CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 0CVE-2021-47550 – drm/amd/amdgpu: fix potential memleak
https://notcve.org/view.php?id=CVE-2021-47550
24 May 2024 — In the Linux kernel, the following vulnerability has been resolved: drm/amd/amdgpu: fix potential memleak In function amdgpu_get_xgmi_hive, when kobject_init_and_add failed There is a potential memleak if not call kobject_put. En el kernel de Linux, se resolvió la siguiente vulnerabilidad: drm/amd/amdgpu: corrige una posible fuga de mem en la función amdgpu_get_xgmi_hive, cuando falla kobject_init_and_add Hay una posible fuga de mem si no se llama a kobject_put. In the Linux kernel, the following vulnerabil... • https://git.kernel.org/stable/c/c746945fb6bcbe3863c9ea6369c7ef376e38e5eb • CWE-401: Missing Release of Memory after Effective Lifetime •
CVSS: 7.8EPSS: 0%CPEs: 8EXPL: 0CVE-2021-47549 – sata_fsl: fix UAF in sata_fsl_port_stop when rmmod sata_fsl
https://notcve.org/view.php?id=CVE-2021-47549
24 May 2024 — In the Linux kernel, the following vulnerability has been resolved: sata_fsl: fix UAF in sata_fsl_port_stop when rmmod sata_fsl When the `rmmod sata_fsl.ko` command is executed in the PPC64 GNU/Linux, a bug is reported: ================================================================== BUG: Unable to handle kernel data access on read at 0x80000800805b502c Oops: Kernel access of bad area, sig: 11 [#1] NIP [c0000000000388a4] .ioread32+0x4/0x20 LR [80000000000c6034] .sata_fsl_port_stop+0x44/0xe0 [sata_fsl] Cal... • https://git.kernel.org/stable/c/faf0b2e5afe7dae072d2715763c7f992b612b628 •
CVSS: 9.8EPSS: 0%CPEs: 7EXPL: 0CVE-2021-47548 – ethernet: hisilicon: hns: hns_dsaf_misc: fix a possible array overflow in hns_dsaf_ge_srst_by_port()
https://notcve.org/view.php?id=CVE-2021-47548
24 May 2024 — In the Linux kernel, the following vulnerability has been resolved: ethernet: hisilicon: hns: hns_dsaf_misc: fix a possible array overflow in hns_dsaf_ge_srst_by_port() The if statement: if (port >= DSAF_GE_NUM) return; limits the value of port less than DSAF_GE_NUM (i.e., 8). However, if the value of port is 6 or 7, an array overflow could occur: port_rst_off = dsaf_dev->mac_cb[port]->port_rst_off; because the length of dsaf_dev->mac_cb is DSAF_MAX_PORT_NUM (i.e., 6). To fix this possible array overflow, w... • https://git.kernel.org/stable/c/948968f8747650447c8f21c9fdba0e1973be040b • CWE-129: Improper Validation of Array Index •
CVSS: 4.4EPSS: 0%CPEs: 8EXPL: 0CVE-2021-47547 – net: tulip: de4x5: fix the problem that the array 'lp->phy[8]' may be out of bound
https://notcve.org/view.php?id=CVE-2021-47547
24 May 2024 — In the Linux kernel, the following vulnerability has been resolved: net: tulip: de4x5: fix the problem that the array 'lp->phy[8]' may be out of bound In line 5001, if all id in the array 'lp->phy[8]' is not 0, when the 'for' end, the 'k' is 8. At this time, the array 'lp->phy[8]' may be out of bound. En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: net: tulip: de4x5: soluciona el problema de que la matriz 'lp->phy[8]' puede estar fuera de límites En la línea 5001, si todos los ID de la... • https://git.kernel.org/stable/c/ec5bd0aef1cec96830d0c7e06d3597d9e786cc98 •
CVSS: 5.5EPSS: 0%CPEs: 6EXPL: 0CVE-2021-47546 – ipv6: fix memory leak in fib6_rule_suppress
https://notcve.org/view.php?id=CVE-2021-47546
24 May 2024 — In the Linux kernel, the following vulnerability has been resolved: ipv6: fix memory leak in fib6_rule_suppress The kernel leaks memory when a `fib` rule is present in IPv6 nftables firewall rules and a suppress_prefix rule is present in the IPv6 routing rules (used by certain tools such as wg-quick). In such scenarios, every incoming packet will leak an allocation in `ip6_dst_cache` slab cache. After some hours of `bpftrace`-ing and source code reading, I tracked down the issue to ca7a03c41753 ("ipv6: do n... • https://git.kernel.org/stable/c/ca7a03c4175366a92cee0ccc4fec0038c3266e26 • CWE-401: Missing Release of Memory after Effective Lifetime •
