CVSS: 3.3EPSS: 0%CPEs: 4EXPL: 0CVE-2020-36784 – i2c: cadence: fix reference leak when pm_runtime_get_sync fails
https://notcve.org/view.php?id=CVE-2020-36784
28 Feb 2024 — In the Linux kernel, the following vulnerability has been resolved: i2c: cadence: fix reference leak when pm_runtime_get_sync fails The PM reference count is not expected to be incremented on return in functions cdns_i2c_master_xfer and cdns_reg_slave. However, pm_runtime_get_sync will increment pm usage counter even failed. Forgetting to putting operation will result in a reference leak here. Replace it with pm_runtime_resume_and_get to keep usage counter balanced. En el kernel de Linux, se resolvió la sig... • https://git.kernel.org/stable/c/7fa32329ca03148fb2c07b4ef3247b8fc0488d6a •
CVSS: 4.7EPSS: 0%CPEs: 5EXPL: 0CVE-2020-36783 – i2c: img-scb: fix reference leak when pm_runtime_get_sync fails
https://notcve.org/view.php?id=CVE-2020-36783
28 Feb 2024 — In the Linux kernel, the following vulnerability has been resolved: i2c: img-scb: fix reference leak when pm_runtime_get_sync fails The PM reference count is not expected to be incremented on return in functions img_i2c_xfer and img_i2c_init. However, pm_runtime_get_sync will increment the PM reference count even failed. Forgetting to putting operation will result in a reference leak here. Replace it with pm_runtime_resume_and_get to keep usage counter balanced. En el kernel de Linux, se resolvió la siguien... • https://git.kernel.org/stable/c/93222bd9b966105f43418fd336654ad10045783a •
CVSS: 4.7EPSS: 0%CPEs: 5EXPL: 0CVE-2020-36782 – i2c: imx-lpi2c: fix reference leak when pm_runtime_get_sync fails
https://notcve.org/view.php?id=CVE-2020-36782
28 Feb 2024 — In the Linux kernel, the following vulnerability has been resolved: i2c: imx-lpi2c: fix reference leak when pm_runtime_get_sync fails The PM reference count is not expected to be incremented on return in lpi2c_imx_master_enable. However, pm_runtime_get_sync will increment the PM reference count even failed. Forgetting to putting operation will result in a reference leak here. Replace it with pm_runtime_resume_and_get to keep usage counter balanced. En el kernel de Linux, se resolvió la siguiente vulnerabili... • https://git.kernel.org/stable/c/13d6eb20fc79a1e606307256dad4098375539a09 •
CVSS: 4.7EPSS: 0%CPEs: 5EXPL: 0CVE-2020-36780 – i2c: sprd: fix reference leak when pm_runtime_get_sync fails
https://notcve.org/view.php?id=CVE-2020-36780
28 Feb 2024 — In the Linux kernel, the following vulnerability has been resolved: i2c: sprd: fix reference leak when pm_runtime_get_sync fails The PM reference count is not expected to be incremented on return in sprd_i2c_master_xfer() and sprd_i2c_remove(). However, pm_runtime_get_sync will increment the PM reference count even failed. Forgetting to putting operation will result in a reference leak here. Replace it with pm_runtime_resume_and_get to keep usage counter balanced. En el kernel de Linux, se resolvió la sigui... • https://git.kernel.org/stable/c/8b9ec0719834fe66146d138d62ed66cef025c864 •
CVSS: 5.3EPSS: 0%CPEs: 8EXPL: 0CVE-2021-46974 – bpf: Fix masking negation logic upon negative dst register
https://notcve.org/view.php?id=CVE-2021-46974
27 Feb 2024 — In the Linux kernel, the following vulnerability has been resolved: bpf: Fix masking negation logic upon negative dst register The negation logic for the case where the off_reg is sitting in the dst register is not correct given then we cannot just invert the add to a sub or vice versa. As a fix, perform the final bitwise and-op unconditionally into AX from the off_reg, then move the pointer from the src to dst and finally use AX as the source for the original pointer arithmetic operation such that the inve... • https://git.kernel.org/stable/c/ae03b6b1c880a03d4771257336dc3bca156dd51b •
