CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 0CVE-2021-47158 – net: dsa: sja1105: add error handling in sja1105_setup()
https://notcve.org/view.php?id=CVE-2021-47158
25 Mar 2024 — In the Linux kernel, the following vulnerability has been resolved: net: dsa: sja1105: add error handling in sja1105_setup() If any of sja1105_static_config_load(), sja1105_clocking_setup() or sja1105_devlink_setup() fails, we can't just return in the middle of sja1105_setup() or memory will leak. Add a cleanup path. En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: net: dsa: sja1105: agregue manejo de errores en sja1105_setup() Si alguno de sja1105_static_config_load(), sja1105_clocking_se... • https://git.kernel.org/stable/c/8aa9ebccae87621d997707e4f25e53fddd7e30e4 •
CVSS: 6.0EPSS: 0%CPEs: 8EXPL: 0CVE-2021-47153 – i2c: i801: Don't generate an interrupt on bus reset
https://notcve.org/view.php?id=CVE-2021-47153
25 Mar 2024 — In the Linux kernel, the following vulnerability has been resolved: i2c: i801: Don't generate an interrupt on bus reset Now that the i2c-i801 driver supports interrupts, setting the KILL bit in a attempt to recover from a timed out transaction triggers an interrupt. Unfortunately, the interrupt handler (i801_isr) is not prepared for this situation and will try to process the interrupt as if it was signaling the end of a successful transaction. In the case of a block transaction, this can result in an out-of... • https://git.kernel.org/stable/c/636752bcb5177a301d0266270661581de8624828 • CWE-125: Out-of-bounds Read •
CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 0CVE-2021-47152 – mptcp: fix data stream corruption
https://notcve.org/view.php?id=CVE-2021-47152
25 Mar 2024 — In the Linux kernel, the following vulnerability has been resolved: mptcp: fix data stream corruption Maxim reported several issues when forcing a TCP transparent proxy to use the MPTCP protocol for the inbound connections. He also provided a clean reproducer. The problem boils down to 'mptcp_frag_can_collapse_to()' assuming that only MPTCP will use the given page_frag. If others - e.g. the plain TCP protocol - allocate page fragments, we can end-up re-using already allocated memory for mptcp_data_frag. Fix... • https://git.kernel.org/stable/c/18b683bff89d46ace55f12d00c0440d44d6160c4 •
CVSS: 9.1EPSS: 0%CPEs: 3EXPL: 0CVE-2021-47151 – interconnect: qcom: bcm-voter: add a missing of_node_put()
https://notcve.org/view.php?id=CVE-2021-47151
25 Mar 2024 — In the Linux kernel, the following vulnerability has been resolved: interconnect: qcom: bcm-voter: add a missing of_node_put() Add a missing of_node_put() in of_bcm_voter_get() to avoid the reference leak. En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: interconexión: qcom: bcm-voter: agregar un of_node_put() faltante. Agregue un of_node_put() faltante en of_bcm_voter_get() para evitar la fuga de referencia. In the Linux kernel, the following vulnerability has been resolved: interconnect:... • https://git.kernel.org/stable/c/976daac4a1c581e5d5fd64047519fd6fcde39738 •
CVSS: 5.5EPSS: 0%CPEs: 5EXPL: 0CVE-2021-47150 – net: fec: fix the potential memory leak in fec_enet_init()
https://notcve.org/view.php?id=CVE-2021-47150
25 Mar 2024 — In the Linux kernel, the following vulnerability has been resolved: net: fec: fix the potential memory leak in fec_enet_init() If the memory allocated for cbd_base is failed, it should free the memory allocated for the queues, otherwise it causes memory leak. And if the memory allocated for the queues is failed, it can return error directly. En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: net: fec: soluciona la posible pérdida de memoria en fec_enet_init() Si la memoria asignada para cbd_... • https://git.kernel.org/stable/c/59d0f746564495c7f54526674deabfcf101236a1 •
