csaf_certbund - wid-sec-w-2024-0652

wid-sec-w-2024-0652

Vulnerability from csaf_certbund

Published

2024-03-17 23:00

Modified

2024-06-11 22:00

Summary

Linux Kernel: Mehrere Schwachstellen ermöglichen Denial of Service

Notes

Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.

Produktbeschreibung

Der Kernel stellt den Kern des Linux Betriebssystems dar.

Angriff

Ein lokaler Angreifer kann mehrere Schwachstellen im Linux-Kernel ausnutzen, um einen Denial-of-Service-Zustand herbeizuführen oder einen nicht spezifizierten Angriff durchzuführen.

Betroffene Betriebssysteme

- Linux

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "text": "mittel"
    },
    "category": "csaf_base",
    "csaf_version": "2.0",
    "distribution": {
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "de-DE",
    "notes": [
      {
        "category": "legal_disclaimer",
        "text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
      },
      {
        "category": "description",
        "text": "Der Kernel stellt den Kern des Linux Betriebssystems dar.",
        "title": "Produktbeschreibung"
      },
      {
        "category": "summary",
        "text": "Ein lokaler Angreifer kann mehrere Schwachstellen im Linux-Kernel ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren.",
        "title": "Angriff"
      },
      {
        "category": "general",
        "text": "- Linux",
        "title": "Betroffene Betriebssysteme"
      }
    ],
    "publisher": {
      "category": "other",
      "contact_details": "csaf-provider@cert-bund.de",
      "name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
      "namespace": "https://www.bsi.bund.de"
    },
    "references": [
      {
        "category": "self",
        "summary": "WID-SEC-W-2024-0652 - CSAF Version",
        "url": "https://wid.cert-bund.de/.well-known/csaf/white/2024/wid-sec-w-2024-0652.json"
      },
      {
        "category": "self",
        "summary": "WID-SEC-2024-0652 - Portal Version",
        "url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2024-0652"
      },
      {
        "category": "external",
        "summary": "CVE Announce auf lore.kernel.org vom 2024-03-17",
        "url": "http://lore.kernel.org/linux-cve-announce/2024031506-CVE-2021-47110-2cb8@gregkh/"
      },
      {
        "category": "external",
        "summary": "CVE Announce auf lore.kernel.org vom 2024-03-17",
        "url": "http://lore.kernel.org/linux-cve-announce/2024031507-CVE-2021-47112-339c@gregkh/"
      },
      {
        "category": "external",
        "summary": "CVE Announce auf lore.kernel.org vom 2024-03-17",
        "url": "http://lore.kernel.org/linux-cve-announce/2024031507-CVE-2021-47113-bf29@gregkh/"
      },
      {
        "category": "external",
        "summary": "CVE Announce auf lore.kernel.org vom 2024-03-17",
        "url": "http://lore.kernel.org/linux-cve-announce/2024031507-CVE-2021-47114-6af8@gregkh/"
      },
      {
        "category": "external",
        "summary": "CVE Announce auf lore.kernel.org vom 2024-03-17",
        "url": "http://lore.kernel.org/linux-cve-announce/2024031508-CVE-2021-47115-9715@gregkh/"
      },
      {
        "category": "external",
        "summary": "CVE Announce auf lore.kernel.org vom 2024-03-17",
        "url": "http://lore.kernel.org/linux-cve-announce/2024031508-CVE-2021-47116-8383@gregkh/"
      },
      {
        "category": "external",
        "summary": "CVE Announce auf lore.kernel.org vom 2024-03-17",
        "url": "http://lore.kernel.org/linux-cve-announce/2024031508-CVE-2021-47117-5ea7@gregkh/"
      },
      {
        "category": "external",
        "summary": "CVE Announce auf lore.kernel.org vom 2024-03-17",
        "url": "http://lore.kernel.org/linux-cve-announce/2024031509-CVE-2021-47118-faf2@gregkh/"
      },
      {
        "category": "external",
        "summary": "CVE Announce auf lore.kernel.org vom 2024-03-17",
        "url": "http://lore.kernel.org/linux-cve-announce/2024031509-CVE-2021-47119-22d3@gregkh/"
      },
      {
        "category": "external",
        "summary": "CVE Announce auf lore.kernel.org vom 2024-03-17",
        "url": "http://lore.kernel.org/linux-cve-announce/2024031510-CVE-2021-47120-c3db@gregkh/"
      },
      {
        "category": "external",
        "summary": "CVE Announce auf lore.kernel.org vom 2024-03-17",
        "url": "http://lore.kernel.org/linux-cve-announce/2024031510-CVE-2021-47121-13c1@gregkh/"
      },
      {
        "category": "external",
        "summary": "CVE Announce auf lore.kernel.org vom 2024-03-17",
        "url": "http://lore.kernel.org/linux-cve-announce/2024031510-CVE-2021-47122-b183@gregkh/"
      },
      {
        "category": "external",
        "summary": "CVE Announce auf lore.kernel.org vom 2024-03-17",
        "url": "http://lore.kernel.org/linux-cve-announce/2024031511-CVE-2021-47123-8318@gregkh/"
      },
      {
        "category": "external",
        "summary": "CVE Announce auf lore.kernel.org vom 2024-03-17",
        "url": "http://lore.kernel.org/linux-cve-announce/2024031511-CVE-2021-47124-42c9@gregkh/"
      },
      {
        "category": "external",
        "summary": "CVE Announce auf lore.kernel.org vom 2024-03-17",
        "url": "http://lore.kernel.org/linux-cve-announce/2024031511-CVE-2021-47125-9c33@gregkh/"
      },
      {
        "category": "external",
        "summary": "CVE Announce auf lore.kernel.org vom 2024-03-17",
        "url": "http://lore.kernel.org/linux-cve-announce/2024031512-CVE-2021-47126-f717@gregkh/"
      },
      {
        "category": "external",
        "summary": "CVE Announce auf lore.kernel.org vom 2024-03-17",
        "url": "http://lore.kernel.org/linux-cve-announce/2024031512-CVE-2021-47127-d0d6@gregkh/"
      },
      {
        "category": "external",
        "summary": "CVE Announce auf lore.kernel.org vom 2024-03-17",
        "url": "http://lore.kernel.org/linux-cve-announce/2024031512-CVE-2021-47128-bef7@gregkh/"
      },
      {
        "category": "external",
        "summary": "CVE Announce auf lore.kernel.org vom 2024-03-17",
        "url": "http://lore.kernel.org/linux-cve-announce/2024031513-CVE-2021-47129-7ba5@gregkh/"
      },
      {
        "category": "external",
        "summary": "CVE Announce auf lore.kernel.org vom 2024-03-17",
        "url": "http://lore.kernel.org/linux-cve-announce/2024031513-CVE-2021-47130-9f71@gregkh/"
      },
      {
        "category": "external",
        "summary": "CVE Announce auf lore.kernel.org vom 2024-03-17",
        "url": "http://lore.kernel.org/linux-cve-announce/2024031513-CVE-2021-47131-eafc@gregkh/"
      },
      {
        "category": "external",
        "summary": "CVE Announce auf lore.kernel.org vom 2024-03-17",
        "url": "http://lore.kernel.org/linux-cve-announce/2024031514-CVE-2021-47132-80b2@gregkh/"
      },
      {
        "category": "external",
        "summary": "CVE Announce auf lore.kernel.org vom 2024-03-17",
        "url": "http://lore.kernel.org/linux-cve-announce/2024031514-CVE-2021-47133-1141@gregkh/"
      },
      {
        "category": "external",
        "summary": "CVE Announce auf lore.kernel.org vom 2024-03-17",
        "url": "http://lore.kernel.org/linux-cve-announce/2024031515-CVE-2021-47134-3348@gregkh/"
      },
      {
        "category": "external",
        "summary": "CVE Announce auf lore.kernel.org vom 2024-03-17",
        "url": "http://lore.kernel.org/linux-cve-announce/2024031515-CVE-2021-47135-2c50@gregkh/"
      },
      {
        "category": "external",
        "summary": "CVE Announce auf lore.kernel.org vom 2024-03-17",
        "url": "http://lore.kernel.org/linux-cve-announce/2024031558-CVE-2021-47109-5bde@gregkh/"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2024:1454-1 vom 2024-04-26",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2024-April/018431.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2024:1648-1 vom 2024-05-14",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2024-May/018524.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2024:1645-1 vom 2024-05-14",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2024-May/018527.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2024:1642-1 vom 2024-05-14",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2024-May/018530.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2024:1646-1 vom 2024-05-14",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2024-May/018526.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2024:1643-1 vom 2024-05-14",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2024-May/018529.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2024:1650-1 vom 2024-05-15",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2024-May/018533.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2024:1648-2 vom 2024-05-21",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2024-May/018572.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2024:1870-1 vom 2024-05-30",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2024-May/018634.html"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2024:3618 vom 2024-06-05",
        "url": "https://access.redhat.com/errata/RHSA-2024:3618"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2024:3627 vom 2024-06-05",
        "url": "https://access.redhat.com/errata/RHSA-2024:3627"
      },
      {
        "category": "external",
        "summary": "Oracle Linux Security Advisory ELSA-2024-3618 vom 2024-06-06",
        "url": "https://linux.oracle.com/errata/ELSA-2024-3618.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2024:1983-1 vom 2024-06-11",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2024-June/018700.html"
      }
    ],
    "source_lang": "en-US",
    "title": "Linux Kernel: Mehrere Schwachstellen erm\u00f6glichen Denial of Service",
    "tracking": {
      "current_release_date": "2024-06-11T22:00:00.000+00:00",
      "generator": {
        "date": "2024-06-12T08:09:32.234+00:00",
        "engine": {
          "name": "BSI-WID",
          "version": "1.3.0"
        }
      },
      "id": "WID-SEC-W-2024-0652",
      "initial_release_date": "2024-03-17T23:00:00.000+00:00",
      "revision_history": [
        {
          "date": "2024-03-17T23:00:00.000+00:00",
          "number": "1",
          "summary": "Initiale Fassung"
        },
        {
          "date": "2024-04-28T22:00:00.000+00:00",
          "number": "2",
          "summary": "Neue Updates von SUSE aufgenommen"
        },
        {
          "date": "2024-05-14T22:00:00.000+00:00",
          "number": "3",
          "summary": "Neue Updates von SUSE aufgenommen"
        },
        {
          "date": "2024-05-21T22:00:00.000+00:00",
          "number": "4",
          "summary": "Neue Updates von SUSE aufgenommen"
        },
        {
          "date": "2024-05-30T22:00:00.000+00:00",
          "number": "5",
          "summary": "Neue Updates von SUSE aufgenommen"
        },
        {
          "date": "2024-06-04T22:00:00.000+00:00",
          "number": "6",
          "summary": "Neue Updates von Red Hat aufgenommen"
        },
        {
          "date": "2024-06-06T22:00:00.000+00:00",
          "number": "7",
          "summary": "Neue Updates von Oracle Linux aufgenommen"
        },
        {
          "date": "2024-06-11T22:00:00.000+00:00",
          "number": "8",
          "summary": "Neue Updates von SUSE aufgenommen"
        }
      ],
      "status": "final",
      "version": "8"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "\u003c5.13",
                "product": {
                  "name": "Open Source Linux Kernel \u003c5.13",
                  "product_id": "T033519",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:linux:linux_kernel:5.13"
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "Linux Kernel"
          }
        ],
        "category": "vendor",
        "name": "Open Source"
      },
      {
        "branches": [
          {
            "category": "product_name",
            "name": "Oracle Linux",
            "product": {
              "name": "Oracle Linux",
              "product_id": "T004914",
              "product_identification_helper": {
                "cpe": "cpe:/o:oracle:linux:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "Oracle"
      },
      {
        "branches": [
          {
            "category": "product_name",
            "name": "Red Hat Enterprise Linux",
            "product": {
              "name": "Red Hat Enterprise Linux",
              "product_id": "67646",
              "product_identification_helper": {
                "cpe": "cpe:/o:redhat:enterprise_linux:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "Red Hat"
      },
      {
        "branches": [
          {
            "category": "product_name",
            "name": "SUSE Linux",
            "product": {
              "name": "SUSE Linux",
              "product_id": "T002207",
              "product_identification_helper": {
                "cpe": "cpe:/o:suse:suse_linux:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "SUSE"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2021-47109",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Subsystemen und Komponenten wie nfc, ext4 oder netfilter, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einer NULL-Zeiger-Dereferenz, einem Speicherleck oder einem Out-of-Bounds-Read-Problem. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder weitere, nicht spezifizierten Angriff durchzuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T002207",
          "67646",
          "T004914"
        ]
      },
      "release_date": "2024-03-17T23:00:00Z",
      "title": "CVE-2021-47109"
    },
    {
      "cve": "CVE-2021-47110",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Subsystemen und Komponenten wie nfc, ext4 oder netfilter, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einer NULL-Zeiger-Dereferenz, einem Speicherleck oder einem Out-of-Bounds-Read-Problem. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder weitere, nicht spezifizierten Angriff durchzuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T002207",
          "67646",
          "T004914"
        ]
      },
      "release_date": "2024-03-17T23:00:00Z",
      "title": "CVE-2021-47110"
    },
    {
      "cve": "CVE-2021-47112",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Subsystemen und Komponenten wie nfc, ext4 oder netfilter, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einer NULL-Zeiger-Dereferenz, einem Speicherleck oder einem Out-of-Bounds-Read-Problem. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder weitere, nicht spezifizierten Angriff durchzuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T002207",
          "67646",
          "T004914"
        ]
      },
      "release_date": "2024-03-17T23:00:00Z",
      "title": "CVE-2021-47112"
    },
    {
      "cve": "CVE-2021-47113",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Subsystemen und Komponenten wie nfc, ext4 oder netfilter, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einer NULL-Zeiger-Dereferenz, einem Speicherleck oder einem Out-of-Bounds-Read-Problem. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder weitere, nicht spezifizierten Angriff durchzuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T002207",
          "67646",
          "T004914"
        ]
      },
      "release_date": "2024-03-17T23:00:00Z",
      "title": "CVE-2021-47113"
    },
    {
      "cve": "CVE-2021-47114",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Subsystemen und Komponenten wie nfc, ext4 oder netfilter, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einer NULL-Zeiger-Dereferenz, einem Speicherleck oder einem Out-of-Bounds-Read-Problem. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder weitere, nicht spezifizierten Angriff durchzuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T002207",
          "67646",
          "T004914"
        ]
      },
      "release_date": "2024-03-17T23:00:00Z",
      "title": "CVE-2021-47114"
    },
    {
      "cve": "CVE-2021-47115",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Subsystemen und Komponenten wie nfc, ext4 oder netfilter, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einer NULL-Zeiger-Dereferenz, einem Speicherleck oder einem Out-of-Bounds-Read-Problem. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder weitere, nicht spezifizierten Angriff durchzuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T002207",
          "67646",
          "T004914"
        ]
      },
      "release_date": "2024-03-17T23:00:00Z",
      "title": "CVE-2021-47115"
    },
    {
      "cve": "CVE-2021-47116",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Subsystemen und Komponenten wie nfc, ext4 oder netfilter, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einer NULL-Zeiger-Dereferenz, einem Speicherleck oder einem Out-of-Bounds-Read-Problem. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder weitere, nicht spezifizierten Angriff durchzuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T002207",
          "67646",
          "T004914"
        ]
      },
      "release_date": "2024-03-17T23:00:00Z",
      "title": "CVE-2021-47116"
    },
    {
      "cve": "CVE-2021-47117",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Subsystemen und Komponenten wie nfc, ext4 oder netfilter, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einer NULL-Zeiger-Dereferenz, einem Speicherleck oder einem Out-of-Bounds-Read-Problem. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder weitere, nicht spezifizierten Angriff durchzuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T002207",
          "67646",
          "T004914"
        ]
      },
      "release_date": "2024-03-17T23:00:00Z",
      "title": "CVE-2021-47117"
    },
    {
      "cve": "CVE-2021-47118",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Subsystemen und Komponenten wie nfc, ext4 oder netfilter, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einer NULL-Zeiger-Dereferenz, einem Speicherleck oder einem Out-of-Bounds-Read-Problem. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder weitere, nicht spezifizierten Angriff durchzuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T002207",
          "67646",
          "T004914"
        ]
      },
      "release_date": "2024-03-17T23:00:00Z",
      "title": "CVE-2021-47118"
    },
    {
      "cve": "CVE-2021-47119",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Subsystemen und Komponenten wie nfc, ext4 oder netfilter, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einer NULL-Zeiger-Dereferenz, einem Speicherleck oder einem Out-of-Bounds-Read-Problem. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder weitere, nicht spezifizierten Angriff durchzuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T002207",
          "67646",
          "T004914"
        ]
      },
      "release_date": "2024-03-17T23:00:00Z",
      "title": "CVE-2021-47119"
    },
    {
      "cve": "CVE-2021-47120",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Subsystemen und Komponenten wie nfc, ext4 oder netfilter, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einer NULL-Zeiger-Dereferenz, einem Speicherleck oder einem Out-of-Bounds-Read-Problem. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder weitere, nicht spezifizierten Angriff durchzuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T002207",
          "67646",
          "T004914"
        ]
      },
      "release_date": "2024-03-17T23:00:00Z",
      "title": "CVE-2021-47120"
    },
    {
      "cve": "CVE-2021-47121",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Subsystemen und Komponenten wie nfc, ext4 oder netfilter, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einer NULL-Zeiger-Dereferenz, einem Speicherleck oder einem Out-of-Bounds-Read-Problem. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder weitere, nicht spezifizierten Angriff durchzuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T002207",
          "67646",
          "T004914"
        ]
      },
      "release_date": "2024-03-17T23:00:00Z",
      "title": "CVE-2021-47121"
    },
    {
      "cve": "CVE-2021-47122",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Subsystemen und Komponenten wie nfc, ext4 oder netfilter, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einer NULL-Zeiger-Dereferenz, einem Speicherleck oder einem Out-of-Bounds-Read-Problem. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder weitere, nicht spezifizierten Angriff durchzuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T002207",
          "67646",
          "T004914"
        ]
      },
      "release_date": "2024-03-17T23:00:00Z",
      "title": "CVE-2021-47122"
    },
    {
      "cve": "CVE-2021-47123",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Subsystemen und Komponenten wie nfc, ext4 oder netfilter, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einer NULL-Zeiger-Dereferenz, einem Speicherleck oder einem Out-of-Bounds-Read-Problem. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder weitere, nicht spezifizierten Angriff durchzuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T002207",
          "67646",
          "T004914"
        ]
      },
      "release_date": "2024-03-17T23:00:00Z",
      "title": "CVE-2021-47123"
    },
    {
      "cve": "CVE-2021-47124",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Subsystemen und Komponenten wie nfc, ext4 oder netfilter, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einer NULL-Zeiger-Dereferenz, einem Speicherleck oder einem Out-of-Bounds-Read-Problem. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder weitere, nicht spezifizierten Angriff durchzuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T002207",
          "67646",
          "T004914"
        ]
      },
      "release_date": "2024-03-17T23:00:00Z",
      "title": "CVE-2021-47124"
    },
    {
      "cve": "CVE-2021-47125",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Subsystemen und Komponenten wie nfc, ext4 oder netfilter, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einer NULL-Zeiger-Dereferenz, einem Speicherleck oder einem Out-of-Bounds-Read-Problem. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder weitere, nicht spezifizierten Angriff durchzuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T002207",
          "67646",
          "T004914"
        ]
      },
      "release_date": "2024-03-17T23:00:00Z",
      "title": "CVE-2021-47125"
    },
    {
      "cve": "CVE-2021-47126",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Subsystemen und Komponenten wie nfc, ext4 oder netfilter, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einer NULL-Zeiger-Dereferenz, einem Speicherleck oder einem Out-of-Bounds-Read-Problem. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder weitere, nicht spezifizierten Angriff durchzuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T002207",
          "67646",
          "T004914"
        ]
      },
      "release_date": "2024-03-17T23:00:00Z",
      "title": "CVE-2021-47126"
    },
    {
      "cve": "CVE-2021-47127",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Subsystemen und Komponenten wie nfc, ext4 oder netfilter, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einer NULL-Zeiger-Dereferenz, einem Speicherleck oder einem Out-of-Bounds-Read-Problem. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder weitere, nicht spezifizierten Angriff durchzuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T002207",
          "67646",
          "T004914"
        ]
      },
      "release_date": "2024-03-17T23:00:00Z",
      "title": "CVE-2021-47127"
    },
    {
      "cve": "CVE-2021-47128",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Subsystemen und Komponenten wie nfc, ext4 oder netfilter, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einer NULL-Zeiger-Dereferenz, einem Speicherleck oder einem Out-of-Bounds-Read-Problem. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder weitere, nicht spezifizierten Angriff durchzuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T002207",
          "67646",
          "T004914"
        ]
      },
      "release_date": "2024-03-17T23:00:00Z",
      "title": "CVE-2021-47128"
    },
    {
      "cve": "CVE-2021-47129",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Subsystemen und Komponenten wie nfc, ext4 oder netfilter, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einer NULL-Zeiger-Dereferenz, einem Speicherleck oder einem Out-of-Bounds-Read-Problem. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder weitere, nicht spezifizierten Angriff durchzuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T002207",
          "67646",
          "T004914"
        ]
      },
      "release_date": "2024-03-17T23:00:00Z",
      "title": "CVE-2021-47129"
    },
    {
      "cve": "CVE-2021-47130",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Subsystemen und Komponenten wie nfc, ext4 oder netfilter, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einer NULL-Zeiger-Dereferenz, einem Speicherleck oder einem Out-of-Bounds-Read-Problem. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder weitere, nicht spezifizierten Angriff durchzuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T002207",
          "67646",
          "T004914"
        ]
      },
      "release_date": "2024-03-17T23:00:00Z",
      "title": "CVE-2021-47130"
    },
    {
      "cve": "CVE-2021-47131",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Subsystemen und Komponenten wie nfc, ext4 oder netfilter, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einer NULL-Zeiger-Dereferenz, einem Speicherleck oder einem Out-of-Bounds-Read-Problem. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder weitere, nicht spezifizierten Angriff durchzuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T002207",
          "67646",
          "T004914"
        ]
      },
      "release_date": "2024-03-17T23:00:00Z",
      "title": "CVE-2021-47131"
    },
    {
      "cve": "CVE-2021-47132",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Subsystemen und Komponenten wie nfc, ext4 oder netfilter, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einer NULL-Zeiger-Dereferenz, einem Speicherleck oder einem Out-of-Bounds-Read-Problem. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder weitere, nicht spezifizierten Angriff durchzuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T002207",
          "67646",
          "T004914"
        ]
      },
      "release_date": "2024-03-17T23:00:00Z",
      "title": "CVE-2021-47132"
    },
    {
      "cve": "CVE-2021-47133",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Subsystemen und Komponenten wie nfc, ext4 oder netfilter, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einer NULL-Zeiger-Dereferenz, einem Speicherleck oder einem Out-of-Bounds-Read-Problem. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder weitere, nicht spezifizierten Angriff durchzuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T002207",
          "67646",
          "T004914"
        ]
      },
      "release_date": "2024-03-17T23:00:00Z",
      "title": "CVE-2021-47133"
    },
    {
      "cve": "CVE-2021-47134",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Subsystemen und Komponenten wie nfc, ext4 oder netfilter, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einer NULL-Zeiger-Dereferenz, einem Speicherleck oder einem Out-of-Bounds-Read-Problem. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder weitere, nicht spezifizierten Angriff durchzuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T002207",
          "67646",
          "T004914"
        ]
      },
      "release_date": "2024-03-17T23:00:00Z",
      "title": "CVE-2021-47134"
    },
    {
      "cve": "CVE-2021-47135",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Subsystemen und Komponenten wie nfc, ext4 oder netfilter, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einer NULL-Zeiger-Dereferenz, einem Speicherleck oder einem Out-of-Bounds-Read-Problem. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder weitere, nicht spezifizierten Angriff durchzuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T002207",
          "67646",
          "T004914"
        ]
      },
      "release_date": "2024-03-17T23:00:00Z",
      "title": "CVE-2021-47135"
    }
  ]
}

