CVSS: 5.5EPSS: 0%CPEs: 4EXPL: 0CVE-2021-47430 – x86/entry: Clear X86_FEATURE_SMAP when CONFIG_X86_SMAP=n
https://notcve.org/view.php?id=CVE-2021-47430
21 May 2024 — In the Linux kernel, the following vulnerability has been resolved: x86/entry: Clear X86_FEATURE_SMAP when CONFIG_X86_SMAP=n Commit 3c73b81a9164 ("x86/entry, selftests: Further improve user entry sanity checks") added a warning if AC is set when in the kernel. Commit 662a0221893a3d ("x86/entry: Fix AC assertion") changed the warning to only fire if the CPU supports SMAP. However, the warning can still trigger on a machine that supports SMAP but where it's disabled in the kernel config and when running the s... • https://git.kernel.org/stable/c/3c73b81a9164d0c1b6379d6672d2772a9e95168e •
CVSS: 7.1EPSS: 0%CPEs: 2EXPL: 0CVE-2021-47429 – powerpc/64s: Fix unrecoverable MCE calling async handler from NMI
https://notcve.org/view.php?id=CVE-2021-47429
21 May 2024 — In the Linux kernel, the following vulnerability has been resolved: powerpc/64s: Fix unrecoverable MCE calling async handler from NMI The machine check handler is not considered NMI on 64s. The early handler is the true NMI handler, and then it schedules the machine_check_exception handler to run when interrupts are enabled. This works fine except the case of an unrecoverable MCE, where the true NMI is taken when MSR[RI] is clear, it can not recover, so it calls machine_check_exception directly so something... • https://git.kernel.org/stable/c/2b43dd7653cca47d297756980846ebbfe8887fa1 • CWE-99: Improper Control of Resource Identifiers ('Resource Injection') •
CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 0CVE-2021-47428 – powerpc/64s: fix program check interrupt emergency stack path
https://notcve.org/view.php?id=CVE-2021-47428
21 May 2024 — In the Linux kernel, the following vulnerability has been resolved: powerpc/64s: fix program check interrupt emergency stack path Emergency stack path was jumping into a 3: label inside the __GEN_COMMON_BODY macro for the normal path after it had finished, rather than jumping over it. By a small miracle this is the correct place to build up a new interrupt frame with the existing stack pointer, so things basically worked okay with an added weird looking 700 trap frame on top (which had the wrong ->nip so it... • https://git.kernel.org/stable/c/0a882e28468f48ab3d9a36dde0a5723ea29ed1ed • CWE-20: Improper Input Validation •
CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 0CVE-2021-47427 – scsi: iscsi: Fix iscsi_task use after free
https://notcve.org/view.php?id=CVE-2021-47427
21 May 2024 — In the Linux kernel, the following vulnerability has been resolved: scsi: iscsi: Fix iscsi_task use after free Commit d39df158518c ("scsi: iscsi: Have abort handler get ref to conn") added iscsi_get_conn()/iscsi_put_conn() calls during abort handling but then also changed the handling of the case where we detect an already completed task where we now end up doing a goto to the common put/cleanup code. This results in a iscsi_task use after free, because the common cleanup code will do a put on the iscsi_tas... • https://git.kernel.org/stable/c/d39df158518ccc3bf24ee18082b5e100c8f014aa •
CVSS: 3.3EPSS: 0%CPEs: 4EXPL: 0CVE-2021-47426 – bpf, s390: Fix potential memory leak about jit_data
https://notcve.org/view.php?id=CVE-2021-47426
21 May 2024 — In the Linux kernel, the following vulnerability has been resolved: bpf, s390: Fix potential memory leak about jit_data Make sure to free jit_data through kfree() in the error path. En el kernel de Linux, se resolvió la siguiente vulnerabilidad: bpf, s390: solucione una posible pérdida de memoria sobre jit_data. Asegúrese de liberar jit_data mediante kfree() en la ruta de error. • https://git.kernel.org/stable/c/1c8f9b91c456f5b47a377a0c8c5d4130fc39433a •
