CVSS: 7.0EPSS: 0%CPEs: 2EXPL: 0CVE-2021-47394 – netfilter: nf_tables: unlink table before deleting it
https://notcve.org/view.php?id=CVE-2021-47394
21 May 2024 — In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: unlink table before deleting it syzbot reports following UAF: BUG: KASAN: use-after-free in memcmp+0x18f/0x1c0 lib/string.c:955 nla_strcmp+0xf2/0x130 lib/nlattr.c:836 nft_table_lookup.part.0+0x1a2/0x460 net/netfilter/nf_tables_api.c:570 nft_table_lookup net/netfilter/nf_tables_api.c:4064 [inline] nf_tables_getset+0x1b3/0x860 net/netfilter/nf_tables_api.c:4064 nfnetlink_rcv_msg+0x659/0x13f0 net/netfilter/nfnetlin... • https://git.kernel.org/stable/c/6001a930ce0378b62210d4f83583fc88a903d89d •
CVSS: 4.7EPSS: 0%CPEs: 5EXPL: 0CVE-2021-47393 – hwmon: (mlxreg-fan) Return non-zero value when fan current state is enforced from sysfs
https://notcve.org/view.php?id=CVE-2021-47393
21 May 2024 — In the Linux kernel, the following vulnerability has been resolved: hwmon: (mlxreg-fan) Return non-zero value when fan current state is enforced from sysfs Fan speed minimum can be enforced from sysfs. In the Linux kernel, the following vulnerability has been resolved: hwmon: (mlxreg-fan) Return non-zero value when fan current state is enforced from sysfs Fan speed minimum can be enforced from sysfs. ... En el kernel de Linux, se resolvió la siguiente vulnerabilidad: hwmon: (mlxreg-fan)... • https://git.kernel.org/stable/c/65afb4c8e7e4e7e74b28efa1df62da503ca3e7a6 • CWE-754: Improper Check for Unusual or Exceptional Conditions •
CVSS: 4.7EPSS: 0%CPEs: 3EXPL: 0CVE-2021-47392 – RDMA/cma: Fix listener leak in rdma_cma_listen_on_all() failure
https://notcve.org/view.php?id=CVE-2021-47392
21 May 2024 — In the Linux kernel, the following vulnerability has been resolved: RDMA/cma: Fix listener leak in rdma_cma_listen_on_all() failure If cma_listen_on_all() fails it leaves the per-device ID still on the listen_list but the state is not set to RDMA_CM_ADDR_BOUND. In the Linux kernel, the following vulnerability has been resolved: RDMA/cma: Fix listener leak in rdma_cma_listen_on_all() failure If cma_listen_on_all() fails it leaves the per-device ID still on the listen_list but the state is not s... • https://git.kernel.org/stable/c/70ba8b1697e35c04ea5f22edb6e401aeb1208d96 •
CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 0CVE-2021-47391 – RDMA/cma: Ensure rdma_addr_cancel() happens before issuing more requests
https://notcve.org/view.php?id=CVE-2021-47391
21 May 2024 — In the Linux kernel, the following vulnerability has been resolved: RDMA/cma: Ensure rdma_addr_cancel() happens before issuing more requests The FSM can run in a circle allowing rdma_resolve_ip() to be called twice on the same id_priv. In the Linux kernel, the following vulnerability has been resolved: RDMA/cma: Ensure rdma_addr_cancel() happens before issuing more requests The FSM can run in a circle allowing rdma_resolve_ip() to be called twice on the same id_priv. ... En el kernel de Lin... • https://git.kernel.org/stable/c/e51060f08a61965c4dd91516d82fe90617152590 •
CVSS: 7.1EPSS: 0%CPEs: 3EXPL: 0CVE-2021-47390 – KVM: x86: Fix stack-out-of-bounds memory access from ioapic_write_indirect()
https://notcve.org/view.php?id=CVE-2021-47390
21 May 2024 — In the Linux kernel, the following vulnerability has been resolved: KVM: x86: Fix stack-out-of-bounds memory access from ioapic_write_indirect() KASAN reports the following issue: BUG: KASAN: stack-out-of-bounds in kvm_make_vcpus_request_mask+0x174/0x440 [kvm] Read of size 8 at addr ffffc9001364f638 by task qemu-kvm/4798 CPU: 0 PID: 4798 Comm: qemu-kvm Tainted: G X --------- --- Hardware name: AMD Corporation DAYTONA_X/DAYTONA_X, BIOS RYM0081C 07/13/2020 Call Trace: dump_stack+0xa5/0xe6 print_address... • https://git.kernel.org/stable/c/7ee30bc132c683d06a6d9e360e39e483e3990708 •
