CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 0CVE-2021-46920 – dmaengine: idxd: Fix clobbering of SWERR overflow bit on writeback
https://notcve.org/view.php?id=CVE-2021-46920
27 Feb 2024 — In the Linux kernel, the following vulnerability has been resolved: dmaengine: idxd: Fix clobbering of SWERR overflow bit on writeback Current code blindly writes over the SWERR and the OVERFLOW bits. Write back the bits actually read instead so the driver avoids clobbering the OVERFLOW bit that comes after the register is read. En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: dmaengine: idxd: corrige el problema del bit de desbordamiento SWERR en la reescritura El código actual escribe ci... • https://git.kernel.org/stable/c/bfe1d56091c1a404b3d4ce7e9809d745fc4453bb •
CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 0CVE-2021-46919 – dmaengine: idxd: fix wq size store permission state
https://notcve.org/view.php?id=CVE-2021-46919
27 Feb 2024 — In the Linux kernel, the following vulnerability has been resolved: dmaengine: idxd: fix wq size store permission state WQ size can only be changed when the device is disabled. Current code allows change when device is enabled but wq is disabled. Change the check to detect device state. En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: dmaengine: idxd: corregir el tamaño de wq estado del permiso de almacenamiento El tamaño de WQ solo se puede cambiar cuando el dispositivo está deshabilitado... • https://git.kernel.org/stable/c/c52ca478233c172b2d322b5241d6279a8661cbba •
CVSS: 5.5EPSS: 0%CPEs: 4EXPL: 0CVE-2021-46917 – dmaengine: idxd: fix wq cleanup of WQCFG registers
https://notcve.org/view.php?id=CVE-2021-46917
27 Feb 2024 — In the Linux kernel, the following vulnerability has been resolved: dmaengine: idxd: fix wq cleanup of WQCFG registers A pre-release silicon erratum workaround where wq reset does not clear WQCFG registers was leaked into upstream code. Use wq reset command instead of blasting the MMIO region. This also address an issue where we clobber registers in future devices. En el kernel de Linux, se resolvió la siguiente vulnerabilidad: dmaengine: idxd: corrige la limpieza de wq de los registros WQCFG. Se filtró en ... • https://git.kernel.org/stable/c/da32b28c95a79e399e18c03f8178f41aec9c66e4 • CWE-668: Exposure of Resource to Wrong Sphere •
CVSS: 5.5EPSS: 0%CPEs: 6EXPL: 0CVE-2021-46915 – netfilter: nft_limit: avoid possible divide error in nft_limit_init
https://notcve.org/view.php?id=CVE-2021-46915
27 Feb 2024 — In the Linux kernel, the following vulnerability has been resolved: netfilter: nft_limit: avoid possible divide error in nft_limit_init div_u64() divides u64 by u32. nft_limit_init() wants to divide u64 by u64, use the appropriate math function (div64_u64) divide error: 0000 [#1] PREEMPT SMP KASAN CPU: 1 PID: 8390 Comm: syz-executor188 Not tainted 5.12.0-rc4-syzkaller #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 RIP: 0010:div_u64_rem include/linux/math64.h:28 ... • https://git.kernel.org/stable/c/c26844eda9d4fdbd266660e3b3de2d0270e3a1ed • CWE-369: Divide By Zero •
CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 0CVE-2021-46914 – ixgbe: fix unbalanced device enable/disable in suspend/resume
https://notcve.org/view.php?id=CVE-2021-46914
27 Feb 2024 — In the Linux kernel, the following vulnerability has been resolved: ixgbe: fix unbalanced device enable/disable in suspend/resume pci_disable_device() called in __ixgbe_shutdown() decreases dev->enable_cnt by 1. pci_enable_device_mem() which increases dev->enable_cnt by 1, was removed from ixgbe_resume() in commit 6f82b2558735 ("ixgbe: use generic power management"). This caused unbalanced increase/decrease. So add pci_enable_device_mem() back. Fix the following call trace. ixgbe 0000:17:00.1: disabling alr... • https://git.kernel.org/stable/c/6f82b25587354ce7c9c42e0b53d8b0770b900847 •
CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 0CVE-2021-46913 – netfilter: nftables: clone set element expression template
https://notcve.org/view.php?id=CVE-2021-46913
27 Feb 2024 — In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: clone set element expression template memcpy() breaks when using connlimit in set elements. Use nft_expr_clone() to initialize the connlimit expression list, otherwise connlimit garbage collector crashes when walking on the list head copy. [ 493.064656] Workqueue: events_power_efficient nft_rhash_gc [nf_tables] [ 493.064685] RIP: 0010:find_or_evict+0x5a/0x90 [nf_conncount] [ 493.064694] Code: 2b 43 40 83 f8 01 77 0d 48 ... • https://git.kernel.org/stable/c/4094445229760d0d31a4190dfe88fe815c9fc34e •
CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 0CVE-2021-46912 – net: Make tcp_allowed_congestion_control readonly in non-init netns
https://notcve.org/view.php?id=CVE-2021-46912
27 Feb 2024 — In the Linux kernel, the following vulnerability has been resolved: net: Make tcp_allowed_congestion_control readonly in non-init netns Currently, tcp_allowed_congestion_control is global and writable; writing to it in any net namespace will leak into all other net namespaces. tcp_available_congestion_control and tcp_allowed_congestion_control are the only sysctls in ipv4_net_table (the per-netns sysctl table) with a NULL data pointer; their handlers (proc_tcp_available_congestion_control and proc_allowed_c... • https://git.kernel.org/stable/c/9cb8e048e5d93825ec5e8dfb5b8df4987ea25745 • CWE-476: NULL Pointer Dereference •
CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 0CVE-2021-46911 – ch_ktls: Fix kernel panic
https://notcve.org/view.php?id=CVE-2021-46911
27 Feb 2024 — In the Linux kernel, the following vulnerability has been resolved: ch_ktls: Fix kernel panic Taking page refcount is not ideal and causes kernel panic sometimes. It's better to take tx_ctx lock for the complete skb transmit, to avoid page cleanup if ACK received in middle. En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: ch_ktls: soluciona el pánico del kernel. Realizar un recuento de páginas no es ideal y a veces provoca pánico en el kernel. Es mejor utilizar el bloqueo tx_ctx para la tr... • https://git.kernel.org/stable/c/5a4b9fe7fece62ecab6fb28fe92362f83b41c33e •
CVSS: 5.5EPSS: 0%CPEs: 6EXPL: 0CVE-2021-46909 – ARM: footbridge: fix PCI interrupt mapping
https://notcve.org/view.php?id=CVE-2021-46909
27 Feb 2024 — In the Linux kernel, the following vulnerability has been resolved: ARM: footbridge: fix PCI interrupt mapping Since commit 30fdfb929e82 ("PCI: Add a call to pci_assign_irq() in pci_device_probe()"), the PCI code will call the IRQ mapping function whenever a PCI driver is probed. If these are marked as __init, this causes an oops if a PCI driver is loaded or bound after the kernel has initialised. En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: ARM: footbridge: corrige el mapeo de interru... • https://git.kernel.org/stable/c/30fdfb929e82450bbf3d0e0aba56efbc29b52b52 • CWE-391: Unchecked Error Condition CWE-754: Improper Check for Unusual or Exceptional Conditions •
CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 0CVE-2021-46908 – bpf: Use correct permission flag for mixed signed bounds arithmetic
https://notcve.org/view.php?id=CVE-2021-46908
27 Feb 2024 — In the Linux kernel, the following vulnerability has been resolved: bpf: Use correct permission flag for mixed signed bounds arithmetic We forbid adding unknown scalars with mixed signed bounds due to the spectre v1 masking mitigation. Hence this also needs bypass_spec_v1 flag instead of allow_ptr_leaks. En el kernel de Linux, se resolvió la siguiente vulnerabilidad: bpf: use el indicador de permiso correcto para aritmética de los límites con signo mixto Prohibimos agregar escalares desconocidos con límites... • https://git.kernel.org/stable/c/2c78ee898d8f10ae6fb2fa23a3fbaec96b1b7366 •