CVSS: 5.5EPSS: 0%CPEs: 6EXPL: 0CVE-2021-47425 – i2c: acpi: fix resource leak in reconfiguration device addition
https://notcve.org/view.php?id=CVE-2021-47425
21 May 2024 — In the Linux kernel, the following vulnerability has been resolved: i2c: acpi: fix resource leak in reconfiguration device addition acpi_i2c_find_adapter_by_handle() calls bus_find_device() which takes a reference on the adapter which is never released which will result in a reference count leak and render the adapter unremovable. Make sure to put the adapter after creating the client in the same manner that we do for OF. [wsa: fixed title] En el kernel de Linux, se resolvió la siguiente vulnerabilidad: i2c... • https://git.kernel.org/stable/c/525e6fabeae286848592363bda13bc34b59bb5ac •
CVSS: 5.5EPSS: 0%CPEs: 5EXPL: 0CVE-2021-47424 – i40e: Fix freeing of uninitialized misc IRQ vector
https://notcve.org/view.php?id=CVE-2021-47424
21 May 2024 — In the Linux kernel, the following vulnerability has been resolved: i40e: Fix freeing of uninitialized misc IRQ vector When VSI set up failed in i40e_probe() as part of PF switch set up driver was trying to free misc IRQ vectors in i40e_clear_interrupt_scheme and produced a kernel Oops: Trying to free already-free IRQ 266 WARNING: CPU: 0 PID: 5 at kernel/irq/manage.c:1731 __free_irq+0x9a/0x300 Workqueue: events work_for_cpu_fn RIP: 0010:__free_irq+0x9a/0x300 Call Trace: ? synchronize_irq+0x3a/0xa0 free_irq+... • https://git.kernel.org/stable/c/c17401a1dd210a5f22ab1ec7c7366037c158a14c •
CVSS: 5.5EPSS: 0%CPEs: 7EXPL: 0CVE-2021-47423 – drm/nouveau/debugfs: fix file release memory leak
https://notcve.org/view.php?id=CVE-2021-47423
21 May 2024 — In the Linux kernel, the following vulnerability has been resolved: drm/nouveau/debugfs: fix file release memory leak When using single_open() for opening, single_release() should be called, otherwise the 'op' allocated in single_open() will be leaked. En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: drm/nouveau/debugfs: corrige la pérdida de memoria de liberación de archivos. Cuando se usa single_open() para abrir, se debe llamar a single_release(); de lo contrario, se ejecutará la 'op' a... • https://git.kernel.org/stable/c/6e9fc177399f08446293fec7607913fdbc95e191 •
CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 0CVE-2021-47422 – drm/nouveau/kms/nv50-: fix file release memory leak
https://notcve.org/view.php?id=CVE-2021-47422
21 May 2024 — In the Linux kernel, the following vulnerability has been resolved: drm/nouveau/kms/nv50-: fix file release memory leak When using single_open() for opening, single_release() should be called, otherwise the 'op' allocated in single_open() will be leaked. En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: drm/nouveau/kms/nv50-: corrige la pérdida de memoria de liberación de archivos. Cuando se usa single_open() para abrir, se debe llamar a single_release(); de lo contrario, se debe llamar a l... • https://git.kernel.org/stable/c/12885ecbfe62df4358d452080d3b8feef54ec8cb •
CVSS: 4.7EPSS: 0%CPEs: 2EXPL: 0CVE-2021-47421 – drm/amdgpu: handle the case of pci_channel_io_frozen only in amdgpu_pci_resume
https://notcve.org/view.php?id=CVE-2021-47421
21 May 2024 — In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: handle the case of pci_channel_io_frozen only in amdgpu_pci_resume In current code, when a PCI error state pci_channel_io_normal is detectd, it will report PCI_ERS_RESULT_CAN_RECOVER status to PCI driver, and PCI driver will continue the execution of PCI resume callback report_resume by pci_walk_bridge, and the callback will go into amdgpu_pci_resume finally, where write lock is releasd unconditionally without acquiring such loc... • https://git.kernel.org/stable/c/c9a6b82f45e261d247b980a7949aaa6a9bfffe01 •