CVSS: 5.5EPSS: 0%CPEs: 8EXPL: 0CVE-2021-47612 – nfc: fix segfault in nfc_genl_dump_devices_done
https://notcve.org/view.php?id=CVE-2021-47612
19 Jun 2024 — In the Linux kernel, the following vulnerability has been resolved: nfc: fix segfault in nfc_genl_dump_devices_done When kmalloc in nfc_genl_dump_devices() fails then nfc_genl_dump_devices_done() segfaults as below KASAN: null-ptr-deref in range [0x0000000000000008-0x000000000000000f] CPU: 0 PID: 25 Comm: kworker/0:1 Not tainted 5.16.0-rc4-01180-g2a987e65025e-dirty #5 Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.14.0-6.fc35 04/01/2014 Workqueue: events netlink_sock_destruct_work RIP: 001... • https://git.kernel.org/stable/c/ea55b3797878752aa076b118afb727dcf79cac34 •
CVSS: 5.5EPSS: 0%CPEs: 5EXPL: 0CVE-2021-47611 – mac80211: validate extended element ID is present
https://notcve.org/view.php?id=CVE-2021-47611
19 Jun 2024 — In the Linux kernel, the following vulnerability has been resolved: mac80211: validate extended element ID is present Before attempting to parse an extended element, verify that the extended element ID is present. En el kernel de Linux, se resolvió la siguiente vulnerabilidad: mac80211: validar que el ID del elemento extendido esté presente Antes de intentar analizar un elemento extendido, verifique que el ID del elemento extendido esté presente. In the Linux kernel, the following vulnerability has been r... • https://git.kernel.org/stable/c/41cbb0f5a29592874355e4159489eb08337cd50e •
CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 0CVE-2021-47610 – drm/msm: Fix null ptr access msm_ioctl_gem_submit()
https://notcve.org/view.php?id=CVE-2021-47610
19 Jun 2024 — In the Linux kernel, the following vulnerability has been resolved: drm/msm: Fix null ptr access msm_ioctl_gem_submit() Fix the below null pointer dereference in msm_ioctl_gem_submit(): 26545.260705: Call trace: 26545.263223: kref_put+0x1c/0x60 26545.266452: msm_ioctl_gem_submit+0x254/0x744 26545.270937: drm_ioctl_kernel+0xa8/0x124 26545.274976: drm_ioctl+0x21c/0x33c 26545.278478: drm_compat_ioctl+0xdc/0xf0 26545.282428: __arm64_compat_sys_ioctl+0xc8/0x100 26545.287169: el0... • https://git.kernel.org/stable/c/f6db3d98f876870c35e96693cfd54752f6199e59 •
CVSS: 6.7EPSS: 0%CPEs: 7EXPL: 0CVE-2021-47609 – firmware: arm_scpi: Fix string overflow in SCPI genpd driver
https://notcve.org/view.php?id=CVE-2021-47609
19 Jun 2024 — In the Linux kernel, the following vulnerability has been resolved: firmware: arm_scpi: Fix string overflow in SCPI genpd driver Without the bound checks for scpi_pd->name, it could result in the buffer overflow when copying the SCPI device name from the corresponding device tree node as the name string is set at maximum size of 30. Let us fix it by using devm_kasprintf so that the string buffer is allocated dynamically. En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: firmware: arm_scp... • https://git.kernel.org/stable/c/8bec4337ad4023b26de35d3b0c3a3b2735ffc5c7 • CWE-787: Out-of-bounds Write •
CVSS: 5.5EPSS: 0%CPEs: 8EXPL: 0CVE-2021-47606 – net: netlink: af_netlink: Prevent empty skb by adding a check on len.
