csaf_certbund - wid-sec-w-2024-0699

wid-sec-w-2024-0699

Vulnerability from csaf_certbund

Published

2024-03-24 23:00

Modified

2024-06-11 22:00

Summary

Linux-Kernel: Mehrere Schwachstellen ermöglichen Denial of Service und unspezifische Angriffe

Notes

Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.

Produktbeschreibung

Der Kernel stellt den Kern des Linux Betriebssystems dar.

Angriff

Ein lokaler Angreifer kann mehrere Schwachstellen im Linux-Kernel ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen und einen nicht spezifizierten Angriff durchzuführen.

Betroffene Betriebssysteme

- Linux

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "text": "mittel"
    },
    "category": "csaf_base",
    "csaf_version": "2.0",
    "distribution": {
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "de-DE",
    "notes": [
      {
        "category": "legal_disclaimer",
        "text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
      },
      {
        "category": "description",
        "text": "Der Kernel stellt den Kern des Linux Betriebssystems dar.",
        "title": "Produktbeschreibung"
      },
      {
        "category": "summary",
        "text": "Ein lokaler Angreifer kann mehrere Schwachstellen im Linux-Kernel ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen und einen nicht spezifizierten Angriff durchzuf\u00fchren.",
        "title": "Angriff"
      },
      {
        "category": "general",
        "text": "- Linux",
        "title": "Betroffene Betriebssysteme"
      }
    ],
    "publisher": {
      "category": "other",
      "contact_details": "csaf-provider@cert-bund.de",
      "name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
      "namespace": "https://www.bsi.bund.de"
    },
    "references": [
      {
        "category": "self",
        "summary": "WID-SEC-W-2024-0699 - CSAF Version",
        "url": "https://wid.cert-bund.de/.well-known/csaf/white/2024/wid-sec-w-2024-0699.json"
      },
      {
        "category": "self",
        "summary": "WID-SEC-2024-0699 - Portal Version",
        "url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2024-0699"
      },
      {
        "category": "external",
        "summary": "NIST Vulnerability Database vom 2024-03-24",
        "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-47136"
      },
      {
        "category": "external",
        "summary": "NIST Vulnerability Database vom 2024-03-24",
        "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-47137"
      },
      {
        "category": "external",
        "summary": "NIST Vulnerability Database vom 2024-03-24",
        "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-47138"
      },
      {
        "category": "external",
        "summary": "NIST Vulnerability Database vom 2024-03-24",
        "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-47139"
      },
      {
        "category": "external",
        "summary": "NIST Vulnerability Database vom 2024-03-24",
        "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-47140"
      },
      {
        "category": "external",
        "summary": "NIST Vulnerability Database vom 2024-03-24",
        "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-47141"
      },
      {
        "category": "external",
        "summary": "NIST Vulnerability Database vom 2024-03-24",
        "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-47142"
      },
      {
        "category": "external",
        "summary": "NIST Vulnerability Database vom 2024-03-24",
        "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-47143"
      },
      {
        "category": "external",
        "summary": "NIST Vulnerability Database vom 2024-03-24",
        "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-47144"
      },
      {
        "category": "external",
        "summary": "NIST Vulnerability Database vom 2024-03-24",
        "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-47145"
      },
      {
        "category": "external",
        "summary": "NIST Vulnerability Database vom 2024-03-24",
        "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-47146"
      },
      {
        "category": "external",
        "summary": "NIST Vulnerability Database vom 2024-03-24",
        "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-47147"
      },
      {
        "category": "external",
        "summary": "NIST Vulnerability Database vom 2024-03-24",
        "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-47148"
      },
      {
        "category": "external",
        "summary": "NIST Vulnerability Database vom 2024-03-24",
        "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-47149"
      },
      {
        "category": "external",
        "summary": "NIST Vulnerability Database vom 2024-03-24",
        "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-47150"
      },
      {
        "category": "external",
        "summary": "NIST Vulnerability Database vom 2024-03-24",
        "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-47151"
      },
      {
        "category": "external",
        "summary": "NIST Vulnerability Database vom 2024-03-24",
        "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-47152"
      },
      {
        "category": "external",
        "summary": "NIST Vulnerability Database vom 2024-03-24",
        "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-47153"
      },
      {
        "category": "external",
        "summary": "NIST Vulnerability Database vom 2024-03-24",
        "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-47154"
      },
      {
        "category": "external",
        "summary": "NIST Vulnerability Database vom 2024-03-24",
        "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-47155"
      },
      {
        "category": "external",
        "summary": "NIST Vulnerability Database vom 2024-03-24",
        "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-47156"
      },
      {
        "category": "external",
        "summary": "NIST Vulnerability Database vom 2024-03-24",
        "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-47157"
      },
      {
        "category": "external",
        "summary": "NIST Vulnerability Database vom 2024-03-24",
        "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-47158"
      },
      {
        "category": "external",
        "summary": "NIST Vulnerability Database vom 2024-03-24",
        "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-47159"
      },
      {
        "category": "external",
        "summary": "NIST Vulnerability Database vom 2024-03-24",
        "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-47160"
      },
      {
        "category": "external",
        "summary": "NIST Vulnerability Database vom 2024-03-24",
        "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-47161"
      },
      {
        "category": "external",
        "summary": "NIST Vulnerability Database vom 2024-03-24",
        "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-47162"
      },
      {
        "category": "external",
        "summary": "NIST Vulnerability Database vom 2024-03-24",
        "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-47163"
      },
      {
        "category": "external",
        "summary": "NIST Vulnerability Database vom 2024-03-24",
        "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-47164"
      },
      {
        "category": "external",
        "summary": "NIST Vulnerability Database vom 2024-03-24",
        "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-47165"
      },
      {
        "category": "external",
        "summary": "NIST Vulnerability Database vom 2024-03-24",
        "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-47166"
      },
      {
        "category": "external",
        "summary": "NIST Vulnerability Database vom 2024-03-24",
        "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-47167"
      },
      {
        "category": "external",
        "summary": "NIST Vulnerability Database vom 2024-03-24",
        "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-47168"
      },
      {
        "category": "external",
        "summary": "NIST Vulnerability Database vom 2024-03-24",
        "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-47169"
      },
      {
        "category": "external",
        "summary": "NIST Vulnerability Database vom 2024-03-24",
        "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-47170"
      },
      {
        "category": "external",
        "summary": "NIST Vulnerability Database vom 2024-03-24",
        "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-47171"
      },
      {
        "category": "external",
        "summary": "NIST Vulnerability Database vom 2024-03-24",
        "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-47172"
      },
      {
        "category": "external",
        "summary": "NIST Vulnerability Database vom 2024-03-24",
        "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-47173"
      },
      {
        "category": "external",
        "summary": "NIST Vulnerability Database vom 2024-03-24",
        "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-47174"
      },
      {
        "category": "external",
        "summary": "NIST Vulnerability Database vom 2024-03-24",
        "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-47175"
      },
      {
        "category": "external",
        "summary": "NIST Vulnerability Database vom 2024-03-24",
        "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-47176"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2024:1454-1 vom 2024-04-26",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2024-April/018431.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2024:1648-1 vom 2024-05-14",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2024-May/018524.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2024:1643-1 vom 2024-05-14",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2024-May/018529.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2024:1646-1 vom 2024-05-14",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2024-May/018526.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2024:1648-2 vom 2024-05-21",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2024-May/018572.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2024:1870-1 vom 2024-05-30",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2024-May/018634.html"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2024:3618 vom 2024-06-05",
        "url": "https://access.redhat.com/errata/RHSA-2024:3618"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2024:3627 vom 2024-06-05",
        "url": "https://access.redhat.com/errata/RHSA-2024:3627"
      },
      {
        "category": "external",
        "summary": "Oracle Linux Security Advisory ELSA-2024-3618 vom 2024-06-06",
        "url": "https://linux.oracle.com/errata/ELSA-2024-3618.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2024:1979-1 vom 2024-06-11",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2024-June/018685.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2024:1983-1 vom 2024-06-11",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2024-June/018700.html"
      }
    ],
    "source_lang": "en-US",
    "title": "Linux-Kernel: Mehrere Schwachstellen erm\u00f6glichen Denial of Service und unspezifische Angriffe",
    "tracking": {
      "current_release_date": "2024-06-11T22:00:00.000+00:00",
      "generator": {
        "date": "2024-06-12T08:09:26.696+00:00",
        "engine": {
          "name": "BSI-WID",
          "version": "1.3.0"
        }
      },
      "id": "WID-SEC-W-2024-0699",
      "initial_release_date": "2024-03-24T23:00:00.000+00:00",
      "revision_history": [
        {
          "date": "2024-03-24T23:00:00.000+00:00",
          "number": "1",
          "summary": "Initiale Fassung"
        },
        {
          "date": "2024-04-28T22:00:00.000+00:00",
          "number": "2",
          "summary": "Neue Updates von SUSE aufgenommen"
        },
        {
          "date": "2024-05-14T22:00:00.000+00:00",
          "number": "3",
          "summary": "Neue Updates von SUSE aufgenommen"
        },
        {
          "date": "2024-05-21T22:00:00.000+00:00",
          "number": "4",
          "summary": "Neue Updates von SUSE aufgenommen"
        },
        {
          "date": "2024-05-30T22:00:00.000+00:00",
          "number": "5",
          "summary": "Neue Updates von SUSE aufgenommen"
        },
        {
          "date": "2024-06-04T22:00:00.000+00:00",
          "number": "6",
          "summary": "Neue Updates von Red Hat aufgenommen"
        },
        {
          "date": "2024-06-06T22:00:00.000+00:00",
          "number": "7",
          "summary": "Neue Updates von Oracle Linux aufgenommen"
        },
        {
          "date": "2024-06-10T22:00:00.000+00:00",
          "number": "8",
          "summary": "Neue Updates von SUSE aufgenommen"
        },
        {
          "date": "2024-06-11T22:00:00.000+00:00",
          "number": "9",
          "summary": "Neue Updates von SUSE aufgenommen"
        }
      ],
      "status": "final",
      "version": "9"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "category": "product_name",
            "name": "Open Source Linux Kernel",
            "product": {
              "name": "Open Source Linux Kernel",
              "product_id": "T033646",
              "product_identification_helper": {
                "cpe": "cpe:/o:linux:linux_kernel:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "Open Source"
      },
      {
        "branches": [
          {
            "category": "product_name",
            "name": "Oracle Linux",
            "product": {
              "name": "Oracle Linux",
              "product_id": "T004914",
              "product_identification_helper": {
                "cpe": "cpe:/o:oracle:linux:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "Oracle"
      },
      {
        "branches": [
          {
            "category": "product_name",
            "name": "Red Hat Enterprise Linux",
            "product": {
              "name": "Red Hat Enterprise Linux",
              "product_id": "67646",
              "product_identification_helper": {
                "cpe": "cpe:/o:redhat:enterprise_linux:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "Red Hat"
      },
      {
        "branches": [
          {
            "category": "product_name",
            "name": "SUSE Linux",
            "product": {
              "name": "SUSE Linux",
              "product_id": "T002207",
              "product_identification_helper": {
                "cpe": "cpe:/o:suse:suse_linux:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "SUSE"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2021-47136",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie octeontx2-pf oder drm/amdgpu, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einer NULL-Zeiger-Dereferenz, einem use-after-free oder einem Puffer\u00fcberlauf. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T002207",
          "67646",
          "T033646",
          "T004914"
        ]
      },
      "release_date": "2024-03-24T23:00:00Z",
      "title": "CVE-2021-47136"
    },
    {
      "cve": "CVE-2021-47137",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie octeontx2-pf oder drm/amdgpu, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einer NULL-Zeiger-Dereferenz, einem use-after-free oder einem Puffer\u00fcberlauf. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T002207",
          "67646",
          "T033646",
          "T004914"
        ]
      },
      "release_date": "2024-03-24T23:00:00Z",
      "title": "CVE-2021-47137"
    },
    {
      "cve": "CVE-2021-47138",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie octeontx2-pf oder drm/amdgpu, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einer NULL-Zeiger-Dereferenz, einem use-after-free oder einem Puffer\u00fcberlauf. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T002207",
          "67646",
          "T033646",
          "T004914"
        ]
      },
      "release_date": "2024-03-24T23:00:00Z",
      "title": "CVE-2021-47138"
    },
    {
      "cve": "CVE-2021-47139",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie octeontx2-pf oder drm/amdgpu, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einer NULL-Zeiger-Dereferenz, einem use-after-free oder einem Puffer\u00fcberlauf. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T002207",
          "67646",
          "T033646",
          "T004914"
        ]
      },
      "release_date": "2024-03-24T23:00:00Z",
      "title": "CVE-2021-47139"
    },
    {
      "cve": "CVE-2021-47140",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie octeontx2-pf oder drm/amdgpu, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einer NULL-Zeiger-Dereferenz, einem use-after-free oder einem Puffer\u00fcberlauf. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T002207",
          "67646",
          "T033646",
          "T004914"
        ]
      },
      "release_date": "2024-03-24T23:00:00Z",
      "title": "CVE-2021-47140"
    },
    {
      "cve": "CVE-2021-47141",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie octeontx2-pf oder drm/amdgpu, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einer NULL-Zeiger-Dereferenz, einem use-after-free oder einem Puffer\u00fcberlauf. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T002207",
          "67646",
          "T033646",
          "T004914"
        ]
      },
      "release_date": "2024-03-24T23:00:00Z",
      "title": "CVE-2021-47141"
    },
    {
      "cve": "CVE-2021-47142",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie octeontx2-pf oder drm/amdgpu, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einer NULL-Zeiger-Dereferenz, einem use-after-free oder einem Puffer\u00fcberlauf. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T002207",
          "67646",
          "T033646",
          "T004914"
        ]
      },
      "release_date": "2024-03-24T23:00:00Z",
      "title": "CVE-2021-47142"
    },
    {
      "cve": "CVE-2021-47143",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie octeontx2-pf oder drm/amdgpu, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einer NULL-Zeiger-Dereferenz, einem use-after-free oder einem Puffer\u00fcberlauf. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T002207",
          "67646",
          "T033646",
          "T004914"
        ]
      },
      "release_date": "2024-03-24T23:00:00Z",
      "title": "CVE-2021-47143"
    },
    {
      "cve": "CVE-2021-47144",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie octeontx2-pf oder drm/amdgpu, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einer NULL-Zeiger-Dereferenz, einem use-after-free oder einem Puffer\u00fcberlauf. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T002207",
          "67646",
          "T033646",
          "T004914"
        ]
      },
      "release_date": "2024-03-24T23:00:00Z",
      "title": "CVE-2021-47144"
    },
    {
      "cve": "CVE-2021-47145",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie octeontx2-pf oder drm/amdgpu, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einer NULL-Zeiger-Dereferenz, einem use-after-free oder einem Puffer\u00fcberlauf. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T002207",
          "67646",
          "T033646",
          "T004914"
        ]
      },
      "release_date": "2024-03-24T23:00:00Z",
      "title": "CVE-2021-47145"
    },
    {
      "cve": "CVE-2021-47146",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie octeontx2-pf oder drm/amdgpu, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einer NULL-Zeiger-Dereferenz, einem use-after-free oder einem Puffer\u00fcberlauf. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T002207",
          "67646",
          "T033646",
          "T004914"
        ]
      },
      "release_date": "2024-03-24T23:00:00Z",
      "title": "CVE-2021-47146"
    },
    {
      "cve": "CVE-2021-47147",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie octeontx2-pf oder drm/amdgpu, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einer NULL-Zeiger-Dereferenz, einem use-after-free oder einem Puffer\u00fcberlauf. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T002207",
          "67646",
          "T033646",
          "T004914"
        ]
      },
      "release_date": "2024-03-24T23:00:00Z",
      "title": "CVE-2021-47147"
    },
    {
      "cve": "CVE-2021-47148",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie octeontx2-pf oder drm/amdgpu, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einer NULL-Zeiger-Dereferenz, einem use-after-free oder einem Puffer\u00fcberlauf. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T002207",
          "67646",
          "T033646",
          "T004914"
        ]
      },
      "release_date": "2024-03-24T23:00:00Z",
      "title": "CVE-2021-47148"
    },
    {
      "cve": "CVE-2021-47149",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie octeontx2-pf oder drm/amdgpu, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einer NULL-Zeiger-Dereferenz, einem use-after-free oder einem Puffer\u00fcberlauf. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T002207",
          "67646",
          "T033646",
          "T004914"
        ]
      },
      "release_date": "2024-03-24T23:00:00Z",
      "title": "CVE-2021-47149"
    },
    {
      "cve": "CVE-2021-47150",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie octeontx2-pf oder drm/amdgpu, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einer NULL-Zeiger-Dereferenz, einem use-after-free oder einem Puffer\u00fcberlauf. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T002207",
          "67646",
          "T033646",
          "T004914"
        ]
      },
      "release_date": "2024-03-24T23:00:00Z",
      "title": "CVE-2021-47150"
    },
    {
      "cve": "CVE-2021-47151",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie octeontx2-pf oder drm/amdgpu, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einer NULL-Zeiger-Dereferenz, einem use-after-free oder einem Puffer\u00fcberlauf. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T002207",
          "67646",
          "T033646",
          "T004914"
        ]
      },
      "release_date": "2024-03-24T23:00:00Z",
      "title": "CVE-2021-47151"
    },
    {
      "cve": "CVE-2021-47152",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie octeontx2-pf oder drm/amdgpu, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einer NULL-Zeiger-Dereferenz, einem use-after-free oder einem Puffer\u00fcberlauf. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T002207",
          "67646",
          "T033646",
          "T004914"
        ]
      },
      "release_date": "2024-03-24T23:00:00Z",
      "title": "CVE-2021-47152"
    },
    {
      "cve": "CVE-2021-47153",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie octeontx2-pf oder drm/amdgpu, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einer NULL-Zeiger-Dereferenz, einem use-after-free oder einem Puffer\u00fcberlauf. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T002207",
          "67646",
          "T033646",
          "T004914"
        ]
      },
      "release_date": "2024-03-24T23:00:00Z",
      "title": "CVE-2021-47153"
    },
    {
      "cve": "CVE-2021-47158",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie octeontx2-pf oder drm/amdgpu, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einer NULL-Zeiger-Dereferenz, einem use-after-free oder einem Puffer\u00fcberlauf. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T002207",
          "67646",
          "T033646",
          "T004914"
        ]
      },
      "release_date": "2024-03-24T23:00:00Z",
      "title": "CVE-2021-47158"
    },
    {
      "cve": "CVE-2021-47159",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie octeontx2-pf oder drm/amdgpu, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einer NULL-Zeiger-Dereferenz, einem use-after-free oder einem Puffer\u00fcberlauf. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T002207",
          "67646",
          "T033646",
          "T004914"
        ]
      },
      "release_date": "2024-03-24T23:00:00Z",
      "title": "CVE-2021-47159"
    },
    {
      "cve": "CVE-2021-47160",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie octeontx2-pf oder drm/amdgpu, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einer NULL-Zeiger-Dereferenz, einem use-after-free oder einem Puffer\u00fcberlauf. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T002207",
          "67646",
          "T033646",
          "T004914"
        ]
      },
      "release_date": "2024-03-24T23:00:00Z",
      "title": "CVE-2021-47160"
    },
    {
      "cve": "CVE-2021-47161",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie octeontx2-pf oder drm/amdgpu, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einer NULL-Zeiger-Dereferenz, einem use-after-free oder einem Puffer\u00fcberlauf. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T002207",
          "67646",
          "T033646",
          "T004914"
        ]
      },
      "release_date": "2024-03-24T23:00:00Z",
      "title": "CVE-2021-47161"
    },
    {
      "cve": "CVE-2021-47162",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie octeontx2-pf oder drm/amdgpu, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einer NULL-Zeiger-Dereferenz, einem use-after-free oder einem Puffer\u00fcberlauf. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T002207",
          "67646",
          "T033646",
          "T004914"
        ]
      },
      "release_date": "2024-03-24T23:00:00Z",
      "title": "CVE-2021-47162"
    },
    {
      "cve": "CVE-2021-47163",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie octeontx2-pf oder drm/amdgpu, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einer NULL-Zeiger-Dereferenz, einem use-after-free oder einem Puffer\u00fcberlauf. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T002207",
          "67646",
          "T033646",
          "T004914"
        ]
      },
      "release_date": "2024-03-24T23:00:00Z",
      "title": "CVE-2021-47163"
    },
    {
      "cve": "CVE-2021-47164",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie octeontx2-pf oder drm/amdgpu, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einer NULL-Zeiger-Dereferenz, einem use-after-free oder einem Puffer\u00fcberlauf. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T002207",
          "67646",
          "T033646",
          "T004914"
        ]
      },
      "release_date": "2024-03-24T23:00:00Z",
      "title": "CVE-2021-47164"
    },
    {
      "cve": "CVE-2021-47165",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie octeontx2-pf oder drm/amdgpu, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einer NULL-Zeiger-Dereferenz, einem use-after-free oder einem Puffer\u00fcberlauf. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T002207",
          "67646",
          "T033646",
          "T004914"
        ]
      },
      "release_date": "2024-03-24T23:00:00Z",
      "title": "CVE-2021-47165"
    },
    {
      "cve": "CVE-2021-47166",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie octeontx2-pf oder drm/amdgpu, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einer NULL-Zeiger-Dereferenz, einem use-after-free oder einem Puffer\u00fcberlauf. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T002207",
          "67646",
          "T033646",
          "T004914"
        ]
      },
      "release_date": "2024-03-24T23:00:00Z",
      "title": "CVE-2021-47166"
    },
    {
      "cve": "CVE-2021-47167",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie octeontx2-pf oder drm/amdgpu, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einer NULL-Zeiger-Dereferenz, einem use-after-free oder einem Puffer\u00fcberlauf. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T002207",
          "67646",
          "T033646",
          "T004914"
        ]
      },
      "release_date": "2024-03-24T23:00:00Z",
      "title": "CVE-2021-47167"
    },
    {
      "cve": "CVE-2021-47168",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie octeontx2-pf oder drm/amdgpu, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einer NULL-Zeiger-Dereferenz, einem use-after-free oder einem Puffer\u00fcberlauf. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T002207",
          "67646",
          "T033646",
          "T004914"
        ]
      },
      "release_date": "2024-03-24T23:00:00Z",
      "title": "CVE-2021-47168"
    },
    {
      "cve": "CVE-2021-47169",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie octeontx2-pf oder drm/amdgpu, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einer NULL-Zeiger-Dereferenz, einem use-after-free oder einem Puffer\u00fcberlauf. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T002207",
          "67646",
          "T033646",
          "T004914"
        ]
      },
      "release_date": "2024-03-24T23:00:00Z",
      "title": "CVE-2021-47169"
    },
    {
      "cve": "CVE-2021-47170",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie octeontx2-pf oder drm/amdgpu, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einer NULL-Zeiger-Dereferenz, einem use-after-free oder einem Puffer\u00fcberlauf. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T002207",
          "67646",
          "T033646",
          "T004914"
        ]
      },
      "release_date": "2024-03-24T23:00:00Z",
      "title": "CVE-2021-47170"
    },
    {
      "cve": "CVE-2021-47171",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie octeontx2-pf oder drm/amdgpu, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einer NULL-Zeiger-Dereferenz, einem use-after-free oder einem Puffer\u00fcberlauf. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T002207",
          "67646",
          "T033646",
          "T004914"
        ]
      },
      "release_date": "2024-03-24T23:00:00Z",
      "title": "CVE-2021-47171"
    },
    {
      "cve": "CVE-2021-47172",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie octeontx2-pf oder drm/amdgpu, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einer NULL-Zeiger-Dereferenz, einem use-after-free oder einem Puffer\u00fcberlauf. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T002207",
          "67646",
          "T033646",
          "T004914"
        ]
      },
      "release_date": "2024-03-24T23:00:00Z",
      "title": "CVE-2021-47172"
    },
    {
      "cve": "CVE-2021-47173",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie octeontx2-pf oder drm/amdgpu, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einer NULL-Zeiger-Dereferenz, einem use-after-free oder einem Puffer\u00fcberlauf. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T002207",
          "67646",
          "T033646",
          "T004914"
        ]
      },
      "release_date": "2024-03-24T23:00:00Z",
      "title": "CVE-2021-47173"
    },
    {
      "cve": "CVE-2021-47174",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie octeontx2-pf oder drm/amdgpu, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einer NULL-Zeiger-Dereferenz, einem use-after-free oder einem Puffer\u00fcberlauf. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T002207",
          "67646",
          "T033646",
          "T004914"
        ]
      },
      "release_date": "2024-03-24T23:00:00Z",
      "title": "CVE-2021-47174"
    },
    {
      "cve": "CVE-2021-47175",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie octeontx2-pf oder drm/amdgpu, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einer NULL-Zeiger-Dereferenz, einem use-after-free oder einem Puffer\u00fcberlauf. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T002207",
          "67646",
          "T033646",
          "T004914"
        ]
      },
      "release_date": "2024-03-24T23:00:00Z",
      "title": "CVE-2021-47175"
    },
    {
      "cve": "CVE-2021-47176",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie octeontx2-pf oder drm/amdgpu, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einer NULL-Zeiger-Dereferenz, einem use-after-free oder einem Puffer\u00fcberlauf. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T002207",
          "67646",
          "T033646",
          "T004914"
        ]
      },
      "release_date": "2024-03-24T23:00:00Z",
      "title": "CVE-2021-47176"
    },
    {
      "cve": "CVE-2021-47177",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie octeontx2-pf oder drm/amdgpu, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einer NULL-Zeiger-Dereferenz, einem use-after-free oder einem Puffer\u00fcberlauf. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T002207",
          "67646",
          "T033646",
          "T004914"
        ]
      },
      "release_date": "2024-03-24T23:00:00Z",
      "title": "CVE-2021-47177"
    },
    {
      "cve": "CVE-2021-47178",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie octeontx2-pf oder drm/amdgpu, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einer NULL-Zeiger-Dereferenz, einem use-after-free oder einem Puffer\u00fcberlauf. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T002207",
          "67646",
          "T033646",
          "T004914"
        ]
      },
      "release_date": "2024-03-24T23:00:00Z",
      "title": "CVE-2021-47178"
    },
    {
      "cve": "CVE-2021-47179",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie octeontx2-pf oder drm/amdgpu, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einer NULL-Zeiger-Dereferenz, einem use-after-free oder einem Puffer\u00fcberlauf. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T002207",
          "67646",
          "T033646",
          "T004914"
        ]
      },
      "release_date": "2024-03-24T23:00:00Z",
      "title": "CVE-2021-47179"
    },
    {
      "cve": "CVE-2021-47180",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie octeontx2-pf oder drm/amdgpu, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einer NULL-Zeiger-Dereferenz, einem use-after-free oder einem Puffer\u00fcberlauf. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T002207",
          "67646",
          "T033646",
          "T004914"
        ]
      },
      "release_date": "2024-03-24T23:00:00Z",
      "title": "CVE-2021-47180"
    }
  ]
}

