CVSS: 5.5EPSS: 0%CPEs: 9EXPL: 0CVE-2023-52644 – wifi: b43: Stop/wake correct queue in DMA Tx path when QoS is disabled
https://notcve.org/view.php?id=CVE-2023-52644
17 Apr 2024 — In the Linux kernel, the following vulnerability has been resolved: wifi: b43: Stop/wake correct queue in DMA Tx path when QoS is disabled When QoS is disabled, the queue priority value will not map to the correct ieee80211 queue since there is only one queue. Stop/wake queue 0 when QoS is disabled to prevent trying to stop/wake a non-existent queue and failing to stop/wake the actual queue instantiated. Log of issue before change (with kernel parameter qos=0): [ +5.112651] ------------[ cut here ]---------... • https://git.kernel.org/stable/c/e6f5b934fba8c44c87c551e066aa7ca6fde2939e •
CVSS: 5.5EPSS: 0%CPEs: 8EXPL: 0CVE-2024-26851 – netfilter: nf_conntrack_h323: Add protection for bmp length out of range
https://notcve.org/view.php?id=CVE-2024-26851
17 Apr 2024 — In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_conntrack_h323: Add protection for bmp length out of range UBSAN load reports an exception of BRK#5515 SHIFT_ISSUE:Bitwise shifts that are out of bounds for their data type. vmlinux get_bitmap(b=75) + 712
CVSS: 5.5EPSS: 0%CPEs: 8EXPL: 0CVE-2024-26840 – cachefiles: fix memory leak in cachefiles_add_cache()
https://notcve.org/view.php?id=CVE-2024-26840
17 Apr 2024 — In the Linux kernel, the following vulnerability has been resolved: cachefiles: fix memory leak in cachefiles_add_cache() The following memory leak was reported after unbinding /dev/cachefiles: ================================================================== unreferenced object 0xffff9b674176e3c0 (size 192): comm "cachefilesd2", pid 680, jiffies 4294881224 hex dump (first 32 bytes): 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 .............. • https://git.kernel.org/stable/c/9ae326a69004dea8af2dae4fde58de27db700a8d • CWE-402: Transmission of Private Resources into a New Sphere ('Resource Leak') •
CVSS: 6.0EPSS: 0%CPEs: 3EXPL: 0CVE-2021-47219 – scsi: scsi_debug: Fix out-of-bound read in resp_report_tgtpgs()
https://notcve.org/view.php?id=CVE-2021-47219
10 Apr 2024 — In the Linux kernel, the following vulnerability has been resolved: scsi: scsi_debug: Fix out-of-bound read in resp_report_tgtpgs() The following issue was observed running syzkaller: BUG: KASAN: slab-out-of-bounds in memcpy include/linux/string.h:377 [inline] BUG: KASAN: slab-out-of-bounds in sg_copy_buffer+0x150/0x1c0 lib/scatterlist.c:831 Read of size 2132 at addr ffff8880aea95dc8 by task syz-executor.0/9815 CPU: 0 PID: 9815 Comm: syz-executor.0 Not tainted 4.19.202-00874-gfc0fe04215a9 #2 Hardware name: ... • https://git.kernel.org/stable/c/5a09e39810ae0465016c380962e12dd115779b87 •
CVSS: 5.5EPSS: 0%CPEs: 8EXPL: 0CVE-2021-47207 – ALSA: gus: fix null pointer dereference on pointer block
https://notcve.org/view.php?id=CVE-2021-47207
10 Apr 2024 — In the Linux kernel, the following vulnerability has been resolved: ALSA: gus: fix null pointer dereference on pointer block The pointer block return from snd_gf1_dma_next_block could be null, so there is a potential null pointer dereference issue. Fix this by adding a null check before dereference. In the Linux kernel, the following vulnerability has been resolved: ALSA: gus: fix null pointer dereference on pointer block The pointer block return from snd_gf1_dma_next_block could be null, so there is a pote... • https://git.kernel.org/stable/c/1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 •
CVSS: 5.5EPSS: 0%CPEs: 8EXPL: 0CVE-2021-47206 – usb: host: ohci-tmio: check return value after calling platform_get_resource()
https://notcve.org/view.php?id=CVE-2021-47206
