CVSS: 5.5EPSS: 0%CPEs: 4EXPL: 0CVE-2021-47522 – HID: bigbenff: prevent null pointer dereference
https://notcve.org/view.php?id=CVE-2021-47522
In the Linux kernel, the following vulnerability has been resolved: HID: bigbenff: prevent null pointer dereference When emulating the device through uhid, there is a chance we don't have output reports and so report_field is null. En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: HID: bigbenff: evita la desreferencia del puntero nulo Al emular el dispositivo a través de uhid, existe la posibilidad de que no tengamos informes de salida y, por lo tanto, report_field sea nulo. • https://git.kernel.org/stable/c/8e0ceff632f48175ec7fb4706129c55ca8a7c7bd https://git.kernel.org/stable/c/6272b17001e6fdcf7b4a16206287010a1523fa6e https://git.kernel.org/stable/c/58f15f5ae7786c824868f3a7e093859b74669ce7 https://git.kernel.org/stable/c/918aa1ef104d286d16b9e7ef139a463ac7a296f0 • CWE-476: NULL Pointer Dereference •
CVSS: 7.8EPSS: 0%CPEs: 8EXPL: 0CVE-2021-47521 – can: sja1000: fix use after free in ems_pcmcia_add_card()
https://notcve.org/view.php?id=CVE-2021-47521
In the Linux kernel, the following vulnerability has been resolved: can: sja1000: fix use after free in ems_pcmcia_add_card() If the last channel is not available then "dev" is freed. Fortunately, we can just use "pdev->irq" instead. Also we should check if at least one channel was set up. En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: can: sja1000: arreglar el use after free en ems_pcmcia_add_card() Si el último canal no está disponible entonces se libera "dev". Afortunadamente, podemos usar "pdev->irq" en su lugar. También debemos comprobar si se configuró al menos un canal. • https://git.kernel.org/stable/c/fd734c6f25aea4b2b44b045e489aec67b388577e https://git.kernel.org/stable/c/cbd86110546f7f730a1f5d7de56c944a336c15c4 https://git.kernel.org/stable/c/1dd5b819f7e406dc15bbc7670596ff25261aaa2a https://git.kernel.org/stable/c/c8718026ba287168ff9ad0ccc4f9a413062cba36 https://git.kernel.org/stable/c/ccf070183e4655824936c0f96c4a2bcca93419aa https://git.kernel.org/stable/c/1a295fea90e1acbe80c6d4940f5ff856edcd6bec https://git.kernel.org/stable/c/923f4dc5df679f678e121c20bf2fd70f7bf3e288 https://git.kernel.org/stable/c/474f9a8534f5f89841240a7e978bafd6e • CWE-416: Use After Free •
CVSS: 7.8EPSS: 0%CPEs: 8EXPL: 0CVE-2021-47520 – can: pch_can: pch_can_rx_normal: fix use after free
https://notcve.org/view.php?id=CVE-2021-47520
In the Linux kernel, the following vulnerability has been resolved: can: pch_can: pch_can_rx_normal: fix use after free After calling netif_receive_skb(skb), dereferencing skb is unsafe. Especially, the can_frame cf which aliases skb memory is dereferenced just after the call netif_receive_skb(skb). Reordering the lines solves the issue. En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: can: pch_can: pch_can_rx_normal: corregir el use after free después de llamar a netif_receive_skb(skb), desreferenciar skb no es seguro. Especialmente, el can_frame cf que alias la memoria skb se desreferencia justo después de la llamada netif_receive_skb(skb). Reordenar las líneas resuelve el problema. • https://git.kernel.org/stable/c/b21d18b51b31a24d17f883b678432fbdee3d5675 https://git.kernel.org/stable/c/bafe343a885c70dddf358379cf0b2a1c07355d8d https://git.kernel.org/stable/c/3a3c46e2eff0577454860a203be1a8295f4acb76 https://git.kernel.org/stable/c/affbad02bf80380a7403885b9fe4a1587d1bb4f3 https://git.kernel.org/stable/c/3e193ef4e0a3f5bf92ede83ef214cb09d01b00aa https://git.kernel.org/stable/c/abb4eff3dcd2e583060082a18a8dbf31f02689d4 https://git.kernel.org/stable/c/703dde112021c93d6e89443c070e7dbd4dea612e https://git.kernel.org/stable/c/6c73fc931658d8cbc8a1714b326cb31eb • CWE-416: Use After Free •
CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 0CVE-2021-47519 – can: m_can: m_can_read_fifo: fix memory leak in error branch
https://notcve.org/view.php?id=CVE-2021-47519
In the Linux kernel, the following vulnerability has been resolved: can: m_can: m_can_read_fifo: fix memory leak in error branch In m_can_read_fifo(), if the second call to m_can_fifo_read() fails, the function jump to the out_fail label and returns without calling m_can_receive_skb(). This means that the skb previously allocated by alloc_can_skb() is not freed. In other terms, this is a memory leak. This patch adds a goto label to destroy the skb if an error occurs. Issue was found with GCC -fanalyzer, please follow the link below for details. En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: can: m_can: m_can_read_fifo: corrige la pérdida de memoria en la rama de error En m_can_read_fifo(), si la segunda llamada a m_can_fifo_read() falla, la función salta a la etiqueta out_fail y regresa sin llamar m_can_receive_skb(). Esto significa que el skb previamente asignado por alloc_can_skb() no se libera. • https://git.kernel.org/stable/c/e39381770ec9ca3c51d8b9bd9cc6e01d78ea974a https://git.kernel.org/stable/c/75a422165477dd12d2d20aa7c9ee7c9a281c9908 https://git.kernel.org/stable/c/31cb32a590d62b18f69a9a6d433f4e69c74fdd56 • CWE-401: Missing Release of Memory after Effective Lifetime •
CVSS: 5.5EPSS: 0%CPEs: 8EXPL: 0CVE-2021-47518 – nfc: fix potential NULL pointer deref in nfc_genl_dump_ses_done
https://notcve.org/view.php?id=CVE-2021-47518
In the Linux kernel, the following vulnerability has been resolved: nfc: fix potential NULL pointer deref in nfc_genl_dump_ses_done The done() netlink callback nfc_genl_dump_ses_done() should check if received argument is non-NULL, because its allocation could fail earlier in dumpit() (nfc_genl_dump_ses()). En el kernel de Linux, se resolvió la siguiente vulnerabilidad: nfc: corrige la posible deref del puntero NULL en nfc_genl_dump_ses_done La devolución de llamada de netlink done() nfc_genl_dump_ses_done() debe verificar si el argumento recibido no es NULL, porque su asignación podría fallar antes en dumpit() (nfc_genl_dump_ses()). • https://git.kernel.org/stable/c/ac22ac466a659f1b2e02a2e2ee23fc5c42da2c95 https://git.kernel.org/stable/c/87cdb8789c38e44ae5454aafe277997c950d00ed https://git.kernel.org/stable/c/69bb79a8f5bb9f436b6f1434ca9742591b7bbe18 https://git.kernel.org/stable/c/811a7576747760bcaf60502f096d1e6e91d566fa https://git.kernel.org/stable/c/3b861a40325eac9c4c13b6c53874ad90617e944d https://git.kernel.org/stable/c/48fcd08fdbe05e35b650a252ec2a2d96057a1c7a https://git.kernel.org/stable/c/83ea620a1be840bf05089a5061fb8323ca42f38c https://git.kernel.org/stable/c/fae9705d281091254d4a81fa2da9d2234 • CWE-476: NULL Pointer Dereference •