CVSS: 7.8EPSS: 0%CPEs: 8EXPL: 0CVE-2021-47549 – sata_fsl: fix UAF in sata_fsl_port_stop when rmmod sata_fsl
https://notcve.org/view.php?id=CVE-2021-47549
24 May 2024 — In the Linux kernel, the following vulnerability has been resolved: sata_fsl: fix UAF in sata_fsl_port_stop when rmmod sata_fsl When the `rmmod sata_fsl.ko` command is executed in the PPC64 GNU/Linux, a bug is reported: ================================================================== BUG: Unable to handle kernel data access on read at 0x80000800805b502c Oops: Kernel access of bad area, sig: 11 [#1] NIP [c0000000000388a4] .ioread32+0x4/0x20 LR [80000000000c6034] .sata_fsl_port_stop+0x44/0xe0 ... • https://git.kernel.org/stable/c/faf0b2e5afe7dae072d2715763c7f992b612b628 •
CVSS: 9.8EPSS: 0%CPEs: 7EXPL: 0CVE-2021-47548 – ethernet: hisilicon: hns: hns_dsaf_misc: fix a possible array overflow in hns_dsaf_ge_srst_by_port()
https://notcve.org/view.php?id=CVE-2021-47548
24 May 2024 — In the Linux kernel, the following vulnerability has been resolved: ethernet: hisilicon: hns: hns_dsaf_misc: fix a possible array overflow in hns_dsaf_ge_srst_by_port() The if statement: if (port >= DSAF_GE_NUM) return; limits the value of port less than DSAF_GE_NUM (i.e., 8). In the Linux kernel, the following vulnerability has been resolved: ethernet: hisilicon: hns: hns_dsaf_misc: fix a possible array overflow in hns_dsaf_ge_srst_by_port() The if statement: if (port >= DSAF_GE_NUM) return; ... • https://git.kernel.org/stable/c/948968f8747650447c8f21c9fdba0e1973be040b • CWE-129: Improper Validation of Array Index •
CVSS: 4.4EPSS: 0%CPEs: 8EXPL: 0CVE-2021-47547 – net: tulip: de4x5: fix the problem that the array 'lp->phy[8]' may be out of bound
https://notcve.org/view.php?id=CVE-2021-47547
24 May 2024 — In the Linux kernel, the following vulnerability has been resolved: net: tulip: de4x5: fix the problem that the array 'lp->phy[8]' may be out of bound In line 5001, if all id in the array 'lp->phy[8]' is not 0, when the 'for' end, the 'k' is 8. In the Linux kernel, the following vulnerability has been resolved: net: tulip: de4x5: fix the problem that the array 'lp->phy[8]' may be out of bound In line 5001, if all id in the array 'lp->phy[8]' is not 0, when the 'for' end, the 'k' is 8. ... En e... • https://git.kernel.org/stable/c/ec5bd0aef1cec96830d0c7e06d3597d9e786cc98 •
CVSS: 5.5EPSS: 0%CPEs: 6EXPL: 0CVE-2021-47546 – ipv6: fix memory leak in fib6_rule_suppress
https://notcve.org/view.php?id=CVE-2021-47546
24 May 2024 — In the Linux kernel, the following vulnerability has been resolved: ipv6: fix memory leak in fib6_rule_suppress The kernel leaks memory when a `fib` rule is present in IPv6 nftables firewall rules and a suppress_prefix rule is present in the IPv6 routing rules (used by certain tools such as wg-quick). ... • https://git.kernel.org/stable/c/ca7a03c4175366a92cee0ccc4fec0038c3266e26 • CWE-401: Missing Release of Memory after Effective Lifetime •
CVSS: 6.3EPSS: 0%CPEs: 3EXPL: 0CVE-2021-47544 – tcp: fix page frag corruption on page fault
https://notcve.org/view.php?id=CVE-2021-47544
24 May 2024 — In the Linux kernel, the following vulnerability has been resolved: tcp: fix page frag corruption on page fault Steffen reported a TCP stream corruption for HTTP requests served by the apache web-server using a cifs mount-point and memory mapping the relevant file. ... Do not define an additional mm-helper for that, as this is strictly tied to the sk page frag usage. v1 -> v2: - use a stricted sk_page_frag() check instead of reordering the code (Eric) En el kernel de Linux, se resolvió la sigu... • https://git.kernel.org/stable/c/5640f7685831e088fe6c2e1f863a6805962f8e81 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 5.5EPSS: 0%CPEs: 8EXPL: 0CVE-2021-47542 – net: qlogic: qlcnic: Fix a NULL pointer dereference in qlcnic_83xx_add_rings()
