CVSS: 4.7EPSS: 0%CPEs: 2EXPL: 0CVE-2022-48709 – ice: switch: fix potential memleak in ice_add_adv_recipe()
https://notcve.org/view.php?id=CVE-2022-48709
21 May 2024 — In the Linux kernel, the following vulnerability has been resolved: ice: switch: fix potential memleak in ice_add_adv_recipe() When ice_add_special_words() fails, the 'rm' is not released, which will lead to a memory leak. Fix this up by going to 'err_unroll' label. Compile tested only. En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: ice: switch: soluciona una posible fuga de memoria en ice_add_adv_recipe(). Cuando ice_add_special_words() falla, el 'rm' no se libera, lo que provocará una ... • https://git.kernel.org/stable/c/8b032a55c1bd5d47527263445aba9dc45144b00d •
CVSS: 4.4EPSS: 0%CPEs: 7EXPL: 0CVE-2022-48708 – pinctrl: single: fix potential NULL dereference
https://notcve.org/view.php?id=CVE-2022-48708
21 May 2024 — In the Linux kernel, the following vulnerability has been resolved: pinctrl: single: fix potential NULL dereference Added checking of pointer "function" in pcs_set_mux(). pinmux_generic_get_function() can return NULL and the pointer "function" was dereferenced without checking against NULL. Found by Linux Verification Center (linuxtesting.org) with SVACE. En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: pinctrl: single: corrige una posible desreferencia NULL. Se agregó la verificación de l... • https://git.kernel.org/stable/c/571aec4df5b72a80f80d1e524da8fbd7ff525c98 •
CVSS: 7.7EPSS: 0%CPEs: 2EXPL: 0CVE-2022-48707 – cxl/region: Fix null pointer dereference for resetting decoder
https://notcve.org/view.php?id=CVE-2022-48707
21 May 2024 — In the Linux kernel, the following vulnerability has been resolved: cxl/region: Fix null pointer dereference for resetting decoder Not all decoders have a reset callback. The CXL specification allows a host bridge with a single root port to have no explicit HDM decoders. Currently the region driver assumes there are none. As such the CXL core creates a special pass through decoder instance without a commit/reset callback. Prior to this patch, the ->reset() callback was called unconditionally when calling cx... • https://git.kernel.org/stable/c/176baefb2eb5d7a3ddebe3ff803db1fce44574b5 •
CVSS: 4.4EPSS: 0%CPEs: 2EXPL: 0CVE-2022-48706 – vdpa: ifcvf: Do proper cleanup if IFCVF init fails
https://notcve.org/view.php?id=CVE-2022-48706
21 May 2024 — In the Linux kernel, the following vulnerability has been resolved: vdpa: ifcvf: Do proper cleanup if IFCVF init fails ifcvf_mgmt_dev leaks memory if it is not freed before returning. Call is made to correct return statement so memory does not leak. ifcvf_init_hw does not take care of this so it is needed to do it here. En el kernel de Linux, se resolvió la siguiente vulnerabilidad: vdpa: ifcvf: realice una limpieza adecuada si falla el inicio de IFCVF. ifcvf_mgmt_dev pierde memoria si no se libera antes de... • https://git.kernel.org/stable/c/5d2cc32c1c10bd889125d2adc16a6bc3338dcd3e •
CVSS: 3.3EPSS: 0%CPEs: 4EXPL: 0CVE-2021-47431 – drm/amdgpu: fix gart.bo pin_count leak
https://notcve.org/view.php?id=CVE-2021-47431
21 May 2024 — In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: fix gart.bo pin_count leak gmc_v{9,10}_0_gart_disable() isn't called matched with correspoding gart_enbale function in SRIOV case. This will lead to gart.bo pin_count leak on driver unload. En el kernel de Linux, se resolvió la siguiente vulnerabilidad: drm/amdgpu: corrige la fuga de pin_count de gart.bo gmc_v{9,10}_0_gart_disable() no se llama y coincide con la función gart_enbale correspondiente en el caso SRIOV. Esto provocar... • https://git.kernel.org/stable/c/83d857d6b0967b6709cd38750c3ce2ed8ced1a95 •