cve-2021-47123

Vulnerability from cvelistv5

Published

2024-03-15 20:14

Modified

2024-11-04 11:59

Severity ?

Summary

io_uring: fix ltout double free on completion race

References

▼	URL	Tags
	https://git.kernel.org/stable/c/1f64f5e903b9d1d157875721e02adadc9d6f0a5d
	https://git.kernel.org/stable/c/447c19f3b5074409c794b350b10306e1da1ef4ba

Impacted products

▼	Vendor	Product
	Linux	Linux
	Linux	Linux

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T05:24:39.841Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/1f64f5e903b9d1d157875721e02adadc9d6f0a5d"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/447c19f3b5074409c794b350b10306e1da1ef4ba"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2021-47123",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-09-10T15:55:29.439890Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-09-11T17:33:24.138Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "fs/io_uring.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "1f64f5e903b9",
              "status": "affected",
              "version": "90cd7e424969",
              "versionType": "git"
            },
            {
              "lessThan": "447c19f3b507",
              "status": "affected",
              "version": "90cd7e424969",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "fs/io_uring.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "status": "affected",
              "version": "5.11"
            },
            {
              "lessThan": "5.11",
              "status": "unaffected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.12.*",
              "status": "unaffected",
              "version": "5.12.10",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "5.13",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nio_uring: fix ltout double free on completion race\n\nAlways remove linked timeout on io_link_timeout_fn() from the master\nrequest link list, otherwise we may get use-after-free when first\nio_link_timeout_fn() puts linked timeout in the fail path, and then\nwill be found and put on master\u0027s free."
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-11-04T11:59:51.702Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/1f64f5e903b9d1d157875721e02adadc9d6f0a5d"
        },
        {
          "url": "https://git.kernel.org/stable/c/447c19f3b5074409c794b350b10306e1da1ef4ba"
        }
      ],
      "title": "io_uring: fix ltout double free on completion race",
      "x_generator": {
        "engine": "bippy-9e1c9544281a"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2021-47123",
    "datePublished": "2024-03-15T20:14:28.888Z",
    "dateReserved": "2024-03-04T18:12:48.839Z",
    "dateUpdated": "2024-11-04T11:59:51.702Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2021-47126

Vulnerability from cvelistv5

Published

2024-03-15 20:14

Modified

2024-11-06 16:35

Severity ?

5.5 (Medium) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Summary

ipv6: Fix KASAN: slab-out-of-bounds Read in fib6_nh_flush_exceptions

References

▼	URL	Tags
	https://git.kernel.org/stable/c/7ba7fa78a92dc410b6f93ed73075ab669c3a0b59
	https://git.kernel.org/stable/c/09870235827451409ff546b073d754a19fd17e2e
	https://git.kernel.org/stable/c/0a462e25ef0f7ab305081a08d435bbd1f13c0a94
	https://git.kernel.org/stable/c/821bbf79fe46a8b1d18aa456e8ed0a3c208c3754

Impacted products

▼	Vendor	Product
	Linux	Linux
	Linux	Linux

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "cvssV3_1": {
              "attackComplexity": "LOW",
              "attackVector": "LOCAL",
              "availabilityImpact": "HIGH",
              "baseScore": 5.5,
              "baseSeverity": "MEDIUM",
              "confidentialityImpact": "NONE",
              "integrityImpact": "NONE",
              "privilegesRequired": "LOW",
              "scope": "UNCHANGED",
              "userInteraction": "NONE",
              "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
              "version": "3.1"
            }
          },
          {
            "other": {
              "content": {
                "id": "CVE-2021-47126",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-03-18T15:01:23.174452Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "problemTypes": [
          {
            "descriptions": [
              {
                "cweId": "CWE-125",
                "description": "CWE-125 Out-of-bounds Read",
                "lang": "en",
                "type": "CWE"
              }
            ]
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-11-06T16:35:28.788Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T05:24:39.956Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/7ba7fa78a92dc410b6f93ed73075ab669c3a0b59"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/09870235827451409ff546b073d754a19fd17e2e"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/0a462e25ef0f7ab305081a08d435bbd1f13c0a94"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/821bbf79fe46a8b1d18aa456e8ed0a3c208c3754"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "net/ipv6/route.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "7ba7fa78a92d",
              "status": "affected",
              "version": "f88d8ea67fbd",
              "versionType": "git"
            },
            {
              "lessThan": "098702358274",
              "status": "affected",
              "version": "f88d8ea67fbd",
              "versionType": "git"
            },
            {
              "lessThan": "0a462e25ef0f",
              "status": "affected",
              "version": "f88d8ea67fbd",
              "versionType": "git"
            },
            {
              "lessThan": "821bbf79fe46",
              "status": "affected",
              "version": "f88d8ea67fbd",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "net/ipv6/route.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "status": "affected",
              "version": "5.3"
            },
            {
              "lessThan": "5.3",
              "status": "unaffected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.4.*",
              "status": "unaffected",
              "version": "5.4.125",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.10.*",
              "status": "unaffected",
              "version": "5.10.43",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.12.*",
              "status": "unaffected",
              "version": "5.12.10",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "5.13",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nipv6: Fix KASAN: slab-out-of-bounds Read in fib6_nh_flush_exceptions\n\nReported by syzbot:\nHEAD commit:    90c911ad Merge tag \u0027fixes\u0027 of git://git.kernel.org/pub/scm..\ngit tree:       git://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git master\ndashboard link: https://syzkaller.appspot.com/bug?extid=123aa35098fd3c000eb7\ncompiler:       Debian clang version 11.0.1-2\n\n==================================================================\nBUG: KASAN: slab-out-of-bounds in fib6_nh_get_excptn_bucket net/ipv6/route.c:1604 [inline]\nBUG: KASAN: slab-out-of-bounds in fib6_nh_flush_exceptions+0xbd/0x360 net/ipv6/route.c:1732\nRead of size 8 at addr ffff8880145c78f8 by task syz-executor.4/17760\n\nCPU: 0 PID: 17760 Comm: syz-executor.4 Not tainted 5.12.0-rc8-syzkaller #0\nCall Trace:\n \u003cIRQ\u003e\n __dump_stack lib/dump_stack.c:79 [inline]\n dump_stack+0x202/0x31e lib/dump_stack.c:120\n print_address_description+0x5f/0x3b0 mm/kasan/report.c:232\n __kasan_report mm/kasan/report.c:399 [inline]\n kasan_report+0x15c/0x200 mm/kasan/report.c:416\n fib6_nh_get_excptn_bucket net/ipv6/route.c:1604 [inline]\n fib6_nh_flush_exceptions+0xbd/0x360 net/ipv6/route.c:1732\n fib6_nh_release+0x9a/0x430 net/ipv6/route.c:3536\n fib6_info_destroy_rcu+0xcb/0x1c0 net/ipv6/ip6_fib.c:174\n rcu_do_batch kernel/rcu/tree.c:2559 [inline]\n rcu_core+0x8f6/0x1450 kernel/rcu/tree.c:2794\n __do_softirq+0x372/0x7a6 kernel/softirq.c:345\n invoke_softirq kernel/softirq.c:221 [inline]\n __irq_exit_rcu+0x22c/0x260 kernel/softirq.c:422\n irq_exit_rcu+0x5/0x20 kernel/softirq.c:434\n sysvec_apic_timer_interrupt+0x91/0xb0 arch/x86/kernel/apic/apic.c:1100\n \u003c/IRQ\u003e\n asm_sysvec_apic_timer_interrupt+0x12/0x20 arch/x86/include/asm/idtentry.h:632\nRIP: 0010:lock_acquire+0x1f6/0x720 kernel/locking/lockdep.c:5515\nCode: f6 84 24 a1 00 00 00 02 0f 85 8d 02 00 00 f7 c3 00 02 00 00 49 bd 00 00 00 00 00 fc ff df 74 01 fb 48 c7 44 24 40 0e 36 e0 45 \u003c4b\u003e c7 44 3d 00 00 00 00 00 4b c7 44 3d 09 00 00 00 00 43 c7 44 3d\nRSP: 0018:ffffc90009e06560 EFLAGS: 00000206\nRAX: 1ffff920013c0cc0 RBX: 0000000000000246 RCX: dffffc0000000000\nRDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000\nRBP: ffffc90009e066e0 R08: dffffc0000000000 R09: fffffbfff1f992b1\nR10: fffffbfff1f992b1 R11: 0000000000000000 R12: 0000000000000000\nR13: dffffc0000000000 R14: 0000000000000000 R15: 1ffff920013c0cb4\n rcu_lock_acquire+0x2a/0x30 include/linux/rcupdate.h:267\n rcu_read_lock include/linux/rcupdate.h:656 [inline]\n ext4_get_group_info+0xea/0x340 fs/ext4/ext4.h:3231\n ext4_mb_prefetch+0x123/0x5d0 fs/ext4/mballoc.c:2212\n ext4_mb_regular_allocator+0x8a5/0x28f0 fs/ext4/mballoc.c:2379\n ext4_mb_new_blocks+0xc6e/0x24f0 fs/ext4/mballoc.c:4982\n ext4_ext_map_blocks+0x2be3/0x7210 fs/ext4/extents.c:4238\n ext4_map_blocks+0xab3/0x1cb0 fs/ext4/inode.c:638\n ext4_getblk+0x187/0x6c0 fs/ext4/inode.c:848\n ext4_bread+0x2a/0x1c0 fs/ext4/inode.c:900\n ext4_append+0x1a4/0x360 fs/ext4/namei.c:67\n ext4_init_new_dir+0x337/0xa10 fs/ext4/namei.c:2768\n ext4_mkdir+0x4b8/0xc00 fs/ext4/namei.c:2814\n vfs_mkdir+0x45b/0x640 fs/namei.c:3819\n ovl_do_mkdir fs/overlayfs/overlayfs.h:161 [inline]\n ovl_mkdir_real+0x53/0x1a0 fs/overlayfs/dir.c:146\n ovl_create_real+0x280/0x490 fs/overlayfs/dir.c:193\n ovl_workdir_create+0x425/0x600 fs/overlayfs/super.c:788\n ovl_make_workdir+0xed/0x1140 fs/overlayfs/super.c:1355\n ovl_get_workdir fs/overlayfs/super.c:1492 [inline]\n ovl_fill_super+0x39ee/0x5370 fs/overlayfs/super.c:2035\n mount_nodev+0x52/0xe0 fs/super.c:1413\n legacy_get_tree+0xea/0x180 fs/fs_context.c:592\n vfs_get_tree+0x86/0x270 fs/super.c:1497\n do_new_mount fs/namespace.c:2903 [inline]\n path_mount+0x196f/0x2be0 fs/namespace.c:3233\n do_mount fs/namespace.c:3246 [inline]\n __do_sys_mount fs/namespace.c:3454 [inline]\n __se_sys_mount+0x2f9/0x3b0 fs/namespace.c:3431\n do_syscall_64+0x2d/0x70 arch/x86/entry/common.c:46\n entry_SYSCALL_64_after_hwframe+0x44/0xae\nRIP: 0033:0x4665f9\nCode: ff ff c3 66 2e 0f 1f 84 \n---truncated---"
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-11-04T11:59:55.478Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/7ba7fa78a92dc410b6f93ed73075ab669c3a0b59"
        },
        {
          "url": "https://git.kernel.org/stable/c/09870235827451409ff546b073d754a19fd17e2e"
        },
        {
          "url": "https://git.kernel.org/stable/c/0a462e25ef0f7ab305081a08d435bbd1f13c0a94"
        },
        {
          "url": "https://git.kernel.org/stable/c/821bbf79fe46a8b1d18aa456e8ed0a3c208c3754"
        }
      ],
      "title": "ipv6: Fix KASAN: slab-out-of-bounds Read in fib6_nh_flush_exceptions",
      "x_generator": {
        "engine": "bippy-9e1c9544281a"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2021-47126",
    "datePublished": "2024-03-15T20:14:30.948Z",
    "dateReserved": "2024-03-04T18:12:48.839Z",
    "dateUpdated": "2024-11-06T16:35:28.788Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2021-47132

Vulnerability from cvelistv5

Published

2024-03-15 20:14

Modified

2024-11-04 12:00

Severity ?

