CVSS: 5.5EPSS: 0%CPEs: 4EXPL: 0CVE-2021-47432 – lib/generic-radix-tree.c: Don't overflow in peek()
https://notcve.org/view.php?id=CVE-2021-47432
21 May 2024 — In the Linux kernel, the following vulnerability has been resolved: lib/generic-radix-tree.c: Don't overflow in peek() When we started spreading new inode numbers throughout most of the 64 bit inode space, that triggered some corner case bugs, in particular some integer overflows related to the radix tree code. Oops. En el kernel de Linux, se resolvió la siguiente vulnerabilidad: lib/generic-radix-tree.c: No se desborda en peek() Cuando comenzamos a distribuir nuevos números de inodos en la mayor parte del ... • https://git.kernel.org/stable/c/784d01f9bbc282abb0c5ade5beb98a87f50343ac •
CVSS: 4.7EPSS: 0%CPEs: 6EXPL: 0CVE-2023-52747 – IB/hfi1: Restore allocated resources on failed copyout
https://notcve.org/view.php?id=CVE-2023-52747
21 May 2024 — In the Linux kernel, the following vulnerability has been resolved: IB/hfi1: Restore allocated resources on failed copyout Fix a resource leak if an error occurs. En el kernel de Linux, se resolvió la siguiente vulnerabilidad: IB/hfi1: restaurar los recursos asignados en caso de copia fallida. Reparar una fuga de recursos si se produce un error. • https://git.kernel.org/stable/c/f404ca4c7ea8e650ba09ba87c71c7a89c865d5be •
CVSS: 2.5EPSS: 0%CPEs: 4EXPL: 0CVE-2023-52746 – xfrm/compat: prevent potential spectre v1 gadget in xfrm_xlate32_attr()
https://notcve.org/view.php?id=CVE-2023-52746
21 May 2024 — In the Linux kernel, the following vulnerability has been resolved: xfrm/compat: prevent potential spectre v1 gadget in xfrm_xlate32_attr() int type = nla_type(nla); if (type > XFRMA_MAX) { return -EOPNOTSUPP; } @type is then used as an array index and can be used as a Spectre v1 gadget. if (nla_len(nla) < compat_policy[type].len) { array_index_nospec() can be used to prevent leaking content of kernel memory to malicious users. En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: xfrm/compat: ... • https://git.kernel.org/stable/c/5106f4a8acff480e244300bc5097c0ad7048c3a2 •
CVSS: 4.4EPSS: 0%CPEs: 8EXPL: 0CVE-2023-52745 – IB/IPoIB: Fix legacy IPoIB due to wrong number of queues
https://notcve.org/view.php?id=CVE-2023-52745
21 May 2024 — In the Linux kernel, the following vulnerability has been resolved: IB/IPoIB: Fix legacy IPoIB due to wrong number of queues The cited commit creates child PKEY interfaces over netlink will multiple tx and rx queues, but some devices doesn't support more than 1 tx and 1 rx queues. This causes to a crash when traffic is sent over the PKEY interface due to the parent having a single queue but the child having multiple queues. This patch fixes the number of queues to 1 for legacy IPoIB at the earliest possible... • https://git.kernel.org/stable/c/d4bf3fcccd188db9f3310d93472041cdefba97bf •
CVSS: 4.0EPSS: 0%CPEs: 5EXPL: 0CVE-2023-52743 – ice: Do not use WQ_MEM_RECLAIM flag for workqueue
https://notcve.org/view.php?id=CVE-2023-52743
21 May 2024 — In the Linux kernel, the following vulnerability has been resolved: ice: Do not use WQ_MEM_RECLAIM flag for workqueue When both ice and the irdma driver are loaded, a warning in check_flush_dependency is being triggered. This is due to ice driver workqueue being allocated with the WQ_MEM_RECLAIM flag and the irdma one is not. According to kernel documentation, this flag should be set if the workqueue will be involved in the kernel's memory reclamation flow. Since it is not, there is no need for the ice driv... • https://git.kernel.org/stable/c/940b61af02f497fcd911b9e2d75c6b8cf76b92fd •
