CVSS: 7.8EPSS: 0%CPEs: 8EXPL: 0CVE-2021-47571 – staging: rtl8192e: Fix use after free in _rtl92e_pci_disconnect()
https://notcve.org/view.php?id=CVE-2021-47571
In the Linux kernel, the following vulnerability has been resolved: staging: rtl8192e: Fix use after free in _rtl92e_pci_disconnect() The free_rtllib() function frees the "dev" pointer so there is use after free on the next line. Re-arrange things to avoid that. En el kernel de Linux se ha resuelto la siguiente vulnerabilidad: staging: rtl8192e: Corrige el use after free en _rtl92e_pci_disconnect() La función free_rtllib() libera el puntero "dev" para que haya use after free en la siguiente línea. Reorganice las cosas para evitar eso. • https://git.kernel.org/stable/c/66898177e7e5486dc77a4ba742efa4e2e9e900a4 https://git.kernel.org/stable/c/d43aecb694b10db9a4228ce2d38b5ae8de374443 https://git.kernel.org/stable/c/9186680382934b0e7529d3d70dcc0a21d087683b https://git.kernel.org/stable/c/c0ef0e75a858cbd8618b473f22fbca36106dcf82 https://git.kernel.org/stable/c/bca19bb2dc2d89ce60c4a4a6e59609d4cf2e13ef https://git.kernel.org/stable/c/2e1ec01af2c7139c6a600bbfaea1a018b35094b6 https://git.kernel.org/stable/c/8d0163cec7de995f9eb9c3128c83fb84f0cb1c64 https://git.kernel.org/stable/c/e27ee2f607fe6a9b923ef1fc65461c061 • CWE-416: Use After Free •
CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 0CVE-2021-47570 – staging: r8188eu: fix a memory leak in rtw_wx_read32()
https://notcve.org/view.php?id=CVE-2021-47570
In the Linux kernel, the following vulnerability has been resolved: staging: r8188eu: fix a memory leak in rtw_wx_read32() Free "ptmp" before returning -EINVAL. En el kernel de Linux se ha resuelto la siguiente vulnerabilidad: staging: r8188eu: soluciona una pérdida de memoria en rtw_wx_read32() Libera "ptmp" antes de devolver -EINVAL. • https://git.kernel.org/stable/c/2b42bd58b32155a1be4dd78991845dec05aaef9e https://git.kernel.org/stable/c/c8d3775745adacf9784a7a80a82d047051752573 https://git.kernel.org/stable/c/be4ea8f383551b9dae11b8dfff1f38b3b5436e9a • CWE-401: Missing Release of Memory after Effective Lifetime •
CVSS: -EPSS: 0%CPEs: 2EXPL: 0CVE-2021-47569 – io_uring: fail cancellation for EXITING tasks
https://notcve.org/view.php?id=CVE-2021-47569
In the Linux kernel, the following vulnerability has been resolved: io_uring: fail cancellation for EXITING tasks WARNING: CPU: 1 PID: 20 at fs/io_uring.c:6269 io_try_cancel_userdata+0x3c5/0x640 fs/io_uring.c:6269 CPU: 1 PID: 20 Comm: kworker/1:0 Not tainted 5.16.0-rc1-syzkaller #0 Workqueue: events io_fallback_req_func RIP: 0010:io_try_cancel_userdata+0x3c5/0x640 fs/io_uring.c:6269 Call Trace: <TASK> io_req_task_link_timeout+0x6b/0x1e0 fs/io_uring.c:6886 io_fallback_req_func+0xf9/0x1ae fs/io_uring.c:1334 process_one_work+0x9b2/0x1690 kernel/workqueue.c:2298 worker_thread+0x658/0x11f0 kernel/workqueue.c:2445 kthread+0x405/0x4f0 kernel/kthread.c:327 ret_from_fork+0x1f/0x30 arch/x86/entry/entry_64.S:295 </TASK> We need original task's context to do cancellations, so if it's dying and the callback is executed in a fallback mode, fail the cancellation attempt. En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: io_uring: cancelación