Summary

mptcp: fix sk_forward_memory corruption on retransmission

References

▼	URL	Tags
	https://git.kernel.org/stable/c/b9c78b1a95966a7bd2ddae05b73eafc0cda4fba3
	https://git.kernel.org/stable/c/b5941f066b4ca331db225a976dae1d6ca8cf0ae3

Impacted products

▼	Vendor	Product
	Linux	Linux
	Linux	Linux

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2021-47132",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-03-18T15:54:25.829185Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-06-04T17:14:35.969Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T05:24:40.145Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/b9c78b1a95966a7bd2ddae05b73eafc0cda4fba3"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/b5941f066b4ca331db225a976dae1d6ca8cf0ae3"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "net/mptcp/protocol.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "b9c78b1a9596",
              "status": "affected",
              "version": "64b9cea7a0af",
              "versionType": "git"
            },
            {
              "lessThan": "b5941f066b4c",
              "status": "affected",
              "version": "64b9cea7a0af",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "net/mptcp/protocol.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "status": "affected",
              "version": "5.12"
            },
            {
              "lessThan": "5.12",
              "status": "unaffected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.12.*",
              "status": "unaffected",
              "version": "5.12.10",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "5.13",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nmptcp: fix sk_forward_memory corruption on retransmission\n\nMPTCP sk_forward_memory handling is a bit special, as such field\nis protected by the msk socket spin_lock, instead of the plain\nsocket lock.\n\nCurrently we have a code path updating such field without handling\nthe relevant lock:\n\n__mptcp_retrans() -\u003e __mptcp_clean_una_wakeup()\n\nSeveral helpers in __mptcp_clean_una_wakeup() will update\nsk_forward_alloc, possibly causing such field corruption, as reported\nby Matthieu.\n\nAddress the issue providing and using a new variant of blamed function\nwhich explicitly acquires the msk spin lock."
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-11-04T12:00:05.791Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/b9c78b1a95966a7bd2ddae05b73eafc0cda4fba3"
        },
        {
          "url": "https://git.kernel.org/stable/c/b5941f066b4ca331db225a976dae1d6ca8cf0ae3"
        }
      ],
      "title": "mptcp: fix sk_forward_memory corruption on retransmission",
      "x_generator": {
        "engine": "bippy-9e1c9544281a"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2021-47132",
    "datePublished": "2024-03-15T20:14:35.337Z",
    "dateReserved": "2024-03-04T18:12:48.840Z",
    "dateUpdated": "2024-11-04T12:00:05.791Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2021-47114

Vulnerability from cvelistv5

Published

2024-03-15 20:14

Modified

2024-11-05 16:16

Severity ?

5.5 (Medium) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Summary

ocfs2: fix data corruption by fallocate

References

▼	URL	Tags
	https://git.kernel.org/stable/c/624fa7baa3788dc9e57840ba5b94bc22b03cda57
	https://git.kernel.org/stable/c/33e03adafb29eedae1bae9cdb50c1385279fcf65
	https://git.kernel.org/stable/c/a1700479524bb9cb5e8ae720236a6fabd003acae
	https://git.kernel.org/stable/c/cec4e857ffaa8c447f51cd8ab4e72350077b6770
	https://git.kernel.org/stable/c/cc2edb99ea606a45182b5ea38cc8f4e583aa0774
	https://git.kernel.org/stable/c/c8d5faee46242c3f33b8a71a4d7d52214785bfcc
	https://git.kernel.org/stable/c/0a31dd6fd2f4e7db538fb6eb1f06973d81f8dd3b
	https://git.kernel.org/stable/c/6bba4471f0cc1296fe3c2089b9e52442d3074b2e

Impacted products

▼	Vendor	Product
	Linux	Linux
	Linux	Linux

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "cvssV3_1": {
              "attackComplexity": "LOW",
              "attackVector": "LOCAL",
              "availabilityImpact": "HIGH",
              "baseScore": 5.5,
              "baseSeverity": "MEDIUM",
              "confidentialityImpact": "NONE",
              "integrityImpact": "NONE",
              "privilegesRequired": "LOW",
              "scope": "UNCHANGED",
              "userInteraction": "NONE",
              "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
              "version": "3.1"
            }
          },
          {
            "other": {
              "content": {
                "id": "CVE-2021-47114",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-03-18T14:57:08.882908Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "problemTypes": [
          {
            "descriptions": [
              {
                "description": "CWE-noinfo Not enough information",
                "lang": "en",
                "type": "CWE"
              }
            ]
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-11-05T16:16:07.587Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T05:24:39.898Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/624fa7baa3788dc9e57840ba5b94bc22b03cda57"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/33e03adafb29eedae1bae9cdb50c1385279fcf65"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/a1700479524bb9cb5e8ae720236a6fabd003acae"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/cec4e857ffaa8c447f51cd8ab4e72350077b6770"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/cc2edb99ea606a45182b5ea38cc8f4e583aa0774"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/c8d5faee46242c3f33b8a71a4d7d52214785bfcc"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/0a31dd6fd2f4e7db538fb6eb1f06973d81f8dd3b"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/6bba4471f0cc1296fe3c2089b9e52442d3074b2e"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "fs/ocfs2/file.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "624fa7baa378",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            },
            {
              "lessThan": "33e03adafb29",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            },
            {
              "lessThan": "a1700479524b",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            },
            {
              "lessThan": "cec4e857ffaa",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            },
            {
              "lessThan": "cc2edb99ea60",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            },
            {
              "lessThan": "c8d5faee4624",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            },
            {
              "lessThan": "0a31dd6fd2f4",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            },
            {
              "lessThan": "6bba4471f0cc",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "fs/ocfs2/file.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThanOrEqual": "4.4.*",
              "status": "unaffected",
              "version": "4.4.272",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "4.9.*",
              "status": "unaffected",
              "version": "4.9.272",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "4.14.*",
              "status": "unaffected",
              "version": "4.14.236",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "4.19.*",
              "status": "unaffected",
              "version": "4.19.194",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.4.*",
              "status": "unaffected",
              "version": "5.4.125",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.10.*",
              "status": "unaffected",
              "version": "5.10.43",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.12.*",
              "status": "unaffected",
              "version": "5.12.10",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "5.13",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nocfs2: fix data corruption by fallocate\n\nWhen fallocate punches holes out of inode size, if original isize is in\nthe middle of last cluster, then the part from isize to the end of the\ncluster will be zeroed with buffer write, at that time isize is not yet\nupdated to match the new size, if writeback is kicked in, it will invoke\nocfs2_writepage()-\u003eblock_write_full_page() where the pages out of inode\nsize will be dropped.  That will cause file corruption.  Fix this by\nzero out eof blocks when extending the inode size.\n\nRunning the following command with qemu-image 4.2.1 can get a corrupted\ncoverted image file easily.\n\n    qemu-img convert -p -t none -T none -f qcow2 $qcow_image \\\n             -O qcow2 -o compat=1.1 $qcow_image.conv\n\nThe usage of fallocate in qemu is like this, it first punches holes out\nof inode size, then extend the inode size.\n\n    fallocate(11, FALLOC_FL_KEEP_SIZE|FALLOC_FL_PUNCH_HOLE, 2276196352, 65536) = 0\n    fallocate(11, 0, 2276196352, 65536) = 0\n\nv1: https://www.spinics.net/lists/linux-fsdevel/msg193999.html\nv2: https://lore.kernel.org/linux-fsdevel/20210525093034.GB4112@quack2.suse.cz/T/"
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-11-04T11:59:41.203Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/624fa7baa3788dc9e57840ba5b94bc22b03cda57"
        },
        {
          "url": "https://git.kernel.org/stable/c/33e03adafb29eedae1bae9cdb50c1385279fcf65"
        },
        {
          "url": "https://git.kernel.org/stable/c/a1700479524bb9cb5e8ae720236a6fabd003acae"
        },
        {
          "url": "https://git.kernel.org/stable/c/cec4e857ffaa8c447f51cd8ab4e72350077b6770"
        },
        {
          "url": "https://git.kernel.org/stable/c/cc2edb99ea606a45182b5ea38cc8f4e583aa0774"
        },
        {
          "url": "https://git.kernel.org/stable/c/c8d5faee46242c3f33b8a71a4d7d52214785bfcc"
        },
        {
          "url": "https://git.kernel.org/stable/c/0a31dd6fd2f4e7db538fb6eb1f06973d81f8dd3b"
        },
        {
          "url": "https://git.kernel.org/stable/c/6bba4471f0cc1296fe3c2089b9e52442d3074b2e"
        }
      ],
      "title": "ocfs2: fix data corruption by fallocate",
      "x_generator": {
        "engine": "bippy-9e1c9544281a"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2021-47114",
    "datePublished": "2024-03-15T20:14:22.035Z",
    "dateReserved": "2024-03-04T18:12:48.836Z",
    "dateUpdated": "2024-11-05T16:16:07.587Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2021-47130

Vulnerability from cvelistv5

Published

2024-03-15 20:14

Modified

2024-11-04 17:09

Severity ?

4.4 (Medium) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H

Summary

nvmet: fix freeing unallocated p2pmem

References

▼	URL	Tags
	https://git.kernel.org/stable/c/c440cd080761b18a52cac20f2a42e5da1e3995af
	https://git.kernel.org/stable/c/8a452d62e7cea3c8a2676a3b89a9118755a1a271
	https://git.kernel.org/stable/c/bcd9a0797d73eeff659582f23277e7ab6e5f18f3

Impacted products

▼	Vendor	Product
	Linux	Linux
	Linux	Linux

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "cvssV3_1": {
              "attackComplexity": "LOW",
              "attackVector": "LOCAL",
              "availabilityImpact": "HIGH",
              "baseScore": 4.4,
              "baseSeverity": "MEDIUM",
              "confidentialityImpact": "NONE",
              "integrityImpact": "NONE",
              "privilegesRequired": "HIGH",
              "scope": "UNCHANGED",
              "userInteraction": "NONE",
              "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
              "version": "3.1"
            }
          },
          {
            "other": {
              "content": {
                "id": "CVE-2021-47130",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-03-18T15:12:36.061889Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "problemTypes": [
          {
            "descriptions": [
              {
                "description": "CWE-noinfo Not enough information",
                "lang": "en",
                "type": "CWE"
              }
            ]
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-11-04T17:09:52.222Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T05:24:39.944Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/c440cd080761b18a52cac20f2a42e5da1e3995af"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/8a452d62e7cea3c8a2676a3b89a9118755a1a271"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/bcd9a0797d73eeff659582f23277e7ab6e5f18f3"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "drivers/nvme/target/core.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "c440cd080761",
              "status": "affected",
              "version": "c6e3f1339812",
              "versionType": "git"
            },
            {
              "lessThan": "8a452d62e7ce",
              "status": "affected",
              "version": "c6e3f1339812",
              "versionType": "git"
            },
            {
              "lessThan": "bcd9a0797d73",
              "status": "affected",
              "version": "c6e3f1339812",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "drivers/nvme/target/core.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "status": "affected",
              "version": "5.8"
            },
            {
              "lessThan": "5.8",
              "status": "unaffected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.10.*",
              "status": "unaffected",
              "version": "5.10.43",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.12.*",
              "status": "unaffected",
              "version": "5.12.10",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "5.13",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnvmet: fix freeing unallocated p2pmem\n\nIn case p2p device was found but the p2p pool is empty, the nvme target\nis still trying to free the sgl from the p2p pool instead of the\nregular sgl pool and causing a crash (BUG() is called). Instead, assign\nthe p2p_dev for the request only if it was allocated from p2p pool.\n\nThis is the crash that was caused:\n\n[Sun May 30 19:13:53 2021] ------------[ cut here ]------------\n[Sun May 30 19:13:53 2021] kernel BUG at lib/genalloc.c:518!\n[Sun May 30 19:13:53 2021] invalid opcode: 0000 [#1] SMP PTI\n...\n[Sun May 30 19:13:53 2021] kernel BUG at lib/genalloc.c:518!\n...\n[Sun May 30 19:13:53 2021] RIP: 0010:gen_pool_free_owner+0xa8/0xb0\n...\n[Sun May 30 19:13:53 2021] Call Trace:\n[Sun May 30 19:13:53 2021] ------------[ cut here ]------------\n[Sun May 30 19:13:53 2021]  pci_free_p2pmem+0x2b/0x70\n[Sun May 30 19:13:53 2021]  pci_p2pmem_free_sgl+0x4f/0x80\n[Sun May 30 19:13:53 2021]  nvmet_req_free_sgls+0x1e/0x80 [nvmet]\n[Sun May 30 19:13:53 2021] kernel BUG at lib/genalloc.c:518!\n[Sun May 30 19:13:53 2021]  nvmet_rdma_release_rsp+0x4e/0x1f0 [nvmet_rdma]\n[Sun May 30 19:13:53 2021]  nvmet_rdma_send_done+0x1c/0x60 [nvmet_rdma]"
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-11-04T12:00:00.794Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/c440cd080761b18a52cac20f2a42e5da1e3995af"
        },
        {
          "url": "https://git.kernel.org/stable/c/8a452d62e7cea3c8a2676a3b89a9118755a1a271"
        },
        {
          "url": "https://git.kernel.org/stable/c/bcd9a0797d73eeff659582f23277e7ab6e5f18f3"
        }
      ],
      "title": "nvmet: fix freeing unallocated p2pmem",
      "x_generator": {
        "engine": "bippy-9e1c9544281a"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2021-47130",
    "datePublished": "2024-03-15T20:14:33.955Z",
    "dateReserved": "2024-03-04T18:12:48.840Z",
    "dateUpdated": "2024-11-04T17:09:52.222Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2021-47125

Vulnerability from cvelistv5

Published

2024-03-15 20:14

Modified

2024-11-04 11:59

Severity ?

Summary

sch_htb: fix refcount leak in htb_parent_to_leaf_offload

References

▼	URL	Tags
	https://git.kernel.org/stable/c/2411c02d03892a5057499f8102d0cc1e0f852416
	https://git.kernel.org/stable/c/944d671d5faa0d78980a3da5c0f04960ef1ad893

Impacted products

▼	Vendor	Product
	Linux	Linux
	Linux	Linux

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2021-47125",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-03-18T15:30:07.969096Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-06-04T17:14:48.759Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T05:24:39.885Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/2411c02d03892a5057499f8102d0cc1e0f852416"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/944d671d5faa0d78980a3da5c0f04960ef1ad893"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "net/sched/sch_htb.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "2411c02d0389",
              "status": "affected",
              "version": "ae81feb7338c",
              "versionType": "git"
            },
            {
              "lessThan": "944d671d5faa",
              "status": "affected",
              "version": "ae81feb7338c",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "net/sched/sch_htb.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "status": "affected",
              "version": "5.12"
            },
            {
              "lessThan": "5.12",
              "status": "unaffected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.12.*",
              "status": "unaffected",
              "version": "5.12.10",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "5.13",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nsch_htb: fix refcount leak in htb_parent_to_leaf_offload\n\nThe commit ae81feb7338c (\"sch_htb: fix null pointer dereference\non a null new_q\") fixes a NULL pointer dereference bug, but it\nis not correct.\n\nBecause htb_graft_helper properly handles the case when new_q\nis NULL, and after the previous patch by skipping this call\nwhich creates an inconsistency : dev_queue-\u003eqdisc will still\npoint to the old qdisc, but cl-\u003eparent-\u003eleaf.q will point to\nthe new one (which will be noop_qdisc, because new_q was NULL).\nThe code is based on an assumption that these two pointers are\nthe same, so it can lead to refcount leaks.\n\nThe correct fix is to add a NULL pointer check to protect\nqdisc_refcount_inc inside htb_parent_to_leaf_offload."
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-11-04T11:59:54.271Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/2411c02d03892a5057499f8102d0cc1e0f852416"
        },
        {
          "url": "https://git.kernel.org/stable/c/944d671d5faa0d78980a3da5c0f04960ef1ad893"
        }
      ],
      "title": "sch_htb: fix refcount leak in htb_parent_to_leaf_offload",
      "x_generator": {
        "engine": "bippy-9e1c9544281a"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2021-47125",
    "datePublished": "2024-03-15T20:14:30.285Z",
    "dateReserved": "2024-03-04T18:12:48.839Z",
    "dateUpdated": "2024-11-04T11:59:54.271Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2021-47112

Vulnerability from cvelistv5

Published

2024-03-15 20:14

Modified

2024-11-04 11:59

Severity ?