cve-2021-47138

Vulnerability from cvelistv5

Published

2024-03-25 09:07

Modified

2024-11-04 12:00

Severity ?

Summary

cxgb4: avoid accessing registers when clearing filters

References

▼	URL	Tags
	https://git.kernel.org/stable/c/0bf49b3c8d8b3a43ce09f1b2db70e5484d31fcdf
	https://git.kernel.org/stable/c/02f03883fdb10ad7e66717c70ea163a8d27ae6e7
	https://git.kernel.org/stable/c/285207a558ab456aa7d8aa877ecc7e91fcc51710
	https://git.kernel.org/stable/c/88c380df84fbd03f9b137c2b9d0a44b9f2f553b0

Impacted products

▼	Vendor	Product
	Linux	Linux
	Linux	Linux

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2021-47138",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-06-26T20:36:36.021064Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-06-26T20:36:44.313Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T05:24:39.941Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/0bf49b3c8d8b3a43ce09f1b2db70e5484d31fcdf"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/02f03883fdb10ad7e66717c70ea163a8d27ae6e7"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/285207a558ab456aa7d8aa877ecc7e91fcc51710"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/88c380df84fbd03f9b137c2b9d0a44b9f2f553b0"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "drivers/net/ethernet/chelsio/cxgb4/cxgb4_filter.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "0bf49b3c8d8b",
              "status": "affected",
              "version": "b1a79360ee86",
              "versionType": "git"
            },
            {
              "lessThan": "02f03883fdb1",
              "status": "affected",
              "version": "b1a79360ee86",
              "versionType": "git"
            },
            {
              "lessThan": "285207a558ab",
              "status": "affected",
              "version": "b1a79360ee86",
              "versionType": "git"
            },
            {
              "lessThan": "88c380df84fb",
              "status": "affected",
              "version": "b1a79360ee86",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "drivers/net/ethernet/chelsio/cxgb4/cxgb4_filter.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "status": "affected",
              "version": "5.2"
            },
            {
              "lessThan": "5.2",
              "status": "unaffected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.4.*",
              "status": "unaffected",
              "version": "5.4.124",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.10.*",
              "status": "unaffected",
              "version": "5.10.42",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.12.*",
              "status": "unaffected",
              "version": "5.12.9",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "5.13",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ncxgb4: avoid accessing registers when clearing filters\n\nHardware register having the server TID base can contain\ninvalid values when adapter is in bad state (for example,\ndue to AER fatal error). Reading these invalid values in the\nregister can lead to out-of-bound memory access. So, fix\nby using the saved server TID base when clearing filters."
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-11-04T12:00:13.144Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/0bf49b3c8d8b3a43ce09f1b2db70e5484d31fcdf"
        },
        {
          "url": "https://git.kernel.org/stable/c/02f03883fdb10ad7e66717c70ea163a8d27ae6e7"
        },
        {
          "url": "https://git.kernel.org/stable/c/285207a558ab456aa7d8aa877ecc7e91fcc51710"
        },
        {
          "url": "https://git.kernel.org/stable/c/88c380df84fbd03f9b137c2b9d0a44b9f2f553b0"
        }
      ],
      "title": "cxgb4: avoid accessing registers when clearing filters",
      "x_generator": {
        "engine": "bippy-9e1c9544281a"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2021-47138",
    "datePublished": "2024-03-25T09:07:37.414Z",
    "dateReserved": "2024-03-04T18:12:48.841Z",
    "dateUpdated": "2024-11-04T12:00:13.144Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2021-47173

Vulnerability from cvelistv5

Published

2024-03-25 09:16

Modified

2024-11-04 12:00

Severity ?