CVSS: 5.5EPSS: 0%CPEs: 8EXPL: 0CVE-2021-47149 – net: fujitsu: fix potential null-ptr-deref
https://notcve.org/view.php?id=CVE-2021-47149
25 Mar 2024 — In the Linux kernel, the following vulnerability has been resolved: net: fujitsu: fix potential null-ptr-deref In fmvj18x_get_hwinfo(), if ioremap fails there will be NULL pointer deref. To fix this, check the return value of ioremap and return -1 to the caller in case of failure. En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: net: fujitsu: corrige el potencial null-ptr-deref En fmvj18x_get_hwinfo(), si ioremap falla, habrá un puntero NULL deref. Para solucionar este problema, verifique ... • https://git.kernel.org/stable/c/b92170e209f7746ed72eaac98f2c2f4b9af734e6 •
CVSS: 9.0EPSS: 0%CPEs: 2EXPL: 0CVE-2021-47148 – octeontx2-pf: fix a buffer overflow in otx2_set_rxfh_context()
https://notcve.org/view.php?id=CVE-2021-47148
25 Mar 2024 — In the Linux kernel, the following vulnerability has been resolved: octeontx2-pf: fix a buffer overflow in otx2_set_rxfh_context() This function is called from ethtool_set_rxfh() and "*rss_context" comes from the user. Add some bounds checking to prevent memory corruption. En el kernel de Linux se ha resuelto la siguiente vulnerabilidad: octeontx2-pf: corrige un desbordamiento del búfer en otx2_set_rxfh_context() Esta función se llama desde ethtool_set_rxfh() y "*rss_context" proviene del usuario. Agregue a... • https://git.kernel.org/stable/c/81a4362016e7d8b17031fe1aa43cdb58a7f0f163 •
CVSS: 6.2EPSS: 0%CPEs: 2EXPL: 0CVE-2021-47147 – ptp: ocp: Fix a resource leak in an error handling path
https://notcve.org/view.php?id=CVE-2021-47147
25 Mar 2024 — In the Linux kernel, the following vulnerability has been resolved: ptp: ocp: Fix a resource leak in an error handling path If an error occurs after a successful 'pci_ioremap_bar()' call, it must be undone by a corresponding 'pci_iounmap()' call, as already done in the remove function. En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: ptp: ocp: corrige una fuga de recursos en una ruta de manejo de errores. Si se produce un error después de una llamada exitosa a 'pci_ioremap_bar()', se debe ... • https://git.kernel.org/stable/c/a7e1abad13f3f0366ee625831fecda2b603cdc17 •
CVSS: 5.5EPSS: 0%CPEs: 8EXPL: 0CVE-2021-47146 – mld: fix panic in mld_newpack()
https://notcve.org/view.php?id=CVE-2021-47146
25 Mar 2024 — In the Linux kernel, the following vulnerability has been resolved: mld: fix panic in mld_newpack() mld_newpack() doesn't allow to allocate high order page, only order-0 allocation is allowed. If headroom size is too large, a kernel panic could occur in skb_put(). Test commands: ip netns del A ip netns del B ip netns add A ip netns add B ip link add veth0 type veth peer name veth1 ip link set veth0 netns A ip link set veth1 netns B ip netns exec A ip link set lo up ip netns exec A ip link set veth0 up ip ne... • https://git.kernel.org/stable/c/72e09ad107e78d69ff4d3b97a69f0aad2b77280f •
CVSS: 5.5EPSS: 0%CPEs: 8EXPL: 0CVE-2021-47145 – btrfs: do not BUG_ON in link_to_fixup_dir
https://notcve.org/view.php?id=CVE-2021-47145
25 Mar 2024 — In the Linux kernel, the following vulnerability has been resolved: btrfs: do not BUG_ON in link_to_fixup_dir While doing error injection testing I got the following panic kernel BUG at fs/btrfs/tree-log.c:1862! invalid opcode: 0000 [#1] SMP NOPTI CPU: 1 PID: 7836 Comm: mount Not tainted 5.13.0-rc1+ #305 Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.13.0-2.fc32 04/01/2014 RIP: 0010:link_to_fixup_dir+0xd5/0xe0 RSP: 0018:ffffb5800180fa30 EFLAGS: 00010216 RAX: fffffffffffffffb RBX: 00000000fffffff... • https://git.kernel.org/stable/c/76bfd8ac20bebeae599452a03dfc5724c0475dcf •