Summary

x86/kvm: Teardown PV features on boot CPU as well

References

▼	URL	Tags
	https://git.kernel.org/stable/c/7620a669111b52f224d006dea9e1e688e2d62c54
	https://git.kernel.org/stable/c/38b858da1c58ad46519a257764e059e663b59ff2
	https://git.kernel.org/stable/c/d1629b5b925de9b27979e929dae7fcb766daf6b6
	https://git.kernel.org/stable/c/8b79feffeca28c5459458fe78676b081e87c93a4

Impacted products

▼	Vendor	Product
	Linux	Linux
	Linux	Linux

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2021-47112",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-03-18T20:26:26.037473Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-06-04T17:14:29.430Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T05:24:39.829Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/7620a669111b52f224d006dea9e1e688e2d62c54"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/38b858da1c58ad46519a257764e059e663b59ff2"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/d1629b5b925de9b27979e929dae7fcb766daf6b6"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/8b79feffeca28c5459458fe78676b081e87c93a4"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "arch/x86/kernel/kvm.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "7620a669111b",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            },
            {
              "lessThan": "38b858da1c58",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            },
            {
              "lessThan": "d1629b5b925d",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            },
            {
              "lessThan": "8b79feffeca2",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "arch/x86/kernel/kvm.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThanOrEqual": "5.4.*",
              "status": "unaffected",
              "version": "5.4.125",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.10.*",
              "status": "unaffected",
              "version": "5.10.43",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.12.*",
              "status": "unaffected",
              "version": "5.12.10",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "5.13",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nx86/kvm: Teardown PV features on boot CPU as well\n\nVarious PV features (Async PF, PV EOI, steal time) work through memory\nshared with hypervisor and when we restore from hibernation we must\nproperly teardown all these features to make sure hypervisor doesn\u0027t\nwrite to stale locations after we jump to the previously hibernated kernel\n(which can try to place anything there). For secondary CPUs the job is\nalready done by kvm_cpu_down_prepare(), register syscore ops to do\nthe same for boot CPU."
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-11-04T11:59:38.607Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/7620a669111b52f224d006dea9e1e688e2d62c54"
        },
        {
          "url": "https://git.kernel.org/stable/c/38b858da1c58ad46519a257764e059e663b59ff2"
        },
        {
          "url": "https://git.kernel.org/stable/c/d1629b5b925de9b27979e929dae7fcb766daf6b6"
        },
        {
          "url": "https://git.kernel.org/stable/c/8b79feffeca28c5459458fe78676b081e87c93a4"
        }
      ],
      "title": "x86/kvm: Teardown PV features on boot CPU as well",
      "x_generator": {
        "engine": "bippy-9e1c9544281a"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2021-47112",
    "datePublished": "2024-03-15T20:14:20.602Z",
    "dateReserved": "2024-03-04T18:12:48.836Z",
    "dateUpdated": "2024-11-04T11:59:38.607Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2021-47128

Vulnerability from cvelistv5

Published

2024-03-15 20:14

Modified

2024-11-04 11:59

Severity ?

Summary

bpf, lockdown, audit: Fix buggy SELinux lockdown permission checks

References

▼	URL	Tags
	https://git.kernel.org/stable/c/ff5039ec75c83d2ed5b781dc7733420ee8c985fc
	https://git.kernel.org/stable/c/acc43fc6cf0d50612193813c5906a1ab9d433e1e
	https://git.kernel.org/stable/c/ff40e51043af63715ab413995ff46996ecf9583f

Impacted products

▼	Vendor	Product
	Linux	Linux
	Linux	Linux

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2021-47128",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-03-18T18:49:12.497745Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-06-04T17:14:25.049Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T05:24:39.912Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/ff5039ec75c83d2ed5b781dc7733420ee8c985fc"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/acc43fc6cf0d50612193813c5906a1ab9d433e1e"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/ff40e51043af63715ab413995ff46996ecf9583f"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "kernel/bpf/helpers.c",
            "kernel/trace/bpf_trace.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "ff5039ec75c8",
              "status": "affected",
              "version": "59438b46471a",
              "versionType": "git"
            },
            {
              "lessThan": "acc43fc6cf0d",
              "status": "affected",
              "version": "59438b46471a",
              "versionType": "git"
            },
            {
              "lessThan": "ff40e51043af",
              "status": "affected",
              "version": "59438b46471a",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "kernel/bpf/helpers.c",
            "kernel/trace/bpf_trace.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "status": "affected",
              "version": "5.6"
            },
            {
              "lessThan": "5.6",
              "status": "unaffected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.10.*",
              "status": "unaffected",
              "version": "5.10.43",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.12.*",
              "status": "unaffected",
              "version": "5.12.10",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "5.13",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nbpf, lockdown, audit: Fix buggy SELinux lockdown permission checks\n\nCommit 59438b46471a (\"security,lockdown,selinux: implement SELinux lockdown\")\nadded an implementation of the locked_down LSM hook to SELinux, with the aim\nto restrict which domains are allowed to perform operations that would breach\nlockdown. This is indirectly also getting audit subsystem involved to report\nevents. The latter is problematic, as reported by Ondrej and Serhei, since it\ncan bring down the whole system via audit:\n\n  1) The audit events that are triggered due to calls to security_locked_down()\n     can OOM kill a machine, see below details [0].\n\n  2) It also seems to be causing a deadlock via avc_has_perm()/slow_avc_audit()\n     when trying to wake up kauditd, for example, when using trace_sched_switch()\n     tracepoint, see details in [1]. Triggering this was not via some hypothetical\n     corner case, but with existing tools like runqlat \u0026 runqslower from bcc, for\n     example, which make use of this tracepoint. Rough call sequence goes like:\n\n     rq_lock(rq) -\u003e -------------------------+\n       trace_sched_switch() -\u003e               |\n         bpf_prog_xyz() -\u003e                   +-\u003e deadlock\n           selinux_lockdown() -\u003e             |\n             audit_log_end() -\u003e              |\n               wake_up_interruptible() -\u003e    |\n                 try_to_wake_up() -\u003e         |\n                   rq_lock(rq) --------------+\n\nWhat\u0027s worse is that the intention of 59438b46471a to further restrict lockdown\nsettings for specific applications in respect to the global lockdown policy is\ncompletely broken for BPF. The SELinux policy rule for the current lockdown check\nlooks something like this:\n\n  allow \u003cwho\u003e \u003cwho\u003e : lockdown { \u003creason\u003e };\n\nHowever, this doesn\u0027t match with the \u0027current\u0027 task where the security_locked_down()\nis executed, example: httpd does a syscall. There is a tracing program attached\nto the syscall which triggers a BPF program to run, which ends up doing a\nbpf_probe_read_kernel{,_str}() helper call. The selinux_lockdown() hook does\nthe permission check against \u0027current\u0027, that is, httpd in this example. httpd\nhas literally zero relation to this tracing program, and it would be nonsensical\nhaving to write an SELinux policy rule against httpd to let the tracing helper\npass. The policy in this case needs to be against the entity that is installing\nthe BPF program. For example, if bpftrace would generate a histogram of syscall\ncounts by user space application:\n\n  bpftrace -e \u0027tracepoint:raw_syscalls:sys_enter { @[comm] = count(); }\u0027\n\nbpftrace would then go and generate a BPF program from this internally. One way\nof doing it [for the sake of the example] could be to call bpf_get_current_task()\nhelper and then access current-\u003ecomm via one of bpf_probe_read_kernel{,_str}()\nhelpers. So the program itself has nothing to do with httpd or any other random\napp doing a syscall here. The BPF program _explicitly initiated_ the lockdown\ncheck. The allow/deny policy belongs in the context of bpftrace: meaning, you\nwant to grant bpftrace access to use these helpers, but other tracers on the\nsystem like my_random_tracer _not_.\n\nTherefore fix all three issues at the same time by taking a completely different\napproach for the security_locked_down() hook, that is, move the check into the\nprogram verification phase where we actually retrieve the BPF func proto. This\nalso reliably gets the task (current) that is trying to install the BPF tracing\nprogram, e.g. bpftrace/bcc/perf/systemtap/etc, and it also fixes the OOM since\nwe\u0027re moving this out of the BPF helper\u0027s fast-path which can be called several\nmillions of times per second.\n\nThe check is then also in line with other security_locked_down() hooks in the\nsystem where the enforcement is performed at open/load time, for example,\nopen_kcore() for /proc/kcore access or module_sig_check() for module signatures\njust to pick f\n---truncated---"
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-11-04T11:59:57.780Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/ff5039ec75c83d2ed5b781dc7733420ee8c985fc"
        },
        {
          "url": "https://git.kernel.org/stable/c/acc43fc6cf0d50612193813c5906a1ab9d433e1e"
        },
        {
          "url": "https://git.kernel.org/stable/c/ff40e51043af63715ab413995ff46996ecf9583f"
        }
      ],
      "title": "bpf, lockdown, audit: Fix buggy SELinux lockdown permission checks",
      "x_generator": {
        "engine": "bippy-9e1c9544281a"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2021-47128",
    "datePublished": "2024-03-15T20:14:32.366Z",
    "dateReserved": "2024-03-04T18:12:48.839Z",
    "dateUpdated": "2024-11-04T11:59:57.780Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2021-47109

Vulnerability from cvelistv5

Published

2024-03-15 20:14

Modified

2024-11-04 11:59

Severity ?

Summary

neighbour: allow NUD_NOARP entries to be forced GCed

References

▼	URL	Tags
	https://git.kernel.org/stable/c/d99029e6aab62aef0a0251588b2867e77e83b137
	https://git.kernel.org/stable/c/d17d47da59f726dc4c87caebda3a50333d7e2fd3
	https://git.kernel.org/stable/c/ddf088d7aaaaacfc836104f2e632b29b1d383cfc
	https://git.kernel.org/stable/c/7a6b1ab7475fd6478eeaf5c9d1163e7a18125c8f

Impacted products

▼	Vendor	Product
	Linux	Linux
	Linux	Linux

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2021-47109",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-03-19T15:24:45.992487Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-06-04T17:14:40.388Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T05:24:39.847Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/d99029e6aab62aef0a0251588b2867e77e83b137"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/d17d47da59f726dc4c87caebda3a50333d7e2fd3"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/ddf088d7aaaaacfc836104f2e632b29b1d383cfc"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/7a6b1ab7475fd6478eeaf5c9d1163e7a18125c8f"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "net/core/neighbour.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "d99029e6aab6",
              "status": "affected",
              "version": "58956317c8de",
              "versionType": "git"
            },
            {
              "lessThan": "d17d47da59f7",
              "status": "affected",
              "version": "58956317c8de",
              "versionType": "git"
            },
            {
              "lessThan": "ddf088d7aaaa",
              "status": "affected",
              "version": "58956317c8de",
              "versionType": "git"
            },
            {
              "lessThan": "7a6b1ab7475f",
              "status": "affected",
              "version": "58956317c8de",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "net/core/neighbour.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "status": "affected",
              "version": "5.0"
            },
            {
              "lessThan": "5.0",
              "status": "unaffected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.4.*",
              "status": "unaffected",
              "version": "5.4.125",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.10.*",
              "status": "unaffected",
              "version": "5.10.43",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.12.*",
              "status": "unaffected",
              "version": "5.12.10",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "5.13",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nneighbour: allow NUD_NOARP entries to be forced GCed\n\nIFF_POINTOPOINT interfaces use NUD_NOARP entries for IPv6. It\u0027s possible to\nfill up the neighbour table with enough entries that it will overflow for\nvalid connections after that.\n\nThis behaviour is more prevalent after commit 58956317c8de (\"neighbor:\nImprove garbage collection\") is applied, as it prevents removal from\nentries that are not NUD_FAILED, unless they are more than 5s old."
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-11-04T11:59:34.892Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/d99029e6aab62aef0a0251588b2867e77e83b137"
        },
        {
          "url": "https://git.kernel.org/stable/c/d17d47da59f726dc4c87caebda3a50333d7e2fd3"
        },
        {
          "url": "https://git.kernel.org/stable/c/ddf088d7aaaaacfc836104f2e632b29b1d383cfc"
        },
        {
          "url": "https://git.kernel.org/stable/c/7a6b1ab7475fd6478eeaf5c9d1163e7a18125c8f"
        }
      ],
      "title": "neighbour: allow NUD_NOARP entries to be forced GCed",
      "x_generator": {
        "engine": "bippy-9e1c9544281a"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2021-47109",
    "datePublished": "2024-03-15T20:14:18.469Z",
    "dateReserved": "2024-03-04T18:12:48.836Z",
    "dateUpdated": "2024-11-04T11:59:34.892Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2021-47121

Vulnerability from cvelistv5

Published

2024-03-15 20:14

Modified

2024-11-04 11:59

Severity ?

Summary

net: caif: fix memory leak in cfusbl_device_notify

References

▼	URL	Tags
	https://git.kernel.org/stable/c/cc302e30a504e6b60a9ac8df7988646f46cd0294
	https://git.kernel.org/stable/c/81afc61cb6e2b553f2c5f992fa79e0ae73857141
	https://git.kernel.org/stable/c/e8b37f5009ea7095529790f022859711e6939c76
	https://git.kernel.org/stable/c/9ea0ab48e755d8f29fe89eb235fb86176fdb597f
	https://git.kernel.org/stable/c/4d94f530cd24c85aede6e72b8923f371b45d6886
	https://git.kernel.org/stable/c/46403c1f80b0d3f937ff9c4f5edc63bb64bc5051
	https://git.kernel.org/stable/c/dde8686985ec24d6b00487080a906609bd613ea1
	https://git.kernel.org/stable/c/7f5d86669fa4d485523ddb1d212e0a2d90bd62bb

Impacted products

▼	Vendor	Product
	Linux	Linux
	Linux	Linux

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2021-47121",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-03-18T15:58:18.929619Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-06-04T17:13:45.717Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T05:24:39.876Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/cc302e30a504e6b60a9ac8df7988646f46cd0294"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/81afc61cb6e2b553f2c5f992fa79e0ae73857141"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/e8b37f5009ea7095529790f022859711e6939c76"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/9ea0ab48e755d8f29fe89eb235fb86176fdb597f"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/4d94f530cd24c85aede6e72b8923f371b45d6886"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/46403c1f80b0d3f937ff9c4f5edc63bb64bc5051"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/dde8686985ec24d6b00487080a906609bd613ea1"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/7f5d86669fa4d485523ddb1d212e0a2d90bd62bb"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "net/caif/caif_usb.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "cc302e30a504",
              "status": "affected",
              "version": "7ad65bf68d70",
              "versionType": "git"
            },
            {
              "lessThan": "81afc61cb6e2",
              "status": "affected",
              "version": "7ad65bf68d70",
              "versionType": "git"
            },
            {
              "lessThan": "e8b37f5009ea",
              "status": "affected",
              "version": "7ad65bf68d70",
              "versionType": "git"
            },
            {
              "lessThan": "9ea0ab48e755",
              "status": "affected",
              "version": "7ad65bf68d70",
              "versionType": "git"
            },
            {
              "lessThan": "4d94f530cd24",
              "status": "affected",
              "version": "7ad65bf68d70",
              "versionType": "git"
            },
            {
              "lessThan": "46403c1f80b0",
              "status": "affected",
              "version": "7ad65bf68d70",
              "versionType": "git"
            },
            {
              "lessThan": "dde8686985ec",
              "status": "affected",
              "version": "7ad65bf68d70",
              "versionType": "git"
            },
            {
              "lessThan": "7f5d86669fa4",
              "status": "affected",
              "version": "7ad65bf68d70",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "net/caif/caif_usb.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "status": "affected",
              "version": "3.3"
            },
            {
              "lessThan": "3.3",
              "status": "unaffected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "4.4.*",
              "status": "unaffected",
              "version": "4.4.272",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "4.9.*",
              "status": "unaffected",
              "version": "4.9.272",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "4.14.*",
              "status": "unaffected",
              "version": "4.14.236",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "4.19.*",
              "status": "unaffected",
              "version": "4.19.194",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.4.*",
              "status": "unaffected",
              "version": "5.4.125",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.10.*",
              "status": "unaffected",
              "version": "5.10.43",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.12.*",
              "status": "unaffected",
              "version": "5.12.10",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "5.13",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: caif: fix memory leak in cfusbl_device_notify\n\nIn case of caif_enroll_dev() fail, allocated\nlink_support won\u0027t be assigned to the corresponding\nstructure. So simply free allocated pointer in case\nof error."
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-11-04T11:59:48.975Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/cc302e30a504e6b60a9ac8df7988646f46cd0294"
        },
        {
          "url": "https://git.kernel.org/stable/c/81afc61cb6e2b553f2c5f992fa79e0ae73857141"
        },
        {
          "url": "https://git.kernel.org/stable/c/e8b37f5009ea7095529790f022859711e6939c76"
        },
        {
          "url": "https://git.kernel.org/stable/c/9ea0ab48e755d8f29fe89eb235fb86176fdb597f"
        },
        {
          "url": "https://git.kernel.org/stable/c/4d94f530cd24c85aede6e72b8923f371b45d6886"
        },
        {
          "url": "https://git.kernel.org/stable/c/46403c1f80b0d3f937ff9c4f5edc63bb64bc5051"
        },
        {
          "url": "https://git.kernel.org/stable/c/dde8686985ec24d6b00487080a906609bd613ea1"
        },
        {
          "url": "https://git.kernel.org/stable/c/7f5d86669fa4d485523ddb1d212e0a2d90bd62bb"
        }
      ],
      "title": "net: caif: fix memory leak in cfusbl_device_notify",
      "x_generator": {
        "engine": "bippy-9e1c9544281a"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2021-47121",
    "datePublished": "2024-03-15T20:14:27.287Z",
    "dateReserved": "2024-03-04T18:12:48.838Z",
    "dateUpdated": "2024-11-04T11:59:48.975Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2021-47116

Vulnerability from cvelistv5

Published

2024-03-15 20:14

Modified

2024-11-04 11:59

Severity ?

