CVE-2021-47473 – scsi: qla2xxx: Fix a memory leak in an error path of qla2x00_process_els()
https://notcve.org/view.php?id=CVE-2021-47473
In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Fix a memory leak in an error path of qla2x00_process_els() Commit 8c0eb596baa5 ("[SCSI] qla2xxx: Fix a memory leak in an error path of qla2x00_process_els()"), intended to change: bsg_job->request->msgcode == FC_BSG_HST_ELS_NOLOGIN bsg_job->request->msgcode !... En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: scsi: qla2xxx: corrige una pérdida de memoria en una ruta de error de qla2x00_process_els() Commit 8c0eb596baa5 ("[SCSI] qla2xxx: corrige una pérdida de memoria en una ruta de error de qla2x00_process_els()" ), destinado a cambiar: bsg_job->request->msgcode == FC_BSG_HST_ELS_NOLOGIN bsg_job->request->msgcode ! • https://git.kernel.org/stable/c/8c0eb596baa51f2b43949c698c644727ef17805c https://git.kernel.org/stable/c/96f0aebf29be25254fa585af43924e34aa21fd9a https://git.kernel.org/stable/c/a7fbb56e6c941d9f59437b96412a348e66388d3e https://git.kernel.org/stable/c/7fb223d0ad801f633c78cbe42b1d1b55f5d163ad •
CVE-2021-47471 – drm: mxsfb: Fix NULL pointer dereference crash on unload
https://notcve.org/view.php?id=CVE-2021-47471
In the Linux kernel, the following vulnerability has been resolved: drm: mxsfb: Fix NULL pointer dereference crash on unload The mxsfb->crtc.funcs may already be NULL when unloading the driver, in which case calling mxsfb_irq_disable() via drm_irq_uninstall() from mxsfb_unload() leads to NULL pointer dereference. Since all we care about is masking the IRQ and mxsfb->base is still valid, just use that to clear and mask the IRQ. En el kernel de Linux, se resolvió la siguiente vulnerabilidad: drm: mxsfb: corrige el fallo de desreferencia del puntero NULL al descargar Es posible que mxsfb->crtc.funcs ya sea NULL al descargar el controlador, en cuyo caso se llama a mxsfb_irq_disable() a través de drm_irq_uninstall() desde mxsfb_unload() conduce a la desreferencia del puntero NULL. • https://git.kernel.org/stable/c/ae1ed0093281939b80664a687689f12436c0e874 https://git.kernel.org/stable/c/f40c2281d2c0674d32ba732fee45222d76495472 https://git.kernel.org/stable/c/b0e6db0656ddfd8bb57303c2ef61ee1c1cc694a8 https://git.kernel.org/stable/c/3cfc183052c3dbf8eae57b6c1685dab00ed3db4a • CWE-476: NULL Pointer Dereference •
CVE-2021-47470 – mm, slub: fix potential use-after-free in slab_debugfs_fops
https://notcve.org/view.php?id=CVE-2021-47470
In the Linux kernel, the following vulnerability has been resolved: mm, slub: fix potential use-after-free in slab_debugfs_fops When sysfs_slab_add failed, we shouldn't call debugfs_slab_add() for s because s will be freed soon. ... En el kernel de Linux, se resolvió la siguiente vulnerabilidad: mm, slub: corrige el posible use-after-free en slab_debugfs_fops Cuando sysfs_slab_add falla, no debemos llamar a debugfs_slab_add() para s porque s se liberará pronto. • https://git.kernel.org/stable/c/64dd68497be76ab4e237cca06f5324e220d0f050 https://git.kernel.org/stable/c/159d8cfbd0428d487c53be4722f33cdab0d25d83 https://git.kernel.org/stable/c/67823a544414def2a36c212abadb55b23bcda00c •
CVE-2021-47469 – spi: Fix deadlock when adding SPI controllers on SPI buses
https://notcve.org/view.php?id=CVE-2021-47469
In the Linux kernel, the following vulnerability has been resolved: spi: Fix deadlock when adding SPI controllers on SPI buses Currently we have a global spi_add_lock which we take when adding new devices so that we can check that we're not trying to reuse a chip select that's already controlled. ... En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: spi: soluciona el punto muerto al agregar controladores SPI en buses SPI. • https://git.kernel.org/stable/c/722ef19a161ce3fffb3d1b01ce2301c306639bdd https://git.kernel.org/stable/c/6098475d4cb48d821bdf453c61118c56e26294f0 •
CVE-2021-47468 – isdn: mISDN: Fix sleeping function called from invalid context
https://notcve.org/view.php?id=CVE-2021-47468
In the Linux kernel, the following vulnerability has been resolved: isdn: mISDN: Fix sleeping function called from invalid context The driver can call card->isac.release() function from an atomic context. Fix this by calling this function after releasing the lock. The following log reveals it: [ 44.168226 ] BUG: sleeping function called from invalid context at kernel/workqueue.c:3018 [ 44.168941 ] in_atomic(): 1, irqs_disabled(): 1, non_block: 0, pid: 5475, name: modprobe [ 44.169574 ] INFO: lockdep is turned off. [ 44.169899 ] irq event stamp: 0 [ 44.170160 ] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 44.170627 ] hardirqs last disabled at (0): [<ffffffff814209ed>] copy_process+0x132d/0x3e00 [ 44.171240 ] softirqs last enabled at (0): [<ffffffff81420a1a>] copy_process+0x135a/0x3e00 [ 44.171852 ] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 44.172318 ] Preemption disabled at: [ 44.172320 ] [<ffffffffa009b0a9>] nj_release+0x69/0x500 [netjet] [ 44.174441 ] Call Trace: [ 44.174630 ] dump_stack_lvl+0xa8/0xd1 [ 44.174912 ] dump_stack+0x15/0x17 [ 44.175166 ] ___might_sleep+0x3a2/0x510 [ 44.175459 ] ? ... kfree+0x13e/0x290 [ 44.181438 ] flush_work+0x17/0x20 [ 44.181695 ] mISDN_freedchannel+0xe8/0x100 [ 44.182006 ] isac_release+0x210/0x260 [mISDNipac] [ 44.182366 ] nj_release+0xf6/0x500 [netjet] [ 44.182685 ] nj_remove+0x48/0x70 [netjet] [ 44.182989 ] pci_device_remove+0xa9/0x250 En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: isdn: mISDN: corrige la función de suspensión llamada desde un contexto no válido. • https://git.kernel.org/stable/c/6f95c97e0f9d6eb39c3f2cb45e8fa4268d1b372b https://git.kernel.org/stable/c/ef269a8808cb1759245a98a7fe16fceaebad894c https://git.kernel.org/stable/c/37e4f57b22cc5ebb3f80cf0f74fdeb487f082367 https://git.kernel.org/stable/c/a5b34409d3fc52114c828be4adbc30744fa3258b https://git.kernel.org/stable/c/4054b869dc263228d30a4755800b78f0f2ba0c89 https://git.kernel.org/stable/c/9f591cbdbed3d7822b2bdba89b34a6d7b434317d https://git.kernel.org/stable/c/f5966ba53013149bcf94e1536644a958dd00a026 https://git.kernel.org/stable/c/6510e80a0b81b5d814e3aea6297ba42f5 • CWE-99: Improper Control of Resource Identifiers ('Resource Injection') •