fallida para tareas SALIDAS ADVERTENCIA: CPU: 1 PID: 20 en fs/io_uring.c:6269 io_try_cancel_userdata+0x3c5/0x640 fs/io_uring.c:6269 CPU: 1 PID: 20 Comm: kworker/1:0 No contaminado 5.16.0-rc1-syzkaller #0 Cola de trabajo: eventos io_fallback_req_func RIP: 0010:io_try_cancel_userdata+0x3c5/0x640 fs/io_uring.c:6269 Seguimiento de llamadas: io_req_task_link_timeout+0x6b /0x1e0 fs/io_uring.c:6886 io_fallback_req_func+0xf9/0x1ae fs/io_uring.c:1334 Process_one_work+0x9b2/0x1690 kernel/workqueue.c:2298 trabajador_thread+0x658/0x11f0 kernel/workqueue.c:2445 kthread+0x405/0 x4f0 kernel/kthread.c:327 ret_from_fork+0x1f/0x30 arch/x86/entry/entry_64.S:295 Necesitamos el contexto de la tarea original para realizar cancelaciones, por lo que si está muriendo y la devolución de llamada se ejecuta en modo alternativo, fallar el intento de cancelación. • https://git.kernel.org/stable/c/89b263f6d56e683ddcf7643140271ef6e36c72b9 https://git.kernel.org/stable/c/3d2a1e68fd9904fdc1b02f2e7d40ca47df7ba39f https://git.kernel.org/stable/c/617a89484debcd4e7999796d693cf0b77d2519de •
CVSS: -EPSS: 0%CPEs: 2EXPL: 0CVE-2021-47568 – ksmbd: fix memleak in get_file_stream_info()
https://notcve.org/view.php?id=CVE-2021-47568
In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix memleak in get_file_stream_info() Fix memleak in get_file_stream_info() En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: ksmbd: corrige memleak en get_file_stream_info() Corrige memleak en get_file_stream_info() • https://git.kernel.org/stable/c/34061d6b76a41b1e43c19e1e50d98e5d77f77d4e https://git.kernel.org/stable/c/11e659827c3a2facb3a04e08cc97ff14d5091f51 https://git.kernel.org/stable/c/178ca6f85aa3231094467691f5ea1ff2f398aa8d •
CVSS: -EPSS: 0%CPEs: 4EXPL: 0CVE-2021-47567 – powerpc/32: Fix hardlockup on vmap stack overflow
https://notcve.org/view.php?id=CVE-2021-47567
In the Linux kernel, the following vulnerability has been resolved: powerpc/32: Fix hardlockup on vmap stack overflow Since the commit c118c7303ad5 ("powerpc/32: Fix vmap stack - Do not activate MMU before reading task struct") a vmap stack overflow results in a hard lockup. This is because emergency_ctx is still addressed with its virtual address allthough data MMU is not active anymore at that time. Fix it by using a physical address instead. En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: powerpc/32: corrige el bloqueo físico en el desbordamiento de la pila de vmap Desde El commit c118c7303ad5 ("powerpc/32: corrige la pila de vmap - No activar MMU antes de leer la estructura de la tarea") un desbordamiento de la pila de vmap resulta en un bloqueo duro. Esto se debe a que Emergency_ctx todavía se aborda con su dirección virtual, aunque la MMU de datos ya no esté activa en ese momento. Solucionarlo utilizando una dirección física en su lugar. • https://git.kernel.org/stable/c/c118c7303ad528be8ff2aea8cd1ee15452c763f0 https://git.kernel.org/stable/c/3b234b4a6651ed6bdca94553aa0038fc7ded9271 https://git.kernel.org/stable/c/dfe906da9a1abebdebe8b15bb3e66a2578f6c4c7 https://git.kernel.org/stable/c/c4e3ff8b8b1d54f0c755670174c453b06e17114b https://git.kernel.org/stable/c/5bb60ea611db1e04814426ed4bd1c95d1487678e •