CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 0CVE-2021-47268 – usb: typec: tcpm: cancel vdm and state machine hrtimer when unregister tcpm port
https://notcve.org/view.php?id=CVE-2021-47268
21 May 2024 — [ 111.517018] Unable to handle kernel paging request at virtual address ffff8000118cb880 [ 111.518786] blk_update_request: I/O error, dev sda, sector 60061185 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 111.526594] Mem abort info: [ 111.526597] ESR = 0x96000047 [ 111.526600] EC = 0x25: DABT (current EL), IL = 32 bits [ 111.526604] SET = 0, FnV = 0 [ 111.526607] EA = 0, S1PTW = 0 [ 111.526610] Data abort info: [ 111.526612] ISV = 0, ISS = 0x00000047 [ 111.526615] CM = 0, WnR = 1 [ 111.526619] swapper p... • https://git.kernel.org/stable/c/3ed8e1c2ac9914a2fcb08ec13476b85319536cea •
CVSS: 6.3EPSS: 0%CPEs: 7EXPL: 0CVE-2021-47267 – usb: fix various gadget panics on 10gbps cabling
https://notcve.org/view.php?id=CVE-2021-47267
21 May 2024 — In the Linux kernel, the following vulnerability has been resolved: usb: fix various gadget panics on 10gbps cabling usb_assign_descriptors() is called with 5 parameters, the last 4 of which are the usb_descriptor_header for: full-speed (USB1.1 - 12Mbps [including USB1.0 low-speed @ 1.5Mbps), high-speed (USB2.0 - 480Mbps), super-speed (USB3.0 - 5Gbps), super-speed-plus (USB3.1 - 10Gbps). In the Linux kernel, the following vulnerability has been resolved: usb: fix various gadget panics on 10gbp... • https://git.kernel.org/stable/c/fd24be23abf3e94260be0f00bb42c7e91d495f87 •
CVSS: 5.5EPSS: 0%CPEs: 6EXPL: 0CVE-2021-47266 – RDMA/ipoib: Fix warning caused by destroying non-initial netns
https://notcve.org/view.php?id=CVE-2021-47266
21 May 2024 — In the Linux kernel, the following vulnerability has been resolved: RDMA/ipoib: Fix warning caused by destroying non-initial netns After the commit 5ce2dced8e95 ("RDMA/ipoib: Set rtnl_link_ops for ipoib interfaces"), if the IPoIB device is moved to non-initial netns, destroying that netns lets the device vanish instead of moving it back to the initial netns, This is happening because default_device_exit() skips the interfaces due to having rtnl_link_ops set. In the Linux kernel, the following ... • https://git.kernel.org/stable/c/dc1d4c658b9c123e31054fffcbc0b23566694b1a •
CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 0CVE-2021-47265 – RDMA: Verify port when creating flow rule
https://notcve.org/view.php?id=CVE-2021-47265
21 May 2024 — Call trace: _create_flow_rule+0x2d4/0xf28 [mlx5_ib] mlx5_ib_create_flow+0x2d0/0x5b0 [mlx5_ib] ib_uverbs_ex_create_flow+0x4cc/0x624 [ib_uverbs] ib_uverbs_handler_UVERBS_METHOD_INVOKE_WRITE+0xd4/0x150 [ib_uverbs] ib_uverbs_cmd_verbs.isra.7+0xb28/0xc50 [ib_uverbs] ib_uverbs_ioctl+0x158/0x1d0 [ib_uverbs] do_vfs_ioctl+0xd0/0xaf0 ksys_ioctl+0x84/0xb4 __arm64_sys_ioctl+0x28/0xc4 el0_svc_common.constprop.3+0xa4/0x254 el0_svc_handler+0x84/0xa0 el0_svc+0x10/0x26c Code: b9401260 f9615681 51000400 8b001c20 (f9403c1a) E... • https://git.kernel.org/stable/c/436f2ad05a0b65b1467ddf51bc68171c381bf844 •
CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 0CVE-2021-47264 – ASoC: core: Fix Null-point-dereference in fmt_single_name()
https://notcve.org/view.php?id=CVE-2021-47264
21 May 2024 — In the Linux kernel, the following vulnerability has been resolved: ASoC: core: Fix Null-point-dereference in fmt_single_name() Check the return value of devm_kstrdup() in case of Null-point-dereference. In the Linux kernel, the following vulnerability has been resolved: ASoC: core: Fix Null-point-dereference in fmt_single_name() Check the return value of devm_kstrdup() in case of Null-point-dereference. En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: ASoC: core: corr... • https://git.kernel.org/stable/c/45dd9943fce08f1b38352ff9453682253bdf19b7 •
CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 0CVE-2021-47263 – gpio: wcd934x: Fix shift-out-of-bounds error
https://notcve.org/view.php?id=CVE-2021-47263
21 May 2024 — La máscara de bits para los pines 0 a 4 es BIT(0) a BIT(4); sin embargo, terminamos con BIT( n - 1) lo cual no es correcto, y esto fue detectado por la siguiente verificación USB UBSAN: shift-out-of-bounds in drivers/gpio/gpio-wcd934x.c:34:14 In the Linux kernel, the following vulnerability has been resolved: gpio: wcd934x: Fix shift-out-of-bounds error bit-mask for pins 0 to 4 is BIT(0) to BIT(4) however we ended up with BIT(n - 1) which is not right, and this was caught by below usban check UBSAN: ... • https://git.kernel.org/stable/c/59c324683400b41caa6d85b091e812ee3d5415c3 •
CVSS: 7.1EPSS: 0%CPEs: 4EXPL: 0CVE-2021-47262 – KVM: x86: Ensure liveliness of nested VM-Enter fail tracepoint message
https://notcve.org/view.php?id=CVE-2021-47262
21 May 2024 — kvm_nested_vmenter_failed: ' WARNING: CPU: 3 PID: 140134 at kernel/trace/trace.c:3759 trace_check_vprintf+0x3be/0x3e0 CPU: 3 PID: 140134 Comm: less Not tainted 5.13.0-rc1-ce2e73ce600a-req #184 Hardware name: ASUS Q87M-E/Q87M-E, BIOS 1102 03/03/2014 RIP: 0010:trace_check_vprintf+0x3be/0x3e0 Code: <0f> 0b 44 8b 4c 24 1c e9 a9 fe ff ff c6 44 02 ff 00 49 8b 97 b0 20 RSP: 0018:ffffa895cc37bcb0 EFLAGS: 00010282 RAX: 0000000000000000 RBX: ffffa895cc37bd08 RCX: 0000000000000027 RDX: 0000000000000027 RSI: 00000000ff... • https://git.kernel.org/stable/c/380e0055bc7e4a5c687436ba3ccebb4667836b95 •
CVSS: 7.8EPSS: 0%CPEs: 5EXPL: 0CVE-2021-47261 – IB/mlx5: Fix initializing CQ fragments buffer
https://notcve.org/view.php?id=CVE-2021-47261
21 May 2024 — In the Linux kernel, the following vulnerability has been resolved: IB/mlx5: Fix initializing CQ fragments buffer The function init_cq_frag_buf() can be called to initialize the current CQ fragments buffer cq->buf, or the temporary cq->resize_buf that is filled during CQ resize operation. In the Linux kernel, the following vulnerability has been resolved: IB/mlx5: Fix initializing CQ fragments buffer The function init_cq_frag_buf() can be called to initialize the current CQ fragments buffer cq... • https://git.kernel.org/stable/c/388ca8be00370db132464e27f745b8a0add19fcb •
CVSS: 5.5EPSS: 0%CPEs: 8EXPL: 0CVE-2021-47260 – NFS: Fix a potential NULL dereference in nfs_get_client()
https://notcve.org/view.php?id=CVE-2021-47260
21 May 2024 — In the Linux kernel, the following vulnerability has been resolved: NFS: Fix a potential NULL dereference in nfs_get_client() None of the callers are expecting NULL returns from nfs_get_client() so this code will lead to an Oops. In the Linux kernel, the following vulnerability has been resolved: NFS: Fix a potential NULL dereference in nfs_get_client() None of the callers are expecting NULL returns from nfs_get_client() so this code will lead to an Oops. ... En el kernel de Linux, se r... • https://git.kernel.org/stable/c/31434f496abb9f3410b10f541462fe58613dd3ad •
CVSS: 7.5EPSS: 0%CPEs: 6EXPL: 0CVE-2021-47259 – NFS: Fix use-after-free in nfs4_init_client()
https://notcve.org/view.php?id=CVE-2021-47259
21 May 2024 — In the Linux kernel, the following vulnerability has been resolved: NFS: Fix use-after-free in nfs4_init_client() KASAN reports a use-after-free when attempting to mount two different exports through two different NICs that belong to the same server. In the Linux kernel, the following vulnerability has been resolved: NFS: Fix use-after-free in nfs4_init_client() KASAN reports a use-after-free when attempting to mount two different exports through two different NICs that belong to the same serv... • https://git.kernel.org/stable/c/8dcbec6d20eb881ba368d0aebc3a8a678aebb1da • CWE-416: Use After Free •