Количество 18
Количество 18
CVE-2024-38635
In the Linux kernel, the following vulnerability has been resolved: soundwire: cadence: fix invalid PDI offset For some reason, we add an offset to the PDI, presumably to skip the PDI0 and PDI1 which are reserved for BPT. This code is however completely wrong and leads to an out-of-bounds access. We were just lucky so far since we used only a couple of PDIs and remained within the PDI array bounds. A Fixes: tag is not provided since there are no known platforms where the out-of-bounds would be accessed, and the initial code had problems as well. A follow-up patch completely removes this useless offset.
CVE-2024-38635
In the Linux kernel, the following vulnerability has been resolved: soundwire: cadence: fix invalid PDI offset For some reason, we add an offset to the PDI, presumably to skip the PDI0 and PDI1 which are reserved for BPT. This code is however completely wrong and leads to an out-of-bounds access. We were just lucky so far since we used only a couple of PDIs and remained within the PDI array bounds. A Fixes: tag is not provided since there are no known platforms where the out-of-bounds would be accessed, and the initial code had problems as well. A follow-up patch completely removes this useless offset.
CVE-2024-38635
In the Linux kernel, the following vulnerability has been resolved: soundwire: cadence: fix invalid PDI offset For some reason, we add an offset to the PDI, presumably to skip the PDI0 and PDI1 which are reserved for BPT. This code is however completely wrong and leads to an out-of-bounds access. We were just lucky so far since we used only a couple of PDIs and remained within the PDI array bounds. A Fixes: tag is not provided since there are no known platforms where the out-of-bounds would be accessed, and the initial code had problems as well. A follow-up patch completely removes this useless offset.
CVE-2024-38635
soundwire: cadence: fix invalid PDI offset
CVE-2024-38635
In the Linux kernel, the following vulnerability has been resolved: s ...
GHSA-fgg4-8h2g-hcc2
In the Linux kernel, the following vulnerability has been resolved: soundwire: cadence: fix invalid PDI offset For some reason, we add an offset to the PDI, presumably to skip the PDI0 and PDI1 which are reserved for BPT. This code is however completely wrong and leads to an out-of-bounds access. We were just lucky so far since we used only a couple of PDIs and remained within the PDI array bounds. A Fixes: tag is not provided since there are no known platforms where the out-of-bounds would be accessed, and the initial code had problems as well. A follow-up patch completely removes this useless offset.
BDU:2025-04184
Уязвимость компонента cadence_master.c ядра операционной системы Linux, позволяющая нарушителю вызвать отказ в обслуживании
ROS-20250113-05
Множественные уязвимости kernel-lt
ELSA-2024-12585
ELSA-2024-12585: Unbreakable Enterprise kernel-container security update (IMPORTANT)
ELSA-2024-12584
ELSA-2024-12584: Unbreakable Enterprise kernel-container security update (IMPORTANT)
ELSA-2024-12581
ELSA-2024-12581: Unbreakable Enterprise kernel security update (IMPORTANT)
SUSE-SU-2024:2394-1
Security update for the Linux Kernel
SUSE-SU-2024:2372-1
Security update for the Linux Kernel
SUSE-SU-2024:2571-1
Security update for the Linux Kernel
SUSE-SU-2024:2896-1
Security update for the Linux Kernel
ELSA-2024-9315
ELSA-2024-9315: kernel security update (MODERATE)
SUSE-SU-2024:2939-1
Security update for the Linux Kernel
SUSE-SU-2024:2973-1
Security update for the Linux Kernel
