CVSS: 5.5EPSS: 0%CPEs: 8EXPL: 0CVE-2021-47169 – serial: rp2: use 'request_firmware' instead of 'request_firmware_nowait'
https://notcve.org/view.php?id=CVE-2021-47169
25 Mar 2024 — In the Linux kernel, the following vulnerability has been resolved: serial: rp2: use 'request_firmware' instead of 'request_firmware_nowait' In 'rp2_probe', the driver registers 'rp2_uart_interrupt' then calls 'rp2_fw_cb' through 'request_firmware_nowait'. In 'rp2_fw_cb', if the firmware don't exists, function just return without initializing ports of 'rp2_card'. But now the interrupt handler function has been registered, and when an interrupt comes, 'rp2_uart_interrupt' may access those ports then causing ... • https://git.kernel.org/stable/c/1e04d5d5fe5e76af68f834e1941fcbfa439653be •
CVSS: 5.5EPSS: 0%CPEs: 8EXPL: 0CVE-2021-47168 – NFS: fix an incorrect limit in filelayout_decode_layout()
https://notcve.org/view.php?id=CVE-2021-47168
25 Mar 2024 — In the Linux kernel, the following vulnerability has been resolved: NFS: fix an incorrect limit in filelayout_decode_layout() The "sizeof(struct nfs_fh)" is two bytes too large and could lead to memory corruption. It should be NFS_MAXFHSIZE because that's the size of the ->data[] buffer. I reversed the size of the arguments to put the variable on the left. En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: NFS: corrige un límite incorrecto en filelayout_decode_layout() El "sizeof(struct nfs_... • https://git.kernel.org/stable/c/16b374ca439fb406e46e071f75428f5b033056f8 •
CVSS: 5.5EPSS: 0%CPEs: 4EXPL: 0CVE-2021-47167 – NFS: Fix an Oopsable condition in __nfs_pageio_add_request()
https://notcve.org/view.php?id=CVE-2021-47167
25 Mar 2024 — In the Linux kernel, the following vulnerability has been resolved: NFS: Fix an Oopsable condition in __nfs_pageio_add_request() Ensure that nfs_pageio_error_cleanup() resets the mirror array contents, so that the structure reflects the fact that it is now empty. Also change the test in nfs_pageio_do_add_request() to be more robust by checking whether or not the list is empty rather than relying on the value of pg_count. En el kernel de Linux, se resolvió la siguiente vulnerabilidad: NFS: corrija una condic... • https://git.kernel.org/stable/c/a7d42ddb3099727f58366fa006f850a219cce6c8 •
CVSS: 5.5EPSS: 0%CPEs: 8EXPL: 0CVE-2021-47166 – NFS: Don't corrupt the value of pg_bytes_written in nfs_do_recoalesce()
https://notcve.org/view.php?id=CVE-2021-47166
25 Mar 2024 — In the Linux kernel, the following vulnerability has been resolved: NFS: Don't corrupt the value of pg_bytes_written in nfs_do_recoalesce() The value of mirror->pg_bytes_written should only be updated after a successful attempt to flush out the requests on the list. En el kernel de Linux, se resolvió la siguiente vulnerabilidad: NFS: no corrompa el valor de pg_bytes_writing en nfs_do_recoalesce() El valor de mirror->pg_bytes_write solo debe actualizarse después de un intento exitoso de eliminar las solic... • https://git.kernel.org/stable/c/a7d42ddb3099727f58366fa006f850a219cce6c8 •
CVSS: 5.5EPSS: 0%CPEs: 7EXPL: 0CVE-2021-47165 – drm/meson: fix shutdown crash when component not probed
https://notcve.org/view.php?id=CVE-2021-47165
25 Mar 2024 — In the Linux kernel, the following vulnerability has been resolved: drm/meson: fix shutdown crash when component not probed When main component is not probed, by example when the dw-hdmi module is not loaded yet or in probe defer, the following crash appears on shutdown: Unable to handle kernel NULL pointer dereference at virtual address 0000000000000038 ... pc : meson_drv_shutdown+0x24/0x50 lr : platform_drv_shutdown+0x20/0x30 ... Call trace: meson_drv_shutdown+0x24/0x50 platform_drv_shutdown+0x20/0x30 dev... • https://git.kernel.org/stable/c/8a5160cc8488776ddc48ea045860dab015f47390 •
CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 0CVE-2021-47164 – net/mlx5e: Fix null deref accessing lag dev
https://notcve.org/view.php?id=CVE-2021-47164
25 Mar 2024 — In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: Fix null deref accessing lag dev It could be the lag dev is null so stop processing the event. In bond_enslave() the active/backup slave being set before setting the upper dev so first event is without an upper dev. After setting the upper dev with bond_master_upper_dev_link() there is a second event and in that event we have an upper dev. En el kernel de Linux, se resolvió la siguiente vulnerabilidad: net/mlx5e: corrigió el dere... • https://git.kernel.org/stable/c/7e51891a237f9ea319f53f9beb83afb0077d88e6 • CWE-476: NULL Pointer Dereference •
CVSS: 7.5EPSS: 0%CPEs: 4EXPL: 0CVE-2021-47163 – tipc: wait and exit until all work queues are done
https://notcve.org/view.php?id=CVE-2021-47163
25 Mar 2024 — In the Linux kernel, the following vulnerability has been resolved: tipc: wait and exit until all work queues are done On some host, a crash could be triggered simply by repeating these commands several times: # modprobe tipc # tipc bearer enable media udp name UDP1 localip 127.0.0.1 # rmmod tipc [] BUG: unable to handle kernel paging request at ffffffffc096bb00 [] Workqueue: events 0xffffffffc096bb00 [] Call Trace: [] ? process_one_work+0x1a7/0x360 [] ? worker_thread+0x30/0x390 [] ? create_worker+0x1a0/0x1... • https://git.kernel.org/stable/c/d0f91938bede204a343473792529e0db7d599836 •
CVSS: 5.5EPSS: 0%CPEs: 10EXPL: 0CVE-2021-47162 – tipc: skb_linearize the head skb when reassembling msgs
https://notcve.org/view.php?id=CVE-2021-47162
25 Mar 2024 — In the Linux kernel, the following vulnerability has been resolved: tipc: skb_linearize the head skb when reassembling msgs It's not a good idea to append the frag skb to a skb's frag_list if the frag_list already has skbs from elsewhere, such as this skb was created by pskb_copy() where the frag_list was cloned (all the skbs in it were skb_get'ed) and shared by multiple skbs. However, the new appended frag skb should have been only seen by the current skb. Otherwise, it will cause use after free crashes as... • https://git.kernel.org/stable/c/45c8b7b175ceb2d542e0fe15247377bf3bce29ec •
CVSS: 5.5EPSS: 0%CPEs: 6EXPL: 0CVE-2021-47161 – spi: spi-fsl-dspi: Fix a resource leak in an error handling path
https://notcve.org/view.php?id=CVE-2021-47161
25 Mar 2024 — In the Linux kernel, the following vulnerability has been resolved: spi: spi-fsl-dspi: Fix a resource leak in an error handling path 'dspi_request_dma()' should be undone by a 'dspi_release_dma()' call in the error handling path of the probe function, as already done in the remove function En el kernel de Linux, se resolvió la siguiente vulnerabilidad: spi: spi-fsl-dspi: reparar una fuga de recursos en una ruta de manejo de errores 'dspi_request_dma()' debe deshacerse mediante una llamada 'dspi_release_dma(... • https://git.kernel.org/stable/c/90ba37033cb94207e97c4ced9be575770438213b • CWE-209: Generation of Error Message Containing Sensitive Information •
CVSS: 8.1EPSS: 0%CPEs: 5EXPL: 0CVE-2021-47160 – net: dsa: mt7530: fix VLAN traffic leaks
https://notcve.org/view.php?id=CVE-2021-47160
25 Mar 2024 — In the Linux kernel, the following vulnerability has been resolved: net: dsa: mt7530: fix VLAN traffic leaks PCR_MATRIX field was set to all 1's when VLAN filtering is enabled, but was not reset when it is disabled, which may cause traffic leaks: ip link add br0 type bridge vlan_filtering 1 ip link add br1 type bridge vlan_filtering 1 ip link set swp0 master br0 ip link set swp1 master br1 ip link set br0 type bridge vlan_filtering 0 ip link set br1 type bridge vlan_filtering 0 # traffic in br0 and br1 will... • https://git.kernel.org/stable/c/83163f7dca5684816d01c8ccf4857aa74801e7b7 •