CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 0CVE-2021-47299 – xdp, net: Fix use-after-free in bpf_xdp_link_release
https://notcve.org/view.php?id=CVE-2021-47299
21 May 2024 — In the Linux kernel, the following vulnerability has been resolved: xdp, net: Fix use-after-free in bpf_xdp_link_release The problem occurs between dev_get_by_index() and dev_xdp_attach_link(). At this point, dev_xdp_uninstall() is called. ... But link->dev already points to dev, when xdp link is released, dev will still be accessed, but dev has been released. • https://git.kernel.org/stable/c/aa8d3a716b59db6c1ad6c68fb8aa05e31980da60 •
CVSS: 8.5EPSS: 0%CPEs: 3EXPL: 0CVE-2021-47298 – bpf, sockmap: Fix potential memory leak on unlikely error case
https://notcve.org/view.php?id=CVE-2021-47298
21 May 2024 — In the Linux kernel, the following vulnerability has been resolved: bpf, sockmap: Fix potential memory leak on unlikely error case If skb_linearize is needed and fails we could leak a msg on the error handling. In the Linux kernel, the following vulnerability has been resolved: bpf, sockmap: Fix potential memory leak on unlikely error case If skb_linearize is needed and fails we could leak a msg on the error handling. ... En el kernel de Linux, se resolvió la siguiente vulnerabilidad: b... • https://git.kernel.org/stable/c/4363023d2668e621b0743db351a9555d6e6ea57e •
CVSS: 5.5EPSS: 0%CPEs: 8EXPL: 0CVE-2021-47297 – net: fix uninit-value in caif_seqpkt_sendmsg
https://notcve.org/view.php?id=CVE-2021-47297
21 May 2024 — ===================================================== BUG: KMSAN: uninit-value in caif_seqpkt_sendmsg+0x693/0xf60 net/caif/caif_socket.c:542 Call Trace: __dump_stack lib/dump_stack.c:77 [inline] dump_stack+0x1c9/0x220 lib/dump_stack.c:118 kmsan_report+0xf7/0x1e0 mm/kmsan/kmsan_report.c:118 __msan_warning+0x58/0xa0 mm/kmsan/kmsan_instr.c:215 caif_seqpkt_sendmsg+0x693/0xf60 net/caif/caif_socket.c:542 sock_sendmsg_nosec net/socket.c:652 [inline] sock_sendmsg net/socket.c:672 [inline] ____sys_sendmsg+0x12b6/0x1... • https://git.kernel.org/stable/c/bece7b2398d073d11b2e352405a3ecd3a1e39c60 •
CVSS: 4.7EPSS: 0%CPEs: 5EXPL: 0CVE-2021-47296 – KVM: PPC: Fix kvm_arch_vcpu_ioctl vcpu_load leak
https://notcve.org/view.php?id=CVE-2021-47296
21 May 2024 — In the Linux kernel, the following vulnerability has been resolved: KVM: PPC: Fix kvm_arch_vcpu_ioctl vcpu_load leak vcpu_put is not called if the user copy fails. ... En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: KVM: PPC: corrección de fuga de kvm_arch_vcpu_ioctl vcpu_load. ... In the Linux kernel, the following vulnerability has been resolved: KVM: PPC: Fix kvm_arch_vcpu_ioctl vcpu_load leak vcpu_put is not called if the user copy fails. • https://git.kernel.org/stable/c/b3cebfe8c1cadf1817939dcc3688a2504a69c662 •
CVSS: 7.5EPSS: 0%CPEs: 4EXPL: 0CVE-2021-47295 – net: sched: fix memory leak in tcindex_partial_destroy_work
https://notcve.org/view.php?id=CVE-2021-47295
21 May 2024 — In the Linux kernel, the following vulnerability has been resolved: net: sched: fix memory leak in tcindex_partial_destroy_work Syzbot reported memory leak in tcindex_set_parms(). In the Linux kernel, the following vulnerability has been resolved: net: sched: fix memory leak in tcindex_partial_destroy_work Syzbot reported memory leak in tcindex_set_parms(). ... En el kernel de Linux, se resolvió la siguiente vulnerabilidad: net: sched: corrige la pérdida de memoria en tcindex_partial_de... • https://git.kernel.org/stable/c/331b72922c5f58d48fd5500acadc91777cc31970 • CWE-400: Uncontrolled Resource Consumption •
CVSS: 5.5EPSS: 0%CPEs: 10EXPL: 0CVE-2021-47294 – netrom: Decrease sock refcount when sock timers expire