Summary

ext4: fix memory leak in ext4_mb_init_backend on error path.

References

▼	URL	Tags
	https://git.kernel.org/stable/c/2050c6e5b161e5e25ce3c420fef58b24fa388a49
	https://git.kernel.org/stable/c/04fb2baa0b147f51db065a1b13a11954abe592d0
	https://git.kernel.org/stable/c/a8867f4e3809050571c98de7a2d465aff5e4daf5

Impacted products

▼	Vendor	Product
	Linux	Linux
	Linux	Linux

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2021-47116",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-04-05T17:36:29.410225Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-06-04T17:13:30.143Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T05:24:39.910Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/2050c6e5b161e5e25ce3c420fef58b24fa388a49"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/04fb2baa0b147f51db065a1b13a11954abe592d0"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/a8867f4e3809050571c98de7a2d465aff5e4daf5"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "fs/ext4/mballoc.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "2050c6e5b161",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            },
            {
              "lessThan": "04fb2baa0b14",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            },
            {
              "lessThan": "a8867f4e3809",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "fs/ext4/mballoc.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThanOrEqual": "5.10.*",
              "status": "unaffected",
              "version": "5.10.43",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.12.*",
              "status": "unaffected",
              "version": "5.12.10",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "5.13",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\next4: fix memory leak in ext4_mb_init_backend on error path.\n\nFix a memory leak discovered by syzbot when a file system is corrupted\nwith an illegally large s_log_groups_per_flex."
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-11-04T11:59:42.479Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/2050c6e5b161e5e25ce3c420fef58b24fa388a49"
        },
        {
          "url": "https://git.kernel.org/stable/c/04fb2baa0b147f51db065a1b13a11954abe592d0"
        },
        {
          "url": "https://git.kernel.org/stable/c/a8867f4e3809050571c98de7a2d465aff5e4daf5"
        }
      ],
      "title": "ext4: fix memory leak in ext4_mb_init_backend on error path.",
      "x_generator": {
        "engine": "bippy-9e1c9544281a"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2021-47116",
    "datePublished": "2024-03-15T20:14:23.564Z",
    "dateReserved": "2024-03-04T18:12:48.837Z",
    "dateUpdated": "2024-11-04T11:59:42.479Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2021-47124

Vulnerability from cvelistv5

Published

2024-03-15 20:14

Modified

2024-11-04 11:59

Severity ?

Summary

io_uring: fix link timeout refs

References

▼	URL	Tags
	https://git.kernel.org/stable/c/0b2a990e5d2f76d020cb840c456e6ec5f0c27530
	https://git.kernel.org/stable/c/6f5d7a45f58d3abe3a936de1441b8d6318f978ff
	https://git.kernel.org/stable/c/876808dba2ff7509bdd7f230c4f374a0caf4f410
	https://git.kernel.org/stable/c/ff4a96ba5c8f9b266706280ff8021d2ef3f17e86
	https://git.kernel.org/stable/c/a298232ee6b9a1d5d732aa497ff8be0d45b5bd82

Impacted products

▼	Vendor	Product
	Linux	Linux
	Linux	Linux

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2021-47124",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-03-18T20:27:15.011125Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-06-04T17:14:33.416Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T05:24:39.807Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/0b2a990e5d2f76d020cb840c456e6ec5f0c27530"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/6f5d7a45f58d3abe3a936de1441b8d6318f978ff"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/876808dba2ff7509bdd7f230c4f374a0caf4f410"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/ff4a96ba5c8f9b266706280ff8021d2ef3f17e86"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/a298232ee6b9a1d5d732aa497ff8be0d45b5bd82"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "fs/io_uring.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "0b2a990e5d2f",
              "status": "affected",
              "version": "1c20e9040f49",
              "versionType": "git"
            },
            {
              "lessThan": "6f5d7a45f58d",
              "status": "affected",
              "version": "1c20e9040f49",
              "versionType": "git"
            },
            {
              "lessThan": "876808dba2ff",
              "status": "affected",
              "version": "9ae1f8dd372e",
              "versionType": "git"
            },
            {
              "lessThan": "ff4a96ba5c8f",
              "status": "affected",
              "version": "9ae1f8dd372e",
              "versionType": "git"
            },
            {
              "lessThan": "a298232ee6b9",
              "status": "affected",
              "version": "9ae1f8dd372e",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "fs/io_uring.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "status": "affected",
              "version": "5.12"
            },
            {
              "lessThan": "5.12",
              "status": "unaffected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.10.*",
              "status": "unaffected",
              "version": "5.10.43",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.10.*",
              "status": "unaffected",
              "version": "5.10.55",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.12.*",
              "status": "unaffected",
              "version": "5.12.10",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.12.*",
              "status": "unaffected",
              "version": "5.12.19",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "5.13",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nio_uring: fix link timeout refs\n\nWARNING: CPU: 0 PID: 10242 at lib/refcount.c:28 refcount_warn_saturate+0x15b/0x1a0 lib/refcount.c:28\nRIP: 0010:refcount_warn_saturate+0x15b/0x1a0 lib/refcount.c:28\nCall Trace:\n __refcount_sub_and_test include/linux/refcount.h:283 [inline]\n __refcount_dec_and_test include/linux/refcount.h:315 [inline]\n refcount_dec_and_test include/linux/refcount.h:333 [inline]\n io_put_req fs/io_uring.c:2140 [inline]\n io_queue_linked_timeout fs/io_uring.c:6300 [inline]\n __io_queue_sqe+0xbef/0xec0 fs/io_uring.c:6354\n io_submit_sqe fs/io_uring.c:6534 [inline]\n io_submit_sqes+0x2bbd/0x7c50 fs/io_uring.c:6660\n __do_sys_io_uring_enter fs/io_uring.c:9240 [inline]\n __se_sys_io_uring_enter+0x256/0x1d60 fs/io_uring.c:9182\n\nio_link_timeout_fn() should put only one reference of the linked timeout\nrequest, however in case of racing with the master request\u0027s completion\nfirst io_req_complete() puts one and then io_put_req_deferred() is\ncalled."
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-11-04T11:59:52.978Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/0b2a990e5d2f76d020cb840c456e6ec5f0c27530"
        },
        {
          "url": "https://git.kernel.org/stable/c/6f5d7a45f58d3abe3a936de1441b8d6318f978ff"
        },
        {
          "url": "https://git.kernel.org/stable/c/876808dba2ff7509bdd7f230c4f374a0caf4f410"
        },
        {
          "url": "https://git.kernel.org/stable/c/ff4a96ba5c8f9b266706280ff8021d2ef3f17e86"
        },
        {
          "url": "https://git.kernel.org/stable/c/a298232ee6b9a1d5d732aa497ff8be0d45b5bd82"
        }
      ],
      "title": "io_uring: fix link timeout refs",
      "x_generator": {
        "engine": "bippy-9e1c9544281a"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2021-47124",
    "datePublished": "2024-03-15T20:14:29.605Z",
    "dateReserved": "2024-03-04T18:12:48.839Z",
    "dateUpdated": "2024-11-04T11:59:52.978Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2021-47120

Vulnerability from cvelistv5

Published

2024-03-15 20:14

Modified

2024-11-04 11:59

Severity ?

Summary

HID: magicmouse: fix NULL-deref on disconnect

References

▼	URL	Tags
	https://git.kernel.org/stable/c/368c5d45a87e1bcc7f1e98e0c255c37b7b12c5d6
	https://git.kernel.org/stable/c/b5d013c4c76b276890135b5d32803c4c63924b77
	https://git.kernel.org/stable/c/9cf27473f21913a3eaf4702dd2a25415afd5f33f
	https://git.kernel.org/stable/c/4b4f6cecca446abcb686c6e6c451d4f1ec1a7497

Impacted products

▼	Vendor	Product
	Linux	Linux
	Linux	Linux

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2021-47120",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-03-19T15:24:16.763009Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-06-04T17:13:25.270Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T05:24:39.876Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/368c5d45a87e1bcc7f1e98e0c255c37b7b12c5d6"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/b5d013c4c76b276890135b5d32803c4c63924b77"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/9cf27473f21913a3eaf4702dd2a25415afd5f33f"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/4b4f6cecca446abcb686c6e6c451d4f1ec1a7497"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "drivers/hid/hid-magicmouse.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "368c5d45a87e",
              "status": "affected",
              "version": "9d7b18668956",
              "versionType": "git"
            },
            {
              "lessThan": "b5d013c4c76b",
              "status": "affected",
              "version": "9d7b18668956",
              "versionType": "git"
            },
            {
              "lessThan": "9cf27473f219",
              "status": "affected",
              "version": "9d7b18668956",
              "versionType": "git"
            },
            {
              "lessThan": "4b4f6cecca44",
              "status": "affected",
              "version": "9d7b18668956",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "drivers/hid/hid-magicmouse.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "status": "affected",
              "version": "4.20"
            },
            {
              "lessThan": "4.20",
              "status": "unaffected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.4.*",
              "status": "unaffected",
              "version": "5.4.125",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.10.*",
              "status": "unaffected",
              "version": "5.10.43",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.12.*",
              "status": "unaffected",
              "version": "5.12.10",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "5.13",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nHID: magicmouse: fix NULL-deref on disconnect\n\nCommit 9d7b18668956 (\"HID: magicmouse: add support for Apple Magic\nTrackpad 2\") added a sanity check for an Apple trackpad but returned\nsuccess instead of -ENODEV when the check failed. This means that the\nremove callback will dereference the never-initialised driver data\npointer when the driver is later unbound (e.g. on USB disconnect)."
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-11-04T11:59:47.716Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/368c5d45a87e1bcc7f1e98e0c255c37b7b12c5d6"
        },
        {
          "url": "https://git.kernel.org/stable/c/b5d013c4c76b276890135b5d32803c4c63924b77"
        },
        {
          "url": "https://git.kernel.org/stable/c/9cf27473f21913a3eaf4702dd2a25415afd5f33f"
        },
        {
          "url": "https://git.kernel.org/stable/c/4b4f6cecca446abcb686c6e6c451d4f1ec1a7497"
        }
      ],
      "title": "HID: magicmouse: fix NULL-deref on disconnect",
      "x_generator": {
        "engine": "bippy-9e1c9544281a"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2021-47120",
    "datePublished": "2024-03-15T20:14:26.578Z",
    "dateReserved": "2024-03-04T18:12:48.838Z",
    "dateUpdated": "2024-11-04T11:59:47.716Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2021-47119

Vulnerability from cvelistv5

Published

2024-03-15 20:14

Modified

2024-11-04 11:59

Severity ?

Summary

ext4: fix memory leak in ext4_fill_super

References

▼	URL	Tags
	https://git.kernel.org/stable/c/01d349a481f0591230300a9171330136f9159bcd
	https://git.kernel.org/stable/c/1385b23396d511d5233b8b921ac3058b3f86a5e1
	https://git.kernel.org/stable/c/afd09b617db3786b6ef3dc43e28fe728cfea84df

Impacted products

▼	Vendor	Product
	Linux	Linux
	Linux	Linux

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2021-47119",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-07-23T13:37:32.763549Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-07-23T13:37:45.432Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T05:24:39.956Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/01d349a481f0591230300a9171330136f9159bcd"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/1385b23396d511d5233b8b921ac3058b3f86a5e1"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/afd09b617db3786b6ef3dc43e28fe728cfea84df"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "fs/ext4/super.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "01d349a481f0",
              "status": "affected",
              "version": "ac27a0ec112a",
              "versionType": "git"
            },
            {
              "lessThan": "1385b23396d5",
              "status": "affected",
              "version": "ac27a0ec112a",
              "versionType": "git"
            },
            {
              "lessThan": "afd09b617db3",
              "status": "affected",
              "version": "ac27a0ec112a",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "fs/ext4/super.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "status": "affected",
              "version": "2.6.19"
            },
            {
              "lessThan": "2.6.19",
              "status": "unaffected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.10.*",
              "status": "unaffected",
              "version": "5.10.43",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.12.*",
              "status": "unaffected",
              "version": "5.12.10",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "5.13",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\next4: fix memory leak in ext4_fill_super\n\nBuffer head references must be released before calling kill_bdev();\notherwise the buffer head (and its page referenced by b_data) will not\nbe freed by kill_bdev, and subsequently that bh will be leaked.\n\nIf blocksizes differ, sb_set_blocksize() will kill current buffers and\npage cache by using kill_bdev(). And then super block will be reread\nagain but using correct blocksize this time. sb_set_blocksize() didn\u0027t\nfully free superblock page and buffer head, and being busy, they were\nnot freed and instead leaked.\n\nThis can easily be reproduced by calling an infinite loop of:\n\n  systemctl start \u003cext4_on_lvm\u003e.mount, and\n  systemctl stop \u003cext4_on_lvm\u003e.mount\n\n... since systemd creates a cgroup for each slice which it mounts, and\nthe bh leak get amplified by a dying memory cgroup that also never\ngets freed, and memory consumption is much more easily noticed."
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-11-04T11:59:46.566Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/01d349a481f0591230300a9171330136f9159bcd"
        },
        {
          "url": "https://git.kernel.org/stable/c/1385b23396d511d5233b8b921ac3058b3f86a5e1"
        },
        {
          "url": "https://git.kernel.org/stable/c/afd09b617db3786b6ef3dc43e28fe728cfea84df"
        }
      ],
      "title": "ext4: fix memory leak in ext4_fill_super",
      "x_generator": {
        "engine": "bippy-9e1c9544281a"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2021-47119",
    "datePublished": "2024-03-15T20:14:25.901Z",
    "dateReserved": "2024-03-04T18:12:48.838Z",
    "dateUpdated": "2024-11-04T11:59:46.566Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2021-47127

Vulnerability from cvelistv5

Published

2024-03-15 20:14

Modified

2024-11-04 11:59

Severity ?

Summary

ice: track AF_XDP ZC enabled queues in bitmap

References

▼	URL	Tags
	https://git.kernel.org/stable/c/1d34fa4fcf06649036ba0c97854fcf7a741ee18c
	https://git.kernel.org/stable/c/e102db780e1c14f10c70dafa7684af22a745b51d