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2024-38635 In the Linux kernel, the following vulnerability has been resolved: soundwire: cadence: fix invalid PDI offset For some reason, we add an offset to the PDI, presumably to skip the PDI0 and PDI1 which are reserved for BPT. This code is however completely wrong and leads to an out-of-bounds access. We were just lucky so far since we used only a couple of PDIs and remained within the PDI array bounds. A Fixes: tag is not provided since there are no known platforms where the out-of-bounds would be accessed, and the initial code had problems as well. A follow-up patch completely removes this useless offset. | CVSS3: 7.1 | 0% Низкий | около 2 лет назад |
 | CVE-2024-38635 In the Linux kernel, the following vulnerability has been resolved: soundwire: cadence: fix invalid PDI offset For some reason, we add an offset to the PDI, presumably to skip the PDI0 and PDI1 which are reserved for BPT. This code is however completely wrong and leads to an out-of-bounds access. We were just lucky so far since we used only a couple of PDIs and remained within the PDI array bounds. A Fixes: tag is not provided since there are no known platforms where the out-of-bounds would be accessed, and the initial code had problems as well. A follow-up patch completely removes this useless offset. | CVSS3: 4.4 | 0% Низкий | около 2 лет назад |
 | CVE-2024-38635 In the Linux kernel, the following vulnerability has been resolved: soundwire: cadence: fix invalid PDI offset For some reason, we add an offset to the PDI, presumably to skip the PDI0 and PDI1 which are reserved for BPT. This code is however completely wrong and leads to an out-of-bounds access. We were just lucky so far since we used only a couple of PDIs and remained within the PDI array bounds. A Fixes: tag is not provided since there are no known platforms where the out-of-bounds would be accessed, and the initial code had problems as well. A follow-up patch completely removes this useless offset. | CVSS3: 7.1 | 0% Низкий | около 2 лет назад |
 | CVE-2024-38635 soundwire: cadence: fix invalid PDI offset | 0% Низкий | 29 дней назад | |
| CVE-2024-38635 In the Linux kernel, the following vulnerability has been resolved: s ... | CVSS3: 7.1 | 0% Низкий | около 2 лет назад |
| GHSA-fgg4-8h2g-hcc2 In the Linux kernel, the following vulnerability has been resolved: soundwire: cadence: fix invalid PDI offset For some reason, we add an offset to the PDI, presumably to skip the PDI0 and PDI1 which are reserved for BPT. This code is however completely wrong and leads to an out-of-bounds access. We were just lucky so far since we used only a couple of PDIs and remained within the PDI array bounds. A Fixes: tag is not provided since there are no known platforms where the out-of-bounds would be accessed, and the initial code had problems as well. A follow-up patch completely removes this useless offset. | CVSS3: 7.1 | 0% Низкий | около 2 лет назад |
 | BDU:2025-04184 Уязвимость компонента cadence_master.c ядра операционной системы Linux, позволяющая нарушителю вызвать отказ в обслуживании | CVSS3: 5.5 | 0% Низкий | около 2 лет назад |
 | ROS-20250113-05 Множественные уязвимости kernel-lt | CVSS3: 9.8 | больше 1 года назад | |
| ELSA-2024-12585 ELSA-2024-12585: Unbreakable Enterprise kernel-container security update (IMPORTANT) | почти 2 года назад | ||
| ELSA-2024-12584 ELSA-2024-12584: Unbreakable Enterprise kernel-container security update (IMPORTANT) | почти 2 года назад | ||
| ELSA-2024-12581 ELSA-2024-12581: Unbreakable Enterprise kernel security update (IMPORTANT) | почти 2 года назад | ||
 | SUSE-SU-2024:2394-1 Security update for the Linux Kernel | почти 2 года назад | ||
| SUSE-SU-2024:2372-1 Security update for the Linux Kernel | почти 2 года назад | ||
| SUSE-SU-2024:2571-1 Security update for the Linux Kernel | почти 2 года назад | ||
| SUSE-SU-2024:2896-1 Security update for the Linux Kernel | почти 2 года назад | ||
| ELSA-2024-9315 ELSA-2024-9315: kernel security update (MODERATE) | больше 1 года назад | ||
| SUSE-SU-2024:2939-1 Security update for the Linux Kernel | почти 2 года назад | ||
| SUSE-SU-2024:2973-1 Security update for the Linux Kernel | почти 2 года назад |
Уязвимостей на страницу