CVSS: -EPSS: 0%CPEs: 7EXPL: 0CVE-2021-47361 – mcb: fix error handling in mcb_alloc_bus()
https://notcve.org/view.php?id=CVE-2021-47361
In the Linux kernel, the following vulnerability has been resolved: mcb: fix error handling in mcb_alloc_bus() There are two bugs: 1) If ida_simple_get() fails then this code calls put_device(carrier) but we haven't yet called get_device(carrier) and probably that leads to a use after free. 2) After device_initialize() then we need to use put_device() to release the bus. ... En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: mcb: corrige el manejo de errores en mcb_alloc_bus() Hay dos errores: 1) Si ida_simple_get() falla, entonces este código llama a put_device(carrier) pero aún no hemos llamado a get_device( transportista) y probablemente eso conduzca a un uso posterior gratuito. 2) Después de device_initialize() entonces necesitamos usar put_device() para liberar el bus. • https://git.kernel.org/stable/c/5d9e2ab9fea4cdf0a2522f5cbed2e7fbb220d757 https://git.kernel.org/stable/c/8a558261fa57a6deefb0925ab1829f698b194aea https://git.kernel.org/stable/c/115b07d9f47e3996430b8f2007edd9768e1f807f https://git.kernel.org/stable/c/66f74ba9be9daf9c47fface6af3677f602774f6b https://git.kernel.org/stable/c/7751f609eadf36b1f53712bae430019c53a16eb0 https://git.kernel.org/stable/c/91e4ad05bf18322b5921d1a6c9b603f6eb1694f0 https://git.kernel.org/stable/c/9fc198f415dee070a1de957bb5bf5921d8df3499 https://git.kernel.org/stable/c/25a1433216489de4abc889910f744e952 •
CVSS: -EPSS: 0%CPEs: 5EXPL: 0CVE-2021-47360 – binder: make sure fd closes complete
https://notcve.org/view.php?id=CVE-2021-47360
In the Linux kernel, the following vulnerability has been resolved: binder: make sure fd closes complete During BC_FREE_BUFFER processing, the BINDER_TYPE_FDA object cleanup may close 1 or more fds. ... En el kernel de Linux, se resolvió la siguiente vulnerabilidad: carpeta: asegúrese de que fd se cierre por completo Durante el procesamiento BC_FREE_BUFFER, la limpieza del objeto BINDER_TYPE_FDA puede cerrar 1 o más fds. • https://git.kernel.org/stable/c/80cd795630d6526ba729a089a435bf74a57af927 https://git.kernel.org/stable/c/27564d8d5d12d2ff197055346069c6bdbe08a8c2 https://git.kernel.org/stable/c/aa2c274c279ff365a06a4cba263f04965895166e https://git.kernel.org/stable/c/d5b0473707fa53b03a5db0256ce62b2874bddbc7 https://git.kernel.org/stable/c/b95483d8d94b41fa31a84c1d86710b7907a37621 https://git.kernel.org/stable/c/5fdb55c1ac9585eb23bb2541d5819224429e103d •
CVSS: -EPSS: 0%CPEs: 2EXPL: 0CVE-2021-47359 – cifs: Fix soft lockup during fsstress
https://notcve.org/view.php?id=CVE-2021-47359
In the Linux kernel, the following vulnerability has been resolved: cifs: Fix soft lockup during fsstress Below traces are observed during fsstress and system got hung. [ 130.698396] watchdog: BUG: soft lockup - CPU#6 stuck for 26s! En el kernel de Linux, se resolvió la siguiente vulnerabilidad: cifs: corrige el bloqueo suave durante fsstress. • https://git.kernel.org/stable/c/9f6c7aff21f81ae8856da1f63847d1362d523409 https://git.kernel.org/stable/c/71826b068884050d5fdd37fda857ba1539c513d3 •
CVSS: -EPSS: 0%CPEs: 3EXPL: 0CVE-2020-36788 – drm/nouveau: avoid a use-after-free when BO init fails
https://notcve.org/view.php?id=CVE-2020-36788
In the Linux kernel, the following vulnerability has been resolved: drm/nouveau: avoid a use-after-free when BO init fails nouveau_bo_init() is backed by ttm_bo_init() and ferries its return code back to the caller. ... En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: drm/nouveau: evita un use after free cuando falla BO init nouveau_bo_init() está respaldado por ttm_bo_init() y envía su código de retorno de regreso a la persona que llama. • https://git.kernel.org/stable/c/019cbd4a4feb3aa3a917d78e7110e3011bbff6d5 https://git.kernel.org/stable/c/f86e19d918a85492ad1a01fcdc0ad5ecbdac6f96 https://git.kernel.org/stable/c/548f2ff8ea5e0ce767ae3418d1ec5308990be87d https://git.kernel.org/stable/c/bcf34aa5082ee2343574bc3f4d1c126030913e54 •
CVSS: -EPSS: 0%CPEs: 7EXPL: 0CVE-2021-47358 – staging: greybus: uart: fix tty use after free
https://notcve.org/view.php?id=CVE-2021-47358
In the Linux kernel, the following vulnerability has been resolved: staging: greybus: uart: fix tty use after free User space can hold a tty open indefinitely and tty drivers must not release the underlying structures until the last user is gone. Switch to using the tty-port reference counter to manage the life time of the greybus tty state to avoid use after free after a disconnect. En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: staging: greybus: uart: corrige el use after free de tty. • https://git.kernel.org/stable/c/a18e15175708d39abbe9746ddc3479466b7800c3 https://git.kernel.org/stable/c/92b67aaafb7c449db9f0c3dcabc0ff967cb3a42d https://git.kernel.org/stable/c/64062fcaca8872f063ec9da011e7bf30470be33f https://git.kernel.org/stable/c/a5cfd51f6348e8fd7531461366946039c29c7e69 https://git.kernel.org/stable/c/4dc56951a8d9d61d364d346c61a5f1d70b4f5e14 https://git.kernel.org/stable/c/b9e697e60ce9890e9258a73eb061288e7d68e5e6 https://git.kernel.org/stable/c/9872ff6fdce8b229f01993b611b5d1719cb70ff1 https://git.kernel.org/stable/c/92dc0b1f46e12cfabd28d709bb34f7a39 •