CVSS: 6.3EPSS: 0%CPEs: 3EXPL: 0CVE-2021-47544 – tcp: fix page frag corruption on page fault
https://notcve.org/view.php?id=CVE-2021-47544
24 May 2024 — In the Linux kernel, the following vulnerability has been resolved: tcp: fix page frag corruption on page fault Steffen reported a TCP stream corruption for HTTP requests served by the apache web-server using a cifs mount-point and memory mapping the relevant file. The root cause is quite similar to the one addressed by commit 20eb4f29b602 ("net: fix sk_page_frag() recursion from memory reclaim"). Here the nested access to the task page frag is caused by a page fault on the (mmapped) user-space memory buffe... • https://git.kernel.org/stable/c/5640f7685831e088fe6c2e1f863a6805962f8e81 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 5.5EPSS: 0%CPEs: 8EXPL: 0CVE-2021-47542 – net: qlogic: qlcnic: Fix a NULL pointer dereference in qlcnic_83xx_add_rings()
https://notcve.org/view.php?id=CVE-2021-47542
24 May 2024 — In the Linux kernel, the following vulnerability has been resolved: net: qlogic: qlcnic: Fix a NULL pointer dereference in qlcnic_83xx_add_rings() In qlcnic_83xx_add_rings(), the indirect function of ahw->hw_ops->alloc_mbx_args will be called to allocate memory for cmd.req.arg, and there is a dereference of it in qlcnic_83xx_add_rings(), which could lead to a NULL pointer dereference on failure of the indirect function like qlcnic_83xx_alloc_mbx_args(). Fix this bug by adding a check of alloc_mbx_args(), th... • https://git.kernel.org/stable/c/7f9664525f9cb507de9198a395a111371413f230 • CWE-476: NULL Pointer Dereference •
CVSS: 7.8EPSS: 0%CPEs: 6EXPL: 0CVE-2021-47541 – net/mlx4_en: Fix an use-after-free bug in mlx4_en_try_alloc_resources()
https://notcve.org/view.php?id=CVE-2021-47541
24 May 2024 — In the Linux kernel, the following vulnerability has been resolved: net/mlx4_en: Fix an use-after-free bug in mlx4_en_try_alloc_resources() In mlx4_en_try_alloc_resources(), mlx4_en_copy_priv() is called and tmp->tx_cq will be freed on the error path of mlx4_en_copy_priv(). After that mlx4_en_alloc_resources() is called and there is a dereference of &tmp->tx_cq[t][i] in mlx4_en_alloc_resources(), which could lead to a use after free problem on failure of mlx4_en_copy_priv(). Fix this bug by adding a check o... • https://git.kernel.org/stable/c/ec25bc04ed8e12947738468cbe2191f1529f9e39 • CWE-416: Use After Free •
CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 0CVE-2021-47540 – mt76: mt7915: fix NULL pointer dereference in mt7915_get_phy_mode
https://notcve.org/view.php?id=CVE-2021-47540
24 May 2024 — In the Linux kernel, the following vulnerability has been resolved: mt76: mt7915: fix NULL pointer dereference in mt7915_get_phy_mode Fix the following NULL pointer dereference in mt7915_get_phy_mode routine adding an ibss interface to the mt7915 driver. [ 101.137097] wlan0: Trigger new scan to find an IBSS to join [ 102.827039] wlan0: Creating new IBSS network, BSSID 26:a4:50:1a:6e:69 [ 103.064756] Unable to handle kernel NULL pointer dereference at virtual address 0000000000000000 [ 103.073670] Mem abort ... • https://git.kernel.org/stable/c/37f4ca907c462d7c8a1ac9e7e3473681b5f893dd • CWE-476: NULL Pointer Dereference •
CVSS: 3.3EPSS: 0%CPEs: 3EXPL: 0CVE-2021-47539 – rxrpc: Fix rxrpc_peer leak in rxrpc_look_up_bundle()
https://notcve.org/view.php?id=CVE-2021-47539
24 May 2024 — In the Linux kernel, the following vulnerability has been resolved: rxrpc: Fix rxrpc_peer leak in rxrpc_look_up_bundle() Need to call rxrpc_put_peer() for bundle candidate before kfree() as it holds a ref to rxrpc_peer. [DH: v2: Changed to abstract out the bundle freeing code into a function] En el kernel de Linux, se resolvió la siguiente vulnerabilidad: rxrpc: corrige la fuga de rxrpc_peer en rxrpc_look_up_bundle() Es necesario llamar a rxrpc_put_peer() para el paquete candidato antes de kfree(), ya que c... • https://git.kernel.org/stable/c/245500d853e9f20036cec7df4f6984ece4c6bf26 •