CVSS: 5.5EPSS: 0%CPEs: 4EXPL: 0CVE-2021-47282 – spi: bcm2835: Fix out-of-bounds access with more than 4 slaves
https://notcve.org/view.php?id=CVE-2021-47282
21 May 2024 — In the Linux kernel, the following vulnerability has been resolved: spi: bcm2835: Fix out-of-bounds access with more than 4 slaves Commit 571e31fa60b3 ("spi: bcm2835: Cache CS register value for ->prepare_message()") limited the number of slaves to 3 at compile-time. In the Linux kernel, the following vulnerability has been resolved: spi: bcm2835: Fix out-of-bounds access with more than 4 slaves Commit 571e31fa60b3 ("spi: bcm2835: Cache CS register value for ->prepare_message()") limited the n... • https://git.kernel.org/stable/c/571e31fa60b3697d5db26140e16d5c45c51c9815 •
CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 0CVE-2021-47281 – ALSA: seq: Fix race of snd_seq_timer_open()
https://notcve.org/view.php?id=CVE-2021-47281
21 May 2024 — In the Linux kernel, the following vulnerability has been resolved: ALSA: seq: Fix race of snd_seq_timer_open() The timer instance per queue is exclusive, and snd_seq_timer_open() should have managed the concurrent accesses. In the Linux kernel, the following vulnerability has been resolved: ALSA: seq: Fix race of snd_seq_timer_open() The timer instance per queue is exclusive, and snd_seq_timer_open() should have managed the concurrent accesses. ... En el kernel de Linux se ha resuelto ... • https://git.kernel.org/stable/c/bd7d88b0874f82f7b29d1a53e574cedaf23166ba •
CVSS: 5.5EPSS: 0%CPEs: 6EXPL: 0CVE-2021-47280 – drm: Fix use-after-free read in drm_getunique()
https://notcve.org/view.php?id=CVE-2021-47280
21 May 2024 — In the Linux kernel, the following vulnerability has been resolved: drm: Fix use-after-free read in drm_getunique() There is a time-of-check-to-time-of-use error in drm_getunique() due to retrieving file_priv->master prior to locking the device's master mutex. In the Linux kernel, the following vulnerability has been resolved: drm: Fix use-after-free read in drm_getunique() There is a time-of-check-to-time-of-use error in drm_getunique() due to retrieving file_priv->master prior to locking the... • https://git.kernel.org/stable/c/17dab9326ff263c62dab1dbac4492e2938a049e4 •
CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 0CVE-2021-47279 – usb: misc: brcmstb-usb-pinmap: check return value after calling platform_get_resource()
https://notcve.org/view.php?id=CVE-2021-47279
21 May 2024 — In the Linux kernel, the following vulnerability has been resolved: usb: misc: brcmstb-usb-pinmap: check return value after calling platform_get_resource() It will cause null-ptr-deref if platform_get_resource() returns NULL, we need check the return value. In the Linux kernel, the following vulnerability has been resolved: usb: misc: brcmstb-usb-pinmap: check return value after calling platform_get_resource() It will cause null-ptr-deref if platform_get_resource() returns NULL, we need check ... • https://git.kernel.org/stable/c/517c4c44b32372d2fdf4421822e21083c45e89f9 •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2021-47278 – bus: mhi: pci_generic: Fix possible use-after-free in mhi_pci_remove()
https://notcve.org/view.php?id=CVE-2021-47278
21 May 2024 — In the Linux kernel, the following vulnerability has been resolved: bus: mhi: pci_generic: Fix possible use-after-free in mhi_pci_remove() This driver's remove path calls del_timer(). In the Linux kernel, the following vulnerability has been resolved: bus: mhi: pci_generic: Fix possible use-after-free in mhi_pci_remove() This driver's remove path calls del_timer(). ... En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: bus: mhi: pci_generic: corrige posible use after fre... • https://git.kernel.org/stable/c/8562d4fe34a3ef52da077f77985994bb9ad1f83e •
