CVSS: 5.5EPSS: 0%CPEs: 6EXPL: 0CVE-2021-47229 – PCI: aardvark: Fix kernel panic during PIO transfer
https://notcve.org/view.php?id=CVE-2021-47229
21 May 2024 — id=3c7dcdac5c50 https://lore.kernel.org/linux-pci/20190316161243.29517-1-repk@triplefau.lt/ https://lore.kernel.org/linux-pci/971be151d24312cc533989a64bd454b4@www.loen.fr/ https://review.trustedfirmware.org/c/TF-A/trusted-firmware-a/+/1541 But the real cause was the fact that during link retraining or after link down event the PIO transfer may take longer time, up to the 1.44s until it times out. id=3c7dcdac5c50 https://lore.kernel.org/linux-pci/20190316161243.29517-1-repk@triplefau.lt/... • https://git.kernel.org/stable/c/400e6b1860c8be61388d0b77814c53260f96e17a •
CVSS: 6.2EPSS: 0%CPEs: 3EXPL: 0CVE-2021-47228 – x86/ioremap: Map EFI-reserved memory as encrypted for SEV
https://notcve.org/view.php?id=CVE-2021-47228
21 May 2024 — In the Linux kernel, the following vulnerability has been resolved: x86/ioremap: Map EFI-reserved memory as encrypted for SEV Some drivers require memory that is marked as EFI boot services data. ... Under SEV, memory marked with the EFI_MEMORY_RUNTIME attribute needs to be mapped encrypted by Linux, otherwise the kernel might crash at boot like below: EFI Variables Facility v0.08 2004-May-17 general protection fault, probably for non-canonical address 0x3597688770a868b2: 0000 [#1] SMP NOPTI C... • https://git.kernel.org/stable/c/58c909022a5a56cd1d9e89c8c5461fd1f6a27bb5 •
CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 0CVE-2021-47227 – x86/fpu: Prevent state corruption in __fpu__restore_sig()
https://notcve.org/view.php?id=CVE-2021-47227
21 May 2024 — In the Linux kernel, the following vulnerability has been resolved: x86/fpu: Prevent state corruption in __fpu__restore_sig() The non-compacted slowpath uses __copy_from_user() and copies the entire user buffer into the kernel buffer, verbatim. ... Using it for the non-compacted form is slower because of multiple __copy_from_user() operations, but that cost is less important than robust code in an already slow path. [ Changelog polished by Dave Hansen ] En el kernel de Linux, se resolvió la si... • https://git.kernel.org/stable/c/b860eb8dce5906b14e3a7f3c771e0b3d6ef61b94 •
CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 0CVE-2021-47226 – x86/fpu: Invalidate FPU state after a failed XRSTOR from a user buffer
https://notcve.org/view.php?id=CVE-2021-47226
21 May 2024 — In the Linux kernel, the following vulnerability has been resolved: x86/fpu: Invalidate FPU state after a failed XRSTOR from a user buffer Both Intel and AMD consider it to be architecturally valid for XRSTOR to fail with #PF but nonetheless change the register state. In the Linux kernel, the following vulnerability has been resolved: x86/fpu: Invalidate FPU state after a failed XRSTOR from a user buffer Both Intel and AMD consider it to be architecturally valid for XRSTOR to fail with #PF but... • https://git.kernel.org/stable/c/1d731e731c4cd7cbd3b1aa295f0932e7610da82f •
CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 0CVE-2021-47225 – mac80211: fix deadlock in AP/VLAN handling
https://notcve.org/view.php?id=CVE-2021-47225
21 May 2024 — To fix this, we need to do two things: 1) prevent changing iftype while AP_VLANs are up, we can't easily fix this case since cfg80211 already calls us with the wiphy mutex held, but change_interface() is relatively rare in drivers anyway, so changing iftype isn't used much (and userspace has to fall back to down/change/up anyway) 2) pull the dev_close() loop over VLANs out of the wiphy mutex section in the normal stop case En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: mac80211: c... • https://git.kernel.org/stable/c/a05829a7222e9d10c416dd2dbbf3929fe6646b89 •
