CVSS: 5.5EPSS: 0%CPEs: 4EXPL: 0CVE-2023-52621 – bpf: Check rcu_read_lock_trace_held() before calling bpf map helpers
https://notcve.org/view.php?id=CVE-2023-52621
26 Mar 2024 — In the Linux kernel, the following vulnerability has been resolved: bpf: Check rcu_read_lock_trace_held() before calling bpf map helpers These three bpf_map_{lookup,update,delete}_elem() helpers are also available for sleepable bpf program, so add the corresponding lock assertion for sleepable bpf program, otherwise the following warning will be reported when a sleepable bpf program manipulates bpf map under interpreter mode (aka bpf_jit_enable=0): WARNING: CPU: 3 PID: 4985 at kernel/bpf/helpers.c:40 ......... • https://git.kernel.org/stable/c/d6d6fe4bb105595118f12abeed4a7bdd450853f3 • CWE-413: Improper Resource Locking •
CVSS: 5.5EPSS: 0%CPEs: 6EXPL: 0CVE-2024-26644 – btrfs: don't abort filesystem when attempting to snapshot deleted subvolume
https://notcve.org/view.php?id=CVE-2024-26644
26 Mar 2024 — In the Linux kernel, the following vulnerability has been resolved: btrfs: don't abort filesystem when attempting to snapshot deleted subvolume If the source file descriptor to the snapshot ioctl refers to a deleted subvolume, we get the following abort: BTRFS: Transaction aborted (error -2) WARNING: CPU: 0 PID: 833 at fs/btrfs/transaction.c:1875 create_pending_snapshot+0x1040/0x1190 [btrfs] Modules linked in: pata_acpi btrfs ata_piix libata scsi_mod virtio_net blake2b_generic xor net_failover virtio_rng fa... • https://git.kernel.org/stable/c/2bdf872bcfe629a6202ffd6641615a8ed00e8464 •
CVSS: 5.5EPSS: 0%CPEs: 8EXPL: 0CVE-2021-47180 – NFC: nci: fix memory leak in nci_allocate_device
https://notcve.org/view.php?id=CVE-2021-47180
25 Mar 2024 — In the Linux kernel, the following vulnerability has been resolved: NFC: nci: fix memory leak in nci_allocate_device nfcmrvl_disconnect fails to free the hci_dev field in struct nci_dev. Fix this by freeing hci_dev in nci_free_device. BUG: memory leak unreferenced object 0xffff888111ea6800 (size 1024): comm "kworker/1:0", pid 19, jiffies 4294942308 (age 13.580s) hex dump (first 32 bytes): 00 00 00 00 00 00 00 00 00 60 fd 0c 81 88 ff ff .........`...... 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 .......... • https://git.kernel.org/stable/c/11f54f228643d0248ec00ce8c9fb8d872f87e7b8 •
CVSS: 5.5EPSS: 0%CPEs: 8EXPL: 0CVE-2021-47173 – misc/uss720: fix memory leak in uss720_probe
https://notcve.org/view.php?id=CVE-2021-47173
25 Mar 2024 — In the Linux kernel, the following vulnerability has been resolved: misc/uss720: fix memory leak in uss720_probe uss720_probe forgets to decrease the refcount of usbdev in uss720_probe. Fix this by decreasing the refcount of usbdev by usb_put_dev. BUG: memory leak unreferenced object 0xffff888101113800 (size 2048): comm "kworker/0:1", pid 7, jiffies 4294956777 (age 28.870s) hex dump (first 32 bytes): ff ff ff ff 31 00 00 00 00 00 00 00 00 00 00 00 ....1........... 00 00 00 00 00 00 00 00 00 00 00 00 03 00 0... • https://git.kernel.org/stable/c/0f36163d3abefbda1b21a330b3fdf3c2dc076d94 • CWE-401: Missing Release of Memory after Effective Lifetime •
CVSS: 5.5EPSS: 0%CPEs: 8EXPL: 0CVE-2021-47171 – net: usb: fix memory leak in smsc75xx_bind
https://notcve.org/view.php?id=CVE-2021-47171
25 Mar 2024 — In the Linux kernel, the following vulnerability has been resolved: net: usb: fix memory leak in smsc75xx_bind Syzbot reported memory leak in smsc75xx_bind(). The problem was is non-freed memory in case of errors after memory allocation. backtrace: [
CVSS: 5.5EPSS: 0%CPEs: 5EXPL: 0CVE-2021-47170 – USB: usbfs: Don't WARN about excessively large memory allocations
