CVSS: 5.5EPSS: 0%CPEs: 8EXPL: 0CVE-2021-47276 – ftrace: Do not blindly read the ip address in ftrace_bug()
https://notcve.org/view.php?id=CVE-2021-47276
21 May 2024 — In the Linux kernel, the following vulnerability has been resolved: ftrace: Do not blindly read the ip address in ftrace_bug() It was reported that a bug on arm64 caused a bad ip address to be used for updating into a nop in ftrace_init(), but the error path (rightfully) returned -EINVAL and not -EFAULT, as the bug caused more than one error to occur. But because -EINVAL was returned, the ftrace_bug() tried to report what was at the location of the ip address, and read it directly. This caused the machine t... • https://git.kernel.org/stable/c/05736a427f7e16be948ccbf39782bd3a6ae16b14 •
CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 0CVE-2021-47275 – bcache: avoid oversized read request in cache missing code path
https://notcve.org/view.php?id=CVE-2021-47275
21 May 2024 — In the Linux kernel, the following vulnerability has been resolved: bcache: avoid oversized read request in cache missing code path In the cache missing code path of cached device, if a proper location from the internal B+ tree is matched for a cache miss range, function cached_dev_cache_miss() will be called in cache_lookup_fn() in the following code block, [code block 1] 526 unsigned int sectors = KEY_INODE(k) == s->iop.inode 527 ? min_t(uint64_t, INT_MAX, 528 KEY_START(k) - bio->bi_iter.bi_sector) 529 : ... • https://git.kernel.org/stable/c/555002a840ab88468e252b0eedf0b05e2ce7099c •
CVSS: 5.5EPSS: 0%CPEs: 8EXPL: 0CVE-2021-47269 – usb: dwc3: ep0: fix NULL pointer exception
https://notcve.org/view.php?id=CVE-2021-47269
21 May 2024 — In the Linux kernel, the following vulnerability has been resolved: usb: dwc3: ep0: fix NULL pointer exception There is no validation of the index from dwc3_wIndex_to_dep() and we might be referring a non-existing ep and trigger a NULL pointer exception. In certain configurations we might use fewer eps and the index might wrongly indicate a larger ep index than existing. By adding this validation from the patch we can actually report a wrong index back to the caller. In our usecase we are using a composite ... • https://git.kernel.org/stable/c/96b74a99d360235c24052f1d060e64ac53f43528 •
CVSS: 3.3EPSS: 0%CPEs: 7EXPL: 0CVE-2021-47258 – scsi: core: Fix error handling of scsi_host_alloc()
https://notcve.org/view.php?id=CVE-2021-47258
21 May 2024 — In the Linux kernel, the following vulnerability has been resolved: scsi: core: Fix error handling of scsi_host_alloc() After device is initialized via device_initialize(), or its name is set via dev_set_name(), the device has to be freed via put_device(). Otherwise device name will be leaked because it is allocated dynamically in dev_set_name(). Fix the leak by replacing kfree() with put_device(). Since scsi_host_dev_release() properly handles IDA and kthread removal, remove special-casing these from the e... • https://git.kernel.org/stable/c/8958181c1663e24a13434448e7d6b96b5d04900a •
CVSS: 5.5EPSS: 0%CPEs: 7EXPL: 0CVE-2021-47257 – net: ieee802154: fix null deref in parse dev addr
https://notcve.org/view.php?id=CVE-2021-47257
21 May 2024 — In the Linux kernel, the following vulnerability has been resolved: net: ieee802154: fix null deref in parse dev addr Fix a logic error that could result in a null deref if the user sets the mode incorrectly for the given addr type. En el kernel de Linux, se resolvió la siguiente vulnerabilidad: net: ieee802154: corrige el deref null en analizar dev addr. Se corrige un error lógico que podría resultar en un deref null si el usuario configura el modo incorrectamente para el tipo de dirección dado. In the Lin... • https://git.kernel.org/stable/c/1f95741981c899c4724647291fec5faa3c777185 • CWE-476: NULL Pointer Dereference •
CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 0CVE-2021-47253 – drm/amd/display: Fix potential memory leak in DMUB hw_init
https://notcve.org/view.php?id=CVE-2021-47253
21 May 2024 — In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Fix potential memory leak in DMUB hw_init [Why] On resume we perform DMUB hw_init which allocates memory: dm_resume->dm_dmub_hw_init->dc_dmub_srv_create->kzalloc That results in memory leak in suspend/resume scenarios. [How] Allocate memory for the DC wrapper to DMUB only if it was not allocated before. No need to reallocate it on suspend/resume. En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: drm/amd/dis... • https://git.kernel.org/stable/c/9e8c2af010463197315fa54a6c17e74988b5259c •
CVSS: 5.5EPSS: 0%CPEs: 8EXPL: 0CVE-2021-47250 – net: ipv4: fix memory leak in netlbl_cipsov4_add_std
https://notcve.org/view.php?id=CVE-2021-47250
21 May 2024 — In the Linux kernel, the following vulnerability has been resolved: net: ipv4: fix memory leak in netlbl_cipsov4_add_std Reported by syzkaller: BUG: memory leak unreferenced object 0xffff888105df7000 (size 64): comm "syz-executor842", pid 360, jiffies 4294824824 (age 22.546s) hex dump (first 32 bytes): 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ backtrace: [<00000000e67ed558>] kmalloc include/linux/slab.h:590 [inline] [<00... • https://git.kernel.org/stable/c/96cb8e3313c7a12e026c1ed510522ae6f6023875 •
CVSS: 5.5EPSS: 0%CPEs: 8EXPL: 0CVE-2021-47249 – net: rds: fix memory leak in rds_recvmsg
https://notcve.org/view.php?id=CVE-2021-47249
21 May 2024 — In the Linux kernel, the following vulnerability has been resolved: net: rds: fix memory leak in rds_recvmsg Syzbot reported memory leak in rds. The problem was in unputted refcount in case of error. int rds_recvmsg(struct socket *sock, struct msghdr *msg, size_t size, int msg_flags) { ... if (!rds_next_incoming(rs, &inc)) { ... } After this "if" inc refcount incremented and if (rds_cmsg_recv(inc, msg, rs)) { ret = -EFAULT; goto out; } ... out: return ret; } in case of rds_cmsg_recv() fail the refcount won'... • https://git.kernel.org/stable/c/bdbe6fbc6a2f2ccfb384b141b257677d2a8d36fb •
CVSS: 5.5EPSS: 0%CPEs: 8EXPL: 0CVE-2021-47237 – net: hamradio: fix memory leak in mkiss_close
https://notcve.org/view.php?id=CVE-2021-47237
21 May 2024 — In the Linux kernel, the following vulnerability has been resolved: net: hamradio: fix memory leak in mkiss_close My local syzbot instance hit memory leak in mkiss_open()[1]. The problem was in missing free_netdev() in mkiss_close(). In mkiss_open() netdevice is allocated and then registered, but in mkiss_close() netdevice was only unregistered, but not freed. Fail log: BUG: memory leak unreferenced object 0xffff8880281ba000 (size 4096): comm "syz-executor.1", pid 11443, jiffies 4295046091 (age 17.660s) hex... • https://git.kernel.org/stable/c/815f62bf742718458ba822a7e1f51f285eb997f2 •
CVSS: 5.5EPSS: 0%CPEs: 8EXPL: 0CVE-2021-47236 – net: cdc_eem: fix tx fixup skb leak
https://notcve.org/view.php?id=CVE-2021-47236
21 May 2024 — In the Linux kernel, the following vulnerability has been resolved: net: cdc_eem: fix tx fixup skb leak when usbnet transmit a skb, eem fixup it in eem_tx_fixup(), if skb_copy_expand() failed, it return NULL, usbnet_start_xmit() will have no chance to free original skb. fix it by free orginal skb in eem_tx_fixup() first, then check skb clone status, if failed, return NULL to usbnet. En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: net: cdc_eem: corrige la fuga de skb de reparación de tx cu... • https://git.kernel.org/stable/c/9f722c0978b04acba209f8ca1896ad05814bc3a3 • CWE-402: Transmission of Private Resources into a New Sphere ('Resource Leak') •