CVSS: 5.5EPSS: 0%CPEs: 6EXPL: 0CVE-2021-47617 – PCI: pciehp: Fix infinite loop in IRQ handler upon power fault
https://notcve.org/view.php?id=CVE-2021-47617
20 Jun 2024 — In the Linux kernel, the following vulnerability has been resolved: PCI: pciehp: Fix infinite loop in IRQ handler upon power fault The Power Fault Detected bit in the Slot Status register differs from all other hotplug events in that it is sticky: It can only be cleared after turning off slot power. Per PCIe r5.0, sec. 6.7.1.8: If a power controller detects a main power fault on the hot-plug slot, it must automatically set its internal main power fault latch [...]. The main power fault latch is cleared when... • https://git.kernel.org/stable/c/a8cc52270f3d8e8f4faf01ffd6c4a95bbfb55ba4 •
CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 0CVE-2024-38620 – Bluetooth: HCI: Remove HCI_AMP support
https://notcve.org/view.php?id=CVE-2024-38620
20 Jun 2024 — In the Linux kernel, the following vulnerability has been resolved: Bluetooth: HCI: Remove HCI_AMP support Since BT_HS has been remove HCI_AMP controllers no longer has any use so remove it along with the capability of creating AMP controllers. Since we no longer need to differentiate between AMP and Primary controllers, as only HCI_PRIMARY is left, this also remove hdev->dev_type altogether. En el kernel de Linux, se resolvió la siguiente vulnerabilidad: Bluetooth: HCI: eliminar la compatibilidad con HCI_A... • https://git.kernel.org/stable/c/244bc377591c3882f454882357bc730c90cbedb5 •
CVSS: 5.5EPSS: 0%CPEs: 8EXPL: 0CVE-2024-38619 – usb-storage: alauda: Check whether the media is initialized
https://notcve.org/view.php?id=CVE-2024-38619
20 Jun 2024 — In the Linux kernel, the following vulnerability has been resolved: usb-storage: alauda: Check whether the media is initialized The member "uzonesize" of struct alauda_info will remain 0 if alauda_init_media() fails, potentially causing divide errors in alauda_read_data() and alauda_write_lba(). - Add a member "media_initialized" to struct alauda_info. - Change a condition in alauda_check_media() to ensure the first initialization. - Add an error check for the return value of alauda_init_media(). En el kern... • https://git.kernel.org/stable/c/e80b0fade09ef1ee67b0898d480d4c588f124d5f • CWE-457: Use of Uninitialized Variable •
CVSS: 5.5EPSS: 0%CPEs: 8EXPL: 0CVE-2021-47612 – nfc: fix segfault in nfc_genl_dump_devices_done
https://notcve.org/view.php?id=CVE-2021-47612
19 Jun 2024 — In the Linux kernel, the following vulnerability has been resolved: nfc: fix segfault in nfc_genl_dump_devices_done When kmalloc in nfc_genl_dump_devices() fails then nfc_genl_dump_devices_done() segfaults as below KASAN: null-ptr-deref in range [0x0000000000000008-0x000000000000000f] CPU: 0 PID: 25 Comm: kworker/0:1 Not tainted 5.16.0-rc4-01180-g2a987e65025e-dirty #5 Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.14.0-6.fc35 04/01/2014 Workqueue: events netlink_sock_destruct_work RIP: 0010:k... • https://git.kernel.org/stable/c/ea55b3797878752aa076b118afb727dcf79cac34 •
CVSS: 5.5EPSS: 0%CPEs: 5EXPL: 0CVE-2021-47611 – mac80211: validate extended element ID is present
https://notcve.org/view.php?id=CVE-2021-47611
19 Jun 2024 — In the Linux kernel, the following vulnerability has been resolved: mac80211: validate extended element ID is present Before attempting to parse an extended element, verify that the extended element ID is present. En el kernel de Linux, se resolvió la siguiente vulnerabilidad: mac80211: validar que el ID del elemento extendido esté presente Antes de intentar analizar un elemento extendido, verifique que el ID del elemento extendido esté presente. In the Linux kernel, the following vulnerability has been res... • https://git.kernel.org/stable/c/41cbb0f5a29592874355e4159489eb08337cd50e •
CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 0CVE-2021-47610 – drm/msm: Fix null ptr access msm_ioctl_gem_submit()
https://notcve.org/view.php?id=CVE-2021-47610
19 Jun 2024 — In the Linux kernel, the following vulnerability has been resolved: drm/msm: Fix null ptr access msm_ioctl_gem_submit() Fix the below null pointer dereference in msm_ioctl_gem_submit(): 26545.260705: Call trace: 26545.263223: kref_put+0x1c/0x60 26545.266452: msm_ioctl_gem_submit+0x254/0x744 26545.270937: drm_ioctl_kernel+0xa8/0x124 26545.274976: drm_ioctl+0x21c/0x33c 26545.278478: drm_compat_ioctl+0xdc/0xf0 26545.282428: __arm64_compat_sys_ioctl+0xc8/0x100 26545.287169: el0_svc_common+0xf8/0x250 26545.29102... • https://git.kernel.org/stable/c/f6db3d98f876870c35e96693cfd54752f6199e59 •
CVSS: 6.7EPSS: 0%CPEs: 7EXPL: 0CVE-2021-47609 – firmware: arm_scpi: Fix string overflow in SCPI genpd driver
https://notcve.org/view.php?id=CVE-2021-47609
19 Jun 2024 — In the Linux kernel, the following vulnerability has been resolved: firmware: arm_scpi: Fix string overflow in SCPI genpd driver Without the bound checks for scpi_pd->name, it could result in the buffer overflow when copying the SCPI device name from the corresponding device tree node as the name string is set at maximum size of 30. Let us fix it by using devm_kasprintf so that the string buffer is allocated dynamically. En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: firmware: arm_scpi: ... • https://git.kernel.org/stable/c/8bec4337ad4023b26de35d3b0c3a3b2735ffc5c7 • CWE-787: Out-of-bounds Write •
CVSS: 5.5EPSS: 0%CPEs: 8EXPL: 0CVE-2021-47606 – net: netlink: af_netlink: Prevent empty skb by adding a check on len.
https://notcve.org/view.php?id=CVE-2021-47606
19 Jun 2024 — In the Linux kernel, the following vulnerability has been resolved: net: netlink: af_netlink: Prevent empty skb by adding a check on len. Adding a check on len parameter to avoid empty skb. This prevents a division error in netem_enqueue function which is caused when skb->len=0 and skb->data_len=0 in the randomized corruption step as shown below. skb->data[prandom_u32() % skb_headlen(skb)] ^= 1<<(prandom_u32() % 8); Crash Report: [ 343.170349] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port... • https://git.kernel.org/stable/c/c54a60c8fbaa774f828e26df79f66229a8a0e010 • CWE-369: Divide By Zero •
CVSS: 4.7EPSS: 0%CPEs: 7EXPL: 0CVE-2021-47603 – audit: improve robustness of the audit queue handling
https://notcve.org/view.php?id=CVE-2021-47603
19 Jun 2024 — In the Linux kernel, the following vulnerability has been resolved: audit: improve robustness of the audit queue handling If the audit daemon were ever to get stuck in a stopped state the kernel's kauditd_thread() could get blocked attempting to send audit records to the userspace audit daemon. With the kernel thread blocked it is possible that the audit queue could grow unbounded as certain audit record generating events must be exempt from the queue limits else the system enter a deadlock state. This patc... • https://git.kernel.org/stable/c/5b52330bbfe63b3305765354d6046c9f7f89c011 •
CVSS: 5.5EPSS: 0%CPEs: 5EXPL: 0CVE-2021-47602 – mac80211: track only QoS data frames for admission control
https://notcve.org/view.php?id=CVE-2021-47602
19 Jun 2024 — In the Linux kernel, the following vulnerability has been resolved: mac80211: track only QoS data frames for admission control For admission control, obviously all of that only works for QoS data frames, otherwise we cannot even access the QoS field in the header. Syzbot reported (see below) an uninitialized value here due to a status of a non-QoS nullfunc packet, which isn't even long enough to contain the QoS header. Fix this to only do anything for QoS data packets. En el kernel de Linux, se resolvió la ... • https://git.kernel.org/stable/c/02219b3abca59fca81711bfe7ee78df7abad97ce •