https://notcve.org/view.php?id=CVE-2021-47170
25 Mar 2024 — In the Linux kernel, the following vulnerability has been resolved: USB: usbfs: Don't WARN about excessively large memory allocations Syzbot found that the kernel generates a WARNing if the user tries to submit a bulk transfer through usbfs with a buffer that is way too large. This isn't a bug in the kernel; it's merely an invalid request from the user and the usbfs code does handle it correctly. In theory the same thing can happen with async transfers, or with the packet descriptor table for isochronous tr... • https://git.kernel.org/stable/c/2ab21d6e1411999b5fb43434f421f00bf50002eb •
CVSS: 5.5EPSS: 0%CPEs: 8EXPL: 0CVE-2021-47169 – serial: rp2: use 'request_firmware' instead of 'request_firmware_nowait'
https://notcve.org/view.php?id=CVE-2021-47169
25 Mar 2024 — In the Linux kernel, the following vulnerability has been resolved: serial: rp2: use 'request_firmware' instead of 'request_firmware_nowait' In 'rp2_probe', the driver registers 'rp2_uart_interrupt' then calls 'rp2_fw_cb' through 'request_firmware_nowait'. In 'rp2_fw_cb', if the firmware don't exists, function just return without initializing ports of 'rp2_card'. But now the interrupt handler function has been registered, and when an interrupt comes, 'rp2_uart_interrupt' may access those ports then causing ... • https://git.kernel.org/stable/c/1e04d5d5fe5e76af68f834e1941fcbfa439653be •
CVSS: 5.5EPSS: 0%CPEs: 8EXPL: 0CVE-2021-47168 – NFS: fix an incorrect limit in filelayout_decode_layout()
https://notcve.org/view.php?id=CVE-2021-47168
25 Mar 2024 — In the Linux kernel, the following vulnerability has been resolved: NFS: fix an incorrect limit in filelayout_decode_layout() The "sizeof(struct nfs_fh)" is two bytes too large and could lead to memory corruption. It should be NFS_MAXFHSIZE because that's the size of the ->data[] buffer. I reversed the size of the arguments to put the variable on the left. En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: NFS: corrige un límite incorrecto en filelayout_decode_layout() El "sizeof(struct nfs_... • https://git.kernel.org/stable/c/16b374ca439fb406e46e071f75428f5b033056f8 •
CVSS: 5.5EPSS: 0%CPEs: 4EXPL: 0CVE-2021-47167 – NFS: Fix an Oopsable condition in __nfs_pageio_add_request()
https://notcve.org/view.php?id=CVE-2021-47167
25 Mar 2024 — In the Linux kernel, the following vulnerability has been resolved: NFS: Fix an Oopsable condition in __nfs_pageio_add_request() Ensure that nfs_pageio_error_cleanup() resets the mirror array contents, so that the structure reflects the fact that it is now empty. Also change the test in nfs_pageio_do_add_request() to be more robust by checking whether or not the list is empty rather than relying on the value of pg_count. En el kernel de Linux, se resolvió la siguiente vulnerabilidad: NFS: corrija una condic... • https://git.kernel.org/stable/c/a7d42ddb3099727f58366fa006f850a219cce6c8 •
CVSS: 5.5EPSS: 0%CPEs: 8EXPL: 0CVE-2021-47166 – NFS: Don't corrupt the value of pg_bytes_written in nfs_do_recoalesce()
https://notcve.org/view.php?id=CVE-2021-47166
25 Mar 2024 — In the Linux kernel, the following vulnerability has been resolved: NFS: Don't corrupt the value of pg_bytes_written in nfs_do_recoalesce() The value of mirror->pg_bytes_written should only be updated after a successful attempt to flush out the requests on the list. En el kernel de Linux, se resolvió la siguiente vulnerabilidad: NFS: no corrompa el valor de pg_bytes_writing en nfs_do_recoalesce() El valor de mirror->pg_bytes_write solo debe actualizarse después de un intento exitoso de eliminar las solic... • https://git.kernel.org/stable/c/a7d42ddb3099727f58366fa006f850a219cce6c8 •