CVSS: -EPSS: 0%CPEs: 2EXPL: 0CVE-2021-47125 – sch_htb: fix refcount leak in htb_parent_to_leaf_offload
https://notcve.org/view.php?id=CVE-2021-47125
15 Mar 2024 — In the Linux kernel, the following vulnerability has been resolved: sch_htb: fix refcount leak in htb_parent_to_leaf_offload The commit ae81feb7338c ("sch_htb: fix null pointer dereference on a null new_q") fixes a NULL pointer dereference bug, but it is not correct. Because htb_graft_helper properly handles the case when new_q is NULL, and after the previous patch by skipping this call which creates an inconsistency : dev_queue->qdisc will still point to the old qdisc, but cl->parent->leaf.q will point ... • https://git.kernel.org/stable/c/ae81feb7338c89cee4e6aa0424bdab2ce2b52da2 •
CVSS: -EPSS: 0%CPEs: 6EXPL: 0CVE-2021-47124 – io_uring: fix link timeout refs
https://notcve.org/view.php?id=CVE-2021-47124
15 Mar 2024 — In the Linux kernel, the following vulnerability has been resolved: io_uring: fix link timeout refs WARNING: CPU: 0 PID: 10242 at lib/refcount.c:28 refcount_warn_saturate+0x15b/0x1a0 lib/refcount.c:28 RIP: 0010:refcount_warn_saturate+0x15b/0x1a0 lib/refcount.c:28 Call Trace: __refcount_sub_and_test include/linux/refcount.h:283 [inline] __refcount_dec_and_test include/linux/refcount.h:315 [inline] refcount_dec_and_test include/linux/refcount.h:333 [inline] io_put_req fs/io_uring.c:2140 [inline] io_que... • https://git.kernel.org/stable/c/1c20e9040f49687ba2ccc2ffd4411351a6c2ebff •
CVSS: -EPSS: 0%CPEs: 2EXPL: 0CVE-2021-47123 – io_uring: fix ltout double free on completion race
https://notcve.org/view.php?id=CVE-2021-47123
15 Mar 2024 — In the Linux kernel, the following vulnerability has been resolved: io_uring: fix ltout double free on completion race Always remove linked timeout on io_link_timeout_fn() from the master request link list, otherwise we may get use-after-free when first io_link_timeout_fn() puts linked timeout in the fail path, and then will be found and put on master's free. En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: io_uring: corrige la doble liberación de ltout al finalizar la ejecución. Elimina... • https://git.kernel.org/stable/c/90cd7e424969d29aff653333b4dcb4e2e199d791 •
CVSS: -EPSS: 0%CPEs: 8EXPL: 0CVE-2021-47122 – net: caif: fix memory leak in caif_device_notify
https://notcve.org/view.php?id=CVE-2021-47122
15 Mar 2024 — In the Linux kernel, the following vulnerability has been resolved: net: caif: fix memory leak in caif_device_notify In case of caif_enroll_dev() fail, allocated link_support won't be assigned to the corresponding structure. So simply free allocated pointer in case of error En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: net: caif: corrige la pérdida de memoria en caif_device_notify En caso de que falle caif_enroll_dev(), el link_support asignado no se asignará a la estructura correspon... • https://git.kernel.org/stable/c/7c18d2205ea76eef9674e59e1ecae4f332a53e9e •
CVSS: -EPSS: 0%CPEs: 8EXPL: 0CVE-2021-47121 – net: caif: fix memory leak in cfusbl_device_notify
https://notcve.org/view.php?id=CVE-2021-47121
15 Mar 2024 — In the Linux kernel, the following vulnerability has been resolved: net: caif: fix memory leak in cfusbl_device_notify In case of caif_enroll_dev() fail, allocated link_support won't be assigned to the corresponding structure. So simply free allocated pointer in case of error. En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: net: caif: corrige la pérdida de memoria en cfusbl_device_notify En caso de que falle caif_enroll_dev(), el link_support asignado no se asignará a la estructura corr... • https://git.kernel.org/stable/c/7ad65bf68d705b445ef10b77ab50dab22be185ee •
