CVSS: 7.1EPSS: 0%CPEs: 3EXPL: 0CVE-2021-47390 – KVM: x86: Fix stack-out-of-bounds memory access from ioapic_write_indirect()
https://notcve.org/view.php?id=CVE-2021-47390
21 May 2024 — In the Linux kernel, the following vulnerability has been resolved: KVM: x86: Fix stack-out-of-bounds memory access from ioapic_write_indirect() KASAN reports the following issue: BUG: KASAN: stack-out-of-bounds in kvm_make_vcpus_request_mask+0x174/0x440 [kvm] Read of size 8 at addr ffffc9001364f638 by task qemu-kvm/4798 CPU: 0 PID: 4798 Comm: qemu-kvm Tainted: G X --------- --- Hardware name: AMD Corporation DAYTONA_X/DAYTONA_X, BIOS RYM0081C 07/13/2020 Call Trace: dump_stack+0xa5/0xe6 print_address... • https://git.kernel.org/stable/c/7ee30bc132c683d06a6d9e360e39e483e3990708 •
CVSS: 5.1EPSS: 0%CPEs: 2EXPL: 0CVE-2021-47389 – KVM: SVM: fix missing sev_decommission in sev_receive_start
https://notcve.org/view.php?id=CVE-2021-47389
21 May 2024 — In the Linux kernel, the following vulnerability has been resolved: KVM: SVM: fix missing sev_decommission in sev_receive_start DECOMMISSION the current SEV context if binding an ASID fails after RECEIVE_START. In the Linux kernel, the following vulnerability has been resolved: KVM: SVM: fix missing sev_decommission in sev_receive_start DECOMMISSION the current SEV context if binding an ASID fails after RECEIVE_START. ... En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad... • https://git.kernel.org/stable/c/af43cbbf954b50ca97d5e7bb56c2edc6ffd209ef • CWE-772: Missing Release of Resource after Effective Lifetime •
CVSS: 7.8EPSS: 0%CPEs: 9EXPL: 0CVE-2021-47388 – mac80211: fix use-after-free in CCMP/GCMP RX
https://notcve.org/view.php?id=CVE-2021-47388
21 May 2024 — In the Linux kernel, the following vulnerability has been resolved: mac80211: fix use-after-free in CCMP/GCMP RX When PN checking is done in mac80211, for fragmentation we need to copy the PN to the RX struct so we can later use it to do a comparison, since commit bf30ca922a0c ("mac80211: check defrag PN against current frame"). In the Linux kernel, the following vulnerability has been resolved: mac80211: fix use-after-free in CCMP/GCMP RX When PN checking is done in mac80211, for fragmentatio... • https://git.kernel.org/stable/c/608b0a2ae928a74a2f89e02227339dd79cdb63cf •
CVSS: 5.5EPSS: 0%CPEs: 7EXPL: 0CVE-2021-47387 – cpufreq: schedutil: Use kobject release() method to free sugov_tunables
https://notcve.org/view.php?id=CVE-2021-47387
21 May 2024 — In the Linux kernel, the following vulnerability has been resolved: cpufreq: schedutil: Use kobject release() method to free sugov_tunables The struct sugov_tunables is protected by the kobject, so we can't free it directly. In the Linux kernel, the following vulnerability has been resolved: cpufreq: schedutil: Use kobject release() method to free sugov_tunables The struct sugov_tunables is protected by the kobject, so we can't free it directly. ... En el kernel de Linux, se ha resuelto... • https://git.kernel.org/stable/c/9bdcb44e391da5c41b98573bf0305a0e0b1c9569 •
CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 0CVE-2021-47386 – hwmon: (w83791d) Fix NULL pointer dereference by removing unnecessary structure field
https://notcve.org/view.php?id=CVE-2021-47386
21 May 2024 — In the Linux kernel, the following vulnerability has been resolved: hwmon: (w83791d) Fix NULL pointer dereference by removing unnecessary structure field If driver read val value sufficient for (val & 0x08) && (!... Found by Linux Driver Verification project (linuxtesting.org). Found by Linux Driver Verification project (linuxtesting.org). [groeck: Dropped unnecessary continuation lines, fixed multi-line alignment] En el kernel de Linux, se resolvió la siguiente vulnerabilidad: h... • https://git.kernel.org/stable/c/44d3c480e4e2a75bf6296a18b4356157991ccd80 • CWE-476: NULL Pointer Dereference •
