kernel
In the Linux kernel, the following vulnerability has been resolved: ocfs2: add bounds checking to ocfs2_xattr_find_entry() Add a paranoia check to make sure it doesn't stray beyond valid memory region containing ocfs2 xattr entries when scanning for a match.
local
low complexity
linux CWE-787
7.8
2024-10-09 CVE-2024-46871 Improper Validation of Array Index vulnerability in Linux Kernel
In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Correct the defined value for AMDGPU_DMUB_NOTIFICATION_MAX [Why & How] It actually exposes '6' types in enum dmub_notification_type.
local
low complexity
linux CWE-129
7.8
2024-10-09 CVE-2024-47659 Unspecified vulnerability in Linux Kernel
In the Linux kernel, the following vulnerability has been resolved: smack: tcp: ipv4, fix incorrect labeling Currently, Smack mirrors the label of incoming tcp/ipv4 connections: when a label 'foo' connects to a label 'bar' with tcp/ipv4, 'foo' always gets 'foo' in returned ipv4 packets.
network
low complexity
linux
8.8
2024-09-27 CVE-2024-46804 Improper Validation of Array Index vulnerability in Linux Kernel
In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Add array index check for hdcp ddc access [Why] Coverity reports OVERRUN warning.
local
low complexity
linux CWE-129
7.8
2024-09-27 CVE-2024-46811 Improper Validation of Array Index vulnerability in Linux Kernel
In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Fix index may exceed array range within fpu_update_bw_bounding_box [Why] Coverity reports OVERRUN warning.
local
low complexity
linux CWE-129
7.8
2024-09-27 CVE-2024-46812 Unspecified vulnerability in Linux Kernel
In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Skip inactive planes within ModeSupportAndSystemConfiguration [Why] Coverity reports Memory - illegal accesses. [How] Skip inactive planes.
local
low complexity
linux
7.8
2024-09-27 CVE-2024-46813 Improper Validation of Array Index vulnerability in Linux Kernel
In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Check link_index before accessing dc->links[] [WHY & HOW] dc->links[] has max size of MAX_LINKS and NULL is return when trying to access with out-of-bound index. This fixes 3 OVERRUN and 1 RESOURCE_LEAK issues reported by Coverity.
local
low complexity
linux CWE-129
7.8
2024-09-27 CVE-2024-46814 Improper Validation of Array Index vulnerability in Linux Kernel
In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Check msg_id before processing transcation [WHY & HOW] HDCP_MESSAGE_ID_INVALID (-1) is not a valid msg_id nor is it a valid array index, and it needs checking before used. This fixes 4 OVERRUN issues reported by Coverity.
local
low complexity
linux CWE-129
7.8