CVSS: 6.7EPSS: 0%CPEs: 11EXPL: 0CVE-2021-46966 – ACPI: custom_method: fix potential use-after-free issue
https://notcve.org/view.php?id=CVE-2021-46966
27 Feb 2024 — In the Linux kernel, the following vulnerability has been resolved: ACPI: custom_method: fix potential use-after-free issue In cm_write(), buf is always freed when reaching the end of the function. If the requested count is less than table.length, the allocated buffer will be freed but subsequent calls to cm_write() will still try to access it. Remove the unconditional kfree(buf) at the end of the function and set the buf to NULL in the -EINVAL error path to match the rest of function. En el kernel de Linux... • https://git.kernel.org/stable/c/4bda2b79a9d04c8ba31681c66e95877dbb433416 •
CVSS: 5.5EPSS: 0%CPEs: 7EXPL: 0CVE-2021-46963 – scsi: qla2xxx: Fix crash in qla2xxx_mqueuecommand()
https://notcve.org/view.php?id=CVE-2021-46963
27 Feb 2024 — In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Fix crash in qla2xxx_mqueuecommand() RIP: 0010:kmem_cache_free+0xfa/0x1b0 Call Trace: qla2xxx_mqueuecommand+0x2b5/0x2c0 [qla2xxx] scsi_queue_rq+0x5e2/0xa40 __blk_mq_try_issue_directly+0x128/0x1d0 blk_mq_request_issue_directly+0x4e/0xb0 Fix incorrect call to free srb in qla2xxx_mqueuecommand(), as srb is now allocated by upper layers. This fixes smatch warning of srb unintended free. En el kernel de Linux, se ha resuelto la si... • https://git.kernel.org/stable/c/64a8c5018a4b21b04a756a56c495ef47c14e92d9 •
CVSS: 5.5EPSS: 0%CPEs: 7EXPL: 0CVE-2021-46960 – cifs: Return correct error code from smb2_get_enc_key
https://notcve.org/view.php?id=CVE-2021-46960
27 Feb 2024 — In the Linux kernel, the following vulnerability has been resolved: cifs: Return correct error code from smb2_get_enc_key Avoid a warning if the error percolates back up: [440700.376476] CIFS VFS: \\otters.example.com crypt_message: Could not get encryption key [440700.386947] ------------[ cut here ]------------ [440700.386948] err = 1 [440700.386977] WARNING: CPU: 11 PID: 2733 at /build/linux-hwe-5.4-p6lk6L/linux-hwe-5.4-5.4.0/lib/errseq.c:74 errseq_set+0x5c/0x70 ... [440700.397304] CPU: 11 PID: 2733 Comm... • https://git.kernel.org/stable/c/61cfac6f267dabcf2740a7ec8a0295833b28b5f5 •
CVSS: 7.8EPSS: 0%CPEs: 10EXPL: 0CVE-2021-46955 – openvswitch: fix stack OOB read while fragmenting IPv4 packets
https://notcve.org/view.php?id=CVE-2021-46955
27 Feb 2024 — In the Linux kernel, the following vulnerability has been resolved: openvswitch: fix stack OOB read while fragmenting IPv4 packets running openvswitch on kernels built with KASAN, it's possible to see the following splat while testing fragmentation of IPv4 packets: BUG: KASAN: stack-out-of-bounds in ip_do_fragment+0x1b03/0x1f60 Read of size 1 at addr ffff888112fc713c by task handler2/1367 CPU: 0 PID: 1367 Comm: handler2 Not tainted 5.12.0-rc6+ #418 Hardware name: Red Hat KVM, BIOS 1.11.1-4.module+el8.1.0+40... • https://git.kernel.org/stable/c/119bbaa6795a4f4aed46994cc7d9ab01989c87e3 •
CVSS: 6.7EPSS: 0%CPEs: 7EXPL: 0CVE-2021-46953 – ACPI: GTDT: Don't corrupt interrupt mappings on watchdow probe failure
https://notcve.org/view.php?id=CVE-2021-46953
27 Feb 2024 — In the Linux kernel, the following vulnerability has been resolved: ACPI: GTDT: Don't corrupt interrupt mappings on watchdow probe failure When failing the driver probe because of invalid firmware properties, the GTDT driver unmaps the interrupt that it mapped earlier. However, it never checks whether the mapping of the interrupt actially succeeded. Even more, should the firmware report an illegal interrupt number that overlaps with the GIC SGI range, this can result in an IPI being unmapped, and subsequent... • https://git.kernel.org/stable/c/ca9ae5ec4ef0ed13833b03297ab319676965492c •