CVSS: 5.5EPSS: 0%CPEs: 8EXPL: 0CVE-2021-47277 – kvm: avoid speculation-based attacks from out-of-range memslot accesses
https://notcve.org/view.php?id=CVE-2021-47277
21 May 2024 — In the Linux kernel, the following vulnerability has been resolved: kvm: avoid speculation-based attacks from out-of-range memslot accesses KVM's mechanism for accessing guest memory translates a guest physical address (gpa) to a host virtual address using the right-shifted gpa (also known as gfn) and a struct kvm_memory_slot. In the Linux kernel, the following vulnerability has been resolved: kvm: avoid speculation-based attacks from out-of-range memslot accesses KVM's mechanism for accessing... • https://git.kernel.org/stable/c/3098b86390a6b9ea52657689f08410baf130ceff •
CVSS: 5.5EPSS: 0%CPEs: 8EXPL: 0CVE-2021-47276 – ftrace: Do not blindly read the ip address in ftrace_bug()
https://notcve.org/view.php?id=CVE-2021-47276
21 May 2024 — In the Linux kernel, the following vulnerability has been resolved: ftrace: Do not blindly read the ip address in ftrace_bug() It was reported that a bug on arm64 caused a bad ip address to be used for updating into a nop in ftrace_init(), but the error path (rightfully) returned -EINVAL and not -EFAULT, as the bug caused more than one error to occur. In the Linux kernel, the following vulnerability has been resolved: ftrace: Do not blindly read the ip address in ftrace_bug() It was reported t... • https://git.kernel.org/stable/c/05736a427f7e16be948ccbf39782bd3a6ae16b14 •
CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 0CVE-2021-47275 – bcache: avoid oversized read request in cache missing code path
https://notcve.org/view.php?id=CVE-2021-47275
21 May 2024 — In the Linux kernel, the following vulnerability has been resolved: bcache: avoid oversized read request in cache missing code path In the cache missing code path of cached device, if a proper location from the internal B+ tree is matched for a cache miss range, function cached_dev_cache_miss() will be called in cache_lookup_fn() in the following code block, [code block 1] 526 unsigned int sectors = KEY_INODE(k) == s->iop.inode 527 ? ... Another ke ---truncated--- En el kernel de Linux, se ha ... • https://git.kernel.org/stable/c/cafe563591446cf80bfbc2fe3bc72a2e36cf1060 •
CVSS: 9.8EPSS: 0%CPEs: 7EXPL: 0CVE-2021-47274 – tracing: Correct the length check which causes memory corruption
https://notcve.org/view.php?id=CVE-2021-47274
21 May 2024 — In the Linux kernel, the following vulnerability has been resolved: tracing: Correct the length check which causes memory corruption We've suffered from severe kernel crashes due to memory corruption on our production environment, like, Call Trace: [1640542.554277] general protection fault: 0000 [#1] SMP PTI [1640542.554856] CPU: 17 PID: 26996 Comm: python Kdump: loaded Tainted:G [1640542.556629] RIP: 0010:kmem_cache_alloc+0x90/0x190 [1640542.559074] RSP: 0018:ffffb16faa597df8 EFLAGS: 00010286 [16405... • https://git.kernel.org/stable/c/2e584b1a02eeb860e286d39bc408b25ebc5ec844 • CWE-125: Out-of-bounds Read •
CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 0CVE-2021-47273 – usb: dwc3-meson-g12a: fix usb2 PHY glue init when phy0 is disabled
https://notcve.org/view.php?id=CVE-2021-47273
21 May 2024 — In the Linux kernel, the following vulnerability has been resolved: usb: dwc3-meson-g12a: fix usb2 PHY glue init when phy0 is disabled When only PHY1 is used (for example on Odroid-HC4), the regmap init code uses the usb2 ports when doesn't initialize the PHY1 regmap entry. In the Linux kernel, the following vulnerability has been resolved: usb: dwc3-meson-g12a: fix usb2 PHY glue init when phy0 is disabled When only PHY1 is used (for example on Odroid-HC4), the regmap init code uses the usb2 p... • https://git.kernel.org/stable/c/013af227f58a97ffc61b99301f8f4448dc7e7f55 •