CVSS: 5.5EPSS: 0%CPEs: 8EXPL: 0CVE-2021-47458 – ocfs2: mount fails with buffer overflow in strlen
https://notcve.org/view.php?id=CVE-2021-47458
22 May 2024 — In the Linux kernel, the following vulnerability has been resolved: ocfs2: mount fails with buffer overflow in strlen Starting with kernel 5.11 built with CONFIG_FORTIFY_SOURCE mouting an ocfs2 filesystem with either o2cb or pcmk cluster stack fails with the trace below. ... Call Trace: ocfs2_initialize_super.isra.0.cold+0xc/0x18 [ocfs2] ocfs2_fill_super+0x359/0x19b0 [ocfs2] mount_bdev+0x185/0x1b0 legacy_get_tree+0x27/0x40 vfs_get_tree+0x25/0xb0 path_mount+0x454/0xa20 __x64_sys_mount+0x103/0x140 do_s... • https://git.kernel.org/stable/c/ac011cb3ff7a76b3e0e6e77158ee4ba2f929e1fb •
CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 0CVE-2021-47457 – can: isotp: isotp_sendmsg(): add result check for wait_event_interruptible()
https://notcve.org/view.php?id=CVE-2021-47457
22 May 2024 — In the Linux kernel, the following vulnerability has been resolved: can: isotp: isotp_sendmsg(): add result check for wait_event_interruptible() Using wait_event_interruptible() to wait for complete transmission, but do not check the result of wait_event_interruptible() which can be interrupted. In the Linux kernel, the following vulnerability has been resolved: can: isotp: isotp_sendmsg(): add result check for wait_event_interruptible() Using wait_event_interruptible() to wait for complete tr... • https://git.kernel.org/stable/c/e057dd3fc20ffb3d7f150af46542a51b59b90127 • CWE-99: Improper Control of Resource Identifiers ('Resource Injection') •
CVSS: 8.4EPSS: 0%CPEs: 8EXPL: 0CVE-2021-47456 – can: peak_pci: peak_pci_remove(): fix UAF
https://notcve.org/view.php?id=CVE-2021-47456
22 May 2024 — In the Linux kernel, the following vulnerability has been resolved: can: peak_pci: peak_pci_remove(): fix UAF When remove the module peek_pci, referencing 'chan' again after releasing 'dev' will cause UAF. ... peak_pci_remove+0x16f/0x270 [peak_pci] [ 35.967945 ] __asan_report_load8_noabort+0x14/0x20 [ 35.968346 ] peak_pci_remove+0x16f/0x270 [peak_pci] [ 35.968752 ] pci_device_remove+0xa9/0x250 En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: can: pico_pci: pico_pci_remove(): ... • https://git.kernel.org/stable/c/e6d9c80b7ca1504411ad6d7acdb8683e4ae1c9cd • CWE-416: Use After Free CWE-467: Use of sizeof() on a Pointer Type •
CVSS: 10.0EPSS: 0%CPEs: 8EXPL: 0CVE-2021-47455 – ptp: Fix possible memory leak in ptp_clock_register()
https://notcve.org/view.php?id=CVE-2021-47455
22 May 2024 — In the Linux kernel, the following vulnerability has been resolved: ptp: Fix possible memory leak in ptp_clock_register() I got memory leak as follows when doing fault injection test: unreferenced object 0xffff88800906c618 (size 8): comm "i2c-idt82p33931", pid 4421, jiffies 4294948083 (age 13.188s) hex dump (first 8 bytes): 70 74 70 30 00 00 00 00 ptp0.... In the Linux kernel, the following vulnerability has been resolved: ptp: Fix possible memory leak in ptp_clock_register() I got memory leak... • https://git.kernel.org/stable/c/a33121e5487b424339636b25c35d3a180eaa5f5e •
CVSS: 5.5EPSS: 0%CPEs: 5EXPL: 0CVE-2021-47454 – powerpc/smp: do not decrement idle task preempt count in CPU offline
https://notcve.org/view.php?id=CVE-2021-47454
22 May 2024 — In the Linux kernel, the following vulnerability has been resolved: powerpc/smp: do not decrement idle task preempt count in CPU offline With PREEMPT_COUNT=y, when a CPU is offlined and then onlined again, we get: BUG: scheduling while atomic: swapper/1/0/0x00000000 no locks held by swapper/1/0. In the Linux kernel, the following vulnerability has been resolved: powerpc/smp: do not decrement idle task preempt count in CPU offline With PREEMPT_COUNT=y, when a CPU is offlined and then onlined ag... • https://git.kernel.org/stable/c/bdf4d33e8342b90386156204e1da0cdfdb4bf146 • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •
CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 0CVE-2021-47453 – ice: Avoid crash from unnecessary IDA free
https://notcve.org/view.php?id=CVE-2021-47453
22 May 2024 — In the Linux kernel, the following vulnerability has been resolved: ice: Avoid crash from unnecessary IDA free In the remove path, there is an attempt to free the aux_idx IDA whether it was allocated or not. In the Linux kernel, the following vulnerability has been resolved: ice: Avoid crash from unnecessary IDA free In the remove path, there is an attempt to free the aux_idx IDA whether it was allocated or not. ... En el kernel de Linux, se resolvió la siguiente vulnerabilidad: ice: Ev... • https://git.kernel.org/stable/c/d25a0fc41c1f927bb914e72a03c1898052557406 •
CVSS: 5.5EPSS: 0%CPEs: 4EXPL: 0CVE-2021-47452 – netfilter: nf_tables: skip netdev events generated on netns removal
https://notcve.org/view.php?id=CVE-2021-47452
22 May 2024 — In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: skip netdev events generated on netns removal syzbot reported following (harmless) WARN: WARNING: CPU: 1 PID: 2648 at net/netfilter/core.c:468 nft_netdev_unregister_hooks net/netfilter/nf_tables_api.c:230 [inline] nf_tables_unregister_hook include/net/netfilter/nf_tables.h:1090 [inline] __nft_release_basechain+0x138/0x640 net/netfilter/nf_tables_api.c:9524 nft_netdev_event net/netfilter/nft_chain_filter.c:351 [i... • https://git.kernel.org/stable/c/767d1216bff82507c945e92fe719dff2083bb2f4 •
CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 0CVE-2021-47451 – netfilter: xt_IDLETIMER: fix panic that occurs when timer_type has garbage value
https://notcve.org/view.php?id=CVE-2021-47451
22 May 2024 — lockdep_hardirqs_on+0x79/0x120 __x64_sys_read+0x43/0x50 do_syscall_64+0x3b/0xc0 entry_SYSCALL_64_after_hwframe+0x44/0xae RIP: 0033:0x7f0cdc819142 Code: c0 e9 c2 fe ff ff 50 48 8d 3d 3a ca 0a 00 e8 f5 19 02 00 0f 1f 44 00 00 f3 0f 1e fa 64 8b 04 25 18 00 00 00 85 c0 75 10 0f 05 <48> 3d 00 f0 ff ff 77 56 c3 0f 1f 44 00 00 48 83 ec 28 48 89 54 24 RSP: 002b:00007fff28eee5b8 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 RAX: ffffffffffffffda RBX: 0000000000020000 RCX: 00007f0cdc819142 RDX: 0000000000020000 RSI: 00... • https://git.kernel.org/stable/c/68983a354a655c35d3fb204489d383a2a051fda7 •
CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 0CVE-2021-47450 – KVM: arm64: Fix host stage-2 PGD refcount
https://notcve.org/view.php?id=CVE-2021-47450
22 May 2024 — In the Linux kernel, the following vulnerability has been resolved: KVM: arm64: Fix host stage-2 PGD refcount The KVM page-table library refcounts the pages of concatenated stage-2 PGDs individually. In the Linux kernel, the following vulnerability has been resolved: KVM: arm64: Fix host stage-2 PGD refcount The KVM page-table library refcounts the pages of concatenated stage-2 PGDs individually. ... En el kernel de Linux, se resolvió la siguiente vulnerabilidad: KVM: arm64: corrige el ... • https://git.kernel.org/stable/c/1025c8c0c6accfcbdc8f52ca1940160f65cd87d6 •
CVSS: 7.1EPSS: 0%CPEs: 1EXPL: 0CVE-2021-47449 – ice: fix locking for Tx timestamp tracking flush
https://notcve.org/view.php?id=CVE-2021-47449
22 May 2024 — In the Linux kernel, the following vulnerability has been resolved: ice: fix locking for Tx timestamp tracking flush Commit 4dd0d5c33c3e ("ice: add lock around Tx timestamp tracker flush") added a lock around the Tx timestamp tracker flow which is used to cleanup any left over SKBs and prepare for device removal. ... _raw_spin_unlock_irqrestore+0x46/0x73 [ 715.696005] pci_device_remove+0xab/0x1d0 [ 715.700018] __device_release_driver+0x35b/0x690 [ 715.704637] driver_detach+0x214/0x2f0 [ 715.708389] b... • https://git.kernel.org/stable/c/46720ac66c21bf85e08823664b7b314b85e43f26 • CWE-129: Improper Validation of Array Index •