CVSS: -EPSS: 0%CPEs: 9EXPL: 0CVE-2021-47334 – misc/libmasm/module: Fix two use after free in ibmasm_init_one
https://notcve.org/view.php?id=CVE-2021-47334
In the Linux kernel, the following vulnerability has been resolved: misc/libmasm/module: Fix two use after free in ibmasm_init_one In ibmasm_init_one, it calls ibmasm_init_remote_input_dev(). Inside ibmasm_init_remote_input_dev, mouse_dev and keybd_dev are allocated by input_allocate_device(), and assigned to sp->remote.mouse_dev and sp->remote.keybd_dev respectively. In the err_free_devices error branch of ibmasm_init_one, mouse_dev and keybd_dev are freed by input_free_device(), and return error. Then the execution runs into error_send_message error branch of ibmasm_init_one, where ibmasm_free_remote_input_dev(sp) is called to unregister the freed sp->remote.mouse_dev and sp->remote.keybd_dev. My patch add a "error_init_remote" label to handle the error of ibmasm_init_remote_input_dev(), to avoid the uaf bugs. En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: misc/libmasm/module: corrige dos use after free en ibmasm_init_one. En ibmasm_init_one, llama a ibmasm_init_remote_input_dev(). Dentro de ibmasm_init_remote_input_dev, mouse_dev y keybd_dev son asignados por input_allocate_device() y asignados a sp->remote.mouse_dev y sp->remote.keybd_dev respectivamente. • https://git.kernel.org/stable/c/1512e7dc5eb08b7d92a12e2bfcd9cb8c4a1ec069 https://git.kernel.org/stable/c/29ba8e2ba89ee2862a26d91204dd5fe77ceee25a https://git.kernel.org/stable/c/5b06ca113bf197aab2ab61288f42506e0049fbab https://git.kernel.org/stable/c/481a76d4749ee3a27f902ba213fdcbb4bb39720e https://git.kernel.org/stable/c/38660031e80eaa6cc9370b031c180612f414b00d https://git.kernel.org/stable/c/b9c87ce3bc6331f82811a8cf8e930423c22523a3 https://git.kernel.org/stable/c/ef1067d2baa847d53c9988510d99fb494de4d12c https://git.kernel.org/stable/c/a7268e8a227d5a4f0bd1584f556246b02 •
CVSS: -EPSS: 0%CPEs: 5EXPL: 0CVE-2021-47333 – misc: alcor_pci: fix null-ptr-deref when there is no PCI bridge
https://notcve.org/view.php?id=CVE-2021-47333
In the Linux kernel, the following vulnerability has been resolved: misc: alcor_pci: fix null-ptr-deref when there is no PCI bridge There is an issue with the ASPM(optional) capability checking function. A device might be attached to root complex directly, in this case, bus->self(bridge) will be NULL, thus priv->parent_pdev is NULL. Since alcor_pci_init_check_aspm(priv->parent_pdev) checks the PCI link's ASPM capability and populate parent_cap_off, which will be used later by alcor_pci_aspm_ctrl() to dynamically turn on/off device, what we can do here is to avoid checking the capability if we are on the root complex. This will make pdev_cap_off 0 and alcor_pci_aspm_ctrl() will simply return when bring called, effectively disable ASPM for the device. [ 1.246492] BUG: kernel NULL pointer dereference, address: 00000000000000c0 [ 1.248731] RIP: 0010:pci_read_config_byte+0x5/0x40 [ 1.253998] Call Trace: [ 1.254131] ? alcor_pci_find_cap_offset.isra.0+0x3a/0x100 [alcor_pci] [ 1.254476] alcor_pci_probe+0x169/0x2d5 [alcor_pci] En el kernel de Linux, se resolvió la siguiente vulnerabilidad: misc: alcor_pci: corrige null-ptr-deref cuando no hay un puente PCI. Hay un problema con la función de verificación de capacidad ASPM (opcional). Un dispositivo se puede conectar directamente al complejo root; en este caso, bus->self(bridge) será NULL, por lo tanto, priv->parent_pdev es NULL. Dado que alcor_pci_init_check_aspm(priv->parent_pdev) verifica la capacidad ASPM del enlace PCI y completa parent_cap_off, que será utilizado más adelante por alcor_pci_aspm_ctrl() para encender/apagar dinámicamente el dispositivo, lo que podemos hacer aquí es evitar verificar la capacidad si estamos encendidos. el complejo raíz. • https://git.kernel.org/stable/c/d2639ffdcad463b358b6bef8645ff81715daffcb https://git.kernel.org/stable/c/58f69684ba03e5b0e0a3ae844a845280c0f06309 https://git.kernel.org/stable/c/717cf5ae52322ddbdf3ac2c584b34c5970b0d174 https://git.kernel.org/stable/c/09d154990ca82d14aed2b72796f6c8845e2e605d https://git.kernel.org/stable/c/3ce3e45cc333da707d4d6eb433574b990bcc26f5 •