CVSS: 5.5EPSS: 0%CPEs: 4EXPL: 0CVE-2021-47430 – x86/entry: Clear X86_FEATURE_SMAP when CONFIG_X86_SMAP=n
https://notcve.org/view.php?id=CVE-2021-47430
21 May 2024 — In the Linux kernel, the following vulnerability has been resolved: x86/entry: Clear X86_FEATURE_SMAP when CONFIG_X86_SMAP=n Commit 3c73b81a9164 ("x86/entry, selftests: Further improve user entry sanity checks") added a warning if AC is set when in the kernel. Commit 662a0221893a3d ("x86/entry: Fix AC assertion") changed the warning to only fire if the CPU supports SMAP. However, the warning can still trigger on a machine that supports SMAP but where it's disabled in the kernel config and when running the s... • https://git.kernel.org/stable/c/3c73b81a9164d0c1b6379d6672d2772a9e95168e •
CVSS: 7.1EPSS: 0%CPEs: 2EXPL: 0CVE-2021-47429 – powerpc/64s: Fix unrecoverable MCE calling async handler from NMI
https://notcve.org/view.php?id=CVE-2021-47429
21 May 2024 — In the Linux kernel, the following vulnerability has been resolved: powerpc/64s: Fix unrecoverable MCE calling async handler from NMI The machine check handler is not considered NMI on 64s. The early handler is the true NMI handler, and then it schedules the machine_check_exception handler to run when interrupts are enabled. This works fine except the case of an unrecoverable MCE, where the true NMI is taken when MSR[RI] is clear, it can not recover, so it calls machine_check_exception directly so something... • https://git.kernel.org/stable/c/2b43dd7653cca47d297756980846ebbfe8887fa1 • CWE-99: Improper Control of Resource Identifiers ('Resource Injection') •
CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 0CVE-2021-47428 – powerpc/64s: fix program check interrupt emergency stack path
https://notcve.org/view.php?id=CVE-2021-47428
21 May 2024 — In the Linux kernel, the following vulnerability has been resolved: powerpc/64s: fix program check interrupt emergency stack path Emergency stack path was jumping into a 3: label inside the __GEN_COMMON_BODY macro for the normal path after it had finished, rather than jumping over it. By a small miracle this is the correct place to build up a new interrupt frame with the existing stack pointer, so things basically worked okay with an added weird looking 700 trap frame on top (which had the wrong ->nip so it... • https://git.kernel.org/stable/c/0a882e28468f48ab3d9a36dde0a5723ea29ed1ed • CWE-20: Improper Input Validation •
CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 0CVE-2021-47427 – scsi: iscsi: Fix iscsi_task use after free
https://notcve.org/view.php?id=CVE-2021-47427
21 May 2024 — In the Linux kernel, the following vulnerability has been resolved: scsi: iscsi: Fix iscsi_task use after free Commit d39df158518c ("scsi: iscsi: Have abort handler get ref to conn") added iscsi_get_conn()/iscsi_put_conn() calls during abort handling but then also changed the handling of the case where we detect an already completed task where we now end up doing a goto to the common put/cleanup code. This results in a iscsi_task use after free, because the common cleanup code will do a put on the iscsi_tas... • https://git.kernel.org/stable/c/d39df158518ccc3bf24ee18082b5e100c8f014aa •
CVSS: 3.3EPSS: 0%CPEs: 4EXPL: 0CVE-2021-47426 – bpf, s390: Fix potential memory leak about jit_data
https://notcve.org/view.php?id=CVE-2021-47426
21 May 2024 — In the Linux kernel, the following vulnerability has been resolved: bpf, s390: Fix potential memory leak about jit_data Make sure to free jit_data through kfree() in the error path. En el kernel de Linux, se resolvió la siguiente vulnerabilidad: bpf, s390: solucione una posible pérdida de memoria sobre jit_data. Asegúrese de liberar jit_data mediante kfree() en la ruta de error. • https://git.kernel.org/stable/c/1c8f9b91c456f5b47a377a0c8c5d4130fc39433a •