CVSS: 7.1EPSS: 0%CPEs: 4EXPL: 0CVE-2023-52479 – ksmbd: fix uaf in smb20_oplock_break_ack
https://notcve.org/view.php?id=CVE-2023-52479
29 Feb 2024 — In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix uaf in smb20_oplock_break_ack drop reference after use opinfo. En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: ksmbd: corrige uaf en smb20_oplock_break_ack elimina la referencia después de usar opinfo. • https://git.kernel.org/stable/c/0626e6641f6b467447c81dd7678a69c66f7746cf •
CVSS: 6.0EPSS: 0%CPEs: 8EXPL: 0CVE-2023-52478 – HID: logitech-hidpp: Fix kernel crash on receiver USB disconnect
https://notcve.org/view.php?id=CVE-2023-52478
29 Feb 2024 — In the Linux kernel, the following vulnerability has been resolved: HID: logitech-hidpp: Fix kernel crash on receiver USB disconnect hidpp_connect_event() has *four* time-of-check vs time-of-use (TOCTOU) races when it races with itself. hidpp_connect_event() primarily runs from a workqueue but it also runs on probe() and if a "device-connected" packet is received by the hw when the thread running hidpp_connect_event() from probe() is waiting on the hw, then a second thread running hidpp_connect_event() will... • https://git.kernel.org/stable/c/ca0c4cc1d215dc22ab0e738c9f017c650f3183f5 • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •
CVSS: 5.5EPSS: 0%CPEs: 8EXPL: 0CVE-2023-52477 – usb: hub: Guard against accesses to uninitialized BOS descriptors
https://notcve.org/view.php?id=CVE-2023-52477
29 Feb 2024 — In the Linux kernel, the following vulnerability has been resolved: usb: hub: Guard against accesses to uninitialized BOS descriptors Many functions in drivers/usb/core/hub.c and drivers/usb/core/hub.h access fields inside udev->bos without checking if it was allocated and initialized. If usb_get_bos_descriptor() fails for whatever reason, udev->bos will be NULL and those accesses will result in a crash: BUG: kernel NULL pointer dereference, address: 0000000000000018 PGD 0 P4D 0 Oops: 0000 [#1] PREEMPT SMP ... • https://git.kernel.org/stable/c/c64e4dca9aefd232b17ac4c779b608b286654e81 • CWE-476: NULL Pointer Dereference •
CVSS: 5.5EPSS: 0%CPEs: 4EXPL: 0CVE-2023-52476 – perf/x86/lbr: Filter vsyscall addresses
https://notcve.org/view.php?id=CVE-2023-52476
29 Feb 2024 — In the Linux kernel, the following vulnerability has been resolved: perf/x86/lbr: Filter vsyscall addresses We found that a panic can occur when a vsyscall is made while LBR sampling is active. If the vsyscall is interrupted (NMI) for perf sampling, this call sequence can occur (most recent at top): __insn_get_emulate_prefix() insn_get_emulate_prefix() insn_get_prefixes() insn_get_opcode() decode_branch_type() get_branch_type() intel_pmu_lbr_filter() intel_pmu_handle_irq() perf_event_nmi_handler() Within __... • https://git.kernel.org/stable/c/403d201d1fd144cb249836dafb222f6375871c6c • CWE-404: Improper Resource Shutdown or Release •
CVSS: 6.3EPSS: 0%CPEs: 8EXPL: 0CVE-2023-52475 – Input: powermate - fix use-after-free in powermate_config_complete
https://notcve.org/view.php?id=CVE-2023-52475
29 Feb 2024 — In the Linux kernel, the following vulnerability has been resolved: Input: powermate - fix use-after-free in powermate_config_complete syzbot has found a use-after-free bug [1] in the powermate driver. This happens when the device is disconnected, which leads to a memory free from the powermate_device struct. When an asynchronous control message completes after the kfree and its callback is invoked, the lock does not exist anymore and hence the bug. Use usb_kill_urb() on pm->config to cancel any in-progress... • https://git.kernel.org/stable/c/8677575c4f39d65bf0d719b5d20e8042e550ccb9 • CWE-416: Use After Free •
CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 0CVE-2021-47053 – crypto: sun8i-ss - Fix memory leak of pad
