CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 0CVE-2021-47242 – mptcp: fix soft lookup in subflow_error_report()
https://notcve.org/view.php?id=CVE-2021-47242
21 May 2024 — In the Linux kernel, the following vulnerability has been resolved: mptcp: fix soft lookup in subflow_error_report() Maxim reported a soft lookup in subflow_error_report(): watchdog: BUG: soft lockup - CPU#0 stuck for 22s! [swapper/0:0] RIP: 0010:native_queued_spin_lock_slowpath RSP: 0018:ffffa859c0003bc0 EFLAGS: 00000202 RAX: 0000000000000101 RBX: 0000000000000001 RCX: 0000000000000000 RDX: ffff9195c2772d88 RSI: 0000000000000000 RDI: ffff9195c2772d88 RBP: ffff9195c2772d00 R08: 00000000000067b0 R09... • https://git.kernel.org/stable/c/15cc10453398c22f78f6c2b897119ecce5e5dd89 • CWE-667: Improper Locking •
CVSS: 7.5EPSS: 0%CPEs: 3EXPL: 0CVE-2021-47241 – ethtool: strset: fix message length calculation
https://notcve.org/view.php?id=CVE-2021-47241
21 May 2024 — In the Linux kernel, the following vulnerability has been resolved: ethtool: strset: fix message length calculation Outer nest for ETHTOOL_A_STRSET_STRINGSETS is not accounted for. This may result in ETHTOOL_MSG_STRSET_GET producing a warning like: calculated message payload length (684) not sufficient WARNING: CPU: 0 PID: 30967 at net/ethtool/netlink.c:369 ethnl_default_doit+0x87a/0xa20 and a splat. As usually with such warnings three conditions must be met for the warning to trigger: - there... • https://git.kernel.org/stable/c/71921690f9745fef60a2bad425f30adf8cdc9da0 • CWE-266: Incorrect Privilege Assignment •
CVSS: -EPSS: 0%CPEs: 5EXPL: 0CVE-2021-47240 – net: qrtr: fix OOB Read in qrtr_endpoint_post
https://notcve.org/view.php?id=CVE-2021-47240
21 May 2024 — In the Linux kernel, the following vulnerability has been resolved: net: qrtr: fix OOB Read in qrtr_endpoint_post Syzbot reported slab-out-of-bounds Read in qrtr_endpoint_post. The problem was in wrong _size_ type: if (len != ALIGN(size, 4) + hdrlen) goto err; If size from qrtr_hdr is 4294967293 (0xfffffffd), the result of ALIGN(size, 4) will be 0. In case of len == hdrlen and size == 4294967293 in header this check won't fail and skb_put_data(skb, data + hdrlen, size); will read out of bound from... • https://git.kernel.org/stable/c/194ccc88297ae78d0803adad83c6dcc369787c9e •
CVSS: -EPSS: 0%CPEs: 7EXPL: 0CVE-2021-47239 – net: usb: fix possible use-after-free in smsc75xx_bind
https://notcve.org/view.php?id=CVE-2021-47239
21 May 2024 — In the Linux kernel, the following vulnerability has been resolved: net: usb: fix possible use-after-free in smsc75xx_bind The commit 46a8b29c6306 ("net: usb: fix memory leak in smsc75xx_bind") fails to clean up the work scheduled in smsc75xx_reset-> smsc75xx_set_multicast, which leads to use-after-free if the work is scheduled to start after the deallocation. In addition, this patch also removes a dangling pointer - dev->data[0]. This patch calls cancel_work_sync to cancel the scheduled work and set the... • https://git.kernel.org/stable/c/200dbfcad8011e50c3cec269ed7b980836eeb1fa •
CVSS: 5.5EPSS: 0%CPEs: 9EXPL: 0CVE-2021-47238 – net: ipv4: fix memory leak in ip_mc_add1_src
https://notcve.org/view.php?id=CVE-2021-47238
21 May 2024 — In the Linux kernel, the following vulnerability has been resolved: net: ipv4: fix memory leak in ip_mc_add1_src BUG: memory leak unreferenced object 0xffff888101bc4c00 (size 32): comm "syz-executor527", pid 360, jiffies 4294807421 (age 19.329s) hex dump (first 32 bytes): 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ 01 00 00 00 00 00 00 00 ac 14 14 bb 00 00 02 00 ................ backtrace: [<00000000f17c5244>] kmalloc include/linux/slab.h:558 [inline] [<00000000f... • https://git.kernel.org/stable/c/24803f38a5c0b6c57ed800b47e695f9ce474bc3a • CWE-400: Uncontrolled Resource Consumption •
