CVSS: 4.4EPSS: 0%CPEs: 3EXPL: 0CVE-2021-46964 – scsi: qla2xxx: Reserve extra IRQ vectors
https://notcve.org/view.php?id=CVE-2021-46964
27 Feb 2024 — In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Reserve extra IRQ vectors Commit a6dcfe08487e ("scsi: qla2xxx: Limit interrupt vectors to number of CPUs") lowers the number of allocated MSI-X vectors to the number of CPUs. That breaks vector allocation assumptions in qla83xx_iospace_config(), qla24xx_enable_msix() and qla2x00_iospace_config(). Either of the functions computes maximum number of qpairs as: ha->max_qpairs = ha->msix_count - 1 (MB interrupt) - 1 (default respo... • https://git.kernel.org/stable/c/a6dcfe08487e5e83b6b4214c959a9577a9ed2d9f •
CVSS: 5.5EPSS: 0%CPEs: 7EXPL: 0CVE-2021-46963 – scsi: qla2xxx: Fix crash in qla2xxx_mqueuecommand()
https://notcve.org/view.php?id=CVE-2021-46963
27 Feb 2024 — In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Fix crash in qla2xxx_mqueuecommand() RIP: 0010:kmem_cache_free+0xfa/0x1b0 Call Trace: qla2xxx_mqueuecommand+0x2b5/0x2c0 [qla2xxx] scsi_queue_rq+0x5e2/0xa40 __blk_mq_try_issue_directly+0x128/0x1d0 blk_mq_request_issue_directly+0x4e/0xb0 Fix incorrect call to free srb in qla2xxx_mqueuecommand(), as srb is now allocated by upper layers. This fixes smatch warning of srb unintended free. En el kernel de Linux, se ha resuelto la si... • https://git.kernel.org/stable/c/64a8c5018a4b21b04a756a56c495ef47c14e92d9 •
CVSS: 5.5EPSS: 0%CPEs: 5EXPL: 0CVE-2021-46962 – mmc: uniphier-sd: Fix a resource leak in the remove function
https://notcve.org/view.php?id=CVE-2021-46962
27 Feb 2024 — In the Linux kernel, the following vulnerability has been resolved: mmc: uniphier-sd: Fix a resource leak in the remove function A 'tmio_mmc_host_free()' call is missing in the remove function, in order to balance a 'tmio_mmc_host_alloc()' call in the probe. This is done in the error handling path of the probe, but not in the remove function. Add the missing call. En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: mmc: uniphier-sd: corrige una fuga de recursos en la función de eliminación Fa... • https://git.kernel.org/stable/c/3fd784f745dd1747863775a99ec749619ee6759c •
CVSS: 5.5EPSS: 0%CPEs: 5EXPL: 0CVE-2021-46961 – irqchip/gic-v3: Do not enable irqs when handling spurious interrups
https://notcve.org/view.php?id=CVE-2021-46961
27 Feb 2024 — In the Linux kernel, the following vulnerability has been resolved: irqchip/gic-v3: Do not enable irqs when handling spurious interrups We triggered the following error while running our 4.19 kernel with the pseudo-NMI patches backported to it: [ 14.816231] ------------[ cut here ]------------ [ 14.816231] kernel BUG at irq.c:99! [ 14.816232] Internal error: Oops - BUG: 0 [#1] SMP [ 14.816232] Process swapper/0 (pid: 0, stack limit = 0x(____ptrval____)) [ 14.816233] CPU: 0 PID: 0 Comm: swapper/0 Tainted: G ... • https://git.kernel.org/stable/c/3f1f3234bc2db1c16b9818b9a15a5d58ad45251c •
CVSS: 5.5EPSS: 0%CPEs: 7EXPL: 0CVE-2021-46960 – cifs: Return correct error code from smb2_get_enc_key
https://notcve.org/view.php?id=CVE-2021-46960
27 Feb 2024 — In the Linux kernel, the following vulnerability has been resolved: cifs: Return correct error code from smb2_get_enc_key Avoid a warning if the error percolates back up: [440700.376476] CIFS VFS: \\otters.example.com crypt_message: Could not get encryption key [440700.386947] ------------[ cut here ]------------ [440700.386948] err = 1 [440700.386977] WARNING: CPU: 11 PID: 2733 at /build/linux-hwe-5.4-p6lk6L/linux-hwe-5.4-5.4.0/lib/errseq.c:74 errseq_set+0x5c/0x70 ... [440700.397304] CPU: 11 PID: 2733 Comm... • https://git.kernel.org/stable/c/61cfac6f267dabcf2740a7ec8a0295833b28b5f5 •
CVSS: 4.7EPSS: 0%CPEs: 4EXPL: 0CVE-2021-46958 – btrfs: fix race between transaction aborts and fsyncs leading to use-after-free
