CVSS: -EPSS: 0%CPEs: 4EXPL: 0CVE-2021-47402 – net: sched: flower: protect fl_walk() with rcu
https://notcve.org/view.php?id=CVE-2021-47402
In the Linux kernel, the following vulnerability has been resolved: net: sched: flower: protect fl_walk() with rcu Patch that refactored fl_walk() to use idr_for_each_entry_continue_ul() also removed rcu protection of individual filters which causes following use-after-free when filter is deleted concurrently. ... exit_to_user_mode_prepare+0x32/0x160 [ 352.830845] do_syscall_64+0x35/0x80 [ 352.831445] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 352.832331] RIP: 0033:0x7f7bee973c17 [ ---truncated--- En el kernel de Linux, se resolvió la siguiente vulnerabilidad: net: sched: flower: protege fl_walk() con rcu. • https://git.kernel.org/stable/c/d39d714969cda5cbda291402c8c6b1fb1047f42e https://git.kernel.org/stable/c/694b0cee7f8546b69a80996a29cb3cf4149c0453 https://git.kernel.org/stable/c/d0d520c19e7ea19ed38dc5797b12397b6ccf9f88 https://git.kernel.org/stable/c/dab4677bdbffa5c8270e79e34e51c89efa0728a0 https://git.kernel.org/stable/c/d5ef190693a7d76c5c192d108e8dec48307b46ee •
CVSS: -EPSS: 0%CPEs: 8EXPL: 0CVE-2021-47401 – ipack: ipoctal: fix stack information leak
https://notcve.org/view.php?id=CVE-2021-47401
In the Linux kernel, the following vulnerability has been resolved: ipack: ipoctal: fix stack information leak The tty driver name is used also after registering the driver and must specifically not be allocated on the stack to avoid leaking information to user space (or triggering an oops). Drivers should not try to encode topology information in the tty device name but this one snuck in through staging without anyone noticing and another driver has since copied this malpractice. Fixing the ABI is a separate issue, but this at least plugs the security hole. En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: ipack: ipoctal: corrige la fuga de información de la pila. • https://git.kernel.org/stable/c/ba4dc61fe8c545a5d6a68b63616776556b771f51 https://git.kernel.org/stable/c/acb96e782bad427ca4bb1bd94af660acd1462380 https://git.kernel.org/stable/c/741ea2670e021350e54f491106bdaa22dc50e6a0 https://git.kernel.org/stable/c/2725925982dc96a78069cd118ea3d66759bfdad7 https://git.kernel.org/stable/c/829f13d6079cf7a2465522f39acb43033e9b320d https://git.kernel.org/stable/c/8657158a3b68c85234e6da3d8eae33d6183588b7 https://git.kernel.org/stable/c/5f6a309a699675680df15d9b6d389114515b4426 https://git.kernel.org/stable/c/0a9c36a2e06a249acbed64e8e0b84637c •
CVSS: 4.1EPSS: 0%CPEs: 4EXPL: 0CVE-2021-47400 – net: hns3: do not allow call hns3_nic_net_open repeatedly
https://notcve.org/view.php?id=CVE-2021-47400
In the Linux kernel, the following vulnerability has been resolved: net: hns3: do not allow call hns3_nic_net_open repeatedly hns3_nic_net_open() is not allowed to called repeatly, but there is no checking for this. ... En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: net: hns3: no permitir llamadas repetidas a hns3_nic_net_open. • https://git.kernel.org/stable/c/e888402789b9db5de4fcda361331d66dbf0cd9fd https://git.kernel.org/stable/c/5a31d4e73ada8022427b69b10fd1f01a6a8d4b3d https://git.kernel.org/stable/c/f8ba689cb69523144d10606096ef686002dd7285 https://git.kernel.org/stable/c/3dac38bdce7932901b9f0b71c62331852c809e61 https://git.kernel.org/stable/c/5b09e88e1bf7fe86540fab4b5f3eece8abead39e https://access.redhat.com/security/cve/CVE-2021-47400 https://bugzilla.redhat.com/show_bug.cgi?id=2282336 • CWE-664: Improper Control of a Resource Through its Lifetime •
CVSS: -EPSS: 0%CPEs: 3EXPL: 0CVE-2021-47399 – ixgbe: Fix NULL pointer dereference in ixgbe_xdp_setup
https://notcve.org/view.php?id=CVE-2021-47399
In the Linux kernel, the following vulnerability has been resolved: ixgbe: Fix NULL pointer dereference in ixgbe_xdp_setup The ixgbe driver currently generates a NULL pointer dereference with some machine (online cpus < 63). ... En el kernel de Linux, se resolvió la siguiente vulnerabilidad: ixgbe: corrige la desreferencia del puntero NULL en ixgbe_xdp_setup. • https://git.kernel.org/stable/c/4a9b32f30f805ca596d76605903a48eab58e0b88 https://git.kernel.org/stable/c/20f6c4a31a525edd9ea6243712b868ba0e4e331e https://git.kernel.org/stable/c/2744341dd52e935344ca1b4bf189ba0d182a3e8e https://git.kernel.org/stable/c/513e605d7a9ce136886cb42ebb2c40e9a6eb6333 •
CVSS: -EPSS: 0%CPEs: 2EXPL: 0CVE-2021-47398 – RDMA/hfi1: Fix kernel pointer leak
https://notcve.org/view.php?id=CVE-2021-47398
In the Linux kernel, the following vulnerability has been resolved: RDMA/hfi1: Fix kernel pointer leak Pointers should be printed with %p or %px rather than cast to 'unsigned long long' and printed with %llx. ... En el kernel de Linux, se resolvió la siguiente vulnerabilidad: RDMA/hfi1: corrige la fuga del puntero del kernel. • https://git.kernel.org/stable/c/042a00f93aad5874937e00f36e68301f7e3a0af1 https://git.kernel.org/stable/c/714bfabe5f2901d96902e271d7217601fe4703e5 https://git.kernel.org/stable/c/7d5cfafe8b4006a75b55c2f1fdfdb363f9a5cc98 •