Summary

misc/uss720: fix memory leak in uss720_probe

References

▼	URL	Tags
	https://git.kernel.org/stable/c/5f46b2410db2c8f26b8bb91b40deebf4ec184391
	https://git.kernel.org/stable/c/7889c70e6173ef358f3cd7578db127a489035a42
	https://git.kernel.org/stable/c/bcb30cc8f8befcbdbcf7a016e4dfd4747c54a364
	https://git.kernel.org/stable/c/386918878ce4cd676e4607233866e03c9399a46a
	https://git.kernel.org/stable/c/36b5ff1db1a4ef4fdbc2bae364344279f033ad88
	https://git.kernel.org/stable/c/5394ae9d8c7961dd93807fdf1b12a1dde96b0a55
	https://git.kernel.org/stable/c/a3c3face38cb49932c62adcc1289914f1c742096
	https://git.kernel.org/stable/c/dcb4b8ad6a448532d8b681b5d1a7036210b622de

Impacted products

▼	Vendor	Product
	Linux	Linux
	Linux	Linux

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2021-47173",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-06-21T16:08:15.214025Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-06-21T16:08:23.838Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T05:24:40.231Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/5f46b2410db2c8f26b8bb91b40deebf4ec184391"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/7889c70e6173ef358f3cd7578db127a489035a42"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/bcb30cc8f8befcbdbcf7a016e4dfd4747c54a364"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/386918878ce4cd676e4607233866e03c9399a46a"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/36b5ff1db1a4ef4fdbc2bae364344279f033ad88"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/5394ae9d8c7961dd93807fdf1b12a1dde96b0a55"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/a3c3face38cb49932c62adcc1289914f1c742096"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/dcb4b8ad6a448532d8b681b5d1a7036210b622de"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "drivers/usb/misc/uss720.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "5f46b2410db2",
              "status": "affected",
              "version": "0f36163d3abe",
              "versionType": "git"
            },
            {
              "lessThan": "7889c70e6173",
              "status": "affected",
              "version": "0f36163d3abe",
              "versionType": "git"
            },
            {
              "lessThan": "bcb30cc8f8be",
              "status": "affected",
              "version": "0f36163d3abe",
              "versionType": "git"
            },
            {
              "lessThan": "386918878ce4",
              "status": "affected",
              "version": "0f36163d3abe",
              "versionType": "git"
            },
            {
              "lessThan": "36b5ff1db1a4",
              "status": "affected",
              "version": "0f36163d3abe",
              "versionType": "git"
            },
            {
              "lessThan": "5394ae9d8c79",
              "status": "affected",
              "version": "0f36163d3abe",
              "versionType": "git"
            },
            {
              "lessThan": "a3c3face38cb",
              "status": "affected",
              "version": "0f36163d3abe",
              "versionType": "git"
            },
            {
              "lessThan": "dcb4b8ad6a44",
              "status": "affected",
              "version": "0f36163d3abe",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "drivers/usb/misc/uss720.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "status": "affected",
              "version": "2.6.14"
            },
            {
              "lessThan": "2.6.14",
              "status": "unaffected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "4.4.*",
              "status": "unaffected",
              "version": "4.4.271",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "4.9.*",
              "status": "unaffected",
              "version": "4.9.271",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "4.14.*",
              "status": "unaffected",
              "version": "4.14.235",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "4.19.*",
              "status": "unaffected",
              "version": "4.19.193",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.4.*",
              "status": "unaffected",
              "version": "5.4.124",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.10.*",
              "status": "unaffected",
              "version": "5.10.42",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.12.*",
              "status": "unaffected",
              "version": "5.12.9",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "5.13",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nmisc/uss720: fix memory leak in uss720_probe\n\nuss720_probe forgets to decrease the refcount of usbdev in uss720_probe.\nFix this by decreasing the refcount of usbdev by usb_put_dev.\n\nBUG: memory leak\nunreferenced object 0xffff888101113800 (size 2048):\n  comm \"kworker/0:1\", pid 7, jiffies 4294956777 (age 28.870s)\n  hex dump (first 32 bytes):\n    ff ff ff ff 31 00 00 00 00 00 00 00 00 00 00 00  ....1...........\n    00 00 00 00 00 00 00 00 00 00 00 00 03 00 00 00  ................\n  backtrace:\n    [\u003cffffffff82b8e822\u003e] kmalloc include/linux/slab.h:554 [inline]\n    [\u003cffffffff82b8e822\u003e] kzalloc include/linux/slab.h:684 [inline]\n    [\u003cffffffff82b8e822\u003e] usb_alloc_dev+0x32/0x450 drivers/usb/core/usb.c:582\n    [\u003cffffffff82b98441\u003e] hub_port_connect drivers/usb/core/hub.c:5129 [inline]\n    [\u003cffffffff82b98441\u003e] hub_port_connect_change drivers/usb/core/hub.c:5363 [inline]\n    [\u003cffffffff82b98441\u003e] port_event drivers/usb/core/hub.c:5509 [inline]\n    [\u003cffffffff82b98441\u003e] hub_event+0x1171/0x20c0 drivers/usb/core/hub.c:5591\n    [\u003cffffffff81259229\u003e] process_one_work+0x2c9/0x600 kernel/workqueue.c:2275\n    [\u003cffffffff81259b19\u003e] worker_thread+0x59/0x5d0 kernel/workqueue.c:2421\n    [\u003cffffffff81261228\u003e] kthread+0x178/0x1b0 kernel/kthread.c:292\n    [\u003cffffffff8100227f\u003e] ret_from_fork+0x1f/0x30 arch/x86/entry/entry_64.S:294"
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-11-04T12:00:49.858Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/5f46b2410db2c8f26b8bb91b40deebf4ec184391"
        },
        {
          "url": "https://git.kernel.org/stable/c/7889c70e6173ef358f3cd7578db127a489035a42"
        },
        {
          "url": "https://git.kernel.org/stable/c/bcb30cc8f8befcbdbcf7a016e4dfd4747c54a364"
        },
        {
          "url": "https://git.kernel.org/stable/c/386918878ce4cd676e4607233866e03c9399a46a"
        },
        {
          "url": "https://git.kernel.org/stable/c/36b5ff1db1a4ef4fdbc2bae364344279f033ad88"
        },
        {
          "url": "https://git.kernel.org/stable/c/5394ae9d8c7961dd93807fdf1b12a1dde96b0a55"
        },
        {
          "url": "https://git.kernel.org/stable/c/a3c3face38cb49932c62adcc1289914f1c742096"
        },
        {
          "url": "https://git.kernel.org/stable/c/dcb4b8ad6a448532d8b681b5d1a7036210b622de"
        }
      ],
      "title": "misc/uss720: fix memory leak in uss720_probe",
      "x_generator": {
        "engine": "bippy-9e1c9544281a"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2021-47173",
    "datePublished": "2024-03-25T09:16:24.466Z",
    "dateReserved": "2024-03-25T09:12:14.111Z",
    "dateUpdated": "2024-11-04T12:00:49.858Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2021-47172

Vulnerability from cvelistv5

Published

2024-03-25 09:16

Modified

2024-11-06 15:29

Severity ?

5.5 (Medium) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Summary

iio: adc: ad7124: Fix potential overflow due to non sequential channel numbers

References

▼	URL	Tags
	https://git.kernel.org/stable/c/f49149964d2423fb618fb6b755bb1eaa431cca2c
	https://git.kernel.org/stable/c/f70122825076117787b91e7f219e21c09f11a5b9
	https://git.kernel.org/stable/c/26da8040eccc6c6b0e415e9a3baf72fd39eb2fdc
	https://git.kernel.org/stable/c/f2a772c51206b0c3f262e4f6a3812c89a650191b

Impacted products

▼	Vendor	Product
	Linux	Linux
	Linux	Linux

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "cvssV3_1": {
              "attackComplexity": "LOW",
              "attackVector": "LOCAL",
              "availabilityImpact": "HIGH",
              "baseScore": 5.5,
              "baseSeverity": "MEDIUM",
              "confidentialityImpact": "NONE",
              "integrityImpact": "NONE",
              "privilegesRequired": "LOW",
              "scope": "UNCHANGED",
              "userInteraction": "NONE",
              "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
              "version": "3.1"
            }
          },
          {
            "other": {
              "content": {
                "id": "CVE-2021-47172",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-07-17T17:18:44.850824Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "problemTypes": [
          {
            "descriptions": [
              {
                "cweId": "CWE-120",
                "description": "CWE-120 Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)",
                "lang": "en",
                "type": "CWE"
              }
            ]
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-11-06T15:29:32.072Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T05:24:40.144Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/f49149964d2423fb618fb6b755bb1eaa431cca2c"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/f70122825076117787b91e7f219e21c09f11a5b9"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/26da8040eccc6c6b0e415e9a3baf72fd39eb2fdc"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/f2a772c51206b0c3f262e4f6a3812c89a650191b"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "drivers/iio/adc/ad7124.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "f49149964d24",
              "status": "affected",
              "version": "5408cbc63373",
              "versionType": "git"
            },
            {
              "lessThan": "f70122825076",
              "status": "affected",
              "version": "d7857e4ee1ba",
              "versionType": "git"
            },
            {
              "lessThan": "26da8040eccc",
              "status": "affected",
              "version": "d7857e4ee1ba",
              "versionType": "git"
            },
            {
              "lessThan": "f2a772c51206",
              "status": "affected",
              "version": "d7857e4ee1ba",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "drivers/iio/adc/ad7124.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "status": "affected",
              "version": "5.5"
            },
            {
              "lessThan": "5.5",
              "status": "unaffected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.4.*",
              "status": "unaffected",
              "version": "5.4.124",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.10.*",
              "status": "unaffected",
              "version": "5.10.42",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.12.*",
              "status": "unaffected",
              "version": "5.12.9",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "5.13",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\niio: adc: ad7124: Fix potential overflow due to non sequential channel numbers\n\nChannel numbering must start at 0 and then not have any holes, or\nit is possible to overflow the available storage.  Note this bug was\nintroduced as part of a fix to ensure we didn\u0027t rely on the ordering\nof child nodes.  So we need to support arbitrary ordering but they all\nneed to be there somewhere.\n\nNote I hit this when using qemu to test the rest of this series.\nArguably this isn\u0027t the best fix, but it is probably the most minimal\noption for backporting etc.\n\nAlexandru\u0027s sign-off is here because he carried this patch in a larger\nset that Jonathan then applied."
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-11-04T12:00:48.684Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/f49149964d2423fb618fb6b755bb1eaa431cca2c"
        },
        {
          "url": "https://git.kernel.org/stable/c/f70122825076117787b91e7f219e21c09f11a5b9"
        },
        {
          "url": "https://git.kernel.org/stable/c/26da8040eccc6c6b0e415e9a3baf72fd39eb2fdc"
        },
        {
          "url": "https://git.kernel.org/stable/c/f2a772c51206b0c3f262e4f6a3812c89a650191b"
        }
      ],
      "title": "iio: adc: ad7124: Fix potential overflow due to non sequential channel numbers",
      "x_generator": {
        "engine": "bippy-9e1c9544281a"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2021-47172",
    "datePublished": "2024-03-25T09:16:23.741Z",
    "dateReserved": "2024-03-25T09:12:14.111Z",
    "dateUpdated": "2024-11-06T15:29:32.072Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2021-47167

Vulnerability from cvelistv5

Published

2024-03-25 09:16

Modified

2024-11-04 12:00

Severity ?

Summary

NFS: Fix an Oopsable condition in __nfs_pageio_add_request()

References

▼	URL	Tags
	https://git.kernel.org/stable/c/1fc5f4eb9d31268ac3ce152d74ad5501ad24ca3e
	https://git.kernel.org/stable/c/ee21cd3aa8548e0cbc8c67a80b62113aedd2d101
	https://git.kernel.org/stable/c/15ac6f14787649e8ebd75c142e2c5d2a243c8490
	https://git.kernel.org/stable/c/56517ab958b7c11030e626250c00b9b1a24b41eb

Impacted products

▼	Vendor	Product
	Linux	Linux
	Linux	Linux

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T05:24:39.945Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/1fc5f4eb9d31268ac3ce152d74ad5501ad24ca3e"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/ee21cd3aa8548e0cbc8c67a80b62113aedd2d101"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/15ac6f14787649e8ebd75c142e2c5d2a243c8490"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/56517ab958b7c11030e626250c00b9b1a24b41eb"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2021-47167",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-09-10T15:54:37.991848Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-09-11T17:33:53.057Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "fs/nfs/pagelist.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "1fc5f4eb9d31",
              "status": "affected",
              "version": "a7d42ddb3099",
              "versionType": "git"
            },
            {
              "lessThan": "ee21cd3aa854",
              "status": "affected",
              "version": "a7d42ddb3099",
              "versionType": "git"
            },
            {
              "lessThan": "15ac6f147876",
              "status": "affected",
              "version": "a7d42ddb3099",
              "versionType": "git"
            },
            {
              "lessThan": "56517ab958b7",
              "status": "affected",
              "version": "a7d42ddb3099",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "fs/nfs/pagelist.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "status": "affected",
              "version": "4.0"
            },
            {
              "lessThan": "4.0",
              "status": "unaffected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.4.*",
              "status": "unaffected",
              "version": "5.4.124",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.10.*",
              "status": "unaffected",
              "version": "5.10.42",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.12.*",
              "status": "unaffected",
              "version": "5.12.9",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "5.13",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nNFS: Fix an Oopsable condition in __nfs_pageio_add_request()\n\nEnsure that nfs_pageio_error_cleanup() resets the mirror array contents,\nso that the structure reflects the fact that it is now empty.\nAlso change the test in nfs_pageio_do_add_request() to be more robust by\nchecking whether or not the list is empty rather than relying on the\nvalue of pg_count."
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-11-04T12:00:42.767Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/1fc5f4eb9d31268ac3ce152d74ad5501ad24ca3e"
        },
        {
          "url": "https://git.kernel.org/stable/c/ee21cd3aa8548e0cbc8c67a80b62113aedd2d101"
        },
        {
          "url": "https://git.kernel.org/stable/c/15ac6f14787649e8ebd75c142e2c5d2a243c8490"
        },
        {
          "url": "https://git.kernel.org/stable/c/56517ab958b7c11030e626250c00b9b1a24b41eb"
        }
      ],
      "title": "NFS: Fix an Oopsable condition in __nfs_pageio_add_request()",
      "x_generator": {
        "engine": "bippy-9e1c9544281a"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2021-47167",
    "datePublished": "2024-03-25T09:16:19.952Z",
    "dateReserved": "2024-03-25T09:12:14.111Z",
    "dateUpdated": "2024-11-04T12:00:42.767Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2021-47147

Vulnerability from cvelistv5

Published

2024-03-25 09:07

Modified

2024-11-04 12:00

Severity ?

6.2 (Medium) - CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Summary

ptp: ocp: Fix a resource leak in an error handling path

References

▼	URL	Tags
	https://git.kernel.org/stable/c/0e38e702f1152479e6afac34f151dbfd99417f99
	https://git.kernel.org/stable/c/9c1bb37f8cad5e2ee1933fa1da9a6baa7876a8e4

Impacted products

▼	Vendor	Product
	Linux	Linux
	Linux	Linux

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "cvssV3_1": {
              "attackComplexity": "LOW",
              "attackVector": "LOCAL",
              "availabilityImpact": "HIGH",
              "baseScore": 6.2,
              "baseSeverity": "MEDIUM",
              "confidentialityImpact": "NONE",
              "integrityImpact": "NONE",
              "privilegesRequired": "NONE",
              "scope": "UNCHANGED",
              "userInteraction": "NONE",
              "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
              "version": "3.1"
            }
          },
          {
            "other": {
              "content": {
                "id": "CVE-2021-47147",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-03-25T17:17:52.408774Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "problemTypes": [
          {
            "descriptions": [
              {
                "description": "CWE-noinfo Not enough information",
                "lang": "en",
                "type": "CWE"
              }
            ]
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-10-31T14:26:17.617Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T05:24:39.942Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/0e38e702f1152479e6afac34f151dbfd99417f99"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/9c1bb37f8cad5e2ee1933fa1da9a6baa7876a8e4"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "drivers/ptp/ptp_ocp.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "0e38e702f115",
              "status": "affected",
              "version": "a7e1abad13f3",
              "versionType": "git"
            },
            {
              "lessThan": "9c1bb37f8cad",
              "status": "affected",
              "version": "a7e1abad13f3",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "drivers/ptp/ptp_ocp.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "status": "affected",
              "version": "5.11"
            },
            {
              "lessThan": "5.11",
              "status": "unaffected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.12.*",
              "status": "unaffected",
              "version": "5.12.9",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "5.13",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nptp: ocp: Fix a resource leak in an error handling path\n\nIf an error occurs after a successful \u0027pci_ioremap_bar()\u0027 call, it must be\nundone by a corresponding \u0027pci_iounmap()\u0027 call, as already done in the\nremove function."
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-11-04T12:00:23.991Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/0e38e702f1152479e6afac34f151dbfd99417f99"
        },
        {
          "url": "https://git.kernel.org/stable/c/9c1bb37f8cad5e2ee1933fa1da9a6baa7876a8e4"
        }
      ],
      "title": "ptp: ocp: Fix a resource leak in an error handling path",
      "x_generator": {
        "engine": "bippy-9e1c9544281a"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2021-47147",
    "datePublished": "2024-03-25T09:07:43.750Z",
    "dateReserved": "2024-03-04T18:12:48.845Z",
    "dateUpdated": "2024-11-04T12:00:23.991Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2021-47179

Vulnerability from cvelistv5

Published

2024-03-25 09:16

Modified

2024-11-04 11:36

Severity ?