https://notcve.org/view.php?id=CVE-2021-46958
27 Feb 2024 — In the Linux kernel, the following vulnerability has been resolved: btrfs: fix race between transaction aborts and fsyncs leading to use-after-free There is a race between a task aborting a transaction during a commit, a task doing an fsync and the transaction kthread, which leads to an use-after-free of the log root tree. When this happens, it results in a stack trace like the following: BTRFS info (device dm-0): forced readonly BTRFS warning (device dm-0): Skipping commit of aborted transaction. BTRFS: er... • https://git.kernel.org/stable/c/ef67963dac255b293e19815ea3d440567be4626f •
CVSS: 7.2EPSS: 0%CPEs: 2EXPL: 0CVE-2021-46957 – riscv/kprobe: fix kernel panic when invoking sys_read traced by kprobe
https://notcve.org/view.php?id=CVE-2021-46957
27 Feb 2024 — In the Linux kernel, the following vulnerability has been resolved: riscv/kprobe: fix kernel panic when invoking sys_read traced by kprobe The execution of sys_read end up hitting a BUG_ON() in __find_get_block after installing kprobe at sys_read, the BUG message like the following: [ 65.708663] ------------[ cut here ]------------ [ 65.709987] kernel BUG at fs/buffer.c:1251! [ 65.711283] Kernel BUG [#1] [ 65.712032] Modules linked in: [ 65.712925] CPU: 0 PID: 51 Comm: sh Not tainted 5.12.0-rc4 #1 [ 65.7144... • https://git.kernel.org/stable/c/c22b0bcb1dd024cb9caad9230e3a387d8b061df5 •
CVSS: 5.5EPSS: 0%CPEs: 5EXPL: 0CVE-2021-46956 – virtiofs: fix memory leak in virtio_fs_probe()
https://notcve.org/view.php?id=CVE-2021-46956
27 Feb 2024 — In the Linux kernel, the following vulnerability has been resolved: virtiofs: fix memory leak in virtio_fs_probe() When accidentally passing twice the same tag to qemu, kmemleak ended up reporting a memory leak in virtiofs. Also, looking at the log I saw the following error (that's when I realised the duplicated tag): virtiofs: probe of virtio5 failed with error -17 Here's the kmemleak log for reference: unreferenced object 0xffff888103d47800 (size 1024): comm "systemd-udevd", pid 118, jiffies 4294893780 (a... • https://git.kernel.org/stable/c/a62a8ef9d97da23762a588592c8b8eb50a8deb6a •
CVSS: 7.8EPSS: 0%CPEs: 10EXPL: 0CVE-2021-46955 – openvswitch: fix stack OOB read while fragmenting IPv4 packets
https://notcve.org/view.php?id=CVE-2021-46955
27 Feb 2024 — In the Linux kernel, the following vulnerability has been resolved: openvswitch: fix stack OOB read while fragmenting IPv4 packets running openvswitch on kernels built with KASAN, it's possible to see the following splat while testing fragmentation of IPv4 packets: BUG: KASAN: stack-out-of-bounds in ip_do_fragment+0x1b03/0x1f60 Read of size 1 at addr ffff888112fc713c by task handler2/1367 CPU: 0 PID: 1367 Comm: handler2 Not tainted 5.12.0-rc6+ #418 Hardware name: Red Hat KVM, BIOS 1.11.1-4.module+el8.1.0+40... • https://git.kernel.org/stable/c/119bbaa6795a4f4aed46994cc7d9ab01989c87e3 •
CVSS: 7.1EPSS: 0%CPEs: 3EXPL: 0CVE-2021-46954 – net/sched: sch_frag: fix stack OOB read while fragmenting IPv4 packets
https://notcve.org/view.php?id=CVE-2021-46954
27 Feb 2024 — In the Linux kernel, the following vulnerability has been resolved: net/sched: sch_frag: fix stack OOB read while fragmenting IPv4 packets when 'act_mirred' tries to fragment IPv4 packets that had been previously re-assembled using 'act_ct', splats like the following can be observed on kernels built with KASAN: BUG: KASAN: stack-out-of-bounds in ip_do_fragment+0x1b03/0x1f60 Read of size 1 at addr ffff888147009574 by task ping/947 CPU: 0 PID: 947 Comm: ping Not tainted 5.12.0-rc6+ #418 Hardware name: Red Hat... • https://git.kernel.org/stable/c/c129412f74e99b609f0a8e95fc3915af1fd40f34 • CWE-125: Out-of-bounds Read •