https://notcve.org/view.php?id=CVE-2021-47606
19 Jun 2024 — In the Linux kernel, the following vulnerability has been resolved: net: netlink: af_netlink: Prevent empty skb by adding a check on len. Adding a check on len parameter to avoid empty skb. This prevents a division error in netem_enqueue function which is caused when skb->len=0 and skb->data_len=0 in the randomized corruption step as shown below. skb->data[prandom_u32() % skb_headlen(skb)] ^= 1<<(prandom_u32() % 8); Crash Report: [ 343.170349] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0... • https://git.kernel.org/stable/c/c54a60c8fbaa774f828e26df79f66229a8a0e010 • CWE-369: Divide By Zero •
CVSS: 4.7EPSS: 0%CPEs: 7EXPL: 0CVE-2021-47603 – audit: improve robustness of the audit queue handling
https://notcve.org/view.php?id=CVE-2021-47603
19 Jun 2024 — In the Linux kernel, the following vulnerability has been resolved: audit: improve robustness of the audit queue handling If the audit daemon were ever to get stuck in a stopped state the kernel's kauditd_thread() could get blocked attempting to send audit records to the userspace audit daemon. With the kernel thread blocked it is possible that the audit queue could grow unbounded as certain audit record generating events must be exempt from the queue limits else the system enter a deadlock state. This ... • https://git.kernel.org/stable/c/5b52330bbfe63b3305765354d6046c9f7f89c011 •
CVSS: 5.5EPSS: 0%CPEs: 5EXPL: 0CVE-2021-47602 – mac80211: track only QoS data frames for admission control
https://notcve.org/view.php?id=CVE-2021-47602
19 Jun 2024 — In the Linux kernel, the following vulnerability has been resolved: mac80211: track only QoS data frames for admission control For admission control, obviously all of that only works for QoS data frames, otherwise we cannot even access the QoS field in the header. Syzbot reported (see below) an uninitialized value here due to a status of a non-QoS nullfunc packet, which isn't even long enough to contain the QoS header. Fix this to only do anything for QoS data packets. En el kernel de Linux, se resolvió... • https://git.kernel.org/stable/c/02219b3abca59fca81711bfe7ee78df7abad97ce •
CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 0CVE-2021-47601 – tee: amdtee: fix an IS_ERR() vs NULL bug
https://notcve.org/view.php?id=CVE-2021-47601
19 Jun 2024 — In the Linux kernel, the following vulnerability has been resolved: tee: amdtee: fix an IS_ERR() vs NULL bug The __get_free_pages() function does not return error pointers it returns NULL so fix this condition to avoid a NULL dereference. En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: tee: amdtee: corrige un error IS_ERR() vs NULL La función __get_free_pages() no devuelve punteros de error, devuelve NULL, así que corrija esta condición para evitar una desreferencia a NULL. In the Linux... • https://git.kernel.org/stable/c/757cc3e9ff1d72d014096399d6e2bf03974d9da1 •
CVSS: 7.8EPSS: 0%CPEs: 8EXPL: 0CVE-2021-47600 – dm btree remove: fix use after free in rebalance_children()
https://notcve.org/view.php?id=CVE-2021-47600
19 Jun 2024 — In the Linux kernel, the following vulnerability has been resolved: dm btree remove: fix use after free in rebalance_children() Move dm_tm_unlock() after dm_tm_dec(). En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: dm btree remove: corrige el use after free en rebalance_children() Mueve dm_tm_unlock() después de dm_tm_dec(). In the Linux kernel, the following vulnerability has been resolved: dm btree remove: fix use after free in rebalance_children() Move dm_tm_unlock() after dm_tm_dec(... • https://git.kernel.org/stable/c/a48f6a2bf33734ec5669ee03067dfb6c5b4818d6 •
CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 0CVE-2021-47599 – btrfs: use latest_dev in btrfs_show_devname
https://notcve.org/view.php?id=CVE-2021-47599
19 Jun 2024 — In the Linux kernel, the following vulnerability has been resolved: btrfs: use latest_dev in btrfs_show_devname The test case btrfs/238 reports the warning below: WARNING: CPU: 3 PID: 481 at fs/btrfs/super.c:2509 btrfs_show_devname+0x104/0x1e8 [btrfs] CPU: 2 PID: 1 Comm: systemd Tainted: G W O 5.14.0-rc1-custom #72 Hardware name: QEMU QEMU Virtual Machine, BIOS 0.0.0 02/06/2015 Call trace: btrfs_show_devname+0x108/0x1b4 [btrfs] show_mountinfo+0x234/0x2c4 m_show+0x28/0x34 seq_read_... • https://git.kernel.org/stable/c/e342c2558016ead462f376b6c6c2ac5efc17f3b1 •