Summary

NFSv4: Fix a NULL pointer dereference in pnfs_mark_matching_lsegs_return()

References

▼	URL	Tags
	https://git.kernel.org/stable/c/4e1ba532dbc1a0e19fc2458d74ab8d98680c4e42
	https://git.kernel.org/stable/c/42637ca25c7d7b5a92804a679af5192e8c1a9f48
	https://git.kernel.org/stable/c/39785761feadf261bc5101372b0b0bbaf6a94494
	https://git.kernel.org/stable/c/aba3c7795f51717ae316f3566442dee7cc3eeccb
	https://git.kernel.org/stable/c/f9890652185b72b8de9ebeb4406037640b6e1b53
	https://git.kernel.org/stable/c/b090d110e66636bca473fd8b98d5c97b555a965a
	https://git.kernel.org/stable/c/a421d218603ffa822a0b8045055c03eae394a7eb

Impacted products

▼	Vendor	Product
	Linux	Linux
	Linux	Linux

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2021-47179",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-03-25T15:17:57.286141Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-07-05T17:21:16.888Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T05:32:07.318Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/4e1ba532dbc1a0e19fc2458d74ab8d98680c4e42"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/42637ca25c7d7b5a92804a679af5192e8c1a9f48"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/39785761feadf261bc5101372b0b0bbaf6a94494"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/aba3c7795f51717ae316f3566442dee7cc3eeccb"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/f9890652185b72b8de9ebeb4406037640b6e1b53"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/b090d110e66636bca473fd8b98d5c97b555a965a"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/a421d218603ffa822a0b8045055c03eae394a7eb"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "fs/nfs/pnfs.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "4e1ba532dbc1",
              "status": "affected",
              "version": "80e34f4957ec",
              "versionType": "git"
            },
            {
              "lessThan": "42637ca25c7d",
              "status": "affected",
              "version": "7b7b97746432",
              "versionType": "git"
            },
            {
              "lessThan": "39785761fead",
              "status": "affected",
              "version": "9ffa7967f937",
              "versionType": "git"
            },
            {
              "lessThan": "aba3c7795f51",
              "status": "affected",
              "version": "6be0e4b59314",
              "versionType": "git"
            },
            {
              "lessThan": "f9890652185b",
              "status": "affected",
              "version": "2fafe7d5047f",
              "versionType": "git"
            },
            {
              "lessThan": "b090d110e666",
              "status": "affected",
              "version": "7e65ea887d0c",
              "versionType": "git"
            },
            {
              "lessThan": "a421d218603f",
              "status": "affected",
              "version": "de144ff4234f",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "fs/nfs/pnfs.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "4.9.271",
              "status": "affected",
              "version": "4.9.269",
              "versionType": "semver"
            },
            {
              "lessThan": "4.14.235",
              "status": "affected",
              "version": "4.14.233",
              "versionType": "semver"
            },
            {
              "lessThan": "4.19.193",
              "status": "affected",
              "version": "4.19.191",
              "versionType": "semver"
            },
            {
              "lessThan": "5.4.124",
              "status": "affected",
              "version": "5.4.118",
              "versionType": "semver"
            },
            {
              "lessThan": "5.10.42",
              "status": "affected",
              "version": "5.10.36",
              "versionType": "semver"
            },
            {
              "lessThan": "5.12.9",
              "status": "affected",
              "version": "5.12.3",
              "versionType": "semver"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nNFSv4: Fix a NULL pointer dereference in pnfs_mark_matching_lsegs_return()\n\nCommit de144ff4234f changes _pnfs_return_layout() to call\npnfs_mark_matching_lsegs_return() passing NULL as the struct\npnfs_layout_range argument. Unfortunately,\npnfs_mark_matching_lsegs_return() doesn\u0027t check if we have a value here\nbefore dereferencing it, causing an oops.\n\nI\u0027m able to hit this crash consistently when running connectathon basic\ntests on NFS v4.1/v4.2 against Ontap."
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-11-04T11:36:16.972Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/4e1ba532dbc1a0e19fc2458d74ab8d98680c4e42"
        },
        {
          "url": "https://git.kernel.org/stable/c/42637ca25c7d7b5a92804a679af5192e8c1a9f48"
        },
        {
          "url": "https://git.kernel.org/stable/c/39785761feadf261bc5101372b0b0bbaf6a94494"
        },
        {
          "url": "https://git.kernel.org/stable/c/aba3c7795f51717ae316f3566442dee7cc3eeccb"
        },
        {
          "url": "https://git.kernel.org/stable/c/f9890652185b72b8de9ebeb4406037640b6e1b53"
        },
        {
          "url": "https://git.kernel.org/stable/c/b090d110e66636bca473fd8b98d5c97b555a965a"
        },
        {
          "url": "https://git.kernel.org/stable/c/a421d218603ffa822a0b8045055c03eae394a7eb"
        }
      ],
      "title": "NFSv4: Fix a NULL pointer dereference in pnfs_mark_matching_lsegs_return()",
      "x_generator": {
        "engine": "bippy-c8e10e5f6187"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2021-47179",
    "datePublished": "2024-03-25T09:16:28.787Z",
    "dateReserved": "2024-03-25T09:12:14.112Z",
    "dateUpdated": "2024-11-04T11:36:16.972Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2021-47159

Vulnerability from cvelistv5

Published

2024-03-25 09:16

Modified

2024-11-04 12:00

Severity ?

Summary

net: dsa: fix a crash if ->get_sset_count() fails

References

▼	URL	Tags
	https://git.kernel.org/stable/c/0f2cb08c57edefb0e7b5045e0e3e9980a3d3aa37
	https://git.kernel.org/stable/c/ce5355f140a7987011388c7e30c4f8fbe180d3e8
	https://git.kernel.org/stable/c/caff86f85512b8e0d9830e8b8b0dfe13c68ce5b6
	https://git.kernel.org/stable/c/7b22466648a4f8e3e94f57ca428d1531866d1373
	https://git.kernel.org/stable/c/a269333fa5c0c8e53c92b5a28a6076a28cde3e83

Impacted products

▼	Vendor	Product
	Linux	Linux
	Linux	Linux

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T05:24:39.963Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/0f2cb08c57edefb0e7b5045e0e3e9980a3d3aa37"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/ce5355f140a7987011388c7e30c4f8fbe180d3e8"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/caff86f85512b8e0d9830e8b8b0dfe13c68ce5b6"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/7b22466648a4f8e3e94f57ca428d1531866d1373"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/a269333fa5c0c8e53c92b5a28a6076a28cde3e83"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2021-47159",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-09-10T15:54:44.376467Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-09-11T17:33:54.672Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "net/dsa/master.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "0f2cb08c57ed",
              "status": "affected",
              "version": "badf3ada60ab",
              "versionType": "git"
            },
            {
              "lessThan": "ce5355f140a7",
              "status": "affected",
              "version": "badf3ada60ab",
              "versionType": "git"
            },
            {
              "lessThan": "caff86f85512",
              "status": "affected",
              "version": "badf3ada60ab",
              "versionType": "git"
            },
            {
              "lessThan": "7b22466648a4",
              "status": "affected",
              "version": "badf3ada60ab",
              "versionType": "git"
            },
            {
              "lessThan": "a269333fa5c0",
              "status": "affected",
              "version": "badf3ada60ab",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "net/dsa/master.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "status": "affected",
              "version": "4.7"
            },
            {
              "lessThan": "4.7",
              "status": "unaffected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "4.19.*",
              "status": "unaffected",
              "version": "4.19.193",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.4.*",
              "status": "unaffected",
              "version": "5.4.124",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.10.*",
              "status": "unaffected",
              "version": "5.10.42",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.12.*",
              "status": "unaffected",
              "version": "5.12.9",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "5.13",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: dsa: fix a crash if -\u003eget_sset_count() fails\n\nIf ds-\u003eops-\u003eget_sset_count() fails then it \"count\" is a negative error\ncode such as -EOPNOTSUPP.  Because \"i\" is an unsigned int, the negative\nerror code is type promoted to a very high value and the loop will\ncorrupt memory until the system crashes.\n\nFix this by checking for error codes and changing the type of \"i\" to\njust int."
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-11-04T12:00:33.418Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/0f2cb08c57edefb0e7b5045e0e3e9980a3d3aa37"
        },
        {
          "url": "https://git.kernel.org/stable/c/ce5355f140a7987011388c7e30c4f8fbe180d3e8"
        },
        {
          "url": "https://git.kernel.org/stable/c/caff86f85512b8e0d9830e8b8b0dfe13c68ce5b6"
        },
        {
          "url": "https://git.kernel.org/stable/c/7b22466648a4f8e3e94f57ca428d1531866d1373"
        },
        {
          "url": "https://git.kernel.org/stable/c/a269333fa5c0c8e53c92b5a28a6076a28cde3e83"
        }
      ],
      "title": "net: dsa: fix a crash if -\u003eget_sset_count() fails",
      "x_generator": {
        "engine": "bippy-9e1c9544281a"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2021-47159",
    "datePublished": "2024-03-25T09:16:13.815Z",
    "dateReserved": "2024-03-25T09:12:14.109Z",
    "dateUpdated": "2024-11-04T12:00:33.418Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2021-47149

Vulnerability from cvelistv5

Published

2024-03-25 09:07

Modified

2024-11-04 12:00

Severity ?

Summary

net: fujitsu: fix potential null-ptr-deref

References

▼	URL	Tags
	https://git.kernel.org/stable/c/b92170e209f7746ed72eaac98f2c2f4b9af734e6
	https://git.kernel.org/stable/c/6dbf1101594f7c76990b63c35b5a40205a914b6b
	https://git.kernel.org/stable/c/c4f1c23edbe921ab2ecd6140d700e756cd44c5f7
	https://git.kernel.org/stable/c/7883d3895d0fbb0ba9bff0f8665f99974b45210f
	https://git.kernel.org/stable/c/22049c3d40f08facd1867548716a484dad6b3251
	https://git.kernel.org/stable/c/71723a796ab7881f491d663c6cd94b29be5fba50
	https://git.kernel.org/stable/c/f14bf57a08779a5dee9936f63ada0149ea89c5e6
	https://git.kernel.org/stable/c/52202be1cd996cde6e8969a128dc27ee45a7cb5e

Impacted products

▼	Vendor	Product
	Linux	Linux
	Linux	Linux

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2021-47149",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-04-01T19:41:00.802890Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-06-04T17:14:37.742Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T05:24:40.033Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/b92170e209f7746ed72eaac98f2c2f4b9af734e6"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/6dbf1101594f7c76990b63c35b5a40205a914b6b"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/c4f1c23edbe921ab2ecd6140d700e756cd44c5f7"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/7883d3895d0fbb0ba9bff0f8665f99974b45210f"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/22049c3d40f08facd1867548716a484dad6b3251"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/71723a796ab7881f491d663c6cd94b29be5fba50"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/f14bf57a08779a5dee9936f63ada0149ea89c5e6"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/52202be1cd996cde6e8969a128dc27ee45a7cb5e"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "drivers/net/ethernet/fujitsu/fmvj18x_cs.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "b92170e209f7",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            },
            {
              "lessThan": "6dbf1101594f",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            },
            {
              "lessThan": "c4f1c23edbe9",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            },
            {
              "lessThan": "7883d3895d0f",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            },
            {
              "lessThan": "22049c3d40f0",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            },
            {
              "lessThan": "71723a796ab7",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            },
            {
              "lessThan": "f14bf57a0877",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            },
            {
              "lessThan": "52202be1cd99",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "drivers/net/ethernet/fujitsu/fmvj18x_cs.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThanOrEqual": "4.4.*",
              "status": "unaffected",
              "version": "4.4.271",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "4.9.*",
              "status": "unaffected",
              "version": "4.9.271",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "4.14.*",
              "status": "unaffected",
              "version": "4.14.235",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "4.19.*",
              "status": "unaffected",
              "version": "4.19.193",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.4.*",
              "status": "unaffected",
              "version": "5.4.124",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.10.*",
              "status": "unaffected",
              "version": "5.10.42",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.12.*",
              "status": "unaffected",
              "version": "5.12.9",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "5.13",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: fujitsu: fix potential null-ptr-deref\n\nIn fmvj18x_get_hwinfo(), if ioremap fails there will be NULL pointer\nderef. To fix this, check the return value of ioremap and return -1\nto the caller in case of failure."
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-11-04T12:00:26.299Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/b92170e209f7746ed72eaac98f2c2f4b9af734e6"
        },
        {
          "url": "https://git.kernel.org/stable/c/6dbf1101594f7c76990b63c35b5a40205a914b6b"
        },
        {
          "url": "https://git.kernel.org/stable/c/c4f1c23edbe921ab2ecd6140d700e756cd44c5f7"
        },
        {
          "url": "https://git.kernel.org/stable/c/7883d3895d0fbb0ba9bff0f8665f99974b45210f"
        },
        {
          "url": "https://git.kernel.org/stable/c/22049c3d40f08facd1867548716a484dad6b3251"
        },
        {
          "url": "https://git.kernel.org/stable/c/71723a796ab7881f491d663c6cd94b29be5fba50"
        },
        {
          "url": "https://git.kernel.org/stable/c/f14bf57a08779a5dee9936f63ada0149ea89c5e6"
        },
        {
          "url": "https://git.kernel.org/stable/c/52202be1cd996cde6e8969a128dc27ee45a7cb5e"
        }
      ],
      "title": "net: fujitsu: fix potential null-ptr-deref",
      "x_generator": {
        "engine": "bippy-9e1c9544281a"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2021-47149",
    "datePublished": "2024-03-25T09:07:45.189Z",
    "dateReserved": "2024-03-04T18:12:48.845Z",
    "dateUpdated": "2024-11-04T12:00:26.299Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2021-47166

Vulnerability from cvelistv5

Published

2024-03-25 09:16

Modified

2024-11-04 12:00

Severity ?

Summary

NFS: Don't corrupt the value of pg_bytes_written in nfs_do_recoalesce()

References

▼	URL	Tags
	https://git.kernel.org/stable/c/e8b8418ce14ae66ee55179901edd12191ab06a9e
	https://git.kernel.org/stable/c/b291baae24f876acd5a5dd57d0bb2bbac8a68b0c
	https://git.kernel.org/stable/c/c757c1f1e65d89429db1409429436cf40d47c008
	https://git.kernel.org/stable/c/40f139a6d50c232c0d1fd1c5e65a845c62db0ede
	https://git.kernel.org/stable/c/785917316b25685c9b3a2a88f933139f2de75e33
	https://git.kernel.org/stable/c/7087db95c0a06ab201b8ebfac6a7ec1e34257997
	https://git.kernel.org/stable/c/2fe1cac336b55a1f79e603e9ce3552c3623e90eb
	https://git.kernel.org/stable/c/0d0ea309357dea0d85a82815f02157eb7fcda39f

Impacted products

▼	Vendor	Product
	Linux	Linux
	Linux	Linux

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T05:24:39.936Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/e8b8418ce14ae66ee55179901edd12191ab06a9e"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/b291baae24f876acd5a5dd57d0bb2bbac8a68b0c"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/c757c1f1e65d89429db1409429436cf40d47c008"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/40f139a6d50c232c0d1fd1c5e65a845c62db0ede"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/785917316b25685c9b3a2a88f933139f2de75e33"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/7087db95c0a06ab201b8ebfac6a7ec1e34257997"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/2fe1cac336b55a1f79e603e9ce3552c3623e90eb"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/0d0ea309357dea0d85a82815f02157eb7fcda39f"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2021-47166",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-09-10T15:54:41.157060Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-09-11T17:33:53.540Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "fs/nfs/pagelist.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "e8b8418ce14a",
              "status": "affected",
              "version": "a7d42ddb3099",
              "versionType": "git"
            },
            {
              "lessThan": "b291baae24f8",
              "status": "affected",
              "version": "a7d42ddb3099",
              "versionType": "git"
            },
            {
              "lessThan": "c757c1f1e65d",
              "status": "affected",
              "version": "a7d42ddb3099",
              "versionType": "git"
            },
            {
              "lessThan": "40f139a6d50c",
              "status": "affected",
              "version": "a7d42ddb3099",
              "versionType": "git"
            },
            {
              "lessThan": "785917316b25",
              "status": "affected",
              "version": "a7d42ddb3099",
              "versionType": "git"
            },
            {
              "lessThan": "7087db95c0a0",
              "status": "affected",
              "version": "a7d42ddb3099",
              "versionType": "git"
            },
            {
              "lessThan": "2fe1cac336b5",
              "status": "affected",
              "version": "a7d42ddb3099",
              "versionType": "git"
            },
            {
              "lessThan": "0d0ea309357d",
              "status": "affected",
              "version": "a7d42ddb3099",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "fs/nfs/pagelist.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "status": "affected",
              "version": "4.0"
            },
            {
              "lessThan": "4.0",
              "status": "unaffected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "4.4.*",
              "status": "unaffected",
              "version": "4.4.271",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "4.9.*",
              "status": "unaffected",
              "version": "4.9.271",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "4.14.*",
              "status": "unaffected",
              "version": "4.14.235",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "4.19.*",
              "status": "unaffected",
              "version": "4.19.193",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.4.*",
              "status": "unaffected",
              "version": "5.4.124",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.10.*",
              "status": "unaffected",
              "version": "5.10.42",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.12.*",
              "status": "unaffected",
              "version": "5.12.9",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "5.13",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nNFS: Don\u0027t corrupt the value of pg_bytes_written in nfs_do_recoalesce()\n\nThe value of mirror-\u003epg_bytes_written should only be updated after a\nsuccessful attempt to flush out the requests on the list."
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-11-04T12:00:41.598Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/e8b8418ce14ae66ee55179901edd12191ab06a9e"
        },
        {
          "url": "https://git.kernel.org/stable/c/b291baae24f876acd5a5dd57d0bb2bbac8a68b0c"
        },
        {
          "url": "https://git.kernel.org/stable/c/c757c1f1e65d89429db1409429436cf40d47c008"
        },
        {
          "url": "https://git.kernel.org/stable/c/40f139a6d50c232c0d1fd1c5e65a845c62db0ede"
        },
        {
          "url": "https://git.kernel.org/stable/c/785917316b25685c9b3a2a88f933139f2de75e33"
        },
        {
          "url": "https://git.kernel.org/stable/c/7087db95c0a06ab201b8ebfac6a7ec1e34257997"
        },
        {
          "url": "https://git.kernel.org/stable/c/2fe1cac336b55a1f79e603e9ce3552c3623e90eb"
        },
        {
          "url": "https://git.kernel.org/stable/c/0d0ea309357dea0d85a82815f02157eb7fcda39f"
        }
      ],
      "title": "NFS: Don\u0027t corrupt the value of pg_bytes_written in nfs_do_recoalesce()",
      "x_generator": {
        "engine": "bippy-9e1c9544281a"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2021-47166",
    "datePublished": "2024-03-25T09:16:19.133Z",
    "dateReserved": "2024-03-25T09:12:14.110Z",
    "dateUpdated": "2024-11-04T12:00:41.598Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2021-47137

Vulnerability from cvelistv5

Published

2024-03-25 09:07

Modified

2024-11-05 16:22

Severity ?

7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Summary

net: lantiq: fix memory corruption in RX ring

References

▼	URL	Tags
	https://git.kernel.org/stable/c/8bb1077448d43a871ed667520763e3b9f9b7975d
	https://git.kernel.org/stable/c/5ac72351655f8b033a2935646f53b7465c903418
	https://git.kernel.org/stable/c/46dd4abced3cb2c912916f4a5353e0927db0c4a2
	https://git.kernel.org/stable/c/c7718ee96dbc2f9c5fc3b578abdf296dd44b9c20

Impacted products

▼	Vendor	Product
	Linux	Linux
	Linux	Linux

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "affected": [
          {
            "cpes": [
              "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "linux_kernel",
            "vendor": "linux",
            "versions": [
              {
                "lessThan": "8bb1077448d4",
                "status": "affected",
                "version": "fe1a56420cf2",
                "versionType": "git"
              },
              {
                "lessThan": "5ac72351655f",
                "status": "affected",
                "version": "fe1a56420cf2",
                "versionType": "git"
              },
              {
                "lessThan": "46dd4abced3c",
                "status": "affected",
                "version": "fe1a56420cf2",
                "versionType": "git"
              },
              {
                "lessThan": "c7718ee96dbc",
                "status": "affected",
                "version": "fe1a56420cf2",
                "versionType": "git"
              },
              {
                "status": "affected",
                "version": "4.20"
              },
              {
                "lessThanOrEqual": "4.20",
                "status": "affected",
                "version": "0",
                "versionType": "semver"
              },
              {
                "lessThanOrEqual": "5.4*",
                "status": "affected",
                "version": "5.4.124",
                "versionType": "semver"
              },
              {
                "lessThanOrEqual": "5.10*",
                "status": "affected",
                "version": "5.10.42",
                "versionType": "semver"
              },
              {
                "lessThanOrEqual": "5.12*",
                "status": "affected",
                "version": "5.12.9",
                "versionType": "semver"
              },
              {
                "lessThanOrEqual": "*",
                "status": "affected",
                "version": "5.13",
                "versionType": "semver"
              }
            ]
          }
        ],
        "metrics": [
          {
            "cvssV3_1": {
              "attackComplexity": "LOW",
              "attackVector": "LOCAL",
              "availabilityImpact": "HIGH",
              "baseScore": 7.8,
              "baseSeverity": "HIGH",
              "confidentialityImpact": "HIGH",
              "integrityImpact": "HIGH",
              "privilegesRequired": "LOW",
              "scope": "UNCHANGED",
              "userInteraction": "NONE",
              "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
              "version": "3.1"
            }
          },
          {
            "other": {
              "content": {
                "id": "CVE-2021-47137",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-03-25T17:15:32.931685Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "problemTypes": [
          {
            "descriptions": [
              {
                "cweId": "CWE-770",
                "description": "CWE-770 Allocation of Resources Without Limits or Throttling",
                "lang": "en",
                "type": "CWE"
              }
            ]
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-11-05T16:22:44.933Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T05:24:39.977Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/8bb1077448d43a871ed667520763e3b9f9b7975d"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/5ac72351655f8b033a2935646f53b7465c903418"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/46dd4abced3cb2c912916f4a5353e0927db0c4a2"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/c7718ee96dbc2f9c5fc3b578abdf296dd44b9c20"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "drivers/net/ethernet/lantiq_xrx200.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "8bb1077448d4",
              "status": "affected",
              "version": "fe1a56420cf2",
              "versionType": "git"
            },
            {
              "lessThan": "5ac72351655f",
              "status": "affected",
              "version": "fe1a56420cf2",
              "versionType": "git"
            },
            {
              "lessThan": "46dd4abced3c",
              "status": "affected",
              "version": "fe1a56420cf2",
              "versionType": "git"
            },
            {
              "lessThan": "c7718ee96dbc",
              "status": "affected",
              "version": "fe1a56420cf2",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "drivers/net/ethernet/lantiq_xrx200.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "status": "affected",
              "version": "4.20"
            },
            {
              "lessThan": "4.20",
              "status": "unaffected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.4.*",
              "status": "unaffected",
              "version": "5.4.124",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.10.*",
              "status": "unaffected",
              "version": "5.10.42",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.12.*",
              "status": "unaffected",
              "version": "5.12.9",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "5.13",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: lantiq: fix memory corruption in RX ring\n\nIn a situation where memory allocation or dma mapping fails, an\ninvalid address is programmed into the descriptor. This can lead\nto memory corruption. If the memory allocation fails, DMA should\nreuse the previous skb and mapping and drop the packet. This patch\nalso increments rx drop counter."
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-11-04T12:00:11.953Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/8bb1077448d43a871ed667520763e3b9f9b7975d"
        },
        {
          "url": "https://git.kernel.org/stable/c/5ac72351655f8b033a2935646f53b7465c903418"
        },
        {
          "url": "https://git.kernel.org/stable/c/46dd4abced3cb2c912916f4a5353e0927db0c4a2"
        },
        {
          "url": "https://git.kernel.org/stable/c/c7718ee96dbc2f9c5fc3b578abdf296dd44b9c20"
        }
      ],
      "title": "net: lantiq: fix memory corruption in RX ring",
      "x_generator": {
        "engine": "bippy-9e1c9544281a"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2021-47137",
    "datePublished": "2024-03-25T09:07:36.778Z",
    "dateReserved": "2024-03-04T18:12:48.841Z",
    "dateUpdated": "2024-11-05T16:22:44.933Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2021-47175

Vulnerability from cvelistv5

Published

2024-03-25 09:16

Modified

2024-11-04 12:00

Severity ?

Summary

net/sched: fq_pie: fix OOB access in the traffic path

References

▼	URL	Tags
	https://git.kernel.org/stable/c/e6294c06e7c62ffdd5bf3df696d3a4fcbb753d3c
	https://git.kernel.org/stable/c/7a1bdec12e43e29cc34a4394590337069d8812ce
	https://git.kernel.org/stable/c/e70f7a11876a1a788ceadf75e9e5f7af2c868680

Impacted products

▼	Vendor	Product
	Linux	Linux
	Linux	Linux

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2021-47175",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-03-28T18:24:58.134002Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-06-04T17:14:58.740Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T05:24:39.980Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/e6294c06e7c62ffdd5bf3df696d3a4fcbb753d3c"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/7a1bdec12e43e29cc34a4394590337069d8812ce"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/e70f7a11876a1a788ceadf75e9e5f7af2c868680"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "net/sched/sch_fq_pie.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "e6294c06e7c6",
              "status": "affected",
              "version": "ec97ecf1ebe4",
              "versionType": "git"
            },
            {
              "lessThan": "7a1bdec12e43",
              "status": "affected",
              "version": "ec97ecf1ebe4",
              "versionType": "git"
            },
            {
              "lessThan": "e70f7a11876a",
              "status": "affected",
              "version": "ec97ecf1ebe4",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "net/sched/sch_fq_pie.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "status": "affected",
              "version": "5.6"
            },
            {
              "lessThan": "5.6",
              "status": "unaffected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.10.*",
              "status": "unaffected",
              "version": "5.10.42",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.12.*",
              "status": "unaffected",
              "version": "5.12.9",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "5.13",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/sched: fq_pie: fix OOB access in the traffic path\n\nthe following script:\n\n  # tc qdisc add dev eth0 handle 0x1 root fq_pie flows 2\n  # tc qdisc add dev eth0 clsact\n  # tc filter add dev eth0 egress matchall action skbedit priority 0x10002\n  # ping 192.0.2.2 -I eth0 -c2 -w1 -q\n\nproduces the following splat:\n\n BUG: KASAN: slab-out-of-bounds in fq_pie_qdisc_enqueue+0x1314/0x19d0 [sch_fq_pie]\n Read of size 4 at addr ffff888171306924 by task ping/942\n\n CPU: 3 PID: 942 Comm: ping Not tainted 5.12.0+ #441\n Hardware name: Red Hat KVM, BIOS 1.11.1-4.module+el8.1.0+4066+0f1aadab 04/01/2014\n Call Trace:\n  dump_stack+0x92/0xc1\n  print_address_description.constprop.7+0x1a/0x150\n  kasan_report.cold.13+0x7f/0x111\n  fq_pie_qdisc_enqueue+0x1314/0x19d0 [sch_fq_pie]\n  __dev_queue_xmit+0x1034/0x2b10\n  ip_finish_output2+0xc62/0x2120\n  __ip_finish_output+0x553/0xea0\n  ip_output+0x1ca/0x4d0\n  ip_send_skb+0x37/0xa0\n  raw_sendmsg+0x1c4b/0x2d00\n  sock_sendmsg+0xdb/0x110\n  __sys_sendto+0x1d7/0x2b0\n  __x64_sys_sendto+0xdd/0x1b0\n  do_syscall_64+0x3c/0x80\n  entry_SYSCALL_64_after_hwframe+0x44/0xae\n RIP: 0033:0x7fe69735c3eb\n Code: 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 f3 0f 1e fa 48 8d 05 75 42 2c 00 41 89 ca 8b 00 85 c0 75 14 b8 2c 00 00 00 0f 05 \u003c48\u003e 3d 00 f0 ff ff 77 75 c3 0f 1f 40 00 41 57 4d 89 c7 41 56 41 89\n RSP: 002b:00007fff06d7fb38 EFLAGS: 00000246 ORIG_RAX: 000000000000002c\n RAX: ffffffffffffffda RBX: 000055e961413700 RCX: 00007fe69735c3eb\n RDX: 0000000000000040 RSI: 000055e961413700 RDI: 0000000000000003\n RBP: 0000000000000040 R08: 000055e961410500 R09: 0000000000000010\n R10: 0000000000000000 R11: 0000000000000246 R12: 00007fff06d81260\n R13: 00007fff06d7fb40 R14: 00007fff06d7fc30 R15: 000055e96140f0a0\n\n Allocated by task 917:\n  kasan_save_stack+0x19/0x40\n  __kasan_kmalloc+0x7f/0xa0\n  __kmalloc_node+0x139/0x280\n  fq_pie_init+0x555/0x8e8 [sch_fq_pie]\n  qdisc_create+0x407/0x11b0\n  tc_modify_qdisc+0x3c2/0x17e0\n  rtnetlink_rcv_msg+0x346/0x8e0\n  netlink_rcv_skb+0x120/0x380\n  netlink_unicast+0x439/0x630\n  netlink_sendmsg+0x719/0xbf0\n  sock_sendmsg+0xe2/0x110\n  ____sys_sendmsg+0x5ba/0x890\n  ___sys_sendmsg+0xe9/0x160\n  __sys_sendmsg+0xd3/0x170\n  do_syscall_64+0x3c/0x80\n  entry_SYSCALL_64_after_hwframe+0x44/0xae\n\n The buggy address belongs to the object at ffff888171306800\n  which belongs to the cache kmalloc-256 of size 256\n The buggy address is located 36 bytes to the right of\n  256-byte region [ffff888171306800, ffff888171306900)\n The buggy address belongs to the page:\n page:00000000bcfb624e refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x171306\n head:00000000bcfb624e order:1 compound_mapcount:0\n flags: 0x17ffffc0010200(slab|head|node=0|zone=2|lastcpupid=0x1fffff)\n raw: 0017ffffc0010200 dead000000000100 dead000000000122 ffff888100042b40\n raw: 0000000000000000 0000000000100010 00000001ffffffff 0000000000000000\n page dumped because: kasan: bad access detected\n\n Memory state around the buggy address:\n  ffff888171306800: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00\n  ffff888171306880: 00 00 00 00 00 00 00 00 00 00 00 00 fc fc fc fc\n \u003effff888171306900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc\n                                ^\n  ffff888171306980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc\n  ffff888171306a00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb\n\nfix fq_pie traffic path to avoid selecting \u0027q-\u003eflows + q-\u003eflows_cnt\u0027 as a\nvalid flow: it\u0027s an address beyond the allocated memory."
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-11-04T12:00:52.152Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/e6294c06e7c62ffdd5bf3df696d3a4fcbb753d3c"
        },
        {
          "url": "https://git.kernel.org/stable/c/7a1bdec12e43e29cc34a4394590337069d8812ce"
        },
        {
          "url": "https://git.kernel.org/stable/c/e70f7a11876a1a788ceadf75e9e5f7af2c868680"
        }
      ],
      "title": "net/sched: fq_pie: fix OOB access in the traffic path",
      "x_generator": {
        "engine": "bippy-9e1c9544281a"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2021-47175",
    "datePublished": "2024-03-25T09:16:25.995Z",
    "dateReserved": "2024-03-25T09:12:14.111Z",
    "dateUpdated": "2024-11-04T12:00:52.152Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2021-47158

Vulnerability from cvelistv5

Published

2024-03-25 09:16

Modified

2024-11-04 12:00

Severity ?

Summary

net: dsa: sja1105: add error handling in sja1105_setup()

References

▼	URL	Tags
	https://git.kernel.org/stable/c/dd8609f203448ca6d58ae71461208b3f6b0329b0
	https://git.kernel.org/stable/c/987e4ab8b8a4fcbf783069e03e7524cd39ffd563
	https://git.kernel.org/stable/c/cec279a898a3b004411682f212215ccaea1cd0fb

Impacted products

▼	Vendor	Product
	Linux	Linux
	Linux	Linux

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T05:24:39.943Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/dd8609f203448ca6d58ae71461208b3f6b0329b0"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/987e4ab8b8a4fcbf783069e03e7524cd39ffd563"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/cec279a898a3b004411682f212215ccaea1cd0fb"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2021-47158",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-09-10T15:54:47.842191Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-09-11T17:33:55.376Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "drivers/net/dsa/sja1105/sja1105_main.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "dd8609f20344",
              "status": "affected",
              "version": "8aa9ebccae87",
              "versionType": "git"
            },
            {
              "lessThan": "987e4ab8b8a4",
              "status": "affected",
              "version": "8aa9ebccae87",
              "versionType": "git"
            },
            {
              "lessThan": "cec279a898a3",
              "status": "affected",
              "version": "8aa9ebccae87",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "drivers/net/dsa/sja1105/sja1105_main.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "status": "affected",
              "version": "5.2"
            },
            {
              "lessThan": "5.2",
              "status": "unaffected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.10.*",
              "status": "unaffected",
              "version": "5.10.42",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.12.*",
              "status": "unaffected",
              "version": "5.12.9",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "5.13",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: dsa: sja1105: add error handling in sja1105_setup()\n\nIf any of sja1105_static_config_load(), sja1105_clocking_setup() or\nsja1105_devlink_setup() fails, we can\u0027t just return in the middle of\nsja1105_setup() or memory will leak. Add a cleanup path."
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-11-04T12:00:32.249Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/dd8609f203448ca6d58ae71461208b3f6b0329b0"
        },
        {
          "url": "https://git.kernel.org/stable/c/987e4ab8b8a4fcbf783069e03e7524cd39ffd563"
        },
        {
          "url": "https://git.kernel.org/stable/c/cec279a898a3b004411682f212215ccaea1cd0fb"
        }
      ],
      "title": "net: dsa: sja1105: add error handling in sja1105_setup()",
      "x_generator": {
        "engine": "bippy-9e1c9544281a"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2021-47158",
    "datePublished": "2024-03-25T09:16:13.087Z",
    "dateReserved": "2024-03-25T09:12:14.109Z",
    "dateUpdated": "2024-11-04T12:00:32.249Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2021-47151

Vulnerability from cvelistv5

Published

2024-03-25 09:07

Modified

2024-11-04 12:00

Severity ?

