CVSS: -EPSS: 0%CPEs: 6EXPL: 0CVE-2021-47280 – drm: Fix use-after-free read in drm_getunique()
https://notcve.org/view.php?id=CVE-2021-47280
In the Linux kernel, the following vulnerability has been resolved: drm: Fix use-after-free read in drm_getunique() There is a time-of-check-to-time-of-use error in drm_getunique() due to retrieving file_priv->master prior to locking the device's master mutex. An example can be seen in the crash report of the use-after-free error found by Syzbot: https://syzkaller.appspot.com/bug?... En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: drm: corrige la lectura de use after free en drm_getunique(). • https://git.kernel.org/stable/c/17dab9326ff263c62dab1dbac4492e2938a049e4 https://git.kernel.org/stable/c/7d233ba700ceb593905ea82b42dadb4ec8ef85e9 https://git.kernel.org/stable/c/b246b4c70c1250e7814f409b243000f9c0bf79a3 https://git.kernel.org/stable/c/491d52e0078860b33b6c14f0a7ac74ca1b603bd6 https://git.kernel.org/stable/c/f773f8cccac13c7e7bbd9182e7996c727742488e https://git.kernel.org/stable/c/b436acd1cf7fac0ba987abd22955d98025c80c2b •
CVSS: -EPSS: 0%CPEs: 2EXPL: 0CVE-2021-47279 – usb: misc: brcmstb-usb-pinmap: check return value after calling platform_get_resource()
https://notcve.org/view.php?id=CVE-2021-47279
In the Linux kernel, the following vulnerability has been resolved: usb: misc: brcmstb-usb-pinmap: check return value after calling platform_get_resource() It will cause null-ptr-deref if platform_get_resource() returns NULL, we need check the return value. En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: usb: misc: brcmstb-usb-pinmap: verifique el valor de retorno después de llamar a platform_get_resource() Causará un null-ptr-deref si platform_get_resource() devuelve NULL, necesitamos verificar el retorno valor. • https://git.kernel.org/stable/c/517c4c44b32372d2fdf4421822e21083c45e89f9 https://git.kernel.org/stable/c/2147684be1ebdaf845783139b9bc4eba3fecd9e4 https://git.kernel.org/stable/c/fbf649cd6d64d40c03c5397ecd6b1ae922ba7afc •
CVSS: -EPSS: 0%CPEs: 2EXPL: 0CVE-2021-47278 – bus: mhi: pci_generic: Fix possible use-after-free in mhi_pci_remove()
https://notcve.org/view.php?id=CVE-2021-47278
In the Linux kernel, the following vulnerability has been resolved: bus: mhi: pci_generic: Fix possible use-after-free in mhi_pci_remove() This driver's remove path calls del_timer(). ... En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: bus: mhi: pci_generic: corrige posible use after free en mhi_pci_remove(). • https://git.kernel.org/stable/c/8562d4fe34a3ef52da077f77985994bb9ad1f83e https://git.kernel.org/stable/c/c597d5c59c7a6417dba06590f59b922e01188e8d https://git.kernel.org/stable/c/0b67808ade8893a1b3608ddd74fac7854786c919 •
CVSS: -EPSS: 0%CPEs: 8EXPL: 0CVE-2021-47277 – kvm: avoid speculation-based attacks from out-of-range memslot accesses
https://notcve.org/view.php?id=CVE-2021-47277
In the Linux kernel, the following vulnerability has been resolved: kvm: avoid speculation-based attacks from out-of-range memslot accesses KVM's mechanism for accessing guest memory translates a guest physical address (gpa) to a host virtual address using the right-shifted gpa (also known as gfn) and a struct kvm_memory_slot. ... En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: kvm: evite ataques basados en especulacion desde accesos a memslot fuera de rango. • https://git.kernel.org/stable/c/3098b86390a6b9ea52657689f08410baf130ceff https://git.kernel.org/stable/c/740621309b25bbf619b8a0ba5fd50a8e58989441 https://git.kernel.org/stable/c/361ce3b917aff93123e9e966d8608655c967f438 https://git.kernel.org/stable/c/22b87fb17a28d37331bb9c1110737627b17f6781 https://git.kernel.org/stable/c/bff1fbf0cf0712686f1df59a83fba6e31d2746a0 https://git.kernel.org/stable/c/7af299b97734c7e7f465b42a2139ce4d77246975 https://git.kernel.org/stable/c/ed0e2a893092c7fcb4ff7ba74e5efce53a6f5940 https://git.kernel.org/stable/c/da27a83fd6cc7780fea190e1f5c19e870 •
CVSS: -EPSS: 0%CPEs: 8EXPL: 0CVE-2021-47276 – ftrace: Do not blindly read the ip address in ftrace_bug()
https://notcve.org/view.php?id=CVE-2021-47276
In the Linux kernel, the following vulnerability has been resolved: ftrace: Do not blindly read the ip address in ftrace_bug() It was reported that a bug on arm64 caused a bad ip address to be used for updating into a nop in ftrace_init(), but the error path (rightfully) returned -EINVAL and not -EFAULT, as the bug caused more than one error to occur. ... En el kernel de Linux, se resolvió la siguiente vulnerabilidad: ftrace: no lea ciegamente la dirección IP en ftrace_bug(). • https://git.kernel.org/stable/c/05736a427f7e16be948ccbf39782bd3a6ae16b14 https://git.kernel.org/stable/c/0bc62e398bbd9e600959e610def5109957437b28 https://git.kernel.org/stable/c/4aedc2bc2b32c93555f47c95610efb89cc1ec09b https://git.kernel.org/stable/c/acf671ba79c1feccc3ec7cfdcffead4efcec49e7 https://git.kernel.org/stable/c/862dcc14f2803c556bdd73b43c27b023fafce2fb https://git.kernel.org/stable/c/7e4e824b109f1d41ccf223fbb0565d877d6223a2 https://git.kernel.org/stable/c/97524384762c1fb9b3ded931498dd2047bd0de81 https://git.kernel.org/stable/c/3e4ddeb68751fb4fb657199aed9cfd5d0 •