CVSS: 5.5EPSS: 0%CPEs: 5EXPL: 0CVE-2021-47144 – drm/amd/amdgpu: fix refcount leak
https://notcve.org/view.php?id=CVE-2021-47144
25 Mar 2024 — In the Linux kernel, the following vulnerability has been resolved: drm/amd/amdgpu: fix refcount leak [Why] the gem object rfb->base.obj[0] is get according to num_planes in amdgpufb_create, but is not put according to num_planes [How] put rfb->base.obj[0] in amdgpu_fbdev_destroy according to num_planes En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: drm/amd/amdgpu: corrige la fuga de refcount [Por qué] el objeto gema rfb->base.obj[0] se obtiene según num_planes en amdgpufb_create, per... • https://git.kernel.org/stable/c/599e5d61ace952b0bb9bd942b198bbd0cfded1d7 •
CVSS: 5.5EPSS: 0%CPEs: 8EXPL: 0CVE-2021-47142 – drm/amdgpu: Fix a use-after-free
https://notcve.org/view.php?id=CVE-2021-47142
25 Mar 2024 — In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Fix a use-after-free looks like we forget to set ttm->sg to NULL. Hit panic below [ 1235.844104] general protection fault, probably for non-canonical address 0x6b6b6b6b6b6b7b4b: 0000 [#1] SMP DEBUG_PAGEALLOC NOPTI [ 1235.989074] Call Trace: [ 1235.991751] sg_free_table+0x17/0x20 [ 1235.995667] amdgpu_ttm_backend_unbind.cold+0x4d/0xf7 [amdgpu] [ 1236.002288] amdgpu_ttm_backend_destroy+0x29/0x130 [amdgpu] [ 1236.008464] ttm_tt_des... • https://git.kernel.org/stable/c/0707c3fea8102d211631ba515ef2159707561b0d •
CVSS: 3.8EPSS: 0%CPEs: 6EXPL: 0CVE-2023-52620 – netfilter: nf_tables: disallow timeout for anonymous sets
https://notcve.org/view.php?id=CVE-2023-52620
21 Mar 2024 — In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: disallow timeout for anonymous sets Never used from userspace, disallow these parameters. En el kernel de Linux, se resolvió la siguiente vulnerabilidad: netfilter: nf_tables: no permite el tiempo de espera para conjuntos anónimos Nunca se usa desde el espacio de usuario, no permita estos parámetros. A vulnerability was found in netfilter/nf_tables componets of Linux Kernel allows an userspace to set timeouts for anony... • https://git.kernel.org/stable/c/116b0e8e4673a5faa8a739a19b467010c4d3058c • CWE-99: Improper Control of Resource Identifiers ('Resource Injection') •
CVSS: 5.5EPSS: 0%CPEs: 8EXPL: 0CVE-2023-52619 – pstore/ram: Fix crash when setting number of cpus to an odd number
https://notcve.org/view.php?id=CVE-2023-52619
18 Mar 2024 — In the Linux kernel, the following vulnerability has been resolved: pstore/ram: Fix crash when setting number of cpus to an odd number When the number of cpu cores is adjusted to 7 or other odd numbers, the zone size will become an odd number. The address of the zone will become: addr of zone0 = BASE addr of zone1 = BASE + zone_size addr of zone2 = BASE + zone_size*2 ... The address of zone1/3/5/7 will be mapped to non-alignment va. Eventually crashes will occur when accessing these va. So, use ALIGN_DOWN()... • https://git.kernel.org/stable/c/8b69c30f4e8b69131d92096cb296dc1f217101e4 • CWE-99: Improper Control of Resource Identifiers ('Resource Injection') •
CVSS: 4.4EPSS: 0%CPEs: 7EXPL: 0CVE-2023-52617 – PCI: switchtec: Fix stdev_release() crash after surprise hot remove
https://notcve.org/view.php?id=CVE-2023-52617
18 Mar 2024 — In the Linux kernel, the following vulnerability has been resolved: PCI: switchtec: Fix stdev_release() crash after surprise hot remove A PCI device hot removal may occur while stdev->cdev is held open. The call to stdev_release() then happens during close or exit, at a point way past switchtec_pci_remove(). Otherwise the last ref would vanish with the trailing put_device(), just before return. At that later point in time, the devm cleanup has already removed the stdev->mmio_mrpc mapping. Also, the stdev->p... • https://git.kernel.org/stable/c/d8c293549946ee5078ed0ab77793cec365559355 •
