CVSS: 7.8EPSS: 0%CPEs: 8EXPL: 0CVE-2021-47521 – can: sja1000: fix use after free in ems_pcmcia_add_card()
https://notcve.org/view.php?id=CVE-2021-47521
24 May 2024 — In the Linux kernel, the following vulnerability has been resolved: can: sja1000: fix use after free in ems_pcmcia_add_card() If the last channel is not available then "dev" is freed. In the Linux kernel, the following vulnerability has been resolved: can: sja1000: fix use after free in ems_pcmcia_add_card() If the last channel is not available then "dev" is freed. ... En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: can: sja1000: arreglar el use after free en ems_pcmc... • https://git.kernel.org/stable/c/fd734c6f25aea4b2b44b045e489aec67b388577e • CWE-416: Use After Free •
CVSS: 7.8EPSS: 0%CPEs: 8EXPL: 0CVE-2021-47520 – can: pch_can: pch_can_rx_normal: fix use after free
https://notcve.org/view.php?id=CVE-2021-47520
24 May 2024 — In the Linux kernel, the following vulnerability has been resolved: can: pch_can: pch_can_rx_normal: fix use after free After calling netif_receive_skb(skb), dereferencing skb is unsafe. In the Linux kernel, the following vulnerability has been resolved: can: pch_can: pch_can_rx_normal: fix use after free After calling netif_receive_skb(skb), dereferencing skb is unsafe. Especially, the can_frame cf which aliases skb memory is dereferenced just after the call netif_receive_skb(skb). ... En el ... • https://git.kernel.org/stable/c/b21d18b51b31a24d17f883b678432fbdee3d5675 • CWE-416: Use After Free •
CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 0CVE-2021-47519 – can: m_can: m_can_read_fifo: fix memory leak in error branch
https://notcve.org/view.php?id=CVE-2021-47519
24 May 2024 — In the Linux kernel, the following vulnerability has been resolved: can: m_can: m_can_read_fifo: fix memory leak in error branch In m_can_read_fifo(), if the second call to m_can_fifo_read() fails, the function jump to the out_fail label and returns without calling m_can_receive_skb(). In the Linux kernel, the following vulnerability has been resolved: can: m_can: m_can_read_fifo: fix memory leak in error branch In m_can_read_fifo(), if the second call to m_can_fifo_read() fails, the function ... • https://git.kernel.org/stable/c/e39381770ec9ca3c51d8b9bd9cc6e01d78ea974a • CWE-401: Missing Release of Memory after Effective Lifetime •
CVSS: 5.5EPSS: 0%CPEs: 8EXPL: 0CVE-2021-47518 – nfc: fix potential NULL pointer deref in nfc_genl_dump_ses_done
https://notcve.org/view.php?id=CVE-2021-47518
24 May 2024 — In the Linux kernel, the following vulnerability has been resolved: nfc: fix potential NULL pointer deref in nfc_genl_dump_ses_done The done() netlink callback nfc_genl_dump_ses_done() should check if received argument is non-NULL, because its allocation could fail earlier in dumpit() (nfc_genl_dump_ses()). In the Linux kernel, the following vulnerability has been resolved: nfc: fix potential NULL pointer deref in nfc_genl_dump_ses_done The done() netlink callback nfc_genl_dump_ses_done() shou... • https://git.kernel.org/stable/c/ac22ac466a659f1b2e02a2e2ee23fc5c42da2c95 • CWE-476: NULL Pointer Dereference •
CVSS: 6.5EPSS: 0%CPEs: 3EXPL: 0CVE-2021-47517 – ethtool: do not perform operations on net devices being unregistered
https://notcve.org/view.php?id=CVE-2021-47517
24 May 2024 — [1] For example adding Tx queues after unregister ends up in NULL pointer exceptions and UaFs, such as: BUG: KASAN: use-after-free in kobject_get+0x14/0x90 Read of size 1 at addr ffff88801961248c by task ethtool/755 CPU: 0 PID: 755 Comm: ethtool Not tainted 5.15.0-rc6+ #778 Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.14.0-4.fc34 04/014 Call Trace: dump_stack_lvl+0x57/0x72 print_address_description.constprop.0+0x1f/0x140 kasan_report.cold+0x7f/0x11b kobject_get+0x14/0x90 kobject_add_interna... • https://git.kernel.org/stable/c/041b1c5d4a53e97fc9e029ae32469552ca12cb9b •