https://notcve.org/view.php?id=CVE-2021-47053
28 Feb 2024 — In the Linux kernel, the following vulnerability has been resolved: crypto: sun8i-ss - Fix memory leak of pad It appears there are several failure return paths that don't seem to be free'ing pad. Fix these. Addresses-Coverity: ("Resource leak") En el kernel de Linux, se resolvió la siguiente vulnerabilidad: crypto: sun8i-ss - Reparar pérdida de memoria del pad Parece que hay varias rutas de retorno de fallas que no parecen liberar el pad. Arregla esto. Direcciones-Cobertura: ("Fuga de recursos") In the Linu... • https://git.kernel.org/stable/c/d9b45418a91773b7672e4c60037a28074b495c6d •
CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 0CVE-2021-47052 – crypto: sa2ul - Fix memory leak of rxd
https://notcve.org/view.php?id=CVE-2021-47052
28 Feb 2024 — In the Linux kernel, the following vulnerability has been resolved: crypto: sa2ul - Fix memory leak of rxd There are two error return paths that are not freeing rxd and causing memory leaks. Fix these. Addresses-Coverity: ("Resource leak") En el kernel de Linux, se resolvió la siguiente vulnerabilidad: crypto: sa2ul - Reparar la pérdida de memoria de rxd Hay dos rutas de retorno de error que no liberan rxd y causan pérdidas de memoria. Arregla esto. Direcciones-Cobertura: ("Fuga de recursos") In the Linux k... • https://git.kernel.org/stable/c/00c9211f60db2dead16856f81a3e6ab86b31f275 •
CVSS: 5.5EPSS: 0%CPEs: 5EXPL: 0CVE-2021-47051 – spi: fsl-lpspi: Fix PM reference leak in lpspi_prepare_xfer_hardware()
https://notcve.org/view.php?id=CVE-2021-47051
28 Feb 2024 — In the Linux kernel, the following vulnerability has been resolved: spi: fsl-lpspi: Fix PM reference leak in lpspi_prepare_xfer_hardware() pm_runtime_get_sync will increment pm usage counter even it failed. Forgetting to putting operation will result in reference leak here. Fix it by replacing it with pm_runtime_resume_and_get to keep usage counter balanced. En el kernel de Linux, se resolvió la siguiente vulnerabilidad: spi: fsl-lpspi: corrige la fuga de referencia de PM en lpspi_prepare_xfer_hardware() pm... • https://git.kernel.org/stable/c/944c01a889d97dc08e1b71f4ed868f4023fd6034 •
CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 0CVE-2021-47050 – memory: renesas-rpc-if: fix possible NULL pointer dereference of resource
https://notcve.org/view.php?id=CVE-2021-47050
28 Feb 2024 — In the Linux kernel, the following vulnerability has been resolved: memory: renesas-rpc-if: fix possible NULL pointer dereference of resource The platform_get_resource_byname() can return NULL which would be immediately dereferenced by resource_size(). Instead dereference it after validating the resource. Addresses-Coverity: Dereference null return value En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: memoria: renesas-rpc-if: corrige posible desreferencia del puntero NULL del recurso Plat... • https://git.kernel.org/stable/c/ca7d8b980b67f133317525c4273e144116ee1ae5 •
CVSS: 5.5EPSS: 0%CPEs: 5EXPL: 0CVE-2021-47049 – Drivers: hv: vmbus: Use after free in __vmbus_open()
https://notcve.org/view.php?id=CVE-2021-47049
28 Feb 2024 — In the Linux kernel, the following vulnerability has been resolved: Drivers: hv: vmbus: Use after free in __vmbus_open() The "open_info" variable is added to the &vmbus_connection.chn_msg_list, but the error handling frees "open_info" without removing it from the list. This will result in a use after free. First remove it from the list, and then free it. En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: Controladores: hv: vmbus: Usar después de liberar en __vmbus_open() La variable "open_in... • https://git.kernel.org/stable/c/6f3d791f300618caf82a2be0c27456edd76d5164 •