CVSS: -EPSS: 0%CPEs: 8EXPL: 0CVE-2021-47442 – NFC: digital: fix possible memory leak in digital_in_send_sdd_req()
https://notcve.org/view.php?id=CVE-2021-47442
22 May 2024 — In the Linux kernel, the following vulnerability has been resolved: NFC: digital: fix possible memory leak in digital_in_send_sdd_req() 'skb' is allocated in digital_in_send_sdd_req(), but not free when digital_in_send_cmd() failed, which will cause memory leak. Fix it by freeing 'skb' if digital_in_send_cmd() return failed. En el kernel de Linux, se resolvió la siguiente vulnerabilidad: NFC: digital: corrige una posible pérdida de memoria en digital_in_send_sdd_req() 'skb' está asignado en digital_in_sen... • https://git.kernel.org/stable/c/2c66daecc4092e6049673c281b2e6f0d5e59a94c •
CVSS: 7.3EPSS: 0%CPEs: 4EXPL: 0CVE-2021-47441 – mlxsw: thermal: Fix out-of-bounds memory accesses
https://notcve.org/view.php?id=CVE-2021-47441
22 May 2024 — In the Linux kernel, the following vulnerability has been resolved: mlxsw: thermal: Fix out-of-bounds memory accesses Currently, mlxsw allows cooling states to be set above the maximum cooling state supported by the driver: # cat /sys/class/thermal/thermal_zone2/cdev0/type mlxsw_fan # cat /sys/class/thermal/thermal_zone2/cdev0/max_state 10 # echo 18 > /sys/class/thermal/thermal_zone2/cdev0/cur_state # echo $? 0 This results in out-of-bounds memory accesses when thermal state transition statistics... • https://git.kernel.org/stable/c/a50c1e35650b929500bd89be61c89d95a267ce56 • CWE-787: Out-of-bounds Write •
CVSS: 2.3EPSS: 0%CPEs: 8EXPL: 0CVE-2021-47440 – net: encx24j600: check error in devm_regmap_init_encx24j600
https://notcve.org/view.php?id=CVE-2021-47440
22 May 2024 — In the Linux kernel, the following vulnerability has been resolved: net: encx24j600: check error in devm_regmap_init_encx24j600 devm_regmap_init may return error which caused by like out of memory, this will results in null pointer dereference later when reading or writing register: general protection fault in encx24j600_spi_probe KASAN: null-ptr-deref in range [0x0000000000000090-0x0000000000000097] CPU: 0 PID: 286 Comm: spi-encx24j600- Not tainted 5.15.0-rc2-00142-g9978db750e31-dirty #11 9c53a778c1306b... • https://git.kernel.org/stable/c/04fbfce7a222327b97ca165294ef19f0faa45960 • CWE-476: NULL Pointer Dereference •
CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 0CVE-2021-47439 – net: dsa: microchip: Added the condition for scheduling ksz_mib_read_work
https://notcve.org/view.php?id=CVE-2021-47439
22 May 2024 — In the Linux kernel, the following vulnerability has been resolved: net: dsa: microchip: Added the condition for scheduling ksz_mib_read_work When the ksz module is installed and removed using rmmod, kernel crashes with null pointer dereferrence error. During rmmod, ksz_switch_remove function tries to cancel the mib_read_workqueue using cancel_delayed_work_sync routine and unregister switch from dsa. During dsa_unregister_switch it calls ksz_mac_link_down, which in turn reschedules the workqueue since mi... • https://git.kernel.org/stable/c/469b390e1ba330e888175e55d78573db2e9a8cb4 •
CVSS: -EPSS: 0%CPEs: 3EXPL: 0CVE-2021-47438 – net/mlx5e: Fix memory leak in mlx5_core_destroy_cq() error path
https://notcve.org/view.php?id=CVE-2021-47438
22 May 2024 — In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: Fix memory leak in mlx5_core_destroy_cq() error path Prior to this patch in case mlx5_core_destroy_cq() failed it returns without completing all destroy operations and that leads to memory leak. Instead, complete the destroy flow before return error. Also move mlx5_debug_cq_remove() to the beginning of mlx5_core_destroy_cq() to be symmetrical with mlx5_core_create_cq(). kmemleak complains on: unreferenced object 0xc000000038... • https://git.kernel.org/stable/c/e126ba97dba9edeb6fafa3665b5f8497fc9cdf8c •