Summary

interconnect: qcom: bcm-voter: add a missing of_node_put()

References

▼	URL	Tags
	https://git.kernel.org/stable/c/4e3cea8035b6f1b9055e69cc6ebf9fa4e50763ae
	https://git.kernel.org/stable/c/93d1dbe7043b3c9492bdf396b2e98a008435b55b
	https://git.kernel.org/stable/c/a00593737f8bac2c9e97b696e7ff84a4446653e8

Impacted products

▼	Vendor	Product
	Linux	Linux
	Linux	Linux

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2021-47151",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-03-25T18:17:17.412413Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-06-04T17:13:54.294Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T05:24:39.950Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/4e3cea8035b6f1b9055e69cc6ebf9fa4e50763ae"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/93d1dbe7043b3c9492bdf396b2e98a008435b55b"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/a00593737f8bac2c9e97b696e7ff84a4446653e8"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "drivers/interconnect/qcom/bcm-voter.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "4e3cea8035b6",
              "status": "affected",
              "version": "976daac4a1c5",
              "versionType": "git"
            },
            {
              "lessThan": "93d1dbe7043b",
              "status": "affected",
              "version": "976daac4a1c5",
              "versionType": "git"
            },
            {
              "lessThan": "a00593737f8b",
              "status": "affected",
              "version": "976daac4a1c5",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "drivers/interconnect/qcom/bcm-voter.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "status": "affected",
              "version": "5.7"
            },
            {
              "lessThan": "5.7",
              "status": "unaffected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.10.*",
              "status": "unaffected",
              "version": "5.10.42",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.12.*",
              "status": "unaffected",
              "version": "5.12.9",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "5.13",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ninterconnect: qcom: bcm-voter: add a missing of_node_put()\n\nAdd a missing of_node_put() in of_bcm_voter_get() to avoid the\nreference leak."
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-11-04T12:00:28.692Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/4e3cea8035b6f1b9055e69cc6ebf9fa4e50763ae"
        },
        {
          "url": "https://git.kernel.org/stable/c/93d1dbe7043b3c9492bdf396b2e98a008435b55b"
        },
        {
          "url": "https://git.kernel.org/stable/c/a00593737f8bac2c9e97b696e7ff84a4446653e8"
        }
      ],
      "title": "interconnect: qcom: bcm-voter: add a missing of_node_put()",
      "x_generator": {
        "engine": "bippy-9e1c9544281a"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2021-47151",
    "datePublished": "2024-03-25T09:07:46.508Z",
    "dateReserved": "2024-03-04T18:12:48.846Z",
    "dateUpdated": "2024-11-04T12:00:28.692Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2021-47150

Vulnerability from cvelistv5

Published

2024-03-25 09:07

Modified

2024-11-04 12:00

Severity ?

Summary

net: fec: fix the potential memory leak in fec_enet_init()

References

▼	URL	Tags
	https://git.kernel.org/stable/c/15102886bc8f5f29daaadf2d925591d564c17e9f
	https://git.kernel.org/stable/c/20255d41ac560397b6a07d8d87dcc5e2efc7672a
	https://git.kernel.org/stable/c/8ee7ef4a57a9e1228b6f345aaa70aa8951c7e9cd
	https://git.kernel.org/stable/c/32a1777fd113335c3f70dc445dffee0ad1c6870f
	https://git.kernel.org/stable/c/619fee9eb13b5d29e4267cb394645608088c28a8

Impacted products

▼	Vendor	Product
	Linux	Linux
	Linux	Linux

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2021-47150",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-03-28T18:23:57.615940Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-06-04T17:14:24.195Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T05:24:40.135Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/15102886bc8f5f29daaadf2d925591d564c17e9f"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/20255d41ac560397b6a07d8d87dcc5e2efc7672a"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/8ee7ef4a57a9e1228b6f345aaa70aa8951c7e9cd"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/32a1777fd113335c3f70dc445dffee0ad1c6870f"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/619fee9eb13b5d29e4267cb394645608088c28a8"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "drivers/net/ethernet/freescale/fec_main.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "15102886bc8f",
              "status": "affected",
              "version": "59d0f7465644",
              "versionType": "git"
            },
            {
              "lessThan": "20255d41ac56",
              "status": "affected",
              "version": "59d0f7465644",
              "versionType": "git"
            },
            {
              "lessThan": "8ee7ef4a57a9",
              "status": "affected",
              "version": "59d0f7465644",
              "versionType": "git"
            },
            {
              "lessThan": "32a1777fd113",
              "status": "affected",
              "version": "59d0f7465644",
              "versionType": "git"
            },
            {
              "lessThan": "619fee9eb13b",
              "status": "affected",
              "version": "59d0f7465644",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "drivers/net/ethernet/freescale/fec_main.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "status": "affected",
              "version": "3.18"
            },
            {
              "lessThan": "3.18",
              "status": "unaffected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "4.19.*",
              "status": "unaffected",
              "version": "4.19.193",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.4.*",
              "status": "unaffected",
              "version": "5.4.124",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.10.*",
              "status": "unaffected",
              "version": "5.10.42",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.12.*",
              "status": "unaffected",
              "version": "5.12.9",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "5.13",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: fec: fix the potential memory leak in fec_enet_init()\n\nIf the memory allocated for cbd_base is failed, it should\nfree the memory allocated for the queues, otherwise it causes\nmemory leak.\n\nAnd if the memory allocated for the queues is failed, it can\nreturn error directly."
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-11-04T12:00:27.542Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/15102886bc8f5f29daaadf2d925591d564c17e9f"
        },
        {
          "url": "https://git.kernel.org/stable/c/20255d41ac560397b6a07d8d87dcc5e2efc7672a"
        },
        {
          "url": "https://git.kernel.org/stable/c/8ee7ef4a57a9e1228b6f345aaa70aa8951c7e9cd"
        },
        {
          "url": "https://git.kernel.org/stable/c/32a1777fd113335c3f70dc445dffee0ad1c6870f"
        },
        {
          "url": "https://git.kernel.org/stable/c/619fee9eb13b5d29e4267cb394645608088c28a8"
        }
      ],
      "title": "net: fec: fix the potential memory leak in fec_enet_init()",
      "x_generator": {
        "engine": "bippy-9e1c9544281a"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2021-47150",
    "datePublished": "2024-03-25T09:07:45.875Z",
    "dateReserved": "2024-03-04T18:12:48.845Z",
    "dateUpdated": "2024-11-04T12:00:27.542Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2021-47142

Vulnerability from cvelistv5

Published

2024-03-25 09:07

Modified

2024-11-04 12:00

Severity ?

Summary

drm/amdgpu: Fix a use-after-free

References

▼	URL	Tags
	https://git.kernel.org/stable/c/0707c3fea8102d211631ba515ef2159707561b0d
	https://git.kernel.org/stable/c/3293cf3513d69f00c14d43e2020826d45ea0e46a
	https://git.kernel.org/stable/c/952ab3f9f48eb0e8050596d41951cf516be6b122
	https://git.kernel.org/stable/c/a849e218556f932576c0fb1c5a88714b61709a17
	https://git.kernel.org/stable/c/7398c2aab4da960761ec182d04d6d5abbb4a226e
	https://git.kernel.org/stable/c/f98cdf084405333ee2f5be548a91b2d168e49276
	https://git.kernel.org/stable/c/d4ea141fd4b40636a8326df5a377d9c5cf9b3faa
	https://git.kernel.org/stable/c/1e5c37385097c35911b0f8a0c67ffd10ee1af9a2

Impacted products

▼	Vendor	Product
	Linux	Linux
	Linux	Linux

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T05:24:39.924Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/0707c3fea8102d211631ba515ef2159707561b0d"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/3293cf3513d69f00c14d43e2020826d45ea0e46a"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/952ab3f9f48eb0e8050596d41951cf516be6b122"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/a849e218556f932576c0fb1c5a88714b61709a17"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/7398c2aab4da960761ec182d04d6d5abbb4a226e"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/f98cdf084405333ee2f5be548a91b2d168e49276"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/d4ea141fd4b40636a8326df5a377d9c5cf9b3faa"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/1e5c37385097c35911b0f8a0c67ffd10ee1af9a2"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2021-47142",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-09-10T15:55:00.553933Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-09-11T17:33:15.288Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "drivers/gpu/drm/amd/amdgpu/amdgpu_ttm.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "0707c3fea810",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            },
            {
              "lessThan": "3293cf3513d6",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            },
            {
              "lessThan": "952ab3f9f48e",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            },
            {
              "lessThan": "a849e218556f",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            },
            {
              "lessThan": "7398c2aab4da",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            },
            {
              "lessThan": "f98cdf084405",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            },
            {
              "lessThan": "d4ea141fd4b4",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            },
            {
              "lessThan": "1e5c37385097",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "drivers/gpu/drm/amd/amdgpu/amdgpu_ttm.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThanOrEqual": "4.4.*",
              "status": "unaffected",
              "version": "4.4.271",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "4.9.*",
              "status": "unaffected",
              "version": "4.9.271",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "4.14.*",
              "status": "unaffected",
              "version": "4.14.235",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "4.19.*",
              "status": "unaffected",
              "version": "4.19.193",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.4.*",
              "status": "unaffected",
              "version": "5.4.124",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.10.*",
              "status": "unaffected",
              "version": "5.10.42",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.12.*",
              "status": "unaffected",
              "version": "5.12.9",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "5.13",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amdgpu: Fix a use-after-free\n\nlooks like we forget to set ttm-\u003esg to NULL.\nHit panic below\n\n[ 1235.844104] general protection fault, probably for non-canonical address 0x6b6b6b6b6b6b7b4b: 0000 [#1] SMP DEBUG_PAGEALLOC NOPTI\n[ 1235.989074] Call Trace:\n[ 1235.991751]  sg_free_table+0x17/0x20\n[ 1235.995667]  amdgpu_ttm_backend_unbind.cold+0x4d/0xf7 [amdgpu]\n[ 1236.002288]  amdgpu_ttm_backend_destroy+0x29/0x130 [amdgpu]\n[ 1236.008464]  ttm_tt_destroy+0x1e/0x30 [ttm]\n[ 1236.013066]  ttm_bo_cleanup_memtype_use+0x51/0xa0 [ttm]\n[ 1236.018783]  ttm_bo_release+0x262/0xa50 [ttm]\n[ 1236.023547]  ttm_bo_put+0x82/0xd0 [ttm]\n[ 1236.027766]  amdgpu_bo_unref+0x26/0x50 [amdgpu]\n[ 1236.032809]  amdgpu_amdkfd_gpuvm_alloc_memory_of_gpu+0x7aa/0xd90 [amdgpu]\n[ 1236.040400]  kfd_ioctl_alloc_memory_of_gpu+0xe2/0x330 [amdgpu]\n[ 1236.046912]  kfd_ioctl+0x463/0x690 [amdgpu]"
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-11-04T12:00:17.908Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/0707c3fea8102d211631ba515ef2159707561b0d"
        },
        {
          "url": "https://git.kernel.org/stable/c/3293cf3513d69f00c14d43e2020826d45ea0e46a"
        },
        {
          "url": "https://git.kernel.org/stable/c/952ab3f9f48eb0e8050596d41951cf516be6b122"
        },
        {
          "url": "https://git.kernel.org/stable/c/a849e218556f932576c0fb1c5a88714b61709a17"
        },
        {
          "url": "https://git.kernel.org/stable/c/7398c2aab4da960761ec182d04d6d5abbb4a226e"
        },
        {
          "url": "https://git.kernel.org/stable/c/f98cdf084405333ee2f5be548a91b2d168e49276"
        },
        {
          "url": "https://git.kernel.org/stable/c/d4ea141fd4b40636a8326df5a377d9c5cf9b3faa"
        },
        {
          "url": "https://git.kernel.org/stable/c/1e5c37385097c35911b0f8a0c67ffd10ee1af9a2"
        }
      ],
      "title": "drm/amdgpu: Fix a use-after-free",
      "x_generator": {
        "engine": "bippy-9e1c9544281a"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2021-47142",
    "datePublished": "2024-03-25T09:07:40.374Z",
    "dateReserved": "2024-03-04T18:12:48.842Z",
    "dateUpdated": "2024-11-04T12:00:17.908Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2021-47174

Vulnerability from cvelistv5

Published

2024-03-25 09:16

Modified

2024-11-04 12:00

Severity ?

Summary

netfilter: nft_set_pipapo_avx2: Add irq_fpu_usable() check, fallback to non-AVX2 version

References

▼	URL	Tags
	https://git.kernel.org/stable/c/b1f45a26bd322525c14edd9504f6d46dfad679a4
	https://git.kernel.org/stable/c/727a2b4fc951ee69847d4904d98961856ea9fbe6
	https://git.kernel.org/stable/c/f0b3d338064e1fe7531f0d2977e35f3b334abfb4

