CVSS: 5.5EPSS: 0%CPEs: 5EXPL: 0CVE-2021-47293 – net/sched: act_skbmod: Skip non-Ethernet packets
https://notcve.org/view.php?id=CVE-2021-47293
21 May 2024 — In the Linux kernel, the following vulnerability has been resolved: net/sched: act_skbmod: Skip non-Ethernet packets Currently tcf_skbmod_act() assumes that packets use Ethernet as their L2 protocol, which is not always the case. In the Linux kernel, the following vulnerability has been resolved: net/sched: act_skbmod: Skip non-Ethernet packets Currently tcf_skbmod_act() assumes that packets use Ethernet as their L2 protocol, which is not always the case. ... En el kernel de Linux, se h... • https://git.kernel.org/stable/c/86da71b57383d40993cb90baafb3735cffe5d800 • CWE-20: Improper Input Validation •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2021-47292 – io_uring: fix memleak in io_init_wq_offload()
https://notcve.org/view.php?id=CVE-2021-47292
21 May 2024 — In the Linux kernel, the following vulnerability has been resolved: io_uring: fix memleak in io_init_wq_offload() I got memory leak report when doing fuzz test: BUG: memory leak unreferenced object 0xffff888107310a80 (size 96): comm "syz-executor.6", pid 4610, jiffies 4295140240 (age 20.135s) hex dump (first 32 bytes): 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ In the Linux kernel, the following vulnerability has been resolved: io_uring: fix memleak in io_init_wq_offload(... • https://git.kernel.org/stable/c/e941894eae31b52f0fd9bdb3ce20620afa152f45 •
CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 0CVE-2021-47291 – ipv6: fix another slab-out-of-bounds in fib6_nh_flush_exceptions
https://notcve.org/view.php?id=CVE-2021-47291
21 May 2024 — In the Linux kernel, the following vulnerability has been resolved: ipv6: fix another slab-out-of-bounds in fib6_nh_flush_exceptions While running the self-tests on a KASAN enabled kernel, I observed a slab-out-of-bounds splat very similar to the one reported in commit 821bbf79fe46 ("ipv6: Fix KASAN: slab-out-of-bounds Read in fib6_nh_flush_exceptions"). In the Linux kernel, the following vulnerability has been resolved: ipv6: fix another slab-out-of-bounds in fib6_nh_flush_exceptions While ru... • https://git.kernel.org/stable/c/f88d8ea67fbdbac7a64bfa6ed9a2ba27bb822f74 •
CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 0CVE-2021-47290 – scsi: target: Fix NULL dereference on XCOPY completion
https://notcve.org/view.php?id=CVE-2021-47290
21 May 2024 — In the Linux kernel, the following vulnerability has been resolved: scsi: target: Fix NULL dereference on XCOPY completion CPU affinity control added with commit 39ae3edda325 ("scsi: target: core: Make completion affinity configurable") makes target_complete_cmd() queue work on a CPU based on se_tpg->se_tpg_wwn->cmd_compl_affinity state. In the Linux kernel, the following vulnerability has been resolved: scsi: target: Fix NULL dereference on XCOPY completion CPU affinity control added with com... • https://git.kernel.org/stable/c/39ae3edda325e9cf9e978c9788affe88231f3b34 •
CVSS: 5.5EPSS: 0%CPEs: 4EXPL: 0CVE-2021-47289 – ACPI: fix NULL pointer dereference
https://notcve.org/view.php?id=CVE-2021-47289
21 May 2024 — In the Linux kernel, the following vulnerability has been resolved: ACPI: fix NULL pointer dereference Commit 71f642833284 ("ACPI: utils: Fix reference counting in for_each_acpi_dev_match()") started doing "acpi_dev_put()" on a pointer that was possibly NULL. In the Linux kernel, the following vulnerability has been resolved: ACPI: fix NULL pointer dereference Commit 71f642833284 ("ACPI: utils: Fix reference counting in for_each_acpi_dev_match()") started doing "acpi_dev_put()" on a pointer th... • https://git.kernel.org/stable/c/38f54217b423c0101d03a00feec6fb8ec608b12e • CWE-476: NULL Pointer Dereference •
CVSS: 4.4EPSS: 0%CPEs: 8EXPL: 0CVE-2021-47288 – media: ngene: Fix out-of-bounds bug in ngene_command_config_free_buf()