CVSS: -EPSS: 0%CPEs: 2EXPL: 0CVE-2021-47437 – iio: adis16475: fix deadlock on frequency set
https://notcve.org/view.php?id=CVE-2021-47437
22 May 2024 — In the Linux kernel, the following vulnerability has been resolved: iio: adis16475: fix deadlock on frequency set With commit 39c024b51b560 ("iio: adis16475: improve sync scale mode handling"), two deadlocks were introduced: 1) The call to 'adis_write_reg_16()' was not changed to it's unlocked version. 2) The lock was not being released on the success path of the function. This change fixes both these issues. En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: iio: adis16475: corrige... • https://git.kernel.org/stable/c/39c024b51b5607e9d2fc6c04c2573e4a778c728d •
CVSS: -EPSS: 0%CPEs: 6EXPL: 0CVE-2021-47436 – usb: musb: dsps: Fix the probe error path
https://notcve.org/view.php?id=CVE-2021-47436
22 May 2024 — In the Linux kernel, the following vulnerability has been resolved: usb: musb: dsps: Fix the probe error path Commit 7c75bde329d7 ("usb: musb: musb_dsps: request_irq() after initializing musb") has inverted the calls to dsps_setup_optional_vbus_irq() and dsps_create_musb_pdev() without updating correctly the error path. dsps_create_musb_pdev() allocates and registers a new platform device which must be unregistered and freed with platform_device_unregister(), and this is missing upon dsps_setup_optional_v... • https://git.kernel.org/stable/c/5269937d1483d3159d5b51907346e4f4b13ef079 •
CVSS: 5.5EPSS: 0%CPEs: 7EXPL: 0CVE-2021-47435 – dm: fix mempool NULL pointer race when completing IO
https://notcve.org/view.php?id=CVE-2021-47435
22 May 2024 — In the Linux kernel, the following vulnerability has been resolved: dm: fix mempool NULL pointer race when completing IO dm_io_dec_pending() calls end_io_acct() first and will then dec md in-flight pending count. But if a task is swapping DM table at same time this can result in a crash due to mempool->elements being NULL: task1 task2 do_resume ->do_suspend ->dm_wait_for_completion bio_endio ->clone_endio ->dm_io_dec_pending ... • https://git.kernel.org/stable/c/9fb7cd5c7fef0f1c982e3cd27745a0dec260eaed • CWE-476: NULL Pointer Dereference •
CVSS: -EPSS: 0%CPEs: 6EXPL: 0CVE-2021-47434 – xhci: Fix command ring pointer corruption while aborting a command
https://notcve.org/view.php?id=CVE-2021-47434
22 May 2024 — In the Linux kernel, the following vulnerability has been resolved: xhci: Fix command ring pointer corruption while aborting a command The command ring pointer is located at [6:63] bits of the command ring control register (CRCR). All the control bits like command stop, abort are located at [0:3] bits. While aborting a command, we read the CRCR and set the abort bit and write to the CRCR. The read will always give command ring pointer as all zeros. So we essentially write only the control bits. • https://git.kernel.org/stable/c/22bcb65ea41072ab5d03c0c6290e04e0df6d09a0 •
CVSS: -EPSS: 0%CPEs: 3EXPL: 0CVE-2021-47433 – btrfs: fix abort logic in btrfs_replace_file_extents
https://notcve.org/view.php?id=CVE-2021-47433
22 May 2024 — In the Linux kernel, the following vulnerability has been resolved: btrfs: fix abort logic in btrfs_replace_file_extents Error injection testing uncovered a case where we'd end up with a corrupt file system with a missing extent in the middle of a file. This occurs because the if statement to decide if we should abort is wrong. The only way we would abort in this case is if we got a ret != -EOPNOTSUPP and we called from the file clone code. However the prealloc code uses this path too. Instead we need... • https://git.kernel.org/stable/c/0e32a2b85c7d92ece86c17dfef390c5ed79c6378 •