CVSS: 4.4EPSS: 0%CPEs: 9EXPL: 0CVE-2021-47319 – virtio-blk: Fix memory leak among suspend/resume procedure
https://notcve.org/view.php?id=CVE-2021-47319
21 May 2024 — In the Linux kernel, the following vulnerability has been resolved: virtio-blk: Fix memory leak among suspend/resume procedure The vblk->vqs should be freed before we call init_vqs() in virtblk_restore(). En el kernel de Linux, se resolvió la siguiente vulnerabilidad: virtio-blk: corrige la pérdida de memoria entre el procedimiento de suspensión/reanudación. El vblk->vqs debe liberarse antes de llamar a init_vqs() en virtblk_restore(). In the Linux kernel, the following vulnerability has been resolved: v... • https://git.kernel.org/stable/c/381bde79d11e596002edfd914e6714291826967a •
CVSS: 3.3EPSS: 0%CPEs: 10EXPL: 0CVE-2021-47315 – memory: fsl_ifc: fix leak of IO mapping on probe failure
https://notcve.org/view.php?id=CVE-2021-47315
21 May 2024 — In the Linux kernel, the following vulnerability has been resolved: memory: fsl_ifc: fix leak of IO mapping on probe failure On probe error the driver should unmap the IO memory. Smatch reports: drivers/memory/fsl_ifc.c:298 fsl_ifc_ctrl_probe() warn: 'fsl_ifc_ctrl_dev->gregs' not released on lines: 298. En el kernel de Linux, se resolvió la siguiente vulnerabilidad: memoria: fsl_ifc: corrige la fuga de asignación de IO en caso de fallo de la sonda. En caso de error de la sonda, el controlador debe desasigna... • https://git.kernel.org/stable/c/a20cbdeffce247a2b6fb83cd8d22433994068565 •
CVSS: 3.3EPSS: 0%CPEs: 9EXPL: 0CVE-2021-47314 – memory: fsl_ifc: fix leak of private memory on probe failure
https://notcve.org/view.php?id=CVE-2021-47314
21 May 2024 — In the Linux kernel, the following vulnerability has been resolved: memory: fsl_ifc: fix leak of private memory on probe failure On probe error the driver should free the memory allocated for private structure. Fix this by using resource-managed allocation. En el kernel de Linux, se resolvió la siguiente vulnerabilidad: memoria: fsl_ifc: corrige la pérdida de memoria privada en caso de fallo de la sonda. En caso de error de la sonda, el controlador debe liberar la memoria asignada para la estructura privada... • https://git.kernel.org/stable/c/a20cbdeffce247a2b6fb83cd8d22433994068565 •
CVSS: 7.8EPSS: 0%CPEs: 8EXPL: 0CVE-2021-47310 – net: ti: fix UAF in tlan_remove_one
https://notcve.org/view.php?id=CVE-2021-47310
21 May 2024 — In the Linux kernel, the following vulnerability has been resolved: net: ti: fix UAF in tlan_remove_one priv is netdev private data and it cannot be used after free_netdev() call. Using priv after free_netdev() can cause UAF bug. Fix it by moving free_netdev() at the end of the function. En el kernel de Linux, se resolvió la siguiente vulnerabilidad: net: ti: corrige UAF en tlan_remove_one priv son datos privados de netdev y no se pueden usar después de la llamada free_netdev(). Usar priv después de free_ne... • https://git.kernel.org/stable/c/1e0a8b13d35510e711fdf72e9a3e30bcb2bd49fa • CWE-416: Use After Free •
CVSS: 6.5EPSS: 0%CPEs: 6EXPL: 0CVE-2021-47308 – scsi: libfc: Fix array index out of bound exception
https://notcve.org/view.php?id=CVE-2021-47308
21 May 2024 — In the Linux kernel, the following vulnerability has been resolved: scsi: libfc: Fix array index out of bound exception Fix array index out of bound exception in fc_rport_prli_resp(). En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: scsi: libfc: Corregir excepción de índice de matriz fuera de los límites. Corregir excepción de índice de matriz fuera de los límites en fc_rport_prli_resp(). • https://git.kernel.org/stable/c/44651522941c623e20882b3b443f23f77de1ea8b • CWE-125: Out-of-bounds Read •
CVSS: 5.5EPSS: 0%CPEs: 4EXPL: 0CVE-2021-47307 – cifs: prevent NULL deref in cifs_compose_mount_options()
