what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 5 of 5 RSS Feed

CVE-2024-26607

Status Candidate

Overview

In the Linux kernel, the following vulnerability has been resolved: drm/bridge: sii902x: Fix probing race issue A null pointer dereference crash has been observed rarely on TI platforms using sii9022 bridge: [ 53.271356] sii902x_get_edid+0x34/0x70 [sii902x] [ 53.276066] sii902x_bridge_get_edid+0x14/0x20 [sii902x] [ 53.281381] drm_bridge_get_edid+0x20/0x34 [drm] [ 53.286305] drm_bridge_connector_get_modes+0x8c/0xcc [drm_kms_helper] [ 53.292955] drm_helper_probe_single_connector_modes+0x190/0x538 [drm_kms_helper] [ 53.300510] drm_client_modeset_probe+0x1f0/0xbd4 [drm] [ 53.305958] __drm_fb_helper_initial_config_and_unlock+0x50/0x510 [drm_kms_helper] [ 53.313611] drm_fb_helper_initial_config+0x48/0x58 [drm_kms_helper] [ 53.320039] drm_fbdev_dma_client_hotplug+0x84/0xd4 [drm_dma_helper] [ 53.326401] drm_client_register+0x5c/0xa0 [drm] [ 53.331216] drm_fbdev_dma_setup+0xc8/0x13c [drm_dma_helper] [ 53.336881] tidss_probe+0x128/0x264 [tidss] [ 53.341174] platform_probe+0x68/0xc4 [ 53.344841] really_probe+0x188/0x3c4 [ 53.348501] __driver_probe_device+0x7c/0x16c [ 53.352854] driver_probe_device+0x3c/0x10c [ 53.357033] __device_attach_driver+0xbc/0x158 [ 53.361472] bus_for_each_drv+0x88/0xe8 [ 53.365303] __device_attach+0xa0/0x1b4 [ 53.369135] device_initial_probe+0x14/0x20 [ 53.373314] bus_probe_device+0xb0/0xb4 [ 53.377145] deferred_probe_work_func+0xcc/0x124 [ 53.381757] process_one_work+0x1f0/0x518 [ 53.385770] worker_thread+0x1e8/0x3dc [ 53.389519] kthread+0x11c/0x120 [ 53.392750] ret_from_fork+0x10/0x20 The issue here is as follows: - tidss probes, but is deferred as sii902x is still missing. - sii902x starts probing and enters sii902x_init(). - sii902x calls drm_bridge_add(). Now the sii902x bridge is ready from DRM's perspective. - sii902x calls sii902x_audio_codec_init() and platform_device_register_data() - The registration of the audio platform device causes probing of the deferred devices. - tidss probes, which eventually causes sii902x_bridge_get_edid() to be called. - sii902x_bridge_get_edid() tries to use the i2c to read the edid. However, the sii902x driver has not set up the i2c part yet, leading to the crash. Fix this by moving the drm_bridge_add() to the end of the sii902x_init(), which is also at the very end of sii902x_probe().

Related Files

Ubuntu Security Notice USN-7119-1
Posted Nov 20, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 7119-1 - Ziming Zhang discovered that the VMware Virtual GPU DRM driver in the Linux kernel contained an integer overflow vulnerability. A local attacker could use this to cause a denial of service. Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system.

tags | advisory, denial of service, overflow, kernel, local
systems | linux, ubuntu
advisories | CVE-2021-47188, CVE-2022-36402, CVE-2022-48863, CVE-2023-52531, CVE-2023-52614, CVE-2023-52918, CVE-2024-26607, CVE-2024-26640, CVE-2024-26641, CVE-2024-26668, CVE-2024-26669, CVE-2024-26677, CVE-2024-26885, CVE-2024-26960
SHA-256 | 0ac8232eca124498c64e1f39ff4a55d32797211ade5b92cbb09450e9c8fd78da
Ubuntu Security Notice USN-7100-2
Posted Nov 13, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 7100-2 - Supraja Sridhara, Benedict Schlüter, Mark Kuhne, Andrin Bertschi, and Shweta Shinde discovered that the Confidential Computing framework in the Linux kernel for x86 platforms did not properly handle 32-bit emulation on TDX and SEV. An attacker with access to the VMM could use this to cause a denial of service or possibly execute arbitrary code. Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system.

