CVE-2021-28951
https://notcve.org/view.php?id=CVE-2021-28951
An issue was discovered in fs/io_uring.c in the Linux kernel through 5.11.8. It allows attackers to cause a denial of service (deadlock) because exit may be waiting to park a SQPOLL thread, but concurrently that SQPOLL thread is waiting for a signal to start, aka CID-3ebba796fa25. Se detectó un problema en el archivo fs/io_uring.c en el kernel de Linux versiones hasta 5.11.8. Permite a atacantes causar una denegación de servicio (deadlock) porque la salida puede estar esperando para estacionar un hilo SQPOLL, pero al mismo tiempo ese hilo SQPOLL está esperando una señal para comenzar, también se conoce como CID-3ebba796fa25 • https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?id=3ebba796fa251d042be42b929a2d916ee5c34a49 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4VCKIOXCOZGXBEZMO5LGGV5MWCHO6FT3 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PTRNPQTZ4GVS46SZ4OBXY5YDOGVPSTGQ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/T2S3I4SLRNRUQDOFYUS6IUAZMQNMPNLG https://security.netapp.com/advisory/ntap-20210430-0003 • CWE-667: Improper Locking •
CVE-2021-28660
https://notcve.org/view.php?id=CVE-2021-28660
rtw_wx_set_scan in drivers/staging/rtl8188eu/os_dep/ioctl_linux.c in the Linux kernel through 5.11.6 allows writing beyond the end of the ->ssid[] array. NOTE: from the perspective of kernel.org releases, CVE IDs are not normally used for drivers/staging/* (unfinished work); however, system integrators may have situations in which a drivers/staging issue is relevant to their own customer base. La función rtw_wx_set_scan en el archivo drivers/staging/rtl8188eu/os_dep/ioctl_linux.c en el kernel de Linux versiones hasta 5.11.6, permite escribir más allá del final de la matriz -)ssid[]. NOTA: desde la perspectiva de las versiones de kernel.org, las ID de CVE no se usan normalmente para drivers/staging/* (trabajo sin terminar); sin embargo, los integradores de sistemas pueden tener situaciones en las que un problema de drivers/staging sea relevante para su propia base de clientes • http://www.openwall.com/lists/oss-security/2022/11/18/1 http://www.openwall.com/lists/oss-security/2022/11/21/2 https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=74b6b20df8cfe90ada777d621b54c32e69e27cd7 https://lists.debian.org/debian-lts-announce/2021/03/msg00035.html https://lists.debian.org/debian-lts-announce/2021/06/msg00020.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TJPVQZPY3DHPV5I3IVNMSMO6D3PKZISX https:/ • CWE-787: Out-of-bounds Write •
CVE-2021-28375
https://notcve.org/view.php?id=CVE-2021-28375
An issue was discovered in the Linux kernel through 5.11.6. fastrpc_internal_invoke in drivers/misc/fastrpc.c does not prevent user applications from sending kernel RPC messages, aka CID-20c40794eb85. This is a related issue to CVE-2019-2308. Se detectó un problema en el kernel de Linux versiones hasta 5.11.6. La función fastrpc_internal_invoke en el archivo drivers/misc/fastrpc.c no evita a unas aplicaciones de usuario enviar mensajes RPC del kernel, también se conoce como CID-20c40794eb85. Este es un problema relacionado con el CVE-2019-2308 • https://git.kernel.org/linus/20c40794eb85ea29852d7bc37c55713802a543d6 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/OMRQVOTASD3VZP6GE4JJHE27QU6FHTZ6 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TJPVQZPY3DHPV5I3IVNMSMO6D3PKZISX https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XAUNYDTGE6MB4NWL2SIHPCODCLET3JZB https://lore.kernel.org/stable/YD03ew7+6v0XPh6l%40kroah.com https://security.netapp.com/advisory/ntap-20210401-0003 • CWE-862: Missing Authorization •
CVE-2021-27363 – kernel: iscsi: unrestricted access to sessions and handles
https://notcve.org/view.php?id=CVE-2021-27363
An issue was discovered in the Linux kernel through 5.11.3. A kernel pointer leak can be used to determine the address of the iscsi_transport structure. When an iSCSI transport is registered with the iSCSI subsystem, the transport's handle is available to unprivileged users via the sysfs file system, at /sys/class/iscsi_transport/$TRANSPORT_NAME/handle. When read, the show_transport_handle function (in drivers/scsi/scsi_transport_iscsi.c) is called, which leaks the handle. This handle is actually the pointer to an iscsi_transport struct in the kernel module's global variables. • http://packetstormsecurity.com/files/162117/Kernel-Live-Patch-Security-Notice-LSN-0075-1.html http://www.openwall.com/lists/oss-security/2021/03/06/1 https://blog.grimm-co.com/2021/03/new-old-bugs-in-linux-kernel.html https://bugzilla.suse.com/show_bug.cgi?id=1182716 https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=688e8128b7a92df982709a4137ea4588d16f24aa https://lists.debian.org/debian-lts-announce/2021/03/msg00010.html https://lists.debian.org/debian • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVE-2021-28041
https://notcve.org/view.php?id=CVE-2021-28041
ssh-agent in OpenSSH before 8.5 has a double free that may be relevant in a few less-common scenarios, such as unconstrained agent-socket access on a legacy operating system, or the forwarding of an agent to an attacker-controlled host. ssh-agent en OpenSSH versiones anteriores a 8.5, presenta una doble liberación que puede ser relevante en algunos escenarios menos comunes, como el acceso sin restricciones al socket del agente en un sistema operativo heredado o el reenvío de un agente a un host controlado por el atacante • https://github.com/openssh/openssh-portable/commit/e04fd6dde16de1cdc5a4d9946397ff60d96568db https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KQWGII3LQR4AOTPPFXGMTYE7UDEWIUKI https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TXST2CML2MWY3PNVUXX7FFJE3ATJMNVZ https://security.gentoo.org/glsa/202105-35 https://security.netapp.com/advisory/ntap-20210416-0002 https://www.openssh.com/security.html https://www.openssh.com/txt/release-8.5 https://www • CWE-415: Double Free •