CVSS: -EPSS: 0%CPEs: 8EXPL: 0CVE-2021-47245 – netfilter: synproxy: Fix out of bounds when parsing TCP options
https://notcve.org/view.php?id=CVE-2021-47245
In the Linux kernel, the following vulnerability has been resolved: netfilter: synproxy: Fix out of bounds when parsing TCP options The TCP option parser in synproxy (synproxy_parse_options) could read one byte out of bounds. ... En el kernel de Linux, se resolvió la siguiente vulnerabilidad: netfilter: synproxy: corrección de límites al analizar opciones TCP. • https://git.kernel.org/stable/c/48b1de4c110a7afa4b85862f6c75af817db26fad https://git.kernel.org/stable/c/e1eb98cfeafdd85537e7e3cefe93ca9bfbcc3ea8 https://git.kernel.org/stable/c/576c1526b4d83c44ad7b673cb841f36cbc6cb6c4 https://git.kernel.org/stable/c/674b5f0c6a4fc5d3abce877048290cea6091fcb1 https://git.kernel.org/stable/c/7d9a9a1a88a3da574e019b4de756bc73337b3b0b https://git.kernel.org/stable/c/6defc77d48eff74075b80ad5925061b2fc010d98 https://git.kernel.org/stable/c/9cdf299ba4e153b5e56187648420de22c6216f02 https://git.kernel.org/stable/c/f648089337cb8ed40b2bb96e244f72b9d •
CVSS: 6.2EPSS: 0%CPEs: 3EXPL: 0CVE-2021-47244 – mptcp: Fix out of bounds when parsing TCP options
https://notcve.org/view.php?id=CVE-2021-47244
In the Linux kernel, the following vulnerability has been resolved: mptcp: Fix out of bounds when parsing TCP options The TCP option parser in mptcp (mptcp_get_options) could read one byte out of bounds. ... En el kernel de Linux, se resolvió la siguiente vulnerabilidad: mptcp: corrección de límites al analizar opciones TCP. • https://git.kernel.org/stable/c/cec37a6e41aae7bf3df9a3da783380a4d9325fd8 https://git.kernel.org/stable/c/73eeba71dc9932970befa009e68272a3d5ec4a58 https://git.kernel.org/stable/c/76e02b8905d0691e89e104a882f3bba7dd0f6037 https://git.kernel.org/stable/c/07718be265680dcf496347d475ce1a5442f55ad7 •
CVSS: -EPSS: 0%CPEs: 5EXPL: 0CVE-2021-47243 – sch_cake: Fix out of bounds when parsing TCP options and header
https://notcve.org/view.php?id=CVE-2021-47243
In the Linux kernel, the following vulnerability has been resolved: sch_cake: Fix out of bounds when parsing TCP options and header The TCP option parser in cake qdisc (cake_get_tcpopt and cake_tcph_may_drop) could read one byte out of bounds. ... En el kernel de Linux, se resolvió la siguiente vulnerabilidad: sch_cake: Corrección de límites al analizar las opciones TCP y el encabezado. • https://git.kernel.org/stable/c/8b7138814f29933898ecd31dfc83e35a30ee69f5 https://git.kernel.org/stable/c/595897ef118d6fe66690c4fc5b572028c9da95b7 https://git.kernel.org/stable/c/4cefa061fc63f4d2dff5ab4083f43857cd7a2335 https://git.kernel.org/stable/c/3b491dd593d582ceeb27aa617600712a6bd14246 https://git.kernel.org/stable/c/3371392c60e2685af30bd4547badd880f5df2b3f https://git.kernel.org/stable/c/ba91c49dedbde758ba0b72f57ac90b06ddf8e548 •
CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 0CVE-2021-47242 – mptcp: fix soft lookup in subflow_error_report()
https://notcve.org/view.php?id=CVE-2021-47242
In the Linux kernel, the following vulnerability has been resolved: mptcp: fix soft lookup in subflow_error_report() Maxim reported a soft lookup in subflow_error_report(): watchdog: BUG: soft lockup - CPU#0 stuck for 22s! ... En el kernel de Linux, se resolvió la siguiente vulnerabilidad: mptcp: corrige una búsqueda suave en subflow_error_report(). • https://git.kernel.org/stable/c/15cc10453398c22f78f6c2b897119ecce5e5dd89 https://git.kernel.org/stable/c/c8ad65cb5051498b8a58be40499db9e930f0092e https://git.kernel.org/stable/c/27ef25c72373222aaa5fe7b5cd890ae9cfb89a8d https://git.kernel.org/stable/c/499ada5073361c631f2a3c4a8aed44d53b6f82ec • CWE-667: Improper Locking •
CVSS: 7.5EPSS: 0%CPEs: 3EXPL: 0CVE-2021-47241 – ethtool: strset: fix message length calculation
https://notcve.org/view.php?id=CVE-2021-47241
In the Linux kernel, the following vulnerability has been resolved: ethtool: strset: fix message length calculation Outer nest for ETHTOOL_A_STRSET_STRINGSETS is not accounted for. This may result in ETHTOOL_MSG_STRSET_GET producing a warning like: calculated message payload length (684) not sufficient WARNING: CPU: 0 PID: 30967 at net/ethtool/netlink.c:369 ethnl_default_doit+0x87a/0xa20 and a splat. As usually with such warnings three conditions must be met for the warning to trigger: - there must be no skb size rounding up (e.g. reply_size of 684); - string set must be per-device (so that the header gets populated); - the device name must be at least 12 characters long. all in all with current user space it looks like reading priv flags is the only place this could potentially happen. Or with syzbot :) En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: ethtool: strset: corrección del cálculo de la longitud del mensaje. • https://git.kernel.org/stable/c/71921690f9745fef60a2bad425f30adf8cdc9da0 https://git.kernel.org/stable/c/fb3a948143688e14e2cfd2a2812877923d0e5e92 https://git.kernel.org/stable/c/cfc7f0e70d649e6d2233fba0d9390b525677d971 https://git.kernel.org/stable/c/e175aef902697826d344ce3a12189329848fe898 • CWE-266: Incorrect Privilege Assignment •