CVSS: -EPSS: 0%CPEs: 8EXPL: 0CVE-2021-47237 – net: hamradio: fix memory leak in mkiss_close
https://notcve.org/view.php?id=CVE-2021-47237
21 May 2024 — In the Linux kernel, the following vulnerability has been resolved: net: hamradio: fix memory leak in mkiss_close My local syzbot instance hit memory leak in mkiss_open()[1]. The problem was in missing free_netdev() in mkiss_close(). In mkiss_open() netdevice is allocated and then registered, but in mkiss_close() netdevice was only unregistered, but not freed. Fail log: BUG: memory leak unreferenced object 0xffff8880281ba000 (size 4096): comm "syz-executor.1", pid 11443, jiffies 4295046091 (age 17.66... • https://git.kernel.org/stable/c/815f62bf742718458ba822a7e1f51f285eb997f2 •
CVSS: 5.1EPSS: 0%CPEs: 8EXPL: 0CVE-2021-47236 – net: cdc_eem: fix tx fixup skb leak
https://notcve.org/view.php?id=CVE-2021-47236
21 May 2024 — In the Linux kernel, the following vulnerability has been resolved: net: cdc_eem: fix tx fixup skb leak when usbnet transmit a skb, eem fixup it in eem_tx_fixup(), if skb_copy_expand() failed, it return NULL, usbnet_start_xmit() will have no chance to free original skb. fix it by free orginal skb in eem_tx_fixup() first, then check skb clone status, if failed, return NULL to usbnet. En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: net: cdc_eem: corrige la fuga de skb de reparación de tx... • https://git.kernel.org/stable/c/9f722c0978b04acba209f8ca1896ad05814bc3a3 • CWE-402: Transmission of Private Resources into a New Sphere ('Resource Leak') •
CVSS: -EPSS: 0%CPEs: 8EXPL: 0CVE-2021-47235 – net: ethernet: fix potential use-after-free in ec_bhf_remove
https://notcve.org/view.php?id=CVE-2021-47235
21 May 2024 — In the Linux kernel, the following vulnerability has been resolved: net: ethernet: fix potential use-after-free in ec_bhf_remove static void ec_bhf_remove(struct pci_dev *dev) { ... struct ec_bhf_priv *priv = netdev_priv(net_dev); unregister_netdev(net_dev); free_netdev(net_dev); pci_iounmap(dev, priv->dma_io); pci_iounmap(dev, priv->io); ... } priv is netdev private data, but it is used after free_netdev(). It can cause use-after-free when accessing priv pointer. So, fix it by moving free_netdev(... • https://git.kernel.org/stable/c/6af55ff52b02d492d45db88df3e461fa51a6f753 •
CVSS: -EPSS: 0%CPEs: 3EXPL: 0CVE-2021-47234 – phy: phy-mtk-tphy: Fix some resource leaks in mtk_phy_init()
https://notcve.org/view.php?id=CVE-2021-47234
21 May 2024 — In the Linux kernel, the following vulnerability has been resolved: phy: phy-mtk-tphy: Fix some resource leaks in mtk_phy_init() Use clk_disable_unprepare() in the error path of mtk_phy_init() to fix some resource leaks. En el kernel de Linux, se resolvió la siguiente vulnerabilidad: phy: phy-mtk-tphy: solucione algunas fugas de recursos en mtk_phy_init() Utilice clk_disable_unprepare() en la ruta de error de mtk_phy_init() para solucionar algunas fugas de recursos. • https://git.kernel.org/stable/c/9a17907946232d01aa2ec109da5f93b8d31dd425 •
CVSS: -EPSS: 0%CPEs: 3EXPL: 0CVE-2021-47233 – regulator: rt4801: Fix NULL pointer dereference if priv->enable_gpios is NULL
https://notcve.org/view.php?id=CVE-2021-47233
21 May 2024 — In the Linux kernel, the following vulnerability has been resolved: regulator: rt4801: Fix NULL pointer dereference if priv->enable_gpios is NULL devm_gpiod_get_array_optional may return NULL if no GPIO was assigned. En el kernel de Linux, se resolvió la siguiente vulnerabilidad: regulador: rt4801: corrige la desreferencia del puntero NULL si priv->enable_gpios es NULL, devm_gpiod_get_array_optional puede devolver NULL si no se asignó ningún GPIO. • https://git.kernel.org/stable/c/ba8a26a7ce8617f9f3d6230de34b2302df086b41 •