https://notcve.org/view.php?id=CVE-2021-47288
21 May 2024 — In the Linux kernel, the following vulnerability has been resolved: media: ngene: Fix out-of-bounds bug in ngene_command_config_free_buf() Fix an 11-year old bug in ngene_command_config_free_buf() while addressing the following warnings caught with -Warray-bounds: arch/alpha/include/asm/string.h:22:16: warning: '__builtin_memcpy' offset [12, 16] from the object at 'com' is out of the bounds of referenced subobject 'config' with type 'unsigned char' at offset 10 [-Warray-bounds] arch/x86/include/asm/s... • https://git.kernel.org/stable/c/dae52d009fc950b5c209260d50fcc000f5becd3c •
CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 0CVE-2021-47287 – driver core: auxiliary bus: Fix memory leak when driver_register() fail
https://notcve.org/view.php?id=CVE-2021-47287
21 May 2024 — In the Linux kernel, the following vulnerability has been resolved: driver core: auxiliary bus: Fix memory leak when driver_register() fail If driver_register() returns with error we need to free the memory allocated for auxdrv->driver.name before returning from __auxiliary_driver_register() En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: núcleo del controlador: bus auxiliar: corrige la pérdida de memoria cuando falla driver_register(). Si driver_register() regresa con error... • https://git.kernel.org/stable/c/7de3697e9cbd4bd3d62bafa249d57990e1b8f294 • CWE-402: Transmission of Private Resources into a New Sphere ('Resource Leak') •
CVSS: 6.2EPSS: 0%CPEs: 3EXPL: 0CVE-2021-47286 – bus: mhi: core: Validate channel ID when processing command completions
https://notcve.org/view.php?id=CVE-2021-47286
21 May 2024 — In the Linux kernel, the following vulnerability has been resolved: bus: mhi: core: Validate channel ID when processing command completions MHI reads the channel ID from the event ring element sent by the device which can be any value between 0 and 255. In the Linux kernel, the following vulnerability has been resolved: bus: mhi: core: Validate channel ID when processing command completions MHI reads the channel ID from the event ring element sent by the device which can be any value between 0... • https://git.kernel.org/stable/c/1d3173a3bae7039b765a0956e3e4bf846dbaacb8 •
CVSS: 5.5EPSS: 0%CPEs: 8EXPL: 0CVE-2021-47284 – isdn: mISDN: netjet: Fix crash in nj_probe:
https://notcve.org/view.php?id=CVE-2021-47284
21 May 2024 — In the Linux kernel, the following vulnerability has been resolved: isdn: mISDN: netjet: Fix crash in nj_probe: 'nj_setup' in netjet.c might fail with -EIO and in this case 'card->irq' is initialized and is bigger than zero. ... free_irq+0x100/0x480 [ 3.362175 ] report_bug+0x119/0x1c0 [ 3.362175 ] handle_bug+0x3b/0x80 [ 3.362175 ] exc_invalid_op+0x18/0x70 [ 3.362175 ] asm_exc_invalid_op+0x12/0x20 [ 3.362175 ] RIP: 0010:free_irq+0x100 ---truncated--- En el kernel de Linux, se ha resuelto la sig... • https://git.kernel.org/stable/c/958cb1078ca60d214826fd90a0961a447fade59a • CWE-400: Uncontrolled Resource Consumption CWE-590: Free of Memory not on the Heap •
CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 0CVE-2021-47283 – net:sfc: fix non-freed irq in legacy irq mode
https://notcve.org/view.php?id=CVE-2021-47283
21 May 2024 — In the Linux kernel, the following vulnerability has been resolved: net:sfc: fix non-freed irq in legacy irq mode SFC driver can be configured via modparam to work using MSI-X, MSI or legacy IRQ interrupts. In the Linux kernel, the following vulnerability has been resolved: net:sfc: fix non-freed irq in legacy irq mode SFC driver can be configured via modparam to work using MSI-X, MSI or legacy IRQ interrupts. ... En el kernel de Linux, se resolvió la siguiente vulnerabilidad: net:sfc: ... • https://git.kernel.org/stable/c/8d717c9135a3340ae62d1699484850bfb4112b0c •