CVSS: 4.6EPSS: 0%CPEs: 4EXPL: 0CVE-2021-47385 – hwmon: (w83792d) Fix NULL pointer dereference by removing unnecessary structure field
https://notcve.org/view.php?id=CVE-2021-47385
21 May 2024 — In the Linux kernel, the following vulnerability has been resolved: hwmon: (w83792d) Fix NULL pointer dereference by removing unnecessary structure field If driver read val value sufficient for (val & 0x08) && (!... Found by Linux Driver Verification project (linuxtesting.org). Found by Linux Driver Verification project (linuxtesting.org). [groeck: Dropped unnecessary continuation lines, fixed multipline alignment] En el kernel de Linux, se resolvió la siguiente vulnerabilidad: h... • https://git.kernel.org/stable/c/200ced5ba724d8bbf29dfac4ed1e17a39ccaccd1 • CWE-476: NULL Pointer Dereference •
CVSS: 5.5EPSS: 0%CPEs: 4EXPL: 0CVE-2021-47384 – hwmon: (w83793) Fix NULL pointer dereference by removing unnecessary structure field
https://notcve.org/view.php?id=CVE-2021-47384
21 May 2024 — In the Linux kernel, the following vulnerability has been resolved: hwmon: (w83793) Fix NULL pointer dereference by removing unnecessary structure field If driver read tmp value sufficient for (tmp & 0x08) && (!... Found by Linux Driver Verification project (linuxtesting.org). Found by Linux Driver Verification project (linuxtesting.org). ... Encontrado por el proyecto de verificación de controladores de Linux (linuxtesting.org). ... • https://git.kernel.org/stable/c/6cb01fe630eaffc5a2c3f7364436caddba286623 •
CVSS: 6.8EPSS: 0%CPEs: 8EXPL: 0CVE-2021-47383 – tty: Fix out-of-bound vmalloc access in imageblit
https://notcve.org/view.php?id=CVE-2021-47383
21 May 2024 — In the Linux kernel, the following vulnerability has been resolved: tty: Fix out-of-bound vmalloc access in imageblit This issue happens when a userspace program does an ioctl FBIOPUT_VSCREENINFO passing the fb_var_screeninfo struct containing only the fields xres, yres, and bits_per_pixel with values. In the Linux kernel, the following vulnerability has been resolved: tty: Fix out-of-bound vmalloc access in imageblit This issue happens when a userspace program does an ioctl FBIOPUT_VSCREENINF... • https://git.kernel.org/stable/c/7e71fcedfda6f7de18f850a6b36e78d78b04476f • CWE-125: Out-of-bounds Read •
CVSS: 4.7EPSS: 0%CPEs: 3EXPL: 0CVE-2021-47382 – s390/qeth: fix deadlock during failing recovery
https://notcve.org/view.php?id=CVE-2021-47382
21 May 2024 — In the Linux kernel, the following vulnerability has been resolved: s390/qeth: fix deadlock during failing recovery Commit 0b9902c1fcc5 ("s390/qeth: fix deadlock during recovery") removed taking discipline_mutex inside qeth_do_reset(), fixing potential deadlocks. In the Linux kernel, the following vulnerability has been resolved: s390/qeth: fix deadlock during failing recovery Commit 0b9902c1fcc5 ("s390/qeth: fix deadlock during recovery") removed taking discipline_mutex inside qeth_do_reset()... • https://git.kernel.org/stable/c/b41b554c1ee75070a14c02a88496b1f231c7eacc •
CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 0CVE-2021-47381 – ASoC: SOF: Fix DSP oops stack dump output contents
https://notcve.org/view.php?id=CVE-2021-47381
21 May 2024 — In the Linux kernel, the following vulnerability has been resolved: ASoC: SOF: Fix DSP oops stack dump output contents Fix @buf arg given to hex_dump_to_buffer() and stack address used in dump error output. In the Linux kernel, the following vulnerability has been resolved: ASoC: SOF: Fix DSP oops stack dump output contents Fix @buf arg given to hex_dump_to_buffer() and stack address used in dump error output. En el kernel de Linux, se resolvió la siguiente vulnerabilidad: ASoC: SOF: co... • https://git.kernel.org/stable/c/e657c18a01c85d2c4ec0e96d52be8ba42b956593 •