Impacted products

▼	Vendor	Product
	Linux	Linux
	Linux	Linux

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T05:24:39.881Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/1d34fa4fcf06649036ba0c97854fcf7a741ee18c"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/e102db780e1c14f10c70dafa7684af22a745b51d"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2021-47127",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-09-10T15:55:26.106391Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-09-11T17:32:52.269Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "drivers/net/ethernet/intel/ice/ice.h",
            "drivers/net/ethernet/intel/ice/ice_lib.c",
            "drivers/net/ethernet/intel/ice/ice_xsk.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "1d34fa4fcf06",
              "status": "affected",
              "version": "c7a219048e45",
              "versionType": "git"
            },
            {
              "lessThan": "e102db780e1c",
              "status": "affected",
              "version": "c7a219048e45",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "drivers/net/ethernet/intel/ice/ice.h",
            "drivers/net/ethernet/intel/ice/ice_lib.c",
            "drivers/net/ethernet/intel/ice/ice_xsk.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "status": "affected",
              "version": "5.12"
            },
            {
              "lessThan": "5.12",
              "status": "unaffected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.12.*",
              "status": "unaffected",
              "version": "5.12.10",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "5.13",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nice: track AF_XDP ZC enabled queues in bitmap\n\nCommit c7a219048e45 (\"ice: Remove xsk_buff_pool from VSI structure\")\nsilently introduced a regression and broke the Tx side of AF_XDP in copy\nmode. xsk_pool on ice_ring is set only based on the existence of the XDP\nprog on the VSI which in turn picks ice_clean_tx_irq_zc to be executed.\nThat is not something that should happen for copy mode as it should use\nthe regular data path ice_clean_tx_irq.\n\nThis results in a following splat when xdpsock is run in txonly or l2fwd\nscenarios in copy mode:\n\n\u003csnip\u003e\n[  106.050195] BUG: kernel NULL pointer dereference, address: 0000000000000030\n[  106.057269] #PF: supervisor read access in kernel mode\n[  106.062493] #PF: error_code(0x0000) - not-present page\n[  106.067709] PGD 0 P4D 0\n[  106.070293] Oops: 0000 [#1] PREEMPT SMP NOPTI\n[  106.074721] CPU: 61 PID: 0 Comm: swapper/61 Not tainted 5.12.0-rc2+ #45\n[  106.081436] Hardware name: Intel Corporation S2600WFT/S2600WFT, BIOS SE5C620.86B.02.01.0008.031920191559 03/19/2019\n[  106.092027] RIP: 0010:xp_raw_get_dma+0x36/0x50\n[  106.096551] Code: 74 14 48 b8 ff ff ff ff ff ff 00 00 48 21 f0 48 c1 ee 30 48 01 c6 48 8b 87 90 00 00 00 48 89 f2 81 e6 ff 0f 00 00 48 c1 ea 0c \u003c48\u003e 8b 04 d0 48 83 e0 fe 48 01 f0 c3 66 66 2e 0f 1f 84 00 00 00 00\n[  106.115588] RSP: 0018:ffffc9000d694e50 EFLAGS: 00010206\n[  106.120893] RAX: 0000000000000000 RBX: ffff88984b8c8a00 RCX: ffff889852581800\n[  106.128137] RDX: 0000000000000006 RSI: 0000000000000000 RDI: ffff88984cd8b800\n[  106.135383] RBP: ffff888123b50001 R08: ffff889896800000 R09: 0000000000000800\n[  106.142628] R10: 0000000000000000 R11: ffffffff826060c0 R12: 00000000000000ff\n[  106.149872] R13: 0000000000000000 R14: 0000000000000040 R15: ffff888123b50018\n[  106.157117] FS:  0000000000000000(0000) GS:ffff8897e0f40000(0000) knlGS:0000000000000000\n[  106.165332] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n[  106.171163] CR2: 0000000000000030 CR3: 000000000560a004 CR4: 00000000007706e0\n[  106.178408] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\n[  106.185653] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\n[  106.192898] PKRU: 55555554\n[  106.195653] Call Trace:\n[  106.198143]  \u003cIRQ\u003e\n[  106.200196]  ice_clean_tx_irq_zc+0x183/0x2a0 [ice]\n[  106.205087]  ice_napi_poll+0x3e/0x590 [ice]\n[  106.209356]  __napi_poll+0x2a/0x160\n[  106.212911]  net_rx_action+0xd6/0x200\n[  106.216634]  __do_softirq+0xbf/0x29b\n[  106.220274]  irq_exit_rcu+0x88/0xc0\n[  106.223819]  common_interrupt+0x7b/0xa0\n[  106.227719]  \u003c/IRQ\u003e\n[  106.229857]  asm_common_interrupt+0x1e/0x40\n\u003c/snip\u003e\n\nFix this by introducing the bitmap of queues that are zero-copy enabled,\nwhere each bit, corresponding to a queue id that xsk pool is being\nconfigured on, will be set/cleared within ice_xsk_pool_{en,dis}able and\nchecked within ice_xsk_pool(). The latter is a function used for\ndeciding which napi poll routine is executed.\nIdea is being taken from our other drivers such as i40e and ixgbe."
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-11-04T11:59:56.619Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/1d34fa4fcf06649036ba0c97854fcf7a741ee18c"
        },
        {
          "url": "https://git.kernel.org/stable/c/e102db780e1c14f10c70dafa7684af22a745b51d"
        }
      ],
      "title": "ice: track AF_XDP ZC enabled queues in bitmap",
      "x_generator": {
        "engine": "bippy-9e1c9544281a"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2021-47127",
    "datePublished": "2024-03-15T20:14:31.658Z",
    "dateReserved": "2024-03-04T18:12:48.839Z",
    "dateUpdated": "2024-11-04T11:59:56.619Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2021-47134

Vulnerability from cvelistv5

Published

2024-03-15 20:14

Modified

2024-11-04 12:00

Severity ?

Summary

efi/fdt: fix panic when no valid fdt found

References

▼	URL	Tags
	https://git.kernel.org/stable/c/5148066edbdc89c6fe5bc419c31a5c22e5f83bdb
	https://git.kernel.org/stable/c/8a7e8b4e5631a03ea2fee27957857a56612108ca
	https://git.kernel.org/stable/c/668a84c1bfb2b3fd5a10847825a854d63fac7baa

Impacted products

▼	Vendor	Product
	Linux	Linux
	Linux	Linux

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2021-47134",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-03-18T20:27:32.803046Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-06-04T17:15:01.885Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T05:24:39.859Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/5148066edbdc89c6fe5bc419c31a5c22e5f83bdb"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/8a7e8b4e5631a03ea2fee27957857a56612108ca"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/668a84c1bfb2b3fd5a10847825a854d63fac7baa"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "drivers/firmware/efi/fdtparams.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "5148066edbdc",
              "status": "affected",
              "version": "b91540d52a08",
              "versionType": "git"
            },
            {
              "lessThan": "8a7e8b4e5631",
              "status": "affected",
              "version": "b91540d52a08",
              "versionType": "git"
            },
            {
              "lessThan": "668a84c1bfb2",
              "status": "affected",
              "version": "b91540d52a08",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "drivers/firmware/efi/fdtparams.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "status": "affected",
              "version": "5.10"
            },
            {
              "lessThan": "5.10",
              "status": "unaffected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.10.*",
              "status": "unaffected",
              "version": "5.10.43",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.12.*",
              "status": "unaffected",
              "version": "5.12.10",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "5.13",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nefi/fdt: fix panic when no valid fdt found\n\nsetup_arch() would invoke efi_init()-\u003eefi_get_fdt_params(). If no\nvalid fdt found then initial_boot_params will be null. So we\nshould stop further fdt processing here. I encountered this\nissue on risc-v."
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-11-04T12:00:08.350Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/5148066edbdc89c6fe5bc419c31a5c22e5f83bdb"
        },
        {
          "url": "https://git.kernel.org/stable/c/8a7e8b4e5631a03ea2fee27957857a56612108ca"
        },
        {
          "url": "https://git.kernel.org/stable/c/668a84c1bfb2b3fd5a10847825a854d63fac7baa"
        }
      ],
      "title": "efi/fdt: fix panic when no valid fdt found",
      "x_generator": {
        "engine": "bippy-9e1c9544281a"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2021-47134",
    "datePublished": "2024-03-15T20:14:36.804Z",
    "dateReserved": "2024-03-04T18:12:48.840Z",
    "dateUpdated": "2024-11-04T12:00:08.350Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2021-47118

Vulnerability from cvelistv5

Published

2024-03-15 20:14

Modified

2024-11-04 11:59

Severity ?

Summary

pid: take a reference when initializing `cad_pid`

References

▼	URL	Tags
	https://git.kernel.org/stable/c/764c2e892d1fe895392aff62fb353fdce43bb529
	https://git.kernel.org/stable/c/f86c80515a8a3703e0ca2e56deb50fc2879c5ea4
	https://git.kernel.org/stable/c/4dbd8808a591b49b717862e6e0081bcf14a87788
	https://git.kernel.org/stable/c/d106f05432e60f9f62d456ef017687f5c73cb414
	https://git.kernel.org/stable/c/2cd6eedfa6344f5ef5c3dac3aee57a39b5b46dff
	https://git.kernel.org/stable/c/7178be006d495ffb741c329012da289b62dddfe6
	https://git.kernel.org/stable/c/b8ff869f20152fbe66b6c2e2715d26a2f9897cca
	https://git.kernel.org/stable/c/0711f0d7050b9e07c44bc159bbc64ac0a1022c7f

Impacted products

▼	Vendor	Product
	Linux	Linux
	Linux	Linux

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T05:24:39.826Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/764c2e892d1fe895392aff62fb353fdce43bb529"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/f86c80515a8a3703e0ca2e56deb50fc2879c5ea4"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/4dbd8808a591b49b717862e6e0081bcf14a87788"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/d106f05432e60f9f62d456ef017687f5c73cb414"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/2cd6eedfa6344f5ef5c3dac3aee57a39b5b46dff"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/7178be006d495ffb741c329012da289b62dddfe6"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/b8ff869f20152fbe66b6c2e2715d26a2f9897cca"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/0711f0d7050b9e07c44bc159bbc64ac0a1022c7f"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2021-47118",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-09-10T15:55:32.497500Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-09-11T17:33:25.590Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "init/main.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "764c2e892d1f",
              "status": "affected",
              "version": "9ec52099e4b8",
              "versionType": "git"
            },
            {
              "lessThan": "f86c80515a8a",
              "status": "affected",
              "version": "9ec52099e4b8",
              "versionType": "git"
            },
            {
              "lessThan": "4dbd8808a591",
              "status": "affected",
              "version": "9ec52099e4b8",
              "versionType": "git"
            },
            {
              "lessThan": "d106f05432e6",
              "status": "affected",
              "version": "9ec52099e4b8",
              "versionType": "git"
            },
            {
              "lessThan": "2cd6eedfa634",
              "status": "affected",
              "version": "9ec52099e4b8",
              "versionType": "git"
            },
            {
              "lessThan": "7178be006d49",
              "status": "affected",
              "version": "9ec52099e4b8",
              "versionType": "git"
            },
            {
              "lessThan": "b8ff869f2015",
              "status": "affected",
              "version": "9ec52099e4b8",
              "versionType": "git"
            },
            {
              "lessThan": "0711f0d7050b",
              "status": "affected",
              "version": "9ec52099e4b8",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "init/main.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "status": "affected",
              "version": "2.6.19"
            },
            {
              "lessThan": "2.6.19",
              "status": "unaffected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "4.4.*",
              "status": "unaffected",
              "version": "4.4.272",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "4.9.*",
              "status": "unaffected",
              "version": "4.9.272",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "4.14.*",
              "status": "unaffected",
              "version": "4.14.236",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "4.19.*",
              "status": "unaffected",
              "version": "4.19.194",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.4.*",
              "status": "unaffected",
              "version": "5.4.125",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.10.*",
              "status": "unaffected",
              "version": "5.10.43",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.12.*",
              "status": "unaffected",
              "version": "5.12.10",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "5.13",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\npid: take a reference when initializing `cad_pid`\n\nDuring boot, kernel_init_freeable() initializes `cad_pid` to the init\ntask\u0027s struct pid.  Later on, we may change `cad_pid` via a sysctl, and\nwhen this happens proc_do_cad_pid() will increment the refcount on the\nnew pid via get_pid(), and will decrement the refcount on the old pid\nvia put_pid().  As we never called get_pid() when we initialized\n`cad_pid`, we decrement a reference we never incremented, can therefore\nfree the init task\u0027s struct pid early.  As there can be dangling\nreferences to the struct pid, we can later encounter a use-after-free\n(e.g.  when delivering signals).\n\nThis was spotted when fuzzing v5.13-rc3 with Syzkaller, but seems to\nhave been around since the conversion of `cad_pid` to struct pid in\ncommit 9ec52099e4b8 (\"[PATCH] replace cad_pid by a struct pid\") from the\npre-KASAN stone age of v2.6.19.\n\nFix this by getting a reference to the init task\u0027s struct pid when we\nassign it to `cad_pid`.\n\nFull KASAN splat below.\n\n   ==================================================================\n   BUG: KASAN: use-after-free in ns_of_pid include/linux/pid.h:153 [inline]\n   BUG: KASAN: use-after-free in task_active_pid_ns+0xc0/0xc8 kernel/pid.c:509\n   Read of size 4 at addr ffff23794dda0004 by task syz-executor.0/273\n\n   CPU: 1 PID: 273 Comm: syz-executor.0 Not tainted 5.12.0-00001-g9aef892b2d15 #1\n   Hardware name: linux,dummy-virt (DT)\n   Call trace:\n    ns_of_pid include/linux/pid.h:153 [inline]\n    task_active_pid_ns+0xc0/0xc8 kernel/pid.c:509\n    do_notify_parent+0x308/0xe60 kernel/signal.c:1950\n    exit_notify kernel/exit.c:682 [inline]\n    do_exit+0x2334/0x2bd0 kernel/exit.c:845\n    do_group_exit+0x108/0x2c8 kernel/exit.c:922\n    get_signal+0x4e4/0x2a88 kernel/signal.c:2781\n    do_signal arch/arm64/kernel/signal.c:882 [inline]\n    do_notify_resume+0x300/0x970 arch/arm64/kernel/signal.c:936\n    work_pending+0xc/0x2dc\n\n   Allocated by task 0:\n    slab_post_alloc_hook+0x50/0x5c0 mm/slab.h:516\n    slab_alloc_node mm/slub.c:2907 [inline]\n    slab_alloc mm/slub.c:2915 [inline]\n    kmem_cache_alloc+0x1f4/0x4c0 mm/slub.c:2920\n    alloc_pid+0xdc/0xc00 kernel/pid.c:180\n    copy_process+0x2794/0x5e18 kernel/fork.c:2129\n    kernel_clone+0x194/0x13c8 kernel/fork.c:2500\n    kernel_thread+0xd4/0x110 kernel/fork.c:2552\n    rest_init+0x44/0x4a0 init/main.c:687\n    arch_call_rest_init+0x1c/0x28\n    start_kernel+0x520/0x554 init/main.c:1064\n    0x0\n\n   Freed by task 270:\n    slab_free_hook mm/slub.c:1562 [inline]\n    slab_free_freelist_hook+0x98/0x260 mm/slub.c:1600\n    slab_free mm/slub.c:3161 [inline]\n    kmem_cache_free+0x224/0x8e0 mm/slub.c:3177\n    put_pid.part.4+0xe0/0x1a8 kernel/pid.c:114\n    put_pid+0x30/0x48 kernel/pid.c:109\n    proc_do_cad_pid+0x190/0x1b0 kernel/sysctl.c:1401\n    proc_sys_call_handler+0x338/0x4b0 fs/proc/proc_sysctl.c:591\n    proc_sys_write+0x34/0x48 fs/proc/proc_sysctl.c:617\n    call_write_iter include/linux/fs.h:1977 [inline]\n    new_sync_write+0x3ac/0x510 fs/read_write.c:518\n    vfs_write fs/read_write.c:605 [inline]\n    vfs_write+0x9c4/0x1018 fs/read_write.c:585\n    ksys_write+0x124/0x240 fs/read_write.c:658\n    __do_sys_write fs/read_write.c:670 [inline]\n    __se_sys_write fs/read_write.c:667 [inline]\n    __arm64_sys_write+0x78/0xb0 fs/read_write.c:667\n    __invoke_syscall arch/arm64/kernel/syscall.c:37 [inline]\n    invoke_syscall arch/arm64/kernel/syscall.c:49 [inline]\n    el0_svc_common.constprop.1+0x16c/0x388 arch/arm64/kernel/syscall.c:129\n    do_el0_svc+0xf8/0x150 arch/arm64/kernel/syscall.c:168\n    el0_svc+0x28/0x38 arch/arm64/kernel/entry-common.c:416\n    el0_sync_handler+0x134/0x180 arch/arm64/kernel/entry-common.c:432\n    el0_sync+0x154/0x180 arch/arm64/kernel/entry.S:701\n\n   The buggy address belongs to the object at ffff23794dda0000\n    which belongs to the cache pid of size 224\n   The buggy address is located 4 bytes inside of\n    224-byte region [ff\n---truncated---"
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-11-04T11:59:45.174Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/764c2e892d1fe895392aff62fb353fdce43bb529"
        },
        {
          "url": "https://git.kernel.org/stable/c/f86c80515a8a3703e0ca2e56deb50fc2879c5ea4"
        },
        {
          "url": "https://git.kernel.org/stable/c/4dbd8808a591b49b717862e6e0081bcf14a87788"
        },
        {
          "url": "https://git.kernel.org/stable/c/d106f05432e60f9f62d456ef017687f5c73cb414"
        },
        {
          "url": "https://git.kernel.org/stable/c/2cd6eedfa6344f5ef5c3dac3aee57a39b5b46dff"
        },
        {
          "url": "https://git.kernel.org/stable/c/7178be006d495ffb741c329012da289b62dddfe6"
        },
        {
          "url": "https://git.kernel.org/stable/c/b8ff869f20152fbe66b6c2e2715d26a2f9897cca"
        },
        {
          "url": "https://git.kernel.org/stable/c/0711f0d7050b9e07c44bc159bbc64ac0a1022c7f"
        }
      ],
      "title": "pid: take a reference when initializing `cad_pid`",
      "x_generator": {
        "engine": "bippy-9e1c9544281a"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2021-47118",
    "datePublished": "2024-03-15T20:14:25.116Z",
    "dateReserved": "2024-03-04T18:12:48.838Z",
    "dateUpdated": "2024-11-04T11:59:45.174Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2021-47117

Vulnerability from cvelistv5

Published

2024-03-15 20:14

Modified

2024-11-04 11:59

Severity ?