https://notcve.org/view.php?id=CVE-2021-47542
24 May 2024 — In the Linux kernel, the following vulnerability has been resolved: net: qlogic: qlcnic: Fix a NULL pointer dereference in qlcnic_83xx_add_rings() In qlcnic_83xx_add_rings(), the indirect function of ahw->hw_ops->alloc_mbx_args will be called to allocate memory for cmd.req.arg, and there is a dereference of it in qlcnic_83xx_add_rings(), which could lead to a NULL pointer dereference on failure of the indirect function like qlcnic_83xx_alloc_mbx_args(). In the Linux kernel, the following vulne... • https://git.kernel.org/stable/c/7f9664525f9cb507de9198a395a111371413f230 • CWE-476: NULL Pointer Dereference •
CVSS: 7.8EPSS: 0%CPEs: 6EXPL: 0CVE-2021-47541 – net/mlx4_en: Fix an use-after-free bug in mlx4_en_try_alloc_resources()
https://notcve.org/view.php?id=CVE-2021-47541
24 May 2024 — In the Linux kernel, the following vulnerability has been resolved: net/mlx4_en: Fix an use-after-free bug in mlx4_en_try_alloc_resources() In mlx4_en_try_alloc_resources(), mlx4_en_copy_priv() is called and tmp->tx_cq will be freed on the error path of mlx4_en_copy_priv(). In the Linux kernel, the following vulnerability has been resolved: net/mlx4_en: Fix an use-after-free bug in mlx4_en_try_alloc_resources() In mlx4_en_try_alloc_resources(), mlx4_en_copy_priv() is called and tmp->tx_cq will... • https://git.kernel.org/stable/c/ec25bc04ed8e12947738468cbe2191f1529f9e39 • CWE-416: Use After Free •
CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 0CVE-2021-47540 – mt76: mt7915: fix NULL pointer dereference in mt7915_get_phy_mode
https://notcve.org/view.php?id=CVE-2021-47540
24 May 2024 — [ 101.137097] wlan0: Trigger new scan to find an IBSS to join [ 102.827039] wlan0: Creating new IBSS network, BSSID 26:a4:50:1a:6e:69 [ 103.064756] Unable to handle kernel NULL pointer dereference at virtual address 0000000000000000 [ 103.073670] Mem abort info: [ 103.076520] ESR = 0x96000005 [ 103.079614] EC = 0x25: DABT (current EL), IL = 32 bits [ 103.084934] SET = 0, FnV = 0 [ 103.088042] EA = 0, S1PTW = 0 [ 103.091215] Data abort info: [ 103.094104] ISV = 0, ISS = 0x00000005 [ 103.098041] CM = 0, WnR =... • https://git.kernel.org/stable/c/e57b7901469fc0b021930b83a8094baaf3d81b09 • CWE-476: NULL Pointer Dereference •
CVSS: 3.3EPSS: 0%CPEs: 3EXPL: 0CVE-2021-47539 – rxrpc: Fix rxrpc_peer leak in rxrpc_look_up_bundle()
https://notcve.org/view.php?id=CVE-2021-47539
24 May 2024 — In the Linux kernel, the following vulnerability has been resolved: rxrpc: Fix rxrpc_peer leak in rxrpc_look_up_bundle() Need to call rxrpc_put_peer() for bundle candidate before kfree() as it holds a ref to rxrpc_peer. [DH: v2: Changed to abstract out the bundle freeing code into a function] En el kernel de Linux, se resolvió la siguiente vulnerabilidad: rxrpc: corrige la fuga de rxrpc_peer en rxrpc_look_up_bundle() Es necesario llamar a rxrpc_put_peer() para el paquete candidato antes de kfr... • https://git.kernel.org/stable/c/245500d853e9f20036cec7df4f6984ece4c6bf26 •
CVSS: 3.3EPSS: 0%CPEs: 6EXPL: 0CVE-2021-47538 – rxrpc: Fix rxrpc_local leak in rxrpc_lookup_peer()
https://notcve.org/view.php?id=CVE-2021-47538
24 May 2024 — In the Linux kernel, the following vulnerability has been resolved: rxrpc: Fix rxrpc_local leak in rxrpc_lookup_peer() Need to call rxrpc_put_local() for peer candidate before kfree() as it holds a ref to rxrpc_local. [DH: v2: Changed to abstract the peer freeing code out into a function] En el kernel de Linux, se resolvió la siguiente vulnerabilidad: rxrpc: corrigió la fuga de rxrpc_local en rxrpc_lookup_peer() Es necesario llamar a rxrpc_put_local() para el candidato par antes de kfree(), ya... • https://git.kernel.org/stable/c/e8e51ce79c157188e209e5ea0afaf6b42dd76104 •