CVSS: 5.5EPSS: 0%CPEs: 8EXPL: 0CVE-2021-47117 – ext4: fix bug on in ext4_es_cache_extent as ext4_split_extent_at failed
https://notcve.org/view.php?id=CVE-2021-47117
15 Mar 2024 — In the Linux kernel, the following vulnerability has been resolved: ext4: fix bug on in ext4_es_cache_extent as ext4_split_extent_at failed We got follow bug_on when run fsstress with injecting IO fault: [130747.323114] kernel BUG at fs/ext4/extents_status.c:762! [130747.323117] Internal error: Oops - BUG: 0 [#1] SMP ...... [130747.334329] Call trace: [130747.334553] ext4_es_cache_extent+0x150/0x168 [ext4] [130747.334975] ext4_cache_extents+0x64/0xe8 [ext4] [130747.335368] ext4_find_extent+0x300/0x330 [ext4... • https://git.kernel.org/stable/c/e33bafad30d34cfa5e9787cb099cab05e2677fcb •
CVSS: 4.7EPSS: 0%CPEs: 3EXPL: 0CVE-2021-47116 – ext4: fix memory leak in ext4_mb_init_backend on error path.
https://notcve.org/view.php?id=CVE-2021-47116
15 Mar 2024 — In the Linux kernel, the following vulnerability has been resolved: ext4: fix memory leak in ext4_mb_init_backend on error path. Fix a memory leak discovered by syzbot when a file system is corrupted with an illegally large s_log_groups_per_flex. En el kernel de Linux, se resolvió la siguiente vulnerabilidad: ext4: corrige la pérdida de memoria en ext4_mb_init_backend en la ruta de error. Solucione una pérdida de memoria descubierta por syzbot cuando un sistema de archivos está dañado con un s_log_groups_pe... • https://git.kernel.org/stable/c/2050c6e5b161e5e25ce3c420fef58b24fa388a49 •
CVSS: 5.5EPSS: 0%CPEs: 8EXPL: 0CVE-2021-47114 – ocfs2: fix data corruption by fallocate
https://notcve.org/view.php?id=CVE-2021-47114
15 Mar 2024 — In the Linux kernel, the following vulnerability has been resolved: ocfs2: fix data corruption by fallocate When fallocate punches holes out of inode size, if original isize is in the middle of last cluster, then the part from isize to the end of the cluster will be zeroed with buffer write, at that time isize is not yet updated to match the new size, if writeback is kicked in, it will invoke ocfs2_writepage()->block_write_full_page() where the pages out of inode size will be dropped. That will cause file c... • https://git.kernel.org/stable/c/624fa7baa3788dc9e57840ba5b94bc22b03cda57 •
CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 0CVE-2021-47113 – btrfs: abort in rename_exchange if we fail to insert the second ref
https://notcve.org/view.php?id=CVE-2021-47113
15 Mar 2024 — In the Linux kernel, the following vulnerability has been resolved: btrfs: abort in rename_exchange if we fail to insert the second ref Error injection stress uncovered a problem where we'd leave a dangling inode ref if we failed during a rename_exchange. This happens because we insert the inode ref for one side of the rename, and then for the other side. If this second inode ref insert fails we'll leave the first one dangling and leave a corrupt file system behind. Fix this by aborting if we did the insert... • https://git.kernel.org/stable/c/0df50d47d17401f9f140dfbe752a65e5d72f9932 •
CVSS: 3.3EPSS: 0%CPEs: 4EXPL: 0CVE-2021-47112 – x86/kvm: Teardown PV features on boot CPU as well
https://notcve.org/view.php?id=CVE-2021-47112
15 Mar 2024 — In the Linux kernel, the following vulnerability has been resolved: x86/kvm: Teardown PV features on boot CPU as well Various PV features (Async PF, PV EOI, steal time) work through memory shared with hypervisor and when we restore from hibernation we must properly teardown all these features to make sure hypervisor doesn't write to stale locations after we jump to the previously hibernated kernel (which can try to place anything there). For secondary CPUs the job is already done by kvm_cpu_down_prepare(), ... • https://git.kernel.org/stable/c/7620a669111b52f224d006dea9e1e688e2d62c54 •