CVE-2021-47006 – ARM: 9064/1: hw_breakpoint: Do not directly check the event's overflow_handler hook
https://notcve.org/view.php?id=CVE-2021-47006
28 Feb 2024 — In the Linux kernel, the following vulnerability has been resolved: ARM: 9064/1: hw_breakpoint: Do not directly check the event's overflow_handler hook The commit 1879445dfa7b ("perf/core: Set event's default ::overflow_handler()") set a default event->overflow_handler in perf_event_alloc(), and replace the check event->overflow_handler with is_default_overflow_handler(), but one is missing. Currently, the bp->overflow_handler can not be NULL. As a result, enable_single_step() is always not invoked. Comment... • https://git.kernel.org/stable/c/1879445dfa7bbd6fe21b09c5cc72f4934798afed •
CVE-2021-47005 – PCI: endpoint: Fix NULL pointer dereference for ->get_features()
https://notcve.org/view.php?id=CVE-2021-47005
28 Feb 2024 — In the Linux kernel, the following vulnerability has been resolved: PCI: endpoint: Fix NULL pointer dereference for ->get_features() get_features ops of pci_epc_ops may return NULL, causing NULL pointer dereference in pci_epf_test_alloc_space function. Let us add a check for pci_epc_feature pointer in pci_epf_test_bind before we access it to avoid any such NULL pointer dereference and return -ENOTSUPP in case pci_epc_feature is not found. When the patch is not applied and EPC features is not implemented in ... • https://git.kernel.org/stable/c/2c04c5b8eef797dca99699cfb55ff42dd3c12c23 •
CVE-2021-47004 – f2fs: fix to avoid touching checkpointed data in get_victim()
https://notcve.org/view.php?id=CVE-2021-47004
28 Feb 2024 — In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to avoid touching checkpointed data in get_victim() In CP disabling mode, there are two issues when using LFS or SSR | AT_SSR mode to select victim: 1. LFS is set to find source section during GC, the victim should have no checkpointed data, since after GC, section could not be set free for reuse. Previously, we only check valid chpt blocks in current segment rather than section, fix it. 2. SSR | AT_SSR are set to find target segm... • https://git.kernel.org/stable/c/4354994f097d068a894aa1a0860da54571df3582 •
CVE-2021-47003 – dmaengine: idxd: Fix potential null dereference on pointer status
https://notcve.org/view.php?id=CVE-2021-47003
28 Feb 2024 — In the Linux kernel, the following vulnerability has been resolved: dmaengine: idxd: Fix potential null dereference on pointer status There are calls to idxd_cmd_exec that pass a null status pointer however a recent commit has added an assignment to *status that can end up with a null pointer dereference. The function expects a null status pointer sometimes as there is a later assignment to *status where status is first null checked. Fix the issue by null checking status before making the assignment. Addres... • https://git.kernel.org/stable/c/40e3b5c128645d2ddad12310c7be98758cafb2b0 •
CVE-2021-47002 – SUNRPC: Fix null pointer dereference in svc_rqst_free()
https://notcve.org/view.php?id=CVE-2021-47002
28 Feb 2024 — In the Linux kernel, the following vulnerability has been resolved: SUNRPC: Fix null pointer dereference in svc_rqst_free() When alloc_pages_node() returns null in svc_rqst_alloc(), the null rq_scratch_page pointer will be dereferenced when calling put_page() in svc_rqst_free(). Fix it by adding a null check. Addresses-Coverity: ("Dereference after null check") En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: SUNRPC: corrige la desreferencia del puntero nulo en svc_rqst_free() Cuando alloc... • https://git.kernel.org/stable/c/79e4e0d489c8e72b9efa388e504a036eec1550c6 •
CVE-2021-47001 – xprtrdma: Fix cwnd update ordering
https://notcve.org/view.php?id=CVE-2021-47001
28 Feb 2024 — In the Linux kernel, the following vulnerability has been resolved: xprtrdma: Fix cwnd update ordering After a reconnect, the reply handler is opening the cwnd (and thus enabling more RPC Calls to be sent) /before/ rpcrdma_post_recvs() can post enough Receive WRs to receive their replies. This causes an RNR and the new connection is lost immediately. The race is most clearly exposed when KASAN and disconnect injection are enabled. This slows down rpcrdma_rep_create() enough to allow the send side to post a ... • https://git.kernel.org/stable/c/2ae50ad68cd79224198b525f7bd645c9da98b6ff •
CVE-2021-47000 – ceph: fix inode leak on getattr error in __fh_to_dentry
https://notcve.org/view.php?id=CVE-2021-47000
28 Feb 2024 — In the Linux kernel, the following vulnerability has been resolved: ceph: fix inode leak on getattr error in __fh_to_dentry En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: ceph: corrige la fuga de inodo en el error getattr en __fh_to_dentry • https://git.kernel.org/stable/c/807460787179dee5f74906965eeb5f3ca2353992 •
CVE-2021-46999 – sctp: do asoc update earlier in sctp_sf_do_dupcook_a
https://notcve.org/view.php?id=CVE-2021-46999
28 Feb 2024 — In the Linux kernel, the following vulnerability has been resolved: sctp: do asoc update earlier in sctp_sf_do_dupcook_a There's a panic that occurs in a few of envs, the call trace is as below: [] general protection fault, ... 0x29acd70f1000a: 0000 [#1] SMP PTI [] RIP: 0010:sctp_ulpevent_notify_peer_addr_change+0x4b/0x1fa [sctp] [] sctp_assoc_control_transport+0x1b9/0x210 [sctp] [] sctp_do_8_2_transport_strike.isra.16+0x15c/0x220 [sctp] [] sctp_cmd_interpreter.isra.21+0x1231/0x1a10 [sctp] [] sctp_do_sm+0xc... • https://git.kernel.org/stable/c/db8bf823e70f239372c62f13e4eb6f08a1665e8c •
CVE-2021-46998 – ethernet:enic: Fix a use after free bug in enic_hard_start_xmit
https://notcve.org/view.php?id=CVE-2021-46998
28 Feb 2024 — In the Linux kernel, the following vulnerability has been resolved: ethernet:enic: Fix a use after free bug in enic_hard_start_xmit In enic_hard_start_xmit, it calls enic_queue_wq_skb(). Inside enic_queue_wq_skb, if some error happens, the skb will be freed by dev_kfree_skb(skb). But the freed skb is still used in skb_tx_timestamp(skb). My patch makes enic_queue_wq_skb() return error and goto spin_unlock() incase of error. The solution is provided by Govind. See https://lkml.org/lkml/2021/4/30/961. • https://git.kernel.org/stable/c/fb7516d42478ebc8e2f00efb76ef96f7b68fd8d3 •
CVE-2021-46997 – arm64: entry: always set GIC_PRIO_PSR_I_SET during entry
https://notcve.org/view.php?id=CVE-2021-46997
28 Feb 2024 — In the Linux kernel, the following vulnerability has been resolved: arm64: entry: always set GIC_PRIO_PSR_I_SET during entry Zenghui reports that booting a kernel with "irqchip.gicv3_pseudo_nmi=1" on the command line hits a warning during kernel entry, due to the way we manipulate the PMR. Early in the entry sequence, we call lockdep_hardirqs_off() to inform lockdep that interrupts have been masked (as the HW sets DAIF wqhen entering an exception). Architecturally PMR_EL1 is not affected by exception entry,... • https://git.kernel.org/stable/c/2a9b3e6ac69a8bf177d8496a11e749e2dc72fa22 •