10 Apr 2024 — In the Linux kernel, the following vulnerability has been resolved: usb: host: ohci-tmio: check return value after calling platform_get_resource() It will cause null-ptr-deref if platform_get_resource() returns NULL, we need check the return value. In the Linux kernel, the following vulnerability has been resolved: usb: host: ohci-tmio: check return value after calling platform_get_resource() It will cause null-ptr-deref if platform_get_resource() returns NULL, we need check the return value. The SUSE Linux... • https://git.kernel.org/stable/c/78c73414f4f6744e2ea5a07b263a9698aa6f2416 •
CVSS: 5.5EPSS: 0%CPEs: 8EXPL: 0CVE-2021-47203 – scsi: lpfc: Fix list_add() corruption in lpfc_drain_txq()
https://notcve.org/view.php?id=CVE-2021-47203
10 Apr 2024 — In the Linux kernel, the following vulnerability has been resolved: scsi: lpfc: Fix list_add() corruption in lpfc_drain_txq() When parsing the txq list in lpfc_drain_txq(), the driver attempts to pass the requests to the adapter. If such an attempt fails, a local "fail_msg" string is set and a log message output. The job is then added to a completions list for cancellation. Processing of any further jobs from the txq list continues, but since "fail_msg" remains set, jobs are added to the completions list re... • https://git.kernel.org/stable/c/2a9bf3d011303d8da64cd5e0e7fdd95f0c143984 • CWE-20: Improper Input Validation •
CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 0CVE-2021-47191 – scsi: scsi_debug: Fix out-of-bound read in resp_readcap16()
https://notcve.org/view.php?id=CVE-2021-47191
10 Apr 2024 — In the Linux kernel, the following vulnerability has been resolved: scsi: scsi_debug: Fix out-of-bound read in resp_readcap16() The following warning was observed running syzkaller: [ 3813.830724] sg_write: data in/out 65466/242 bytes for SCSI command 0x9e-- guessing data in; [ 3813.830724] program syz-executor not setting count and/or reply_len properly [ 3813.836956] ================================================================== [ 3813.839465] BUG: KASAN: stack-out-of-bounds in sg_copy_buffer+0x157/0x... • https://git.kernel.org/stable/c/c65b1445d153a66ca91b00c1f10187e495c17918 •
CVSS: 4.6EPSS: 0%CPEs: 8EXPL: 0CVE-2021-47185 – tty: tty_buffer: Fix the softlockup issue in flush_to_ldisc
https://notcve.org/view.php?id=CVE-2021-47185
10 Apr 2024 — In the Linux kernel, the following vulnerability has been resolved: tty: tty_buffer: Fix the softlockup issue in flush_to_ldisc When running ltp testcase(ltp/testcases/kernel/pty/pty04.c) with arm64, there is a soft lockup, which look like this one: Workqueue: events_unbound flush_to_ldisc Call trace: dump_backtrace+0x0/0x1ec show_stack+0x24/0x30 dump_stack+0xd0/0x128 panic+0x15c/0x374 watchdog_timer_fn+0x2b8/0x304 __run_hrtimer+0x88/0x2c0 __hrtimer_run_queues+0xa4/0x120 hrtimer_interrupt+0xfc/0x270 arch_ti... • https://git.kernel.org/stable/c/81de916f19cf5f1437c0b9ed817364f0f7c81961 • CWE-1050: Excessive Platform Resource Consumption within a Loop •
CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 0CVE-2021-47183 – scsi: lpfc: Fix link down processing to address NULL pointer dereference
https://notcve.org/view.php?id=CVE-2021-47183
10 Apr 2024 — In the Linux kernel, the following vulnerability has been resolved: scsi: lpfc: Fix link down processing to address NULL pointer dereference If an FC link down transition while PLOGIs are outstanding to fabric well known addresses, outstanding ABTS requests may result in a NULL pointer dereference. Driver unload requests may hang with repeated "2878" log messages. The Link down processing results in ABTS requests for outstanding ELS requests. The Abort WQEs are sent for the ELSs before the driver had set th... • https://git.kernel.org/stable/c/70f3c073362ef7b5e55c92b83eb2dd9a7fb4e9bf •