CVE-2021-47325 – iommu/arm-smmu: Fix arm_smmu_device refcount leak in address translation
https://notcve.org/view.php?id=CVE-2021-47325
In the Linux kernel, the following vulnerability has been resolved: iommu/arm-smmu: Fix arm_smmu_device refcount leak in address translation The reference counting issue happens in several exception handling paths of arm_smmu_iova_to_phys_hard(). When those error scenarios occur, the function forgets to decrease the refcount of "smmu" increased by arm_smmu_rpm_get(), causing a refcount leak. Fix this issue by jumping to "out" label when those error scenarios occur. En el kernel de Linux, se resolvió la siguiente vulnerabilidad: iommu/arm-smmu: corrige la fuga de recuento de referencias de arm_smmu_device en la traducción de direcciones. El problema de recuento de referencias ocurre en varias rutas de manejo de excepciones de arm_smmu_iova_to_phys_hard(). Cuando ocurren esos escenarios de error, la función se olvida de disminuir el recuento de "smmu" aumentado en arm_smmu_rpm_get(), lo que provoca una fuga de recuento. • https://git.kernel.org/stable/c/b11220803ad14a2a880cc06d8e01fe2548cc85b0 https://git.kernel.org/stable/c/43d1aaa1965f9b58035196dac49b1e1e6c9c25eb https://git.kernel.org/stable/c/0f0c5ea09139777d90729d408b807021f2ea6492 https://git.kernel.org/stable/c/5f9741a9a91f25c89e04b408cd61e3ab050ce24b https://git.kernel.org/stable/c/7c8f176d6a3fa18aa0f8875da6f7c672ed2a8554 •
CVE-2021-47324 – watchdog: Fix possible use-after-free in wdt_startup()
https://notcve.org/view.php?id=CVE-2021-47324
In the Linux kernel, the following vulnerability has been resolved: watchdog: Fix possible use-after-free in wdt_startup() This module's remove path calls del_timer(). However, that function does not wait until the timer handler finishes. This means that the timer handler may still be running after the driver's remove function has finished, which would result in a use-after-free. Fix by calling del_timer_sync(), which makes sure the timer handler has finished, and unable to re-schedule itself. En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: perro guardián: soluciona el posible use after free en wdt_startup(). La ruta de eliminación de este módulo llama a del_timer(). • https://git.kernel.org/stable/c/63a3dc24bd053792f84cb4eef0168b1266202a02 https://git.kernel.org/stable/c/862f2b5a7c38762ac9e369daefbf361a91aca685 https://git.kernel.org/stable/c/0ac50a76cf3cd63db000648b3b19f3f98b8aaa76 https://git.kernel.org/stable/c/dc9403097be52d57a5c9c35efa9be79d166a78af https://git.kernel.org/stable/c/146cc288fb80c662c9c35e7bc58325d1ac0a7875 https://git.kernel.org/stable/c/a397cb4576fc2fc802562418b3a50b8f67d60d31 https://git.kernel.org/stable/c/b4ebf4a4692e84163a69444c70ad515de06e2259 https://git.kernel.org/stable/c/8adbbe6c86bb13e14f8a19e036ae5f4f5 • CWE-416: Use After Free •
CVE-2021-47323 – watchdog: sc520_wdt: Fix possible use-after-free in wdt_turnoff()
https://notcve.org/view.php?id=CVE-2021-47323
In the Linux kernel, the following vulnerability has been resolved: watchdog: sc520_wdt: Fix possible use-after-free in wdt_turnoff() This module's remove path calls del_timer(). However, that function does not wait until the timer handler finishes. This means that the timer handler may still be running after the driver's remove function has finished, which would result in a use-after-free. Fix by calling del_timer_sync(), which makes sure the timer handler has finished, and unable to re-schedule itself. En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: