CVSS: 4.1EPSS: 0%CPEs: 9EXPL: 0CVE-2021-47344 – media: zr364xx: fix memory leak in zr364xx_start_readpipe
https://notcve.org/view.php?id=CVE-2021-47344
21 May 2024 — In the Linux kernel, the following vulnerability has been resolved: media: zr364xx: fix memory leak in zr364xx_start_readpipe syzbot reported memory leak in zr364xx driver. The problem was in non-freed urb in case of usb_submit_urb() fail. backtrace: [
CVSS: 5.3EPSS: 0%CPEs: 9EXPL: 0CVE-2021-47343 – dm btree remove: assign new_root only when removal succeeds
https://notcve.org/view.php?id=CVE-2021-47343
21 May 2024 — In the Linux kernel, the following vulnerability has been resolved: dm btree remove: assign new_root only when removal succeeds remove_raw() in dm_btree_remove() may fail due to IO read error (e.g. read the content of origin block fails during shadowing), and the value of shadow_spine::root is uninitialized, but the uninitialized value is still assign to new_root in the end of dm_btree_remove(). For dm-thin, the value of pmd->details_root or pmd->root will become an uninitialized value, so if trying to read... • https://git.kernel.org/stable/c/3241b1d3e0aaafbfcd320f4d71ade629728cc4f4 •
CVSS: 5.5EPSS: 0%CPEs: 9EXPL: 0CVE-2021-47340 – jfs: fix GPF in diFree
https://notcve.org/view.php?id=CVE-2021-47340
21 May 2024 — In the Linux kernel, the following vulnerability has been resolved: jfs: fix GPF in diFree Avoid passing inode with JFS_SBI(inode->i_sb)->ipimap == NULL to diFree()[1]. GFP will appear: struct inode *ipimap = JFS_SBI(ip->i_sb)->ipimap; struct inomap *imap = JFS_IP(ipimap)->i_imap; JFS_IP() will return invalid pointer when ipimap == NULL Call Trace: diFree+0x13d/0x2dc0 fs/jfs/jfs_imap.c:853 [1] jfs_evict_inode+0x2c9/0x370 fs/jfs/inode.c:154 evict+0x2ed/0x750 fs/inode.c:578 iput_final fs/inode.c:1654 [inline]... • https://git.kernel.org/stable/c/62aff86fdf18657d9eca7878654415f94f16d027 •
CVSS: 5.5EPSS: 0%CPEs: 8EXPL: 0CVE-2021-47337 – scsi: core: Fix bad pointer dereference when ehandler kthread is invalid
https://notcve.org/view.php?id=CVE-2021-47337
21 May 2024 — In the Linux kernel, the following vulnerability has been resolved: scsi: core: Fix bad pointer dereference when ehandler kthread is invalid Commit 66a834d09293 ("scsi: core: Fix error handling of scsi_host_alloc()") changed the allocation logic to call put_device() to perform host cleanup with the assumption that IDA removal and stopping the kthread would properly be performed in scsi_host_dev_release(). However, in the unlikely case that the error handler thread fails to spawn, shost->ehandler is set to E... • https://git.kernel.org/stable/c/8958181c1663e24a13434448e7d6b96b5d04900a •
CVSS: 8.4EPSS: 0%CPEs: 8EXPL: 0CVE-2021-47336 – smackfs: restrict bytes count in smk_set_cipso()
https://notcve.org/view.php?id=CVE-2021-47336
21 May 2024 — In the Linux kernel, the following vulnerability has been resolved: smackfs: restrict bytes count in smk_set_cipso() Oops, I failed to update subject line. From 07571157c91b98ce1a4aa70967531e64b78e8346 Mon Sep 17 00:00:00 2001 Date: Mon, 12 Apr 2021 22:25:06 +0900 Subject: [PATCH] smackfs: restrict bytes count in smk_set_cipso() Commit 7ef4c19d245f3dc2 ("smackfs: restrict bytes count in smackfs write functions") missed that count > SMK_CIPSOMAX check applies to only format == SMK_FIXED24_FMT case. En el ker... • https://git.kernel.org/stable/c/f7112e6c9abf1c70f001dcf097c1d6e218a93f5c •
CVSS: 9.3EPSS: 0%CPEs: 4EXPL: 0CVE-2021-47335 – f2fs: fix to avoid racing on fsync_entry_slab by multi filesystem instances
https://notcve.org/view.php?id=CVE-2021-47335