CVSS: 5.5EPSS: 0%CPEs: 6EXPL: 0CVE-2021-47516 – nfp: Fix memory leak in nfp_cpp_area_cache_add()
https://notcve.org/view.php?id=CVE-2021-47516
24 May 2024 — In the Linux kernel, the following vulnerability has been resolved: nfp: Fix memory leak in nfp_cpp_area_cache_add() In line 800 (#1), nfp_cpp_area_alloc() allocates and initializes a CPP area structure. ... cache) 807 return -ENOMEM; // #2: missing free 817 return 0; 818 } En el kernel de Linux, se resolvió la siguiente vulnerabilidad: nfp: corrige la pérdida de memoria en nfp_cpp_area_cache_add() En la línea 800 (#1), nfp_cpp_area_alloc() asigna e inicializa una estructura de área CPP. ... c... • https://git.kernel.org/stable/c/4cb584e0ee7df70fd0376aee60cf701855ea8c81 • CWE-401: Missing Release of Memory after Effective Lifetime •
CVSS: 5.5EPSS: 0%CPEs: 7EXPL: 0CVE-2021-47515 – seg6: fix the iif in the IPv6 socket control block
https://notcve.org/view.php?id=CVE-2021-47515
24 May 2024 — In the Linux kernel, the following vulnerability has been resolved: seg6: fix the iif in the IPv6 socket control block When an IPv4 packet is received, the ip_rcv_core(...) sets the receiving interface index into the IPv4 socket control block (v5.16-rc4, net/ipv4/ip_input.c line 510): IPCB(skb)->iif = skb->skb_iif; If that IPv4 packet is meant to be encapsulated in an outer IPv6+SRH header, the seg6_do_srh_encap(...) performs the required encapsulation. In the Linux kernel, the following vulne... • https://git.kernel.org/stable/c/c630ec8bdadae9d557b1ceb9d6c06e149108a0d4 • CWE-476: NULL Pointer Dereference •
CVSS: 3.3EPSS: 0%CPEs: 3EXPL: 0CVE-2021-47514 – devlink: fix netns refcount leak in devlink_nl_cmd_reload()
https://notcve.org/view.php?id=CVE-2021-47514
24 May 2024 — In the Linux kernel, the following vulnerability has been resolved: devlink: fix netns refcount leak in devlink_nl_cmd_reload() While preparing my patch series adding netns refcount tracking, I spotted bugs in devlink_nl_cmd_reload() Some error paths forgot to release a refcount on a netns. In the Linux kernel, the following vulnerability has been resolved: devlink: fix netns refcount leak in devlink_nl_cmd_reload() While preparing my patch series adding netns refcount tracking, I spotted bugs... • https://git.kernel.org/stable/c/ccdf07219da6bd1f43c6ddcde4c0e36993c7365a •
CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 0CVE-2021-47513 – net: dsa: felix: Fix memory leak in felix_setup_mmio_filtering
https://notcve.org/view.php?id=CVE-2021-47513
24 May 2024 — In the Linux kernel, the following vulnerability has been resolved: net: dsa: felix: Fix memory leak in felix_setup_mmio_filtering Avoid a memory leak if there is not a CPU port defined. Addresses-Coverity-ID: 1492897 ("Resource leak") Addresses-Coverity-ID: 1492899 ("Resource leak") En el kernel de Linux se ha resuelto la siguiente vulnerabilidad: net:dsa:felix: Reparar pérdida de memoria en felix_setup_mmio_filtering Evitar una pérdida de memoria si no hay un puerto de CPU definido. Direccio... • https://git.kernel.org/stable/c/8d5f7954b7c8de54902a8beda141064a7e2e6ee0 • CWE-401: Missing Release of Memory after Effective Lifetime •
CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 0CVE-2021-47512 – net/sched: fq_pie: prevent dismantle issue
https://notcve.org/view.php?id=CVE-2021-47512
24 May 2024 — rcu: INFO: rcu_preempt self-detected stall on CPU rcu: 0-....: (4416 ticks this GP) idle=60d/1/0x4000000000000000 softirq=10433/10434 fqs=2579 (t=10501 jiffies g=13085 q=3989) NMI backtrace for cpu 0 CPU: 0 PID: 13 Comm: ksoftirqd/0 Not tainted 5.16.0-rc4-syzkaller #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 Call Trace: