CVSS: 3.3EPSS: 0%CPEs: 8EXPL: 0CVE-2021-47216 – scsi: advansys: Fix kernel pointer leak
https://notcve.org/view.php?id=CVE-2021-47216
10 Apr 2024 — In the Linux kernel, the following vulnerability has been resolved: scsi: advansys: Fix kernel pointer leak Pointers should be printed with %p or %px rather than cast to 'unsigned long' and printed with %lx. Change %lx to %p to print the hashed pointer. In the Linux kernel, the following vulnerability has been resolved: scsi: advansys: Fix kernel pointer leak Pointers should be printed with %p or %px rather than cast to 'unsigned long' and printed with %lx. Change %lx to %p to print the hashed pointer. The ... • https://git.kernel.org/stable/c/31491e1ac425edc6b80a670a71ac8d2dfdd78417 •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2021-47211 – ALSA: usb-audio: fix null pointer dereference on pointer cs_desc
https://notcve.org/view.php?id=CVE-2021-47211
10 Apr 2024 — In the Linux kernel, the following vulnerability has been resolved: ALSA: usb-audio: fix null pointer dereference on pointer cs_desc The pointer cs_desc return from snd_usb_find_clock_source could be null, so there is a potential null pointer dereference issue. Fix this by adding a null check before dereference. In the Linux kernel, the following vulnerability has been resolved: ALSA: usb-audio: fix null pointer dereference on pointer cs_desc The pointer cs_desc return from snd_usb_find_clock_source could b... • https://git.kernel.org/stable/c/1dc669fed61a4ec4270a89e5fb3535802cc45668 •
CVSS: 5.5EPSS: 0%CPEs: 8EXPL: 0CVE-2021-47207 – ALSA: gus: fix null pointer dereference on pointer block
https://notcve.org/view.php?id=CVE-2021-47207
10 Apr 2024 — In the Linux kernel, the following vulnerability has been resolved: ALSA: gus: fix null pointer dereference on pointer block The pointer block return from snd_gf1_dma_next_block could be null, so there is a potential null pointer dereference issue. Fix this by adding a null check before dereference. In the Linux kernel, the following vulnerability has been resolved: ALSA: gus: fix null pointer dereference on pointer block The pointer block return from snd_gf1_dma_next_block could be null, so there is a pote... • https://git.kernel.org/stable/c/1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 •
CVSS: 5.5EPSS: 0%CPEs: 8EXPL: 0CVE-2021-47206 – usb: host: ohci-tmio: check return value after calling platform_get_resource()
https://notcve.org/view.php?id=CVE-2021-47206
10 Apr 2024 — In the Linux kernel, the following vulnerability has been resolved: usb: host: ohci-tmio: check return value after calling platform_get_resource() It will cause null-ptr-deref if platform_get_resource() returns NULL, we need check the return value. In the Linux kernel, the following vulnerability has been resolved: usb: host: ohci-tmio: check return value after calling platform_get_resource() It will cause null-ptr-deref if platform_get_resource() returns NULL, we need check the return value. The SUSE Linux... • https://git.kernel.org/stable/c/78c73414f4f6744e2ea5a07b263a9698aa6f2416 •
CVSS: 5.5EPSS: 0%CPEs: 8EXPL: 0CVE-2021-47203 – scsi: lpfc: Fix list_add() corruption in lpfc_drain_txq()
https://notcve.org/view.php?id=CVE-2021-47203
10 Apr 2024 — In the Linux kernel, the following vulnerability has been resolved: scsi: lpfc: Fix list_add() corruption in lpfc_drain_txq() When parsing the txq list in lpfc_drain_txq(), the driver attempts to pass the requests to the adapter. If such an attempt fails, a local "fail_msg" string is set and a log message output. The job is then added to a completions list for cancellation. Processing of any further jobs from the txq list continues, but since "fail_msg" remains set, jobs are added to the completions list re... • https://git.kernel.org/stable/c/2a9bf3d011303d8da64cd5e0e7fdd95f0c143984 • CWE-20: Improper Input Validation •