CVSS: -EPSS: 0%CPEs: 4EXPL: 0CVE-2021-47120 – HID: magicmouse: fix NULL-deref on disconnect
https://notcve.org/view.php?id=CVE-2021-47120
15 Mar 2024 — In the Linux kernel, the following vulnerability has been resolved: HID: magicmouse: fix NULL-deref on disconnect Commit 9d7b18668956 ("HID: magicmouse: add support for Apple Magic Trackpad 2") added a sanity check for an Apple trackpad but returned success instead of -ENODEV when the check failed. This means that the remove callback will dereference the never-initialised driver data pointer when the driver is later unbound (e.g. on USB disconnect). En el kernel de Linux, se resolvió la siguiente vulnerab... • https://git.kernel.org/stable/c/9d7b18668956c411a422d04c712994c5fdb23a4b •
CVSS: -EPSS: 0%CPEs: 3EXPL: 0CVE-2021-47119 – ext4: fix memory leak in ext4_fill_super
https://notcve.org/view.php?id=CVE-2021-47119
15 Mar 2024 — In the Linux kernel, the following vulnerability has been resolved: ext4: fix memory leak in ext4_fill_super Buffer head references must be released before calling kill_bdev(); otherwise the buffer head (and its page referenced by b_data) will not be freed by kill_bdev, and subsequently that bh will be leaked. If blocksizes differ, sb_set_blocksize() will kill current buffers and page cache by using kill_bdev(). And then super block will be reread again but using correct blocksize this time. sb_set_block... • https://git.kernel.org/stable/c/ac27a0ec112a089f1a5102bc8dffc79c8c815571 •
CVSS: 4.1EPSS: 0%CPEs: 8EXPL: 0CVE-2021-47118 – pid: take a reference when initializing `cad_pid`
https://notcve.org/view.php?id=CVE-2021-47118
15 Mar 2024 — In the Linux kernel, the following vulnerability has been resolved: pid: take a reference when initializing `cad_pid` During boot, kernel_init_freeable() initializes `cad_pid` to the init task's struct pid. Later on, we may change `cad_pid` via a sysctl, and when this happens proc_do_cad_pid() will increment the refcount on the new pid via get_pid(), and will decrement the refcount on the old pid via put_pid(). As we never called get_pid() when we initialized `cad_pid`, we decrement a reference we never... • https://git.kernel.org/stable/c/9ec52099e4b8678a60e9f93e41ad87885d64f3e6 • CWE-416: Use After Free •
CVSS: -EPSS: 0%CPEs: 8EXPL: 0CVE-2021-47117 – ext4: fix bug on in ext4_es_cache_extent as ext4_split_extent_at failed
https://notcve.org/view.php?id=CVE-2021-47117
15 Mar 2024 — In the Linux kernel, the following vulnerability has been resolved: ext4: fix bug on in ext4_es_cache_extent as ext4_split_extent_at failed We got follow bug_on when run fsstress with injecting IO fault: [130747.323114] kernel BUG at fs/ext4/extents_status.c:762! [130747.323117] Internal error: Oops - BUG: 0 [#1] SMP ...... [130747.334329] Call trace: [130747.334553] ext4_es_cache_extent+0x150/0x168 [ext4] [130747.334975] ext4_cache_extents+0x64/0xe8 [ext4] [130747.335368] ext4_find_extent+0x300/0x330 ... • https://git.kernel.org/stable/c/e33bafad30d34cfa5e9787cb099cab05e2677fcb •
CVSS: -EPSS: 0%CPEs: 3EXPL: 0CVE-2021-47116 – ext4: fix memory leak in ext4_mb_init_backend on error path.
https://notcve.org/view.php?id=CVE-2021-47116
15 Mar 2024 — In the Linux kernel, the following vulnerability has been resolved: ext4: fix memory leak in ext4_mb_init_backend on error path. Fix a memory leak discovered by syzbot when a file system is corrupted with an illegally large s_log_groups_per_flex. En el kernel de Linux, se resolvió la siguiente vulnerabilidad: ext4: corrige la pérdida de memoria en ext4_mb_init_backend en la ruta de error. Solucione una pérdida de memoria descubierta por syzbot cuando un sistema de archivos está dañado con un s_log_groups_... • https://git.kernel.org/stable/c/2050c6e5b161e5e25ce3c420fef58b24fa388a49 •