Количество 17
Количество 17
CVE-2024-38635
In the Linux kernel, the following vulnerability has been resolved: soundwire: cadence: fix invalid PDI offset For some reason, we add an offset to the PDI, presumably to skip the PDI0 and PDI1 which are reserved for BPT. This code is however completely wrong and leads to an out-of-bounds access. We were just lucky so far since we used only a couple of PDIs and remained within the PDI array bounds. A Fixes: tag is not provided since there are no known platforms where the out-of-bounds would be accessed, and the initial code had problems as well. A follow-up patch completely removes this useless offset.
CVE-2024-38635
In the Linux kernel, the following vulnerability has been resolved: soundwire: cadence: fix invalid PDI offset For some reason, we add an offset to the PDI, presumably to skip the PDI0 and PDI1 which are reserved for BPT. This code is however completely wrong and leads to an out-of-bounds access. We were just lucky so far since we used only a couple of PDIs and remained within the PDI array bounds. A Fixes: tag is not provided since there are no known platforms where the out-of-bounds would be accessed, and the initial code had problems as well. A follow-up patch completely removes this useless offset.
CVE-2024-38635
In the Linux kernel, the following vulnerability has been resolved: soundwire: cadence: fix invalid PDI offset For some reason, we add an offset to the PDI, presumably to skip the PDI0 and PDI1 which are reserved for BPT. This code is however completely wrong and leads to an out-of-bounds access. We were just lucky so far since we used only a couple of PDIs and remained within the PDI array bounds. A Fixes: tag is not provided since there are no known platforms where the out-of-bounds would be accessed, and the initial code had problems as well. A follow-up patch completely removes this useless offset.
CVE-2024-38635
In the Linux kernel, the following vulnerability has been resolved: s ...
GHSA-fgg4-8h2g-hcc2
In the Linux kernel, the following vulnerability has been resolved: soundwire: cadence: fix invalid PDI offset For some reason, we add an offset to the PDI, presumably to skip the PDI0 and PDI1 which are reserved for BPT. This code is however completely wrong and leads to an out-of-bounds access. We were just lucky so far since we used only a couple of PDIs and remained within the PDI array bounds. A Fixes: tag is not provided since there are no known platforms where the out-of-bounds would be accessed, and the initial code had problems as well. A follow-up patch completely removes this useless offset.
BDU:2025-04184
Уязвимость компонента cadence_master.c ядра операционной системы Linux, позволяющая нарушителю вызвать отказ в обслуживании
ROS-20250113-05
Множественные уязвимости kernel-lt
ELSA-2024-12585
ELSA-2024-12585: Unbreakable Enterprise kernel-container security update (IMPORTANT)
ELSA-2024-12584
ELSA-2024-12584: Unbreakable Enterprise kernel-container security update (IMPORTANT)
ELSA-2024-12581
ELSA-2024-12581: Unbreakable Enterprise kernel security update (IMPORTANT)
SUSE-SU-2024:2394-1
Security update for the Linux Kernel
SUSE-SU-2024:2372-1
Security update for the Linux Kernel
SUSE-SU-2024:2571-1
Security update for the Linux Kernel
SUSE-SU-2024:2896-1
Security update for the Linux Kernel
ELSA-2024-9315
ELSA-2024-9315: kernel security update (MODERATE)
SUSE-SU-2024:2939-1
Security update for the Linux Kernel
SUSE-SU-2024:2973-1
Security update for the Linux Kernel
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2024-38635 In the Linux kernel, the following vulnerability has been resolved: soundwire: cadence: fix invalid PDI offset For some reason, we add an offset to the PDI, presumably to skip the PDI0 and PDI1 which are reserved for BPT. This code is however completely wrong and leads to an out-of-bounds access. We were just lucky so far since we used only a couple of PDIs and remained within the PDI array bounds. A Fixes: tag is not provided since there are no known platforms where the out-of-bounds would be accessed, and the initial code had problems as well. A follow-up patch completely removes this useless offset. | 0% Низкий | 12 месяцев назад | |
 | CVE-2024-38635 In the Linux kernel, the following vulnerability has been resolved: soundwire: cadence: fix invalid PDI offset For some reason, we add an offset to the PDI, presumably to skip the PDI0 and PDI1 which are reserved for BPT. This code is however completely wrong and leads to an out-of-bounds access. We were just lucky so far since we used only a couple of PDIs and remained within the PDI array bounds. A Fixes: tag is not provided since there are no known platforms where the out-of-bounds would be accessed, and the initial code had problems as well. A follow-up patch completely removes this useless offset. | CVSS3: 4.4 | 0% Низкий | 12 месяцев назад |
 | CVE-2024-38635 In the Linux kernel, the following vulnerability has been resolved: soundwire: cadence: fix invalid PDI offset For some reason, we add an offset to the PDI, presumably to skip the PDI0 and PDI1 which are reserved for BPT. This code is however completely wrong and leads to an out-of-bounds access. We were just lucky so far since we used only a couple of PDIs and remained within the PDI array bounds. A Fixes: tag is not provided since there are no known platforms where the out-of-bounds would be accessed, and the initial code had problems as well. A follow-up patch completely removes this useless offset. | 0% Низкий | 12 месяцев назад | |
| CVE-2024-38635 In the Linux kernel, the following vulnerability has been resolved: s ... | 0% Низкий | 12 месяцев назад | |
| GHSA-fgg4-8h2g-hcc2 In the Linux kernel, the following vulnerability has been resolved: soundwire: cadence: fix invalid PDI offset For some reason, we add an offset to the PDI, presumably to skip the PDI0 and PDI1 which are reserved for BPT. This code is however completely wrong and leads to an out-of-bounds access. We were just lucky so far since we used only a couple of PDIs and remained within the PDI array bounds. A Fixes: tag is not provided since there are no known platforms where the out-of-bounds would be accessed, and the initial code had problems as well. A follow-up patch completely removes this useless offset. | 0% Низкий | 12 месяцев назад | |
 | BDU:2025-04184 Уязвимость компонента cadence_master.c ядра операционной системы Linux, позволяющая нарушителю вызвать отказ в обслуживании | CVSS3: 5.5 | 0% Низкий | около 1 года назад |
 | ROS-20250113-05 Множественные уязвимости kernel-lt | CVSS3: 9.8 | 5 месяцев назад | |
| ELSA-2024-12585 ELSA-2024-12585: Unbreakable Enterprise kernel-container security update (IMPORTANT) | 10 месяцев назад | ||
| ELSA-2024-12584 ELSA-2024-12584: Unbreakable Enterprise kernel-container security update (IMPORTANT) | 10 месяцев назад | ||
| ELSA-2024-12581 ELSA-2024-12581: Unbreakable Enterprise kernel security update (IMPORTANT) | 10 месяцев назад | ||
 | SUSE-SU-2024:2394-1 Security update for the Linux Kernel | 11 месяцев назад | ||
| SUSE-SU-2024:2372-1 Security update for the Linux Kernel | 12 месяцев назад | ||
| SUSE-SU-2024:2571-1 Security update for the Linux Kernel | 11 месяцев назад | ||
| SUSE-SU-2024:2896-1 Security update for the Linux Kernel | 10 месяцев назад | ||
| ELSA-2024-9315 ELSA-2024-9315: kernel security update (MODERATE) | 7 месяцев назад | ||
| SUSE-SU-2024:2939-1 Security update for the Linux Kernel | 10 месяцев назад | ||
| SUSE-SU-2024:2973-1 Security update for the Linux Kernel | 10 месяцев назад |
Уязвимостей на страницу