CVSS: 7.8EPSS: 0%CPEs: 8EXPL: 0CVE-2021-47194 – cfg80211: call cfg80211_stop_ap when switch from P2P_GO type
https://notcve.org/view.php?id=CVE-2021-47194
10 Apr 2024 — In the Linux kernel, the following vulnerability has been resolved: cfg80211: call cfg80211_stop_ap when switch from P2P_GO type If the userspace tools switch from NL80211_IFTYPE_P2P_GO to NL80211_IFTYPE_ADHOC via send_msg(NL80211_CMD_SET_INTERFACE), it does not call the cleanup cfg80211_stop_ap(), this leads to the initialization of in-use data. For example, this path re-init the sdata->assigned_chanctx_list while it is still an element of assigned_vifs list, and makes that linked list corrupt. En el kerne... • https://git.kernel.org/stable/c/ac800140c20e7ae51117e71289065bedd4930fc2 • CWE-665: Improper Initialization •
CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 0CVE-2021-47191 – scsi: scsi_debug: Fix out-of-bound read in resp_readcap16()
https://notcve.org/view.php?id=CVE-2021-47191
10 Apr 2024 — In the Linux kernel, the following vulnerability has been resolved: scsi: scsi_debug: Fix out-of-bound read in resp_readcap16() The following warning was observed running syzkaller: [ 3813.830724] sg_write: data in/out 65466/242 bytes for SCSI command 0x9e-- guessing data in; [ 3813.830724] program syz-executor not setting count and/or reply_len properly [ 3813.836956] ================================================================== [ 3813.839465] BUG: KASAN: stack-out-of-bounds in sg_copy_buffer+0x157/0x... • https://git.kernel.org/stable/c/c65b1445d153a66ca91b00c1f10187e495c17918 •
CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 0CVE-2021-47188 – scsi: ufs: core: Improve SCSI abort handling
https://notcve.org/view.php?id=CVE-2021-47188
10 Apr 2024 — In the Linux kernel, the following vulnerability has been resolved: scsi: ufs: core: Improve SCSI abort handling The following has been observed on a test setup: WARNING: CPU: 4 PID: 250 at drivers/scsi/ufs/ufshcd.c:2737 ufshcd_queuecommand+0x468/0x65c Call trace: ufshcd_queuecommand+0x468/0x65c scsi_send_eh_cmnd+0x224/0x6a0 scsi_eh_test_devices+0x248/0x418 scsi_eh_ready_devs+0xc34/0xe58 scsi_error_handler+0x204/0x80c kthread+0x150/0x1b4 ret_from_fork+0x10/0x30 That warning is triggered by the following sta... • https://git.kernel.org/stable/c/7a3e97b0dc4bbac2ba7803564ab0057722689921 •
CVSS: 4.6EPSS: 0%CPEs: 8EXPL: 0CVE-2021-47185 – tty: tty_buffer: Fix the softlockup issue in flush_to_ldisc
https://notcve.org/view.php?id=CVE-2021-47185
10 Apr 2024 — In the Linux kernel, the following vulnerability has been resolved: tty: tty_buffer: Fix the softlockup issue in flush_to_ldisc When running ltp testcase(ltp/testcases/kernel/pty/pty04.c) with arm64, there is a soft lockup, which look like this one: Workqueue: events_unbound flush_to_ldisc Call trace: dump_backtrace+0x0/0x1ec show_stack+0x24/0x30 dump_stack+0xd0/0x128 panic+0x15c/0x374 watchdog_timer_fn+0x2b8/0x304 __run_hrtimer+0x88/0x2c0 __hrtimer_run_queues+0xa4/0x120 hrtimer_interrupt+0xfc/0x270 arch_ti... • https://git.kernel.org/stable/c/81de916f19cf5f1437c0b9ed817364f0f7c81961 • CWE-1050: Excessive Platform Resource Consumption within a Loop •
CVSS: 5.5EPSS: 0%CPEs: 6EXPL: 0CVE-2021-47184 – i40e: Fix NULL ptr dereference on VSI filter sync
https://notcve.org/view.php?id=CVE-2021-47184
10 Apr 2024 — In the Linux kernel, the following vulnerability has been resolved: i40e: Fix NULL ptr dereference on VSI filter sync Remove the reason of null pointer dereference in sync VSI filters. Added new I40E_VSI_RELEASING flag to signalize deleting and releasing of VSI resources to sync this thread with sync filters subtask. Without this patch it is possible to start update the VSI filter list after VSI is removed, that's causing a kernel oops. In the Linux kernel, the following vulnerability has been resolved: i40... • https://git.kernel.org/stable/c/41c445ff0f482bb6e6b72dcee9e598e20575f743 •