CVSS: -EPSS: 0%CPEs: 5EXPL: 0CVE-2021-47332 – ALSA: usx2y: Don't call free_pages_exact() with NULL address
https://notcve.org/view.php?id=CVE-2021-47332
In the Linux kernel, the following vulnerability has been resolved: ALSA: usx2y: Don't call free_pages_exact() with NULL address Unlike some other functions, we can't pass NULL pointer to free_pages_exact(). Add a proper NULL check for avoiding possible Oops. En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: ALSA: usx2y: No llamar a free_pages_exact() con dirección NULL A diferencia de otras funciones, no podemos pasar un puntero NULL a free_pages_exact(). Agregue una verificación NULL adecuada para evitar posibles Oops. • https://git.kernel.org/stable/c/88262229b778f4f7a896da828d966f94dcb35d19 https://git.kernel.org/stable/c/7d7f30cf182e55023fa8fde4c084b2d37c6be69d https://git.kernel.org/stable/c/bee295f5e03510252d18b25cc1d26230256eb87a https://git.kernel.org/stable/c/82e5ee742fdd8874fe996181b87fafe1eb5f1196 https://git.kernel.org/stable/c/cae0cf651adccee2c3f376e78f30fbd788d0829f •
CVSS: -EPSS: 0%CPEs: 4EXPL: 0CVE-2021-47331 – usb: common: usb-conn-gpio: fix NULL pointer dereference of charger
https://notcve.org/view.php?id=CVE-2021-47331
In the Linux kernel, the following vulnerability has been resolved: usb: common: usb-conn-gpio: fix NULL pointer dereference of charger When power on system with OTG cable, IDDIG's interrupt arises before the charger registration, it will cause a NULL pointer dereference, fix the issue by registering the power supply before requesting IDDIG/VBUS irq. En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: usb: común: usb-conn-gpio: corrige la desreferencia del puntero NULL del cargador. Cuando se enciende el sistema con un cable OTG, la interrupción de IDDIG surge antes del registro del cargador, lo que provocará un puntero NULL desreferencia, solucione el problema registrando la fuente de alimentación antes de solicitar IDDIG/VBUS irq. • https://git.kernel.org/stable/c/8e8d910e9a3a7fba86140aff4924c30955ab228b https://git.kernel.org/stable/c/436906fd248e018403bcda61a9311d9af02912f1 https://git.kernel.org/stable/c/1a133a0996d6b4c83509d570ed4edcba34c44f25 https://git.kernel.org/stable/c/880287910b1892ed2cb38977893b947382a09d21 •
CVSS: -EPSS: 0%CPEs: 9EXPL: 0CVE-2021-47330 – tty: serial: 8250: serial_cs: Fix a memory leak in error handling path
https://notcve.org/view.php?id=CVE-2021-47330
In the Linux kernel, the following vulnerability has been resolved: tty: serial: 8250: serial_cs: Fix a memory leak in error handling path In the probe function, if the final 'serial_config()' fails, 'info' is leaking. Add a resource handling path to free this memory. En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: tty: serial: 8250: serial_cs: corrige una pérdida de memoria en la ruta de manejo de errores. En la función de sonda, si el 'serial_config()' final falla, se está perdiendo 'info'. Agregue una ruta de manejo de recursos para liberar esta memoria. • https://git.kernel.org/stable/c/b5a2799cd62ed30c81b22c23028d9ee374e2138c https://git.kernel.org/stable/c/331f5923fce4f45b8170ccf06c529e8eb28f37bc https://git.kernel.org/stable/c/34f4590f5ec9859ea9136249f528173d150bd584 https://git.kernel.org/stable/c/cddee5c287e26f6b2ba5c0ffdfc3a846f2f10461 https://git.kernel.org/stable/c/ee16bed959862a6de2913f71a04cb563d7237b67 https://git.kernel.org/stable/c/7a80f71601af015856a0aeb1e3c294037ac3dd32 https://git.kernel.org/stable/c/c39cf4df19acf0133fa284a8cd83fad42cd13cc2 https://git.kernel.org/stable/c/b2ef1f5de40342de44fc5355321595f91 •