Impacted products

▼	Vendor	Product
	Linux	Linux
	Linux	Linux

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2021-47174",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-04-01T19:42:11.415167Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-06-04T17:15:26.308Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T05:24:39.988Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/b1f45a26bd322525c14edd9504f6d46dfad679a4"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/727a2b4fc951ee69847d4904d98961856ea9fbe6"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/f0b3d338064e1fe7531f0d2977e35f3b334abfb4"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "net/netfilter/nft_set_pipapo.c",
            "net/netfilter/nft_set_pipapo.h",
            "net/netfilter/nft_set_pipapo_avx2.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "b1f45a26bd32",
              "status": "affected",
              "version": "7400b063969b",
              "versionType": "git"
            },
            {
              "lessThan": "727a2b4fc951",
              "status": "affected",
              "version": "7400b063969b",
              "versionType": "git"
            },
            {
              "lessThan": "f0b3d338064e",
              "status": "affected",
              "version": "7400b063969b",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "net/netfilter/nft_set_pipapo.c",
            "net/netfilter/nft_set_pipapo.h",
            "net/netfilter/nft_set_pipapo_avx2.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "status": "affected",
              "version": "5.7"
            },
            {
              "lessThan": "5.7",
              "status": "unaffected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.10.*",
              "status": "unaffected",
              "version": "5.10.42",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.12.*",
              "status": "unaffected",
              "version": "5.12.9",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "5.13",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: nft_set_pipapo_avx2: Add irq_fpu_usable() check, fallback to non-AVX2 version\n\nArturo reported this backtrace:\n\n[709732.358791] WARNING: CPU: 3 PID: 456 at arch/x86/kernel/fpu/core.c:128 kernel_fpu_begin_mask+0xae/0xe0\n[709732.358793] Modules linked in: binfmt_misc nft_nat nft_chain_nat nf_nat nft_counter nft_ct nf_tables nf_conntrack_netlink nfnetlink 8021q garp stp mrp llc vrf intel_rapl_msr intel_rapl_common skx_edac nfit libnvdimm ipmi_ssif x86_pkg_temp_thermal intel_powerclamp coretemp crc32_pclmul mgag200 ghash_clmulni_intel drm_kms_helper cec aesni_intel drm libaes crypto_simd cryptd glue_helper mei_me dell_smbios iTCO_wdt evdev intel_pmc_bxt iTCO_vendor_support dcdbas pcspkr rapl dell_wmi_descriptor wmi_bmof sg i2c_algo_bit watchdog mei acpi_ipmi ipmi_si button nf_conntrack nf_defrag_ipv6 nf_defrag_ipv4 ipmi_devintf ipmi_msghandler ip_tables x_tables autofs4 ext4 crc16 mbcache jbd2 dm_mod raid10 raid456 async_raid6_recov async_memcpy async_pq async_xor async_tx xor sd_mod t10_pi crc_t10dif crct10dif_generic raid6_pq libcrc32c crc32c_generic raid1 raid0 multipath linear md_mod ahci libahci tg3 libata xhci_pci libphy xhci_hcd ptp usbcore crct10dif_pclmul crct10dif_common bnxt_en crc32c_intel scsi_mod\n[709732.358941]  pps_core i2c_i801 lpc_ich i2c_smbus wmi usb_common\n[709732.358957] CPU: 3 PID: 456 Comm: jbd2/dm-0-8 Not tainted 5.10.0-0.bpo.5-amd64 #1 Debian 5.10.24-1~bpo10+1\n[709732.358959] Hardware name: Dell Inc. PowerEdge R440/04JN2K, BIOS 2.9.3 09/23/2020\n[709732.358964] RIP: 0010:kernel_fpu_begin_mask+0xae/0xe0\n[709732.358969] Code: ae 54 24 04 83 e3 01 75 38 48 8b 44 24 08 65 48 33 04 25 28 00 00 00 75 33 48 83 c4 10 5b c3 65 8a 05 5e 21 5e 76 84 c0 74 92 \u003c0f\u003e 0b eb 8e f0 80 4f 01 40 48 81 c7 00 14 00 00 e8 dd fb ff ff eb\n[709732.358972] RSP: 0018:ffffbb9700304740 EFLAGS: 00010202\n[709732.358976] RAX: 0000000000000001 RBX: 0000000000000003 RCX: 0000000000000001\n[709732.358979] RDX: ffffbb9700304970 RSI: ffff922fe1952e00 RDI: 0000000000000003\n[709732.358981] RBP: ffffbb9700304970 R08: ffff922fc868a600 R09: ffff922fc711e462\n[709732.358984] R10: 000000000000005f R11: ffff922ff0b27180 R12: ffffbb9700304960\n[709732.358987] R13: ffffbb9700304b08 R14: ffff922fc664b6c8 R15: ffff922fc664b660\n[709732.358990] FS:  0000000000000000(0000) GS:ffff92371fec0000(0000) knlGS:0000000000000000\n[709732.358993] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n[709732.358996] CR2: 0000557a6655bdd0 CR3: 000000026020a001 CR4: 00000000007706e0\n[709732.358999] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\n[709732.359001] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\n[709732.359003] PKRU: 55555554\n[709732.359005] Call Trace:\n[709732.359009]  \u003cIRQ\u003e\n[709732.359035]  nft_pipapo_avx2_lookup+0x4c/0x1cba [nf_tables]\n[709732.359046]  ? sched_clock+0x5/0x10\n[709732.359054]  ? sched_clock_cpu+0xc/0xb0\n[709732.359061]  ? record_times+0x16/0x80\n[709732.359068]  ? plist_add+0xc1/0x100\n[709732.359073]  ? psi_group_change+0x47/0x230\n[709732.359079]  ? skb_clone+0x4d/0xb0\n[709732.359085]  ? enqueue_task_rt+0x22b/0x310\n[709732.359098]  ? bnxt_start_xmit+0x1e8/0xaf0 [bnxt_en]\n[709732.359102]  ? packet_rcv+0x40/0x4a0\n[709732.359121]  nft_lookup_eval+0x59/0x160 [nf_tables]\n[709732.359133]  nft_do_chain+0x350/0x500 [nf_tables]\n[709732.359152]  ? nft_lookup_eval+0x59/0x160 [nf_tables]\n[709732.359163]  ? nft_do_chain+0x364/0x500 [nf_tables]\n[709732.359172]  ? fib4_rule_action+0x6d/0x80\n[709732.359178]  ? fib_rules_lookup+0x107/0x250\n[709732.359184]  nft_nat_do_chain+0x8a/0xf2 [nft_chain_nat]\n[709732.359193]  nf_nat_inet_fn+0xea/0x210 [nf_nat]\n[709732.359202]  nf_nat_ipv4_out+0x14/0xa0 [nf_nat]\n[709732.359207]  nf_hook_slow+0x44/0xc0\n[709732.359214]  ip_output+0xd2/0x100\n[709732.359221]  ? __ip_finish_output+0x210/0x210\n[709732.359226]  ip_forward+0x37d/0x4a0\n[709732.359232]  ? ip4_key_hashfn+0xb0/0xb0\n[709732.359238]  ip_subli\n---truncated---"
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-11-04T12:00:51.006Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/b1f45a26bd322525c14edd9504f6d46dfad679a4"
        },
        {
          "url": "https://git.kernel.org/stable/c/727a2b4fc951ee69847d4904d98961856ea9fbe6"
        },
        {
          "url": "https://git.kernel.org/stable/c/f0b3d338064e1fe7531f0d2977e35f3b334abfb4"
        }
      ],
      "title": "netfilter: nft_set_pipapo_avx2: Add irq_fpu_usable() check, fallback to non-AVX2 version",
      "x_generator": {
        "engine": "bippy-9e1c9544281a"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2021-47174",
    "datePublished": "2024-03-25T09:16:25.273Z",
    "dateReserved": "2024-03-25T09:12:14.111Z",
    "dateUpdated": "2024-11-04T12:00:51.006Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2021-47180

Vulnerability from cvelistv5

Published

2024-03-25 09:16

Modified

2024-11-04 12:00

Severity ?

Summary

NFC: nci: fix memory leak in nci_allocate_device

References

▼	URL	Tags
	https://git.kernel.org/stable/c/448a1cb12977f52142e6feb12022c59662d88dc1
	https://git.kernel.org/stable/c/4a621621c7af3cec21c47c349b30cd9c3cea11c8
	https://git.kernel.org/stable/c/2c2fb2df46ea866b49fea5ec7112ec3cd4896c74
	https://git.kernel.org/stable/c/0365701bc44e078682ee1224866a71897495c7ef
	https://git.kernel.org/stable/c/af2a4426baf71163c0c354580ae98c7888a9aba7
	https://git.kernel.org/stable/c/b34cb7ac32cc8e5471dc773180ea9ae676b1a745
	https://git.kernel.org/stable/c/65234f50a90b64b335cbb9164b8a98c2a0d031dd
	https://git.kernel.org/stable/c/e0652f8bb44d6294eeeac06d703185357f25d50b

Impacted products

▼	Vendor	Product
	Linux	Linux
	Linux	Linux

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2021-47180",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-03-25T13:48:55.834173Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-06-04T17:15:05.970Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T05:32:07.250Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/448a1cb12977f52142e6feb12022c59662d88dc1"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/4a621621c7af3cec21c47c349b30cd9c3cea11c8"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/2c2fb2df46ea866b49fea5ec7112ec3cd4896c74"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/0365701bc44e078682ee1224866a71897495c7ef"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/af2a4426baf71163c0c354580ae98c7888a9aba7"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/b34cb7ac32cc8e5471dc773180ea9ae676b1a745"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/65234f50a90b64b335cbb9164b8a98c2a0d031dd"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/e0652f8bb44d6294eeeac06d703185357f25d50b"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "include/net/nfc/nci_core.h",
            "net/nfc/nci/core.c",
            "net/nfc/nci/hci.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "448a1cb12977",
              "status": "affected",
              "version": "11f54f228643",
              "versionType": "git"
            },
            {
              "lessThan": "4a621621c7af",
              "status": "affected",
              "version": "11f54f228643",
              "versionType": "git"
            },
            {
              "lessThan": "2c2fb2df46ea",
              "status": "affected",
              "version": "11f54f228643",
              "versionType": "git"
            },
            {
              "lessThan": "0365701bc44e",
              "status": "affected",
              "version": "11f54f228643",
              "versionType": "git"
            },
            {
              "lessThan": "af2a4426baf7",
              "status": "affected",
              "version": "11f54f228643",
              "versionType": "git"
            },
            {
              "lessThan": "b34cb7ac32cc",
              "status": "affected",
              "version": "11f54f228643",
              "versionType": "git"
            },
            {
              "lessThan": "65234f50a90b",
              "status": "affected",
              "version": "11f54f228643",
              "versionType": "git"
            },
            {
              "lessThan": "e0652f8bb44d",
              "status": "affected",
              "version": "11f54f228643",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "include/net/nfc/nci_core.h",
            "net/nfc/nci/core.c",
            "net/nfc/nci/hci.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "status": "affected",
              "version": "4.0"
            },
            {
              "lessThan": "4.0",
              "status": "unaffected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "4.4.*",
              "status": "unaffected",
              "version": "4.4.271",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "4.9.*",
              "status": "unaffected",
              "version": "4.9.271",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "4.14.*",
              "status": "unaffected",
              "version": "4.14.235",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "4.19.*",
              "status": "unaffected",
              "version": "4.19.193",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.4.*",
              "status": "unaffected",
              "version": "5.4.123",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.10.*",
              "status": "unaffected",
              "version": "5.10.41",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.12.*",
              "status": "unaffected",
              "version": "5.12.8",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "5.13",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nNFC: nci: fix memory leak in nci_allocate_device\n\nnfcmrvl_disconnect fails to free the hci_dev field in struct nci_dev.\nFix this by freeing hci_dev in nci_free_device.\n\nBUG: memory leak\nunreferenced object 0xffff888111ea6800 (size 1024):\n  comm \"kworker/1:0\", pid 19, jiffies 4294942308 (age 13.580s)\n  hex dump (first 32 bytes):\n    00 00 00 00 00 00 00 00 00 60 fd 0c 81 88 ff ff  .........`......\n    00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................\n  backtrace:\n    [\u003c000000004bc25d43\u003e] kmalloc include/linux/slab.h:552 [inline]\n    [\u003c000000004bc25d43\u003e] kzalloc include/linux/slab.h:682 [inline]\n    [\u003c000000004bc25d43\u003e] nci_hci_allocate+0x21/0xd0 net/nfc/nci/hci.c:784\n    [\u003c00000000c59cff92\u003e] nci_allocate_device net/nfc/nci/core.c:1170 [inline]\n    [\u003c00000000c59cff92\u003e] nci_allocate_device+0x10b/0x160 net/nfc/nci/core.c:1132\n    [\u003c00000000006e0a8e\u003e] nfcmrvl_nci_register_dev+0x10a/0x1c0 drivers/nfc/nfcmrvl/main.c:153\n    [\u003c000000004da1b57e\u003e] nfcmrvl_probe+0x223/0x290 drivers/nfc/nfcmrvl/usb.c:345\n    [\u003c00000000d506aed9\u003e] usb_probe_interface+0x177/0x370 drivers/usb/core/driver.c:396\n    [\u003c00000000bc632c92\u003e] really_probe+0x159/0x4a0 drivers/base/dd.c:554\n    [\u003c00000000f5009125\u003e] driver_probe_device+0x84/0x100 drivers/base/dd.c:740\n    [\u003c000000000ce658ca\u003e] __device_attach_driver+0xee/0x110 drivers/base/dd.c:846\n    [\u003c000000007067d05f\u003e] bus_for_each_drv+0xb7/0x100 drivers/base/bus.c:431\n    [\u003c00000000f8e13372\u003e] __device_attach+0x122/0x250 drivers/base/dd.c:914\n    [\u003c000000009cf68860\u003e] bus_probe_device+0xc6/0xe0 drivers/base/bus.c:491\n    [\u003c00000000359c965a\u003e] device_add+0x5be/0xc30 drivers/base/core.c:3109\n    [\u003c00000000086e4bd3\u003e] usb_set_configuration+0x9d9/0xb90 drivers/usb/core/message.c:2164\n    [\u003c00000000ca036872\u003e] usb_generic_driver_probe+0x8c/0xc0 drivers/usb/core/generic.c:238\n    [\u003c00000000d40d36f6\u003e] usb_probe_device+0x5c/0x140 drivers/usb/core/driver.c:293\n    [\u003c00000000bc632c92\u003e] really_probe+0x159/0x4a0 drivers/base/dd.c:554"
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-11-04T12:00:56.799Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/448a1cb12977f52142e6feb12022c59662d88dc1"
        },
        {
          "url": "https://git.kernel.org/stable/c/4a621621c7af3cec21c47c349b30cd9c3cea11c8"
        },
        {
          "url": "https://git.kernel.org/stable/c/2c2fb2df46ea866b49fea5ec7112ec3cd4896c74"
        },
        {
          "url": "https://git.kernel.org/stable/c/0365701bc44e078682ee1224866a71897495c7ef"
        },
        {
          "url": "https://git.kernel.org/stable/c/af2a4426baf71163c0c354580ae98c7888a9aba7"
        },
        {
          "url": "https://git.kernel.org/stable/c/b34cb7ac32cc8e5471dc773180ea9ae676b1a745"
        },
        {
          "url": "https://git.kernel.org/stable/c/65234f50a90b64b335cbb9164b8a98c2a0d031dd"
        },
        {
          "url": "https://git.kernel.org/stable/c/e0652f8bb44d6294eeeac06d703185357f25d50b"
        }
      ],
      "title": "NFC: nci: fix memory leak in nci_allocate_device",
      "x_generator": {
        "engine": "bippy-9e1c9544281a"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2021-47180",
    "datePublished": "2024-03-25T09:16:29.580Z",
    "dateReserved": "2024-03-25T09:12:14.112Z",
    "dateUpdated": "2024-11-04T12:00:56.799Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2021-47143

Vulnerability from cvelistv5

Published

2024-03-25 09:07

Modified

2024-11-04 12:00

Severity ?

Summary

net/smc: remove device from smcd_dev_list after failed device_add()

References

▼	URL	Tags
	https://git.kernel.org/stable/c/8b2cdc004d21a7255f219706dca64411108f7897
	https://git.kernel.org/stable/c/40588782f1016c655ae1d302892f61d35af96842
	https://git.kernel.org/stable/c/444d7be9532dcfda8e0385226c862fd7e986f607

Impacted products

▼	Vendor	Product
	Linux	Linux
	Linux	Linux

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T05:24:40.199Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/8b2cdc004d21a7255f219706dca64411108f7897"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/40588782f1016c655ae1d302892f61d35af96842"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/444d7be9532dcfda8e0385226c862fd7e986f607"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2021-47143",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-09-10T15:54:57.413915Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-09-11T17:33:14.760Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "net/smc/smc_ism.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "8b2cdc004d21",
              "status": "affected",
              "version": "c6ba7c9ba43d",
              "versionType": "git"
            },
            {
              "lessThan": "40588782f101",
              "status": "affected",
              "version": "c6ba7c9ba43d",
              "versionType": "git"
            },
            {
              "lessThan": "444d7be9532d",
              "status": "affected",
              "version": "c6ba7c9ba43d",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "net/smc/smc_ism.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "status": "affected",
              "version": "4.19"
            },
            {
              "lessThan": "4.19",
              "status": "unaffected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.10.*",
              "status": "unaffected",
              "version": "5.10.42",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.12.*",
              "status": "unaffected",
              "version": "5.12.9",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "5.13",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/smc: remove device from smcd_dev_list after failed device_add()\n\nIf the device_add() for a smcd_dev fails, there\u0027s no cleanup step that\nrolls back the earlier list_add(). The device subsequently gets freed,\nand we end up with a corrupted list.\n\nAdd some error handling that removes the device from the list."
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-11-04T12:00:19.081Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/8b2cdc004d21a7255f219706dca64411108f7897"
        },
        {
          "url": "https://git.kernel.org/stable/c/40588782f1016c655ae1d302892f61d35af96842"
        },
        {
          "url": "https://git.kernel.org/stable/c/444d7be9532dcfda8e0385226c862fd7e986f607"
        }
      ],
      "title": "net/smc: remove device from smcd_dev_list after failed device_add()",
      "x_generator": {
        "engine": "bippy-9e1c9544281a"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2021-47143",
    "datePublished": "2024-03-25T09:07:41.075Z",
    "dateReserved": "2024-03-04T18:12:48.844Z",
    "dateUpdated": "2024-11-04T12:00:19.081Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2021-47168

Vulnerability from cvelistv5

Published

2024-03-25 09:16

Modified

2024-11-04 12:00

Severity ?