CVSS: 5.1EPSS: 0%CPEs: 2EXPL: 0CVE-2021-47389 – KVM: SVM: fix missing sev_decommission in sev_receive_start
https://notcve.org/view.php?id=CVE-2021-47389
21 May 2024 — In the Linux kernel, the following vulnerability has been resolved: KVM: SVM: fix missing sev_decommission in sev_receive_start DECOMMISSION the current SEV context if binding an ASID fails after RECEIVE_START. In the Linux kernel, the following vulnerability has been resolved: KVM: SVM: fix missing sev_decommission in sev_receive_start DECOMMISSION the current SEV context if binding an ASID fails after RECEIVE_START. ... En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad... • https://git.kernel.org/stable/c/af43cbbf954b50ca97d5e7bb56c2edc6ffd209ef • CWE-772: Missing Release of Resource after Effective Lifetime •
CVSS: 7.8EPSS: 0%CPEs: 9EXPL: 0CVE-2021-47388 – mac80211: fix use-after-free in CCMP/GCMP RX
https://notcve.org/view.php?id=CVE-2021-47388
21 May 2024 — In the Linux kernel, the following vulnerability has been resolved: mac80211: fix use-after-free in CCMP/GCMP RX When PN checking is done in mac80211, for fragmentation we need to copy the PN to the RX struct so we can later use it to do a comparison, since commit bf30ca922a0c ("mac80211: check defrag PN against current frame"). In the Linux kernel, the following vulnerability has been resolved: mac80211: fix use-after-free in CCMP/GCMP RX When PN checking is done in mac80211, for fragmentatio... • https://git.kernel.org/stable/c/608b0a2ae928a74a2f89e02227339dd79cdb63cf •
CVSS: 5.5EPSS: 0%CPEs: 7EXPL: 0CVE-2021-47387 – cpufreq: schedutil: Use kobject release() method to free sugov_tunables
https://notcve.org/view.php?id=CVE-2021-47387
21 May 2024 — In the Linux kernel, the following vulnerability has been resolved: cpufreq: schedutil: Use kobject release() method to free sugov_tunables The struct sugov_tunables is protected by the kobject, so we can't free it directly. In the Linux kernel, the following vulnerability has been resolved: cpufreq: schedutil: Use kobject release() method to free sugov_tunables The struct sugov_tunables is protected by the kobject, so we can't free it directly. ... En el kernel de Linux, se ha resuelto... • https://git.kernel.org/stable/c/9bdcb44e391da5c41b98573bf0305a0e0b1c9569 •
CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 0CVE-2021-47386 – hwmon: (w83791d) Fix NULL pointer dereference by removing unnecessary structure field
https://notcve.org/view.php?id=CVE-2021-47386
21 May 2024 — In the Linux kernel, the following vulnerability has been resolved: hwmon: (w83791d) Fix NULL pointer dereference by removing unnecessary structure field If driver read val value sufficient for (val & 0x08) && (!... Found by Linux Driver Verification project (linuxtesting.org). Found by Linux Driver Verification project (linuxtesting.org). ... Encontrado por el proyecto de verificación de controladores de Linux (linuxtesting.org). ... • https://git.kernel.org/stable/c/358d2071100d84cfe6ef4a9d70ac0d998a1d501e • CWE-476: NULL Pointer Dereference •
CVSS: 4.6EPSS: 0%CPEs: 4EXPL: 0CVE-2021-47385 – hwmon: (w83792d) Fix NULL pointer dereference by removing unnecessary structure field
https://notcve.org/view.php?id=CVE-2021-47385
21 May 2024 — In the Linux kernel, the following vulnerability has been resolved: hwmon: (w83792d) Fix NULL pointer dereference by removing unnecessary structure field If driver read val value sufficient for (val & 0x08) && (!... Found by Linux Driver Verification project (linuxtesting.org). Found by Linux Driver Verification project (linuxtesting.org). ... Encontrado por el proyecto de verificación de controladores de Linux (linuxtesting.org). ... • https://git.kernel.org/stable/c/f64211151db4269341ee6432ce832ae3756725ad • CWE-476: NULL Pointer Dereference •