tags | advisory, denial of service, arbitrary, x86, kernel
systems | linux, ubuntu
advisories | CVE-2022-48666, CVE-2024-25744, CVE-2024-26607, CVE-2024-26669, CVE-2024-26893, CVE-2024-36484, CVE-2024-38577, CVE-2024-38602, CVE-2024-38611, CVE-2024-39472, CVE-2024-40915, CVE-2024-41011, CVE-2024-41012, CVE-2024-41017
SHA-256 | 163422edaa457d7b18dd68f3c52d86764e74e2b0d95f740cb2caa422b41f81a3
Ubuntu Security Notice USN-7100-1
Posted Nov 11, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 7100-1 - Supraja Sridhara, Benedict Schlüter, Mark Kuhne, Andrin Bertschi, and Shweta Shinde discovered that the Confidential Computing framework in the Linux kernel for x86 platforms did not properly handle 32-bit emulation on TDX and SEV. An attacker with access to the VMM could use this to cause a denial of service or possibly execute arbitrary code. Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system.

tags | advisory, denial of service, arbitrary, x86, kernel
systems | linux, ubuntu
advisories | CVE-2022-48666, CVE-2024-25744, CVE-2024-26607, CVE-2024-26800, CVE-2024-26893, CVE-2024-36484, CVE-2024-38577, CVE-2024-38602, CVE-2024-38611, CVE-2024-39472, CVE-2024-40915, CVE-2024-41012, CVE-2024-41015, CVE-2024-41020
SHA-256 | 149202c681713c94c011a6f610cf658675b27f1348643a377029ea858ada57be
Ubuntu Security Notice USN-7088-2
Posted Nov 5, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 7088-2 - Ziming Zhang discovered that the VMware Virtual GPU DRM driver in the Linux kernel contained an integer overflow vulnerability. A local attacker could use this to cause a denial of service. Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system.

tags | advisory, denial of service, overflow, kernel, local
systems | linux, ubuntu
advisories | CVE-2021-47212, CVE-2022-36402, CVE-2023-52614, CVE-2023-52918, CVE-2024-26607, CVE-2024-26641, CVE-2024-26668, CVE-2024-26891, CVE-2024-36484, CVE-2024-38602, CVE-2024-38611, CVE-2024-41012, CVE-2024-41017, CVE-2024-41020
SHA-256 | 313e20a45455cc6eb16fd12695e979b334e4b0d1bcb777bf49b1e6a869f75909
Ubuntu Security Notice USN-7088-1
Posted Nov 1, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 7088-1 - Ziming Zhang discovered that the VMware Virtual GPU DRM driver in the Linux kernel contained an integer overflow vulnerability. A local attacker could use this to cause a denial of service. Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system.

tags | advisory, denial of service, overflow, kernel, local
systems | linux, ubuntu
advisories | CVE-2021-47212, CVE-2022-36402, CVE-2023-52918, CVE-2024-26607, CVE-2024-26641, CVE-2024-26668, CVE-2024-26669, CVE-2024-26891, CVE-2024-27051, CVE-2024-36484, CVE-2024-38602, CVE-2024-41012, CVE-2024-41015, CVE-2024-41017
SHA-256 | 45049820bd4e0d7ebd34214af28ac0de01bc1555af2b52dcd9fceee216485cbb
Page 1 of 1
Back1Next

File Archive:

December 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Dec 1st
    0 Files
  • 2
    Dec 2nd
    41 Files
  • 3
    Dec 3rd
    0 Files
  • 4
    Dec 4th
    0 Files
  • 5
    Dec 5th
    0 Files
  • 6
    Dec 6th
    0 Files
  • 7
    Dec 7th
    0 Files
  • 8
    Dec 8th
    0 Files
  • 9
    Dec 9th
    0 Files
  • 10
    Dec 10th
    0 Files
  • 11
    Dec 11th
    0 Files
  • 12
    Dec 12th
    0 Files
  • 13
    Dec 13th
    0 Files
  • 14
    Dec 14th
    0 Files
  • 15
    Dec 15th
    0 Files
  • 16
    Dec 16th
    0 Files
  • 17
    Dec 17th
    0 Files
  • 18
    Dec 18th
    0 Files
  • 19
    Dec 19th
    0 Files
  • 20
    Dec 20th
    0 Files
  • 21
    Dec 21st
    0 Files
  • 22
    Dec 22nd
    0 Files
  • 23
    Dec 23rd
    0 Files
  • 24
    Dec 24th
    0 Files
  • 25
    Dec 25th
    0 Files
  • 26
    Dec 26th
    0 Files
  • 27
    Dec 27th
    0 Files
  • 28
    Dec 28th
    0 Files
  • 29
    Dec 29th
    0 Files
  • 30
    Dec 30th
    0 Files
  • 31
    Dec 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close