https://notcve.org/view.php?id=CVE-2021-47307
21 May 2024 — In the Linux kernel, the following vulnerability has been resolved: cifs: prevent NULL deref in cifs_compose_mount_options() The optional @ref parameter might contain an NULL node_name, so prevent dereferencing it in cifs_compose_mount_options(). Addresses-Coverity: 1476408 ("Explicit null dereferenced") En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: cifs: evita la eliminación de desreferencias NULL en cifs_compose_mount_options() El parámetro @ref opcional puede contener un nombre de no... • https://git.kernel.org/stable/c/f7d1fa65e74263d11f90ddd33b4d4cd905a93759 •
CVSS: 5.5EPSS: 0%CPEs: 8EXPL: 0CVE-2021-47297 – net: fix uninit-value in caif_seqpkt_sendmsg
https://notcve.org/view.php?id=CVE-2021-47297
21 May 2024 — In the Linux kernel, the following vulnerability has been resolved: net: fix uninit-value in caif_seqpkt_sendmsg When nr_segs equal to zero in iovec_from_user, the object msg->msg_iter.iov is uninit stack memory in caif_seqpkt_sendmsg which is defined in ___sys_sendmsg. So we cann't just judge msg->msg_iter.iov->base directlly. We can use nr_segs to judge msg in caif_seqpkt_sendmsg whether has data buffers. ===================================================== BUG: KMSAN: uninit-value in caif_seqpkt_sendmsg... • https://git.kernel.org/stable/c/bece7b2398d073d11b2e352405a3ecd3a1e39c60 •
CVSS: 7.5EPSS: 0%CPEs: 4EXPL: 0CVE-2021-47295 – net: sched: fix memory leak in tcindex_partial_destroy_work
https://notcve.org/view.php?id=CVE-2021-47295
21 May 2024 — In the Linux kernel, the following vulnerability has been resolved: net: sched: fix memory leak in tcindex_partial_destroy_work Syzbot reported memory leak in tcindex_set_parms(). The problem was in non-freed perfect hash in tcindex_partial_destroy_work(). In tcindex_set_parms() new tcindex_data is allocated and some fields from old one are copied to new one, but not the perfect hash. Since tcindex_partial_destroy_work() is the destroy function for old tcindex_data, we need to free perfect hash to avoid mem... • https://git.kernel.org/stable/c/331b72922c5f58d48fd5500acadc91777cc31970 • CWE-400: Uncontrolled Resource Consumption •
CVSS: 5.5EPSS: 0%CPEs: 10EXPL: 0CVE-2021-47294 – netrom: Decrease sock refcount when sock timers expire
https://notcve.org/view.php?id=CVE-2021-47294
21 May 2024 — In the Linux kernel, the following vulnerability has been resolved: netrom: Decrease sock refcount when sock timers expire Commit 63346650c1a9 ("netrom: switch to sock timer API") switched to use sock timer API. It replaces mod_timer() by sk_reset_timer(), and del_timer() by sk_stop_timer(). Function sk_reset_timer() will increase the refcount of sock if it is called on an inactive timer, hence, in case the timer expires, we need to decrease the refcount ourselves in the handler, otherwise, the sock refcoun... • https://git.kernel.org/stable/c/ce29e8a259de767f7210d346ad2b031cb8ab2732 •
CVSS: 5.5EPSS: 0%CPEs: 4EXPL: 0CVE-2021-47289 – ACPI: fix NULL pointer dereference
https://notcve.org/view.php?id=CVE-2021-47289
21 May 2024 — In the Linux kernel, the following vulnerability has been resolved: ACPI: fix NULL pointer dereference Commit 71f642833284 ("ACPI: utils: Fix reference counting in for_each_acpi_dev_match()") started doing "acpi_dev_put()" on a pointer that was possibly NULL. That fails miserably, because that helper inline function is not set up to handle that case. Just make acpi_dev_put() silently accept a NULL pointer, rather than calling down to put_device() with an invalid offset off that NULL pointer. En el kernel de... • https://git.kernel.org/stable/c/38f54217b423c0101d03a00feec6fb8ec608b12e • CWE-476: NULL Pointer Dereference •