Summary

ext4: fix bug on in ext4_es_cache_extent as ext4_split_extent_at failed

References

▼	URL	Tags
	https://git.kernel.org/stable/c/e33bafad30d34cfa5e9787cb099cab05e2677fcb
	https://git.kernel.org/stable/c/5b3a9a2be59478b013a430ac57b0f3d65471b071
	https://git.kernel.org/stable/c/d8116743ef5432336289256b2f7c117299213eb9
	https://git.kernel.org/stable/c/569496aa3776eea1ff0d49d0174ac1b7e861e107
	https://git.kernel.org/stable/c/920697b004e49cb026e2e15fe91be065bf0741b7
	https://git.kernel.org/stable/c/d3b668b96ad3192c0581a248ae2f596cd054792a
	https://git.kernel.org/stable/c/48105dc98c9ca35af418746277b087cb2bc6df7c
	https://git.kernel.org/stable/c/082cd4ec240b8734a82a89ffb890216ac98fec68

Impacted products

▼	Vendor	Product
	Linux	Linux
	Linux	Linux

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2021-47117",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-03-18T14:32:59.932623Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-06-04T17:13:39.668Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T05:24:39.794Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/e33bafad30d34cfa5e9787cb099cab05e2677fcb"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/5b3a9a2be59478b013a430ac57b0f3d65471b071"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/d8116743ef5432336289256b2f7c117299213eb9"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/569496aa3776eea1ff0d49d0174ac1b7e861e107"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/920697b004e49cb026e2e15fe91be065bf0741b7"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/d3b668b96ad3192c0581a248ae2f596cd054792a"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/48105dc98c9ca35af418746277b087cb2bc6df7c"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/082cd4ec240b8734a82a89ffb890216ac98fec68"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "fs/ext4/extents.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "e33bafad30d3",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            },
            {
              "lessThan": "5b3a9a2be594",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            },
            {
              "lessThan": "d8116743ef54",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            },
            {
              "lessThan": "569496aa3776",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            },
            {
              "lessThan": "920697b004e4",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            },
            {
              "lessThan": "d3b668b96ad3",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            },
            {
              "lessThan": "48105dc98c9c",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            },
            {
              "lessThan": "082cd4ec240b",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "fs/ext4/extents.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThanOrEqual": "4.4.*",
              "status": "unaffected",
              "version": "4.4.272",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "4.9.*",
              "status": "unaffected",
              "version": "4.9.272",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "4.14.*",
              "status": "unaffected",
              "version": "4.14.236",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "4.19.*",
              "status": "unaffected",
              "version": "4.19.194",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.4.*",
              "status": "unaffected",
              "version": "5.4.125",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.10.*",
              "status": "unaffected",
              "version": "5.10.43",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.12.*",
              "status": "unaffected",
              "version": "5.12.10",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "5.13",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\next4: fix bug on in ext4_es_cache_extent as ext4_split_extent_at failed\n\nWe got follow bug_on when run fsstress with injecting IO fault:\n[130747.323114] kernel BUG at fs/ext4/extents_status.c:762!\n[130747.323117] Internal error: Oops - BUG: 0 [#1] SMP\n......\n[130747.334329] Call trace:\n[130747.334553]  ext4_es_cache_extent+0x150/0x168 [ext4]\n[130747.334975]  ext4_cache_extents+0x64/0xe8 [ext4]\n[130747.335368]  ext4_find_extent+0x300/0x330 [ext4]\n[130747.335759]  ext4_ext_map_blocks+0x74/0x1178 [ext4]\n[130747.336179]  ext4_map_blocks+0x2f4/0x5f0 [ext4]\n[130747.336567]  ext4_mpage_readpages+0x4a8/0x7a8 [ext4]\n[130747.336995]  ext4_readpage+0x54/0x100 [ext4]\n[130747.337359]  generic_file_buffered_read+0x410/0xae8\n[130747.337767]  generic_file_read_iter+0x114/0x190\n[130747.338152]  ext4_file_read_iter+0x5c/0x140 [ext4]\n[130747.338556]  __vfs_read+0x11c/0x188\n[130747.338851]  vfs_read+0x94/0x150\n[130747.339110]  ksys_read+0x74/0xf0\n\nThis patch\u0027s modification is according to Jan Kara\u0027s suggestion in:\nhttps://patchwork.ozlabs.org/project/linux-ext4/patch/20210428085158.3728201-1-yebin10@huawei.com/\n\"I see. Now I understand your patch. Honestly, seeing how fragile is trying\nto fix extent tree after split has failed in the middle, I would probably\ngo even further and make sure we fix the tree properly in case of ENOSPC\nand EDQUOT (those are easily user triggerable).  Anything else indicates a\nHW problem or fs corruption so I\u0027d rather leave the extent tree as is and\ndon\u0027t try to fix it (which also means we will not create overlapping\nextents).\""
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-11-04T11:59:43.823Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/e33bafad30d34cfa5e9787cb099cab05e2677fcb"
        },
        {
          "url": "https://git.kernel.org/stable/c/5b3a9a2be59478b013a430ac57b0f3d65471b071"
        },
        {
          "url": "https://git.kernel.org/stable/c/d8116743ef5432336289256b2f7c117299213eb9"
        },
        {
          "url": "https://git.kernel.org/stable/c/569496aa3776eea1ff0d49d0174ac1b7e861e107"
        },
        {
          "url": "https://git.kernel.org/stable/c/920697b004e49cb026e2e15fe91be065bf0741b7"
        },
        {
          "url": "https://git.kernel.org/stable/c/d3b668b96ad3192c0581a248ae2f596cd054792a"
        },
        {
          "url": "https://git.kernel.org/stable/c/48105dc98c9ca35af418746277b087cb2bc6df7c"
        },
        {
          "url": "https://git.kernel.org/stable/c/082cd4ec240b8734a82a89ffb890216ac98fec68"
        }
      ],
      "title": "ext4: fix bug on in ext4_es_cache_extent as ext4_split_extent_at failed",
      "x_generator": {
        "engine": "bippy-9e1c9544281a"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2021-47117",
    "datePublished": "2024-03-15T20:14:24.291Z",
    "dateReserved": "2024-03-04T18:12:48.838Z",
    "dateUpdated": "2024-11-04T11:59:43.823Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2021-47133

Vulnerability from cvelistv5

Published

2024-03-15 20:14

Modified

2024-11-04 12:00

Severity ?

Summary

HID: amd_sfh: Fix memory leak in amd_sfh_work

References

▼	URL	Tags
	https://git.kernel.org/stable/c/29beadea66a226d744d5ffdcde6b984623053d24
	https://git.kernel.org/stable/c/5ad755fd2b326aa2bc8910b0eb351ee6aece21b1

Impacted products

▼	Vendor	Product
	Linux	Linux
	Linux	Linux

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2021-47133",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-06-21T16:09:29.896332Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-06-21T16:09:37.925Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T05:24:39.960Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/29beadea66a226d744d5ffdcde6b984623053d24"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/5ad755fd2b326aa2bc8910b0eb351ee6aece21b1"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "drivers/hid/amd-sfh-hid/amd_sfh_client.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "29beadea66a2",
              "status": "affected",
              "version": "4b2c53d93a4b",
              "versionType": "git"
            },
            {
              "lessThan": "5ad755fd2b32",
              "status": "affected",
              "version": "4b2c53d93a4b",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "drivers/hid/amd-sfh-hid/amd_sfh_client.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "status": "affected",
              "version": "5.11"
            },
            {
              "lessThan": "5.11",
              "status": "unaffected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.12.*",
              "status": "unaffected",
              "version": "5.12.10",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "5.13",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nHID: amd_sfh: Fix memory leak in amd_sfh_work\n\nKmemleak tool detected a memory leak in the amd_sfh driver.\n\n====================\nunreferenced object 0xffff88810228ada0 (size 32):\n  comm \"insmod\", pid 3968, jiffies 4295056001 (age 775.792s)\n  hex dump (first 32 bytes):\n    00 20 73 1f 81 88 ff ff 00 01 00 00 00 00 ad de  . s.............\n    22 01 00 00 00 00 ad de 01 00 02 00 00 00 00 00  \"...............\n  backtrace:\n    [\u003c000000007b4c8799\u003e] kmem_cache_alloc_trace+0x163/0x4f0\n    [\u003c0000000005326893\u003e] amd_sfh_get_report+0xa4/0x1d0 [amd_sfh]\n    [\u003c000000002a9e5ec4\u003e] amdtp_hid_request+0x62/0x80 [amd_sfh]\n    [\u003c00000000b8a95807\u003e] sensor_hub_get_feature+0x145/0x270 [hid_sensor_hub]\n    [\u003c00000000fda054ee\u003e] hid_sensor_parse_common_attributes+0x215/0x460 [hid_sensor_iio_common]\n    [\u003c0000000021279ecf\u003e] hid_accel_3d_probe+0xff/0x4a0 [hid_sensor_accel_3d]\n    [\u003c00000000915760ce\u003e] platform_probe+0x6a/0xd0\n    [\u003c0000000060258a1f\u003e] really_probe+0x192/0x620\n    [\u003c00000000fa812f2d\u003e] driver_probe_device+0x14a/0x1d0\n    [\u003c000000005e79f7fd\u003e] __device_attach_driver+0xbd/0x110\n    [\u003c0000000070d15018\u003e] bus_for_each_drv+0xfd/0x160\n    [\u003c0000000013a3c312\u003e] __device_attach+0x18b/0x220\n    [\u003c000000008c7b4afc\u003e] device_initial_probe+0x13/0x20\n    [\u003c00000000e6e99665\u003e] bus_probe_device+0xfe/0x120\n    [\u003c00000000833fa90b\u003e] device_add+0x6a6/0xe00\n    [\u003c00000000fa901078\u003e] platform_device_add+0x180/0x380\n====================\n\nThe fix is to freeing request_list entry once the processed entry is\nremoved from the request_list."
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-11-04T12:00:07.092Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/29beadea66a226d744d5ffdcde6b984623053d24"
        },
        {
          "url": "https://git.kernel.org/stable/c/5ad755fd2b326aa2bc8910b0eb351ee6aece21b1"
        }
      ],
      "title": "HID: amd_sfh: Fix memory leak in amd_sfh_work",
      "x_generator": {
        "engine": "bippy-9e1c9544281a"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2021-47133",
    "datePublished": "2024-03-15T20:14:36.044Z",
    "dateReserved": "2024-03-04T18:12:48.840Z",
    "dateUpdated": "2024-11-04T12:00:07.092Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2021-47122

Vulnerability from cvelistv5

Published

2024-03-15 20:14

Modified

2024-11-04 11:59

Severity ?

Summary

net: caif: fix memory leak in caif_device_notify

References

▼	URL	Tags
	https://git.kernel.org/stable/c/b042e2b2039565eb8f0eb51c14fbe1ef463c8cd8
	https://git.kernel.org/stable/c/9348c1f10932f13b299cbc8b1bd5f780751fae49
	https://git.kernel.org/stable/c/4bca2034b41c15b62d47a19158bb76235fd4455d
	https://git.kernel.org/stable/c/3be863c11cab725add9fef4237ed4e232c3fc3bb
	https://git.kernel.org/stable/c/f52f4fd67264c70cd0b4ba326962ebe12d9cba94
	https://git.kernel.org/stable/c/af2806345a37313f01b1c9f15e046745b8ee2daa
	https://git.kernel.org/stable/c/6a0e317f61094d377335547e015dd2ff12caf893
	https://git.kernel.org/stable/c/b53558a950a89824938e9811eddfc8efcd94e1bb

Impacted products

▼	Vendor	Product
	Linux	Linux
	Linux	Linux

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2021-47122",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-06-21T16:10:05.257169Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-06-21T16:10:13.492Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T05:24:39.852Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/b042e2b2039565eb8f0eb51c14fbe1ef463c8cd8"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/9348c1f10932f13b299cbc8b1bd5f780751fae49"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/4bca2034b41c15b62d47a19158bb76235fd4455d"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/3be863c11cab725add9fef4237ed4e232c3fc3bb"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/f52f4fd67264c70cd0b4ba326962ebe12d9cba94"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/af2806345a37313f01b1c9f15e046745b8ee2daa"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/6a0e317f61094d377335547e015dd2ff12caf893"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/b53558a950a89824938e9811eddfc8efcd94e1bb"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "net/caif/caif_dev.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "b042e2b20395",
              "status": "affected",
              "version": "7c18d2205ea7",
              "versionType": "git"
            },
            {
              "lessThan": "9348c1f10932",
              "status": "affected",
              "version": "7c18d2205ea7",
              "versionType": "git"
            },
            {
              "lessThan": "4bca2034b41c",
              "status": "affected",
              "version": "7c18d2205ea7",
              "versionType": "git"
            },
            {
              "lessThan": "3be863c11cab",
              "status": "affected",
              "version": "7c18d2205ea7",
              "versionType": "git"
            },
            {
              "lessThan": "f52f4fd67264",
              "status": "affected",
              "version": "7c18d2205ea7",
              "versionType": "git"
            },
            {
              "lessThan": "af2806345a37",
              "status": "affected",
              "version": "7c18d2205ea7",
              "versionType": "git"
            },
            {
              "lessThan": "6a0e317f6109",
              "status": "affected",
              "version": "7c18d2205ea7",
              "versionType": "git"
            },
            {
              "lessThan": "b53558a950a8",
              "status": "affected",
              "version": "7c18d2205ea7",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "net/caif/caif_dev.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "status": "affected",
              "version": "3.3"
            },
            {
              "lessThan": "3.3",
              "status": "unaffected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "4.4.*",
              "status": "unaffected",
              "version": "4.4.272",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "4.9.*",
              "status": "unaffected",
              "version": "4.9.272",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "4.14.*",
              "status": "unaffected",
              "version": "4.14.236",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "4.19.*",
              "status": "unaffected",
              "version": "4.19.194",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.4.*",
              "status": "unaffected",
              "version": "5.4.125",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.10.*",
              "status": "unaffected",
              "version": "5.10.43",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.12.*",
              "status": "unaffected",
              "version": "5.12.10",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "5.13",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: caif: fix memory leak in caif_device_notify\n\nIn case of caif_enroll_dev() fail, allocated\nlink_support won\u0027t be assigned to the corresponding\nstructure. So simply free allocated pointer in case\nof error"
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-11-04T11:59:50.383Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/b042e2b2039565eb8f0eb51c14fbe1ef463c8cd8"
        },
        {
          "url": "https://git.kernel.org/stable/c/9348c1f10932f13b299cbc8b1bd5f780751fae49"
        },
        {
          "url": "https://git.kernel.org/stable/c/4bca2034b41c15b62d47a19158bb76235fd4455d"
        },
        {
          "url": "https://git.kernel.org/stable/c/3be863c11cab725add9fef4237ed4e232c3fc3bb"
        },
        {
          "url": "https://git.kernel.org/stable/c/f52f4fd67264c70cd0b4ba326962ebe12d9cba94"
        },
        {
          "url": "https://git.kernel.org/stable/c/af2806345a37313f01b1c9f15e046745b8ee2daa"
        },
        {
          "url": "https://git.kernel.org/stable/c/6a0e317f61094d377335547e015dd2ff12caf893"
        },
        {
          "url": "https://git.kernel.org/stable/c/b53558a950a89824938e9811eddfc8efcd94e1bb"
        }
      ],
      "title": "net: caif: fix memory leak in caif_device_notify",
      "x_generator": {
        "engine": "bippy-9e1c9544281a"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2021-47122",
    "datePublished": "2024-03-15T20:14:28.089Z",
    "dateReserved": "2024-03-04T18:12:48.838Z",
    "dateUpdated": "2024-11-04T11:59:50.383Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2021-47135

Vulnerability from cvelistv5

Published

2024-03-15 20:14

Modified

2024-11-04 12:00

Severity ?

Summary

mt76: mt7921: fix possible AOOB issue in mt7921_mcu_tx_rate_report

References

▼	URL	Tags
	https://git.kernel.org/stable/c/6919e8a24e70b6ba148fe07f44f835bcdd1a8d02
	https://git.kernel.org/stable/c/d874e6c06952382897d35bf4094193cd44ae91bd

Impacted products

▼	Vendor	Product
	Linux	Linux
	Linux	Linux

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2021-47135",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-03-18T15:32:01.197382Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-06-04T17:15:22.896Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T05:24:39.911Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/6919e8a24e70b6ba148fe07f44f835bcdd1a8d02"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/d874e6c06952382897d35bf4094193cd44ae91bd"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "drivers/net/wireless/mediatek/mt76/mt7921/mcu.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "6919e8a24e70",
              "status": "affected",
              "version": "1c099ab44727",
              "versionType": "git"
            },
            {
              "lessThan": "d874e6c06952",
              "status": "affected",
              "version": "1c099ab44727",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "drivers/net/wireless/mediatek/mt76/mt7921/mcu.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "status": "affected",
              "version": "5.12"
            },
            {
              "lessThan": "5.12",
              "status": "unaffected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.12.*",
              "status": "unaffected",
              "version": "5.12.10",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "5.13",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nmt76: mt7921: fix possible AOOB issue in mt7921_mcu_tx_rate_report\n\nFix possible array out of bound access in mt7921_mcu_tx_rate_report.\nRemove unnecessary varibable in mt7921_mcu_tx_rate_report"
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-11-04T12:00:09.554Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/6919e8a24e70b6ba148fe07f44f835bcdd1a8d02"
        },
        {
          "url": "https://git.kernel.org/stable/c/d874e6c06952382897d35bf4094193cd44ae91bd"
        }
      ],
      "title": "mt76: mt7921: fix possible AOOB issue in mt7921_mcu_tx_rate_report",
      "x_generator": {
        "engine": "bippy-9e1c9544281a"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2021-47135",
    "datePublished": "2024-03-15T20:14:37.589Z",
    "dateReserved": "2024-03-04T18:12:48.840Z",
    "dateUpdated": "2024-11-04T12:00:09.554Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2021-47113

Vulnerability from cvelistv5

Published

2024-03-15 20:14

Modified

2024-11-04 11:59

Severity ?