CVSS: 10.0EPSS: 0%CPEs: 4EXPL: 0CVE-2021-47224 – net: ll_temac: Make sure to free skb when it is completely used
https://notcve.org/view.php?id=CVE-2021-47224
21 May 2024 — In the Linux kernel, the following vulnerability has been resolved: net: ll_temac: Make sure to free skb when it is completely used With the skb pointer piggy-backed on the TX BD, we have a simple and efficient way to free the skb buffer when the frame has been transmitted. In the Linux kernel, the following vulnerability has been resolved: net: ll_temac: Make sure to free skb when it is completely used With the skb pointer piggy-backed on the TX BD, we have a simple and efficient way to free ... • https://git.kernel.org/stable/c/6d120ab4dc39a543c6b63361e1d0541c382900a3 •
CVSS: 5.5EPSS: 0%CPEs: 6EXPL: 0CVE-2021-47223 – net: bridge: fix vlan tunnel dst null pointer dereference
https://notcve.org/view.php?id=CVE-2021-47223
21 May 2024 — In the Linux kernel, the following vulnerability has been resolved: net: bridge: fix vlan tunnel dst null pointer dereference This patch fixes a tunnel_dst null pointer dereference due to lockless access in the tunnel egress path. In the Linux kernel, the following vulnerability has been resolved: net: bridge: fix vlan tunnel dst null pointer dereference This patch fixes a tunnel_dst null pointer dereference due to lockless access in the tunnel egress path. ... En el kernel de Linux, se... • https://git.kernel.org/stable/c/11538d039ac6efcf4f1a6c536e1b87cd3668a9fd •
CVSS: 5.5EPSS: 0%CPEs: 6EXPL: 0CVE-2021-47222 – net: bridge: fix vlan tunnel dst refcnt when egressing
https://notcve.org/view.php?id=CVE-2021-47222
21 May 2024 — In the Linux kernel, the following vulnerability has been resolved: net: bridge: fix vlan tunnel dst refcnt when egressing The egress tunnel code uses dst_clone() and directly sets the result which is wrong because the entry might have 0 refcnt or be already deleted, causing number of problems. ... kthread_mod_delayed_work+0xb6/0xb6 ret_from_fork+0x22/0x30 ---[ end trace 49f61b07f775fd2b ]--- dst_release: dst:00000000c02d677a refcnt:-1 dst_release underflow En el kernel de Linux, se ha resuelt... • https://git.kernel.org/stable/c/11538d039ac6efcf4f1a6c536e1b87cd3668a9fd •
CVSS: 8.4EPSS: 0%CPEs: 3EXPL: 0CVE-2021-47221 – mm/slub: actually fix freelist pointer vs redzoning
https://notcve.org/view.php?id=CVE-2021-47221
21 May 2024 — In the Linux kernel, the following vulnerability has been resolved: mm/slub: actually fix freelist pointer vs redzoning It turns out that SLUB redzoning ("slub_debug=Z") checks from s->object_size rather than from s->inuse (which is normally bumped to make room for the freelist pointer), so a cache created with an object size less than 24 would have the freelist pointer written beyond s->object_size, causing the redzone to be corrupted by the freelist pointer. In the Linux kernel, the followin... • https://git.kernel.org/stable/c/89b83f282d8ba380cf2124f88106c57df49c538c • CWE-99: Improper Control of Resource Identifiers ('Resource Injection') •
CVSS: 5.5EPSS: 0%CPEs: 9EXPL: 0CVE-2024-36009 – ax25: Fix netdev refcount issue
https://notcve.org/view.php?id=CVE-2024-36009
20 May 2024 — In the Linux kernel, the following vulnerability has been resolved: ax25: Fix netdev refcount issue The dev_tracker is added to ax25_cb in ax25_bind(). In the Linux kernel, the following vulnerability has been resolved: ax25: Fix netdev refcount issue The dev_tracker is added to ax25_cb in ax25_bind(). ... En el kernel de Linux, se resolvió la siguiente vulnerabilidad: ax25: soluciona el problema de recuento de netdev. ... • https://git.kernel.org/stable/c/feef318c855a361a1eccd880f33e88c460eb63b4 •