watchdog: sc520_wdt: corrige posible use after free en wdt_turnoff(). La ruta de eliminación de este módulo llama a del_timer(). • https://git.kernel.org/stable/c/0015581a79bbf8e521f85dddb7d3e4a66b9f51d4 https://git.kernel.org/stable/c/b4565a8a2d6bffb05bfbec11399d261ec16fe373 https://git.kernel.org/stable/c/2aef07017fae21c3d8acea9656b10e3b9c0f1e04 https://git.kernel.org/stable/c/522e75ed63f67e815d4ec0deace67df22d9ce78e https://git.kernel.org/stable/c/7c56c5508dc20a6b133bc669fc34327a6711c24c https://git.kernel.org/stable/c/a173e3b62cf6dd3c4a0a10c8a82eedfcae81a566 https://git.kernel.org/stable/c/b3c41ea5bc34d8c7b19e230d80e0e555c6f5057d https://git.kernel.org/stable/c/f0feab82f6a0323f54d85e8b512a2be64 • CWE-416: Use After Free •
CVE-2021-47321 – watchdog: Fix possible use-after-free by calling del_timer_sync()
https://notcve.org/view.php?id=CVE-2021-47321
In the Linux kernel, the following vulnerability has been resolved: watchdog: Fix possible use-after-free by calling del_timer_sync() This driver's remove path calls del_timer(). However, that function does not wait until the timer handler finishes. This means that the timer handler may still be running after the driver's remove function has finished, which would result in a use-after-free. Fix by calling del_timer_sync(), which makes sure the timer handler has finished, and unable to re-schedule itself. En el kernel de Linux, se resolvió la siguiente vulnerabilidad: perro guardián: solucione el posible use after free llamando a del_timer_sync(). La ruta de eliminación de este controlador llama a del_timer(). • https://git.kernel.org/stable/c/58606882ad8ec6c39e0f40344b922921ef94ab4d https://git.kernel.org/stable/c/ca96b8ea5e74956071154bdb456778cc3027e79f https://git.kernel.org/stable/c/8bec568d7518b1504a602ed5376bb322e4dbb270 https://git.kernel.org/stable/c/ecd620e0fb1ff7f78fdb593379b2e6938c99707a https://git.kernel.org/stable/c/db222f1477ad5692cd454709b714949807e5d111 https://git.kernel.org/stable/c/66ba9cf929b1c4fabf545bd4c18f6f64e23e46e4 https://git.kernel.org/stable/c/4c05dac488a660fe2925c047ecb119e7afaaeb1e https://git.kernel.org/stable/c/1a053c4d716898a53c2e31c574a70ea0c • CWE-416: Use After Free •
CVE-2021-47320 – nfs: fix acl memory leak of posix_acl_create()
https://notcve.org/view.php?id=CVE-2021-47320
In the Linux kernel, the following vulnerability has been resolved: nfs: fix acl memory leak of posix_acl_create() When looking into another nfs xfstests report, I found acl and default_acl in nfs3_proc_create() and nfs3_proc_mknod() error paths are possibly leaked. Fix them in advance. En el kernel de Linux, se resolvió la siguiente vulnerabilidad: nfs: corrige la pérdida de memoria acl de posix_acl_create(). Al buscar en otro informe de nfs xfstests, encontré que acl y default_acl en nfs3_proc_create() y las rutas de error de nfs3_proc_mknod() posiblemente se hayan filtrado. Arréglelos con anticipación. • https://git.kernel.org/stable/c/013cdf1088d7235da9477a2375654921d9b9ba9f https://git.kernel.org/stable/c/2e3960f276b4574a9bb0dfa31a7497302f6363b2 https://git.kernel.org/stable/c/cef9d9acb7c80ed6bace894b6334557fd493863b https://git.kernel.org/stable/c/8a2b308a54c5ec224fedc753617f99b29ffcd883 https://git.kernel.org/stable/c/0704f617040c397ae73c1f88f3956787ec5d6529 https://git.kernel.org/stable/c/d0b32dc1409f7e65e4fcc34e236462268e69a357 https://git.kernel.org/stable/c/4b515308ab875c7e8ada8e606fe0c64762da5ed4 https://git.kernel.org/stable/c/c8fc86e9df6a6a03f5a8e15a3b7a5c75f •