Summary

btrfs: abort in rename_exchange if we fail to insert the second ref

References

▼	URL	Tags
	https://git.kernel.org/stable/c/0df50d47d17401f9f140dfbe752a65e5d72f9932
	https://git.kernel.org/stable/c/ff8de2cec65a8c8521faade12a31b39c80e49f5b
	https://git.kernel.org/stable/c/dc09ef3562726cd520c8338c1640872a60187af5

Impacted products

▼	Vendor	Product
	Linux	Linux
	Linux	Linux

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2021-47113",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-03-18T15:16:26.695834Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-06-04T17:14:51.773Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T05:24:39.855Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/0df50d47d17401f9f140dfbe752a65e5d72f9932"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/ff8de2cec65a8c8521faade12a31b39c80e49f5b"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/dc09ef3562726cd520c8338c1640872a60187af5"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "fs/btrfs/inode.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "0df50d47d174",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            },
            {
              "lessThan": "ff8de2cec65a",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            },
            {
              "lessThan": "dc09ef356272",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "fs/btrfs/inode.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThanOrEqual": "5.10.*",
              "status": "unaffected",
              "version": "5.10.43",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.12.*",
              "status": "unaffected",
              "version": "5.12.10",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "5.13",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nbtrfs: abort in rename_exchange if we fail to insert the second ref\n\nError injection stress uncovered a problem where we\u0027d leave a dangling\ninode ref if we failed during a rename_exchange.  This happens because\nwe insert the inode ref for one side of the rename, and then for the\nother side.  If this second inode ref insert fails we\u0027ll leave the first\none dangling and leave a corrupt file system behind.  Fix this by\naborting if we did the insert for the first inode ref."
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-11-04T11:59:39.913Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/0df50d47d17401f9f140dfbe752a65e5d72f9932"
        },
        {
          "url": "https://git.kernel.org/stable/c/ff8de2cec65a8c8521faade12a31b39c80e49f5b"
        },
        {
          "url": "https://git.kernel.org/stable/c/dc09ef3562726cd520c8338c1640872a60187af5"
        }
      ],
      "title": "btrfs: abort in rename_exchange if we fail to insert the second ref",
      "x_generator": {
        "engine": "bippy-9e1c9544281a"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2021-47113",
    "datePublished": "2024-03-15T20:14:21.300Z",
    "dateReserved": "2024-03-04T18:12:48.836Z",
    "dateUpdated": "2024-11-04T11:59:39.913Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2021-47131

Vulnerability from cvelistv5

Published

2024-03-15 20:14

Modified

2024-11-04 12:00

Severity ?

Summary

net/tls: Fix use-after-free after the TLS device goes down and up

References

▼	URL	Tags
	https://git.kernel.org/stable/c/f1d4184f128dede82a59a841658ed40d4e6d3aa2
	https://git.kernel.org/stable/c/0f1e6fe66977a864fe850522316f713d7b926fd9
	https://git.kernel.org/stable/c/c55dcdd435aa6c6ad6ccac0a4c636d010ee367a4

Impacted products

▼	Vendor	Product
	Linux	Linux
	Linux	Linux

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2021-47131",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-03-19T15:23:46.487605Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-06-04T17:14:12.171Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T05:24:39.881Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/f1d4184f128dede82a59a841658ed40d4e6d3aa2"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/0f1e6fe66977a864fe850522316f713d7b926fd9"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/c55dcdd435aa6c6ad6ccac0a4c636d010ee367a4"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "include/net/tls.h",
            "net/tls/tls_device.c",
            "net/tls/tls_device_fallback.c",
            "net/tls/tls_main.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "f1d4184f128d",
              "status": "affected",
              "version": "e8f69799810c",
              "versionType": "git"
            },
            {
              "lessThan": "0f1e6fe66977",
              "status": "affected",
              "version": "e8f69799810c",
              "versionType": "git"
            },
            {
              "lessThan": "c55dcdd435aa",
              "status": "affected",
              "version": "e8f69799810c",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "include/net/tls.h",
            "net/tls/tls_device.c",
            "net/tls/tls_device_fallback.c",
            "net/tls/tls_main.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "status": "affected",
              "version": "4.18"
            },
            {
              "lessThan": "4.18",
              "status": "unaffected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.10.*",
              "status": "unaffected",
              "version": "5.10.43",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.12.*",
              "status": "unaffected",
              "version": "5.12.10",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "5.13",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/tls: Fix use-after-free after the TLS device goes down and up\n\nWhen a netdev with active TLS offload goes down, tls_device_down is\ncalled to stop the offload and tear down the TLS context. However, the\nsocket stays alive, and it still points to the TLS context, which is now\ndeallocated. If a netdev goes up, while the connection is still active,\nand the data flow resumes after a number of TCP retransmissions, it will\nlead to a use-after-free of the TLS context.\n\nThis commit addresses this bug by keeping the context alive until its\nnormal destruction, and implements the necessary fallbacks, so that the\nconnection can resume in software (non-offloaded) kTLS mode.\n\nOn the TX side tls_sw_fallback is used to encrypt all packets. The RX\nside already has all the necessary fallbacks, because receiving\nnon-decrypted packets is supported. The thing needed on the RX side is\nto block resync requests, which are normally produced after receiving\nnon-decrypted packets.\n\nThe necessary synchronization is implemented for a graceful teardown:\nfirst the fallbacks are deployed, then the driver resources are released\n(it used to be possible to have a tls_dev_resync after tls_dev_del).\n\nA new flag called TLS_RX_DEV_DEGRADED is added to indicate the fallback\nmode. It\u0027s used to skip the RX resync logic completely, as it becomes\nuseless, and some objects may be released (for example, resync_async,\nwhich is allocated and freed by the driver)."
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-11-04T12:00:02.484Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/f1d4184f128dede82a59a841658ed40d4e6d3aa2"
        },
        {
          "url": "https://git.kernel.org/stable/c/0f1e6fe66977a864fe850522316f713d7b926fd9"
        },
        {
          "url": "https://git.kernel.org/stable/c/c55dcdd435aa6c6ad6ccac0a4c636d010ee367a4"
        }
      ],
      "title": "net/tls: Fix use-after-free after the TLS device goes down and up",
      "x_generator": {
        "engine": "bippy-9e1c9544281a"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2021-47131",
    "datePublished": "2024-03-15T20:14:34.647Z",
    "dateReserved": "2024-03-04T18:12:48.840Z",
    "dateUpdated": "2024-11-04T12:00:02.484Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2021-47110

Vulnerability from cvelistv5

Published

2024-03-15 20:14

Modified

2024-11-04 11:59

Severity ?

Summary

x86/kvm: Disable kvmclock on all CPUs on shutdown

References

▼	URL	Tags
	https://git.kernel.org/stable/c/9084fe1b3572664ad276f427dce575f580c9799a
	https://git.kernel.org/stable/c/3b0becf8b1ecf642a9edaf4c9628ffc641e490d6
	https://git.kernel.org/stable/c/1df2dc09926f61319116c80ee85701df33577d70
	https://git.kernel.org/stable/c/c02027b5742b5aa804ef08a4a9db433295533046

Impacted products

▼	Vendor	Product
	Linux	Linux
	Linux	Linux

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2021-47110",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-03-18T16:10:03.353776Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-06-04T17:13:56.037Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T05:24:39.913Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/9084fe1b3572664ad276f427dce575f580c9799a"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/3b0becf8b1ecf642a9edaf4c9628ffc641e490d6"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/1df2dc09926f61319116c80ee85701df33577d70"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/c02027b5742b5aa804ef08a4a9db433295533046"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "arch/x86/include/asm/kvm_para.h",
            "arch/x86/kernel/kvm.c",
            "arch/x86/kernel/kvmclock.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "9084fe1b3572",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            },
            {
              "lessThan": "3b0becf8b1ec",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            },
            {
              "lessThan": "1df2dc09926f",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            },
            {
              "lessThan": "c02027b5742b",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "arch/x86/include/asm/kvm_para.h",
            "arch/x86/kernel/kvm.c",
            "arch/x86/kernel/kvmclock.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThanOrEqual": "5.4.*",
              "status": "unaffected",
              "version": "5.4.125",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.10.*",
              "status": "unaffected",
              "version": "5.10.43",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.12.*",
              "status": "unaffected",
              "version": "5.12.10",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "5.13",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nx86/kvm: Disable kvmclock on all CPUs on shutdown\n\nCurrenly, we disable kvmclock from machine_shutdown() hook and this\nonly happens for boot CPU. We need to disable it for all CPUs to\nguard against memory corruption e.g. on restore from hibernate.\n\nNote, writing \u00270\u0027 to kvmclock MSR doesn\u0027t clear memory location, it\njust prevents hypervisor from updating the location so for the short\nwhile after write and while CPU is still alive, the clock remains usable\nand correct so we don\u0027t need to switch to some other clocksource."
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-11-04T11:59:36.144Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/9084fe1b3572664ad276f427dce575f580c9799a"
        },
        {
          "url": "https://git.kernel.org/stable/c/3b0becf8b1ecf642a9edaf4c9628ffc641e490d6"
        },
        {
          "url": "https://git.kernel.org/stable/c/1df2dc09926f61319116c80ee85701df33577d70"
        },
        {
          "url": "https://git.kernel.org/stable/c/c02027b5742b5aa804ef08a4a9db433295533046"
        }
      ],
      "title": "x86/kvm: Disable kvmclock on all CPUs on shutdown",
      "x_generator": {
        "engine": "bippy-9e1c9544281a"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2021-47110",
    "datePublished": "2024-03-15T20:14:19.183Z",
    "dateReserved": "2024-03-04T18:12:48.836Z",
    "dateUpdated": "2024-11-04T11:59:36.144Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2021-47115

Vulnerability from cvelistv5

This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "cna": {
      "providerMetadata": {
        "dateUpdated": "2024-03-18T10:33:22.634Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "rejectedReasons": [
        {
          "lang": "en",
          "value": "This CVE ID has been rejected or withdrawn by its CVE Numbering Authority."
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2021-47115",
    "datePublished": "2024-03-15T20:14:22.839Z",
    "dateRejected": "2024-03-18T10:33:22.634Z",
    "dateReserved": "2024-03-04T18:12:48.837Z",
    "dateUpdated": "2024-03-18T10:33:22.634Z",
    "state": "REJECTED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.0"
}

cve-2021-47129

Vulnerability from cvelistv5

Published

2024-03-15 20:14

Modified

2024-11-07 19:09

Severity ?

4.6 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N

Summary

netfilter: nft_ct: skip expectations for confirmed conntrack

References

▼	URL	Tags
	https://git.kernel.org/stable/c/da8d31e80ff425f5a65dab7060d5c4aba749e562
	https://git.kernel.org/stable/c/5f3429c05e4028a0e241afdad856dd15dec2ffb9
	https://git.kernel.org/stable/c/2c0e6b35b88a961127066a1028bce9c727cbc3e5
	https://git.kernel.org/stable/c/1710eb913bdcda3917f44d383c32de6bdabfc836

Impacted products

▼	Vendor	Product
	Linux	Linux
	Linux	Linux

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "cvssV3_1": {
              "attackComplexity": "LOW",
              "attackVector": "NETWORK",
              "availabilityImpact": "NONE",
              "baseScore": 4.6,
              "baseSeverity": "MEDIUM",
              "confidentialityImpact": "LOW",
              "integrityImpact": "LOW",
              "privilegesRequired": "LOW",
              "scope": "UNCHANGED",
              "userInteraction": "REQUIRED",
              "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N",
              "version": "3.1"
            }
          },
          {
            "other": {
              "content": {
                "id": "CVE-2021-47129",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-03-19T16:02:32.498750Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "problemTypes": [
          {
            "descriptions": [
              {
                "cweId": "CWE-273",
                "description": "CWE-273 Improper Check for Dropped Privileges",
                "lang": "en",
                "type": "CWE"
              }
            ]
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-11-07T19:09:24.528Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T05:24:39.894Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/da8d31e80ff425f5a65dab7060d5c4aba749e562"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/5f3429c05e4028a0e241afdad856dd15dec2ffb9"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/2c0e6b35b88a961127066a1028bce9c727cbc3e5"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/1710eb913bdcda3917f44d383c32de6bdabfc836"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "net/netfilter/nft_ct.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "da8d31e80ff4",
              "status": "affected",
              "version": "857b46027d6f",
              "versionType": "git"
            },
            {
              "lessThan": "5f3429c05e40",
              "status": "affected",
              "version": "857b46027d6f",
              "versionType": "git"
            },
            {
              "lessThan": "2c0e6b35b88a",
              "status": "affected",
              "version": "857b46027d6f",
              "versionType": "git"
            },
            {
              "lessThan": "1710eb913bdc",
              "status": "affected",
              "version": "857b46027d6f",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "net/netfilter/nft_ct.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "status": "affected",
              "version": "5.3"
            },
            {
              "lessThan": "5.3",
              "status": "unaffected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.4.*",
              "status": "unaffected",
              "version": "5.4.125",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.10.*",
              "status": "unaffected",
              "version": "5.10.43",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.12.*",
              "status": "unaffected",
              "version": "5.12.10",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "5.13",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: nft_ct: skip expectations for confirmed conntrack\n\nnft_ct_expect_obj_eval() calls nf_ct_ext_add() for a confirmed\nconntrack entry. However, nf_ct_ext_add() can only be called for\n!nf_ct_is_confirmed().\n\n[ 1825.349056] WARNING: CPU: 0 PID: 1279 at net/netfilter/nf_conntrack_extend.c:48 nf_ct_xt_add+0x18e/0x1a0 [nf_conntrack]\n[ 1825.351391] RIP: 0010:nf_ct_ext_add+0x18e/0x1a0 [nf_conntrack]\n[ 1825.351493] Code: 41 5c 41 5d 41 5e 41 5f c3 41 bc 0a 00 00 00 e9 15 ff ff ff ba 09 00 00 00 31 f6 4c 89 ff e8 69 6c 3d e9 eb 96 45 31 ed eb cd \u003c0f\u003e 0b e9 b1 fe ff ff e8 86 79 14 e9 eb bf 0f 1f 40 00 0f 1f 44 00\n[ 1825.351721] RSP: 0018:ffffc90002e1f1e8 EFLAGS: 00010202\n[ 1825.351790] RAX: 000000000000000e RBX: ffff88814f5783c0 RCX: ffffffffc0e4f887\n[ 1825.351881] RDX: dffffc0000000000 RSI: 0000000000000008 RDI: ffff88814f578440\n[ 1825.351971] RBP: 0000000000000000 R08: 0000000000000000 R09: ffff88814f578447\n[ 1825.352060] R10: ffffed1029eaf088 R11: 0000000000000001 R12: ffff88814f578440\n[ 1825.352150] R13: ffff8882053f3a00 R14: 0000000000000000 R15: 0000000000000a20\n[ 1825.352240] FS:  00007f992261c900(0000) GS:ffff889faec00000(0000) knlGS:0000000000000000\n[ 1825.352343] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n[ 1825.352417] CR2: 000056070a4d1158 CR3: 000000015efe0000 CR4: 0000000000350ee0\n[ 1825.352508] Call Trace:\n[ 1825.352544]  nf_ct_helper_ext_add+0x10/0x60 [nf_conntrack]\n[ 1825.352641]  nft_ct_expect_obj_eval+0x1b8/0x1e0 [nft_ct]\n[ 1825.352716]  nft_do_chain+0x232/0x850 [nf_tables]\n\nAdd the ct helper extension only for unconfirmed conntrack. Skip rule\nevaluation if the ct helper extension does not exist. Thus, you can\nonly create expectations from the first packet.\n\nIt should be possible to remove this limitation by adding a new action\nto attach a generic ct helper to the first packet. Then, use this ct\nhelper extension from follow up packets to create the ct expectation.\n\nWhile at it, add a missing check to skip the template conntrack too\nand remove check for IPCT_UNTRACK which is implicit to !ct."
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-11-04T11:59:58.949Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/da8d31e80ff425f5a65dab7060d5c4aba749e562"
        },
        {
          "url": "https://git.kernel.org/stable/c/5f3429c05e4028a0e241afdad856dd15dec2ffb9"
        },
        {
          "url": "https://git.kernel.org/stable/c/2c0e6b35b88a961127066a1028bce9c727cbc3e5"
        },
        {
          "url": "https://git.kernel.org/stable/c/1710eb913bdcda3917f44d383c32de6bdabfc836"
        }
      ],
      "title": "netfilter: nft_ct: skip expectations for confirmed conntrack",
      "x_generator": {
        "engine": "bippy-9e1c9544281a"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2021-47129",
    "datePublished": "2024-03-15T20:14:33.102Z",
    "dateReserved": "2024-03-04T18:12:48.839Z",
    "dateUpdated": "2024-11-07T19:09:24.528Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
Confirmed: The vulnerability is confirmed from an analyst perspective.
Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
Patched: This vulnerability was successfully patched by the user reporting the sighting.
Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
Not confirmed: The user expresses doubt about the veracity of the vulnerability.
Not patched: This vulnerability was not successfully patched by the user reporting the sighting.

Action not permitted

Vulnerability from csaf_certbund

Vulnerability from cvelistv5

Vulnerability from cvelistv5

Vulnerability from cvelistv5

Vulnerability from cvelistv5

Vulnerability from cvelistv5

Vulnerability from cvelistv5

Vulnerability from cvelistv5

Vulnerability from cvelistv5

Vulnerability from cvelistv5

Vulnerability from cvelistv5

Vulnerability from cvelistv5

Vulnerability from cvelistv5

Vulnerability from cvelistv5

Vulnerability from cvelistv5

Vulnerability from cvelistv5

Vulnerability from cvelistv5

Vulnerability from cvelistv5

Vulnerability from cvelistv5

Vulnerability from cvelistv5

Vulnerability from cvelistv5

Vulnerability from cvelistv5

Vulnerability from cvelistv5

Vulnerability from cvelistv5

Vulnerability from cvelistv5

Vulnerability from cvelistv5

Vulnerability from cvelistv5

Tags

Sightings

Nomenclature