21 May 2024 — In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to avoid racing on fsync_entry_slab by multi filesystem instances As syzbot reported, there is an use-after-free issue during f2fs recovery: Use-after-free write at 0xffff88823bc16040 (in kfence-#10): kmem_cache_destroy+0x1f/0x120 mm/slab_common.c:486 f2fs_recover_fsync_data+0x75b0/0x8380 fs/f2fs/recovery.c:869 f2fs_fill_super+0x9393/0xa420 fs/f2fs/super.c:3945 mount_bdev+0x26c/0x3a0 fs/super.c:1367 legacy_get_tree+0xea/0x180 fs/f... • https://git.kernel.org/stable/c/98e4da8ca301e062d79ae168c67e56f3c3de3ce4 •
CVSS: 7.8EPSS: 0%CPEs: 9EXPL: 0CVE-2021-47334 – misc/libmasm/module: Fix two use after free in ibmasm_init_one
https://notcve.org/view.php?id=CVE-2021-47334
21 May 2024 — In the Linux kernel, the following vulnerability has been resolved: misc/libmasm/module: Fix two use after free in ibmasm_init_one In ibmasm_init_one, it calls ibmasm_init_remote_input_dev(). Inside ibmasm_init_remote_input_dev, mouse_dev and keybd_dev are allocated by input_allocate_device(), and assigned to sp->remote.mouse_dev and sp->remote.keybd_dev respectively. In the err_free_devices error branch of ibmasm_init_one, mouse_dev and keybd_dev are freed by input_free_device(), and return error. Then the... • https://git.kernel.org/stable/c/736ce43295682d060f2b93624b4a339f9af6aab1 •
CVSS: 3.3EPSS: 0%CPEs: 9EXPL: 0CVE-2021-47330 – tty: serial: 8250: serial_cs: Fix a memory leak in error handling path
https://notcve.org/view.php?id=CVE-2021-47330
21 May 2024 — In the Linux kernel, the following vulnerability has been resolved: tty: serial: 8250: serial_cs: Fix a memory leak in error handling path In the probe function, if the final 'serial_config()' fails, 'info' is leaking. Add a resource handling path to free this memory. En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: tty: serial: 8250: serial_cs: corrige una pérdida de memoria en la ruta de manejo de errores. En la función de sonda, si el 'serial_config()' final falla, se está perdiendo 'in... • https://git.kernel.org/stable/c/15b99ac1729503db9e6dc642a50b9b6cb3bf51f9 •
CVSS: 6.2EPSS: 0%CPEs: 5EXPL: 0CVE-2021-47329 – scsi: megaraid_sas: Fix resource leak in case of probe failure
https://notcve.org/view.php?id=CVE-2021-47329
21 May 2024 — In the Linux kernel, the following vulnerability has been resolved: scsi: megaraid_sas: Fix resource leak in case of probe failure The driver doesn't clean up all the allocated resources properly when scsi_add_host(), megasas_start_aen() function fails during the PCI device probe. Clean up all those resources. En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: scsi: megaraid_sas: corrige la fuga de recursos en caso de fallo de la sonda El controlador no limpia todos los recursos asignados co... • https://git.kernel.org/stable/c/541f90b7c6dffe4cf4a3e8142ac8bd047da94733 • CWE-400: Uncontrolled Resource Consumption •
CVSS: 7.8EPSS: 0%CPEs: 10EXPL: 0CVE-2021-47328 – scsi: iscsi: Fix conn use after free during resets
https://notcve.org/view.php?id=CVE-2021-47328
21 May 2024 — In the Linux kernel, the following vulnerability has been resolved: scsi: iscsi: Fix conn use after free during resets If we haven't done a unbind target call we can race where iscsi_conn_teardown wakes up the EH thread and then frees the conn while those threads are still accessing the conn ehwait. We can only do one TMF per session so this just moves the TMF fields from the conn to the session. We can then rely on the iscsi_session_teardown->iscsi_remove_session->__iscsi_unbind_session call to remove the ... • https://git.kernel.org/stable/c/660d0831d1494a6837b2f810d08b5be092c1f31d •