CVSS: 5.5EPSS: 0%CPEs: 7EXPL: 0CVE-2023-52742 – net: USB: Fix wrong-direction WARNING in plusb.c
https://notcve.org/view.php?id=CVE-2023-52742
21 May 2024 — In the Linux kernel, the following vulnerability has been resolved: net: USB: Fix wrong-direction WARNING in plusb.c The syzbot fuzzer detected a bug in the plusb network driver: A zero-length control-OUT transfer was treated as a read instead of a write. In modern kernels this error provokes a WARNING: usb 1-1: BOGUS control dir, pipe 80000280 doesn't match bRequestType c0 WARNING: CPU: 0 PID: 4645 at drivers/usb/core/urb.c:411 usb_submit_urb+0x14a7/0x1880 drivers/usb/core/urb.c:411 Modules linked in: CPU:... • https://git.kernel.org/stable/c/090ffa9d0e904e1ed0f86c84dcf20684a8ac1a5a •
CVSS: 5.5EPSS: 0%CPEs: 4EXPL: 0CVE-2023-52741 – cifs: Fix use-after-free in rdata->read_into_pages()
https://notcve.org/view.php?id=CVE-2023-52741
21 May 2024 — In the Linux kernel, the following vulnerability has been resolved: cifs: Fix use-after-free in rdata->read_into_pages() When the network status is unstable, use-after-free may occur when read data from the server. BUG: KASAN: use-after-free in readpages_fill_pages+0x14c/0x7e0 Call Trace:
CVSS: 7.0EPSS: 0%CPEs: 5EXPL: 0CVE-2023-52739 – Fix page corruption caused by racy check in __free_pages
https://notcve.org/view.php?id=CVE-2023-52739
21 May 2024 — In the Linux kernel, the following vulnerability has been resolved: Fix page corruption caused by racy check in __free_pages When we upgraded our kernel, we started seeing some page corruption like the following consistently: BUG: Bad page state in process ganesha.nfsd pfn:1304ca page:0000000022261c55 refcount:0 mapcount:-128 mapping:0000000000000000 index:0x0 pfn:0x1304ca flags: 0x17ffffc0000000() raw: 0017ffffc0000000 ffff8a513ffd4c98 ffffeee24b35ec08 0000000000000000 raw: 0000000000000000 000000000000000... • https://git.kernel.org/stable/c/e320d3012d25b1fb5f3df4edb7bd44a1c362ec10 •
CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 0CVE-2023-52737 – btrfs: lock the inode in shared mode before starting fiemap
https://notcve.org/view.php?id=CVE-2023-52737
21 May 2024 — In the Linux kernel, the following vulnerability has been resolved: btrfs: lock the inode in shared mode before starting fiemap Currently fiemap does not take the inode's lock (VFS lock), it only locks a file range in the inode's io tree. This however can lead to a deadlock if we have a concurrent fsync on the file and fiemap code triggers a fault when accessing the user space buffer with fiemap_fill_next_extent(). The deadlock happens on the inode's i_mmap_lock semaphore, which is taken both by fsync and b... • https://git.kernel.org/stable/c/d8c594da79bc0244e610a70594e824a401802be1 •
CVSS: 5.5EPSS: 0%CPEs: 4EXPL: 0CVE-2023-52736 – ALSA: hda: Do not unset preset when cleaning up codec
https://notcve.org/view.php?id=CVE-2023-52736
21 May 2024 — In the Linux kernel, the following vulnerability has been resolved: ALSA: hda: Do not unset preset when cleaning up codec Several functions that take part in codec's initialization and removal are re-used by ASoC codec drivers implementations. Drivers mimic the behavior of hda_codec_driver_probe/remove() found in sound/pci/hda/hda_bind.c with their component->probe/remove() instead. One of the reasons for that is the expectation of snd_hda_codec_device_new() to receive a valid pointer to an instance of stru... • https://git.kernel.org/stable/c/7fc4e7191eae9d9325511e03deadfdb2224914f8 •