https://notcve.org/view.php?id=CVE-2021-47294
21 May 2024 — In the Linux kernel, the following vulnerability has been resolved: netrom: Decrease sock refcount when sock timers expire Commit 63346650c1a9 ("netrom: switch to sock timer API") switched to use sock timer API. In the Linux kernel, the following vulnerability has been resolved: netrom: Decrease sock refcount when sock timers expire Commit 63346650c1a9 ("netrom: switch to sock timer API") switched to use sock timer API. ... En el kernel de Linux, se resolvió la siguiente vulnerabilidad:... • https://git.kernel.org/stable/c/ce29e8a259de767f7210d346ad2b031cb8ab2732 •
CVSS: 5.5EPSS: 0%CPEs: 5EXPL: 0CVE-2021-47293 – net/sched: act_skbmod: Skip non-Ethernet packets
https://notcve.org/view.php?id=CVE-2021-47293
21 May 2024 — In the Linux kernel, the following vulnerability has been resolved: net/sched: act_skbmod: Skip non-Ethernet packets Currently tcf_skbmod_act() assumes that packets use Ethernet as their L2 protocol, which is not always the case. In the Linux kernel, the following vulnerability has been resolved: net/sched: act_skbmod: Skip non-Ethernet packets Currently tcf_skbmod_act() assumes that packets use Ethernet as their L2 protocol, which is not always the case. ... En el kernel de Linux, se h... • https://git.kernel.org/stable/c/86da71b57383d40993cb90baafb3735cffe5d800 • CWE-20: Improper Input Validation •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2021-47292 – io_uring: fix memleak in io_init_wq_offload()
https://notcve.org/view.php?id=CVE-2021-47292
21 May 2024 — In the Linux kernel, the following vulnerability has been resolved: io_uring: fix memleak in io_init_wq_offload() I got memory leak report when doing fuzz test: BUG: memory leak unreferenced object 0xffff888107310a80 (size 96): comm "syz-executor.6", pid 4610, jiffies 4295140240 (age 20.135s) hex dump (first 32 bytes): 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ In the Linux kernel, the following vulnerability has been resolved: io_uring: fix memleak in io_init_wq_offload(... • https://git.kernel.org/stable/c/e941894eae31b52f0fd9bdb3ce20620afa152f45 •
CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 0CVE-2021-47291 – ipv6: fix another slab-out-of-bounds in fib6_nh_flush_exceptions
https://notcve.org/view.php?id=CVE-2021-47291
21 May 2024 — In the Linux kernel, the following vulnerability has been resolved: ipv6: fix another slab-out-of-bounds in fib6_nh_flush_exceptions While running the self-tests on a KASAN enabled kernel, I observed a slab-out-of-bounds splat very similar to the one reported in commit 821bbf79fe46 ("ipv6: Fix KASAN: slab-out-of-bounds Read in fib6_nh_flush_exceptions"). In the Linux kernel, the following vulnerability has been resolved: ipv6: fix another slab-out-of-bounds in fib6_nh_flush_exceptions While ru... • https://git.kernel.org/stable/c/f88d8ea67fbdbac7a64bfa6ed9a2ba27bb822f74 •
CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 0CVE-2021-47290 – scsi: target: Fix NULL dereference on XCOPY completion
https://notcve.org/view.php?id=CVE-2021-47290
21 May 2024 — In the Linux kernel, the following vulnerability has been resolved: scsi: target: Fix NULL dereference on XCOPY completion CPU affinity control added with commit 39ae3edda325 ("scsi: target: core: Make completion affinity configurable") makes target_complete_cmd() queue work on a CPU based on se_tpg->se_tpg_wwn->cmd_compl_affinity state. In the Linux kernel, the following vulnerability has been resolved: scsi: target: Fix NULL dereference on XCOPY completion CPU affinity control added with com... • https://git.kernel.org/stable/c/39ae3edda325e9cf9e978c9788affe88231f3b34 •