Summary

NFS: fix an incorrect limit in filelayout_decode_layout()

References

▼	URL	Tags
	https://git.kernel.org/stable/c/9d280ab53df1d4a1043bd7a9e7c6a2f9cfbfe040
	https://git.kernel.org/stable/c/b287521e9e94bb342ebe5fd8c3fd7db9aef4e6f1
	https://git.kernel.org/stable/c/f299522eda1566cbfbae4b15c82970fc41b03714
	https://git.kernel.org/stable/c/945ebef997227ca8c20bad7f8a8358c8ee57a84a
	https://git.kernel.org/stable/c/e411df81cd862ef3d5b878120b2a2fef0ca9cdb1
	https://git.kernel.org/stable/c/9b367fe770b1b80d7bf64ed0d177544a44405f6e
	https://git.kernel.org/stable/c/d34fb628f6ef522f996205a9e578216bbee09e84
	https://git.kernel.org/stable/c/769b01ea68b6c49dc3cde6adf7e53927dacbd3a8

Impacted products

▼	Vendor	Product
	Linux	Linux
	Linux	Linux

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T05:24:39.927Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/9d280ab53df1d4a1043bd7a9e7c6a2f9cfbfe040"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/b287521e9e94bb342ebe5fd8c3fd7db9aef4e6f1"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/f299522eda1566cbfbae4b15c82970fc41b03714"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/945ebef997227ca8c20bad7f8a8358c8ee57a84a"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/e411df81cd862ef3d5b878120b2a2fef0ca9cdb1"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/9b367fe770b1b80d7bf64ed0d177544a44405f6e"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/d34fb628f6ef522f996205a9e578216bbee09e84"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/769b01ea68b6c49dc3cde6adf7e53927dacbd3a8"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2021-47168",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-09-10T15:54:34.857777Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-09-11T17:33:52.333Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "fs/nfs/filelayout/filelayout.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "9d280ab53df1",
              "status": "affected",
              "version": "16b374ca439f",
              "versionType": "git"
            },
            {
              "lessThan": "b287521e9e94",
              "status": "affected",
              "version": "16b374ca439f",
              "versionType": "git"
            },
            {
              "lessThan": "f299522eda15",
              "status": "affected",
              "version": "16b374ca439f",
              "versionType": "git"
            },
            {
              "lessThan": "945ebef99722",
              "status": "affected",
              "version": "16b374ca439f",
              "versionType": "git"
            },
            {
              "lessThan": "e411df81cd86",
              "status": "affected",
              "version": "16b374ca439f",
              "versionType": "git"
            },
            {
              "lessThan": "9b367fe770b1",
              "status": "affected",
              "version": "16b374ca439f",
              "versionType": "git"
            },
            {
              "lessThan": "d34fb628f6ef",
              "status": "affected",
              "version": "16b374ca439f",
              "versionType": "git"
            },
            {
              "lessThan": "769b01ea68b6",
              "status": "affected",
              "version": "16b374ca439f",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "fs/nfs/filelayout/filelayout.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "status": "affected",
              "version": "2.6.37"
            },
            {
              "lessThan": "2.6.37",
              "status": "unaffected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "4.4.*",
              "status": "unaffected",
              "version": "4.4.271",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "4.9.*",
              "status": "unaffected",
              "version": "4.9.271",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "4.14.*",
              "status": "unaffected",
              "version": "4.14.235",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "4.19.*",
              "status": "unaffected",
              "version": "4.19.193",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.4.*",
              "status": "unaffected",
              "version": "5.4.124",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.10.*",
              "status": "unaffected",
              "version": "5.10.42",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.12.*",
              "status": "unaffected",
              "version": "5.12.9",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "5.13",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nNFS: fix an incorrect limit in filelayout_decode_layout()\n\nThe \"sizeof(struct nfs_fh)\" is two bytes too large and could lead to\nmemory corruption.  It should be NFS_MAXFHSIZE because that\u0027s the size\nof the -\u003edata[] buffer.\n\nI reversed the size of the arguments to put the variable on the left."
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-11-04T12:00:43.949Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/9d280ab53df1d4a1043bd7a9e7c6a2f9cfbfe040"
        },
        {
          "url": "https://git.kernel.org/stable/c/b287521e9e94bb342ebe5fd8c3fd7db9aef4e6f1"
        },
        {
          "url": "https://git.kernel.org/stable/c/f299522eda1566cbfbae4b15c82970fc41b03714"
        },
        {
          "url": "https://git.kernel.org/stable/c/945ebef997227ca8c20bad7f8a8358c8ee57a84a"
        },
        {
          "url": "https://git.kernel.org/stable/c/e411df81cd862ef3d5b878120b2a2fef0ca9cdb1"
        },
        {
          "url": "https://git.kernel.org/stable/c/9b367fe770b1b80d7bf64ed0d177544a44405f6e"
        },
        {
          "url": "https://git.kernel.org/stable/c/d34fb628f6ef522f996205a9e578216bbee09e84"
        },
        {
          "url": "https://git.kernel.org/stable/c/769b01ea68b6c49dc3cde6adf7e53927dacbd3a8"
        }
      ],
      "title": "NFS: fix an incorrect limit in filelayout_decode_layout()",
      "x_generator": {
        "engine": "bippy-9e1c9544281a"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2021-47168",
    "datePublished": "2024-03-25T09:16:20.778Z",
    "dateReserved": "2024-03-25T09:12:14.111Z",
    "dateUpdated": "2024-11-04T12:00:43.949Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2021-47164

Vulnerability from cvelistv5

Published

2024-03-25 09:16

Modified

2024-11-04 12:00

Severity ?

Summary

net/mlx5e: Fix null deref accessing lag dev

References

▼	URL	Tags
	https://git.kernel.org/stable/c/2e4b0b95a489259f9d35a3db17023061f8f3d587
	https://git.kernel.org/stable/c/bdfd3593a8248eea6ecfcbf7b47b56b86515672d
	https://git.kernel.org/stable/c/83026d83186bc48bb41ee4872f339b83f31dfc55

Impacted products

▼	Vendor	Product
	Linux	Linux
	Linux	Linux

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2021-47164",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-03-28T18:24:43.257372Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-06-04T17:14:45.571Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T05:24:40.229Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/2e4b0b95a489259f9d35a3db17023061f8f3d587"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/bdfd3593a8248eea6ecfcbf7b47b56b86515672d"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/83026d83186bc48bb41ee4872f339b83f31dfc55"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "drivers/net/ethernet/mellanox/mlx5/core/en/rep/bond.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "2e4b0b95a489",
              "status": "affected",
              "version": "7e51891a237f",
              "versionType": "git"
            },
            {
              "lessThan": "bdfd3593a824",
              "status": "affected",
              "version": "7e51891a237f",
              "versionType": "git"
            },
            {
              "lessThan": "83026d83186b",
              "status": "affected",
              "version": "7e51891a237f",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "drivers/net/ethernet/mellanox/mlx5/core/en/rep/bond.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "status": "affected",
              "version": "5.8"
            },
            {
              "lessThan": "5.8",
              "status": "unaffected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.10.*",
              "status": "unaffected",
              "version": "5.10.42",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.12.*",
              "status": "unaffected",
              "version": "5.12.9",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "5.13",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/mlx5e: Fix null deref accessing lag dev\n\nIt could be the lag dev is null so stop processing the event.\nIn bond_enslave() the active/backup slave being set before setting the\nupper dev so first event is without an upper dev.\nAfter setting the upper dev with bond_master_upper_dev_link() there is\na second event and in that event we have an upper dev."
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-11-04T12:00:39.253Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/2e4b0b95a489259f9d35a3db17023061f8f3d587"
        },
        {
          "url": "https://git.kernel.org/stable/c/bdfd3593a8248eea6ecfcbf7b47b56b86515672d"
        },
        {
          "url": "https://git.kernel.org/stable/c/83026d83186bc48bb41ee4872f339b83f31dfc55"
        }
      ],
      "title": "net/mlx5e: Fix null deref accessing lag dev",
      "x_generator": {
        "engine": "bippy-9e1c9544281a"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2021-47164",
    "datePublished": "2024-03-25T09:16:17.592Z",
    "dateReserved": "2024-03-25T09:12:14.109Z",
    "dateUpdated": "2024-11-04T12:00:39.253Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2021-47169

Vulnerability from cvelistv5

Published

2024-03-25 09:16

Modified

2024-11-04 12:00

Severity ?

Summary

serial: rp2: use 'request_firmware' instead of 'request_firmware_nowait'

References

▼	URL	Tags
	https://git.kernel.org/stable/c/1e04d5d5fe5e76af68f834e1941fcbfa439653be
	https://git.kernel.org/stable/c/c697244ce940ec07e2d745ccb63ca97fc0266fbc
	https://git.kernel.org/stable/c/1cc57cb32c84e059bd158494f746b665fc14d1b1
	https://git.kernel.org/stable/c/35265552c7fe9553c75e324c80f45e28ff14eb6e
	https://git.kernel.org/stable/c/915452f40e2f495e187276c4407a4f567ec2307e
	https://git.kernel.org/stable/c/6a931ceb0b9401fe18d0c500e08164bf9cc7be4b
	https://git.kernel.org/stable/c/9b07b6973f7359e2dd6a9fe6db0c142634c823b7
	https://git.kernel.org/stable/c/016002848c82eeb5d460489ce392d91fe18c475c

Impacted products

▼	Vendor	Product
	Linux	Linux
	Linux	Linux

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2021-47169",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-03-25T15:14:46.131045Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-06-04T17:14:26.856Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T05:24:40.135Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/1e04d5d5fe5e76af68f834e1941fcbfa439653be"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/c697244ce940ec07e2d745ccb63ca97fc0266fbc"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/1cc57cb32c84e059bd158494f746b665fc14d1b1"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/35265552c7fe9553c75e324c80f45e28ff14eb6e"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/915452f40e2f495e187276c4407a4f567ec2307e"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/6a931ceb0b9401fe18d0c500e08164bf9cc7be4b"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/9b07b6973f7359e2dd6a9fe6db0c142634c823b7"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/016002848c82eeb5d460489ce392d91fe18c475c"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "drivers/tty/serial/rp2.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "1e04d5d5fe5e",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            },
            {
              "lessThan": "c697244ce940",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            },
            {
              "lessThan": "1cc57cb32c84",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            },
            {
              "lessThan": "35265552c7fe",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            },
            {
              "lessThan": "915452f40e2f",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            },
            {
              "lessThan": "6a931ceb0b94",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            },
            {
              "lessThan": "9b07b6973f73",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            },
            {
              "lessThan": "016002848c82",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "drivers/tty/serial/rp2.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThanOrEqual": "4.4.*",
              "status": "unaffected",
              "version": "4.4.271",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "4.9.*",
              "status": "unaffected",
              "version": "4.9.271",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "4.14.*",
              "status": "unaffected",
              "version": "4.14.235",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "4.19.*",
              "status": "unaffected",
              "version": "4.19.193",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.4.*",
              "status": "unaffected",
              "version": "5.4.124",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.10.*",
              "status": "unaffected",
              "version": "5.10.42",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.12.*",
              "status": "unaffected",
              "version": "5.12.9",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "5.13",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nserial: rp2: use \u0027request_firmware\u0027 instead of \u0027request_firmware_nowait\u0027\n\nIn \u0027rp2_probe\u0027, the driver registers \u0027rp2_uart_interrupt\u0027 then calls\n\u0027rp2_fw_cb\u0027 through \u0027request_firmware_nowait\u0027. In \u0027rp2_fw_cb\u0027, if the\nfirmware don\u0027t exists, function just return without initializing ports\nof \u0027rp2_card\u0027. But now the interrupt handler function has been\nregistered, and when an interrupt comes, \u0027rp2_uart_interrupt\u0027 may access\nthose ports then causing NULL pointer dereference or other bugs.\n\nBecause the driver does some initialization work in \u0027rp2_fw_cb\u0027, in\norder to make the driver ready to handle interrupts, \u0027request_firmware\u0027\nshould be used instead of asynchronous \u0027request_firmware_nowait\u0027.\n\nThis report reveals it:\n\nINFO: trying to register non-static key.\nthe code is fine but needs lockdep annotation.\nturning off the locking correctness validator.\nCPU: 2 PID: 0 Comm: swapper/2 Not tainted 4.19.177-gdba4159c14ef-dirty #45\nHardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS rel-1.12.0-59-\ngc9ba5276e321-prebuilt.qemu.org 04/01/2014\nCall Trace:\n \u003cIRQ\u003e\n __dump_stack lib/dump_stack.c:77 [inline]\n dump_stack+0xec/0x156 lib/dump_stack.c:118\n assign_lock_key kernel/locking/lockdep.c:727 [inline]\n register_lock_class+0x14e5/0x1ba0 kernel/locking/lockdep.c:753\n __lock_acquire+0x187/0x3750 kernel/locking/lockdep.c:3303\n lock_acquire+0x124/0x340 kernel/locking/lockdep.c:3907\n __raw_spin_lock include/linux/spinlock_api_smp.h:142 [inline]\n _raw_spin_lock+0x32/0x50 kernel/locking/spinlock.c:144\n spin_lock include/linux/spinlock.h:329 [inline]\n rp2_ch_interrupt drivers/tty/serial/rp2.c:466 [inline]\n rp2_asic_interrupt.isra.9+0x15d/0x990 drivers/tty/serial/rp2.c:493\n rp2_uart_interrupt+0x49/0xe0 drivers/tty/serial/rp2.c:504\n __handle_irq_event_percpu+0xfb/0x770 kernel/irq/handle.c:149\n handle_irq_event_percpu+0x79/0x150 kernel/irq/handle.c:189\n handle_irq_event+0xac/0x140 kernel/irq/handle.c:206\n handle_fasteoi_irq+0x232/0x5c0 kernel/irq/chip.c:725\n generic_handle_irq_desc include/linux/irqdesc.h:155 [inline]\n handle_irq+0x230/0x3a0 arch/x86/kernel/irq_64.c:87\n do_IRQ+0xa7/0x1e0 arch/x86/kernel/irq.c:247\n common_interrupt+0xf/0xf arch/x86/entry/entry_64.S:670\n \u003c/IRQ\u003e\nRIP: 0010:native_safe_halt+0x28/0x30 arch/x86/include/asm/irqflags.h:61\nCode: 00 00 55 be 04 00 00 00 48 c7 c7 00 c2 2f 8c 48 89 e5 e8 fb 31 e7 f8\n8b 05 75 af 8d 03 85 c0 7e 07 0f 00 2d 8a 61 65 00 fb f4 \u003c5d\u003e c3 90 90 90\n90 90 90 0f 1f 44 00 00 55 48 89 e5 41 57 41 56 41\nRSP: 0018:ffff88806b71fcc8 EFLAGS: 00000246 ORIG_RAX: ffffffffffffffde\nRAX: 0000000000000000 RBX: ffffffff8bde7e48 RCX: ffffffff88a21285\nRDX: 0000000000000000 RSI: 0000000000000004 RDI: ffffffff8c2fc200\nRBP: ffff88806b71fcc8 R08: fffffbfff185f840 R09: fffffbfff185f840\nR10: 0000000000000001 R11: fffffbfff185f840 R12: 0000000000000002\nR13: ffffffff8bea18a0 R14: 0000000000000000 R15: 0000000000000000\n arch_safe_halt arch/x86/include/asm/paravirt.h:94 [inline]\n default_idle+0x6f/0x360 arch/x86/kernel/process.c:557\n arch_cpu_idle+0xf/0x20 arch/x86/kernel/process.c:548\n default_idle_call+0x3b/0x60 kernel/sched/idle.c:93\n cpuidle_idle_call kernel/sched/idle.c:153 [inline]\n do_idle+0x2ab/0x3c0 kernel/sched/idle.c:263\n cpu_startup_entry+0xcb/0xe0 kernel/sched/idle.c:369\n start_secondary+0x3b8/0x4e0 arch/x86/kernel/smpboot.c:271\n secondary_startup_64+0xa4/0xb0 arch/x86/kernel/head_64.S:243\nBUG: unable to handle kernel NULL pointer dereference at 0000000000000010\nPGD 8000000056d27067 P4D 8000000056d27067 PUD 56d28067 PMD 0\nOops: 0000 [#1] PREEMPT SMP KASAN PTI\nCPU: 2 PID: 0 Comm: swapper/2 Not tainted 4.19.177-gdba4159c14ef-dirty #45\nHardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS rel-1.12.0-59-\ngc9ba5276e321-prebuilt.qemu.org 04/01/2014\nRIP: 0010:readl arch/x86/include/asm/io.h:59 [inline]\nRIP: 0010:rp2_ch_interrupt drivers/tty/serial/rp2.c:472 [inline]\nRIP: 0010:rp2_asic_interrupt.isra.9+0x181/0x990 drivers/tty/serial/rp2.c:\n493\nCo\n---truncated---"
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-11-04T12:00:45.155Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/1e04d5d5fe5e76af68f834e1941fcbfa439653be"
        },
        {
          "url": "https://git.kernel.org/stable/c/c697244ce940ec07e2d745ccb63ca97fc0266fbc"
        },
        {
          "url": "https://git.kernel.org/stable/c/1cc57cb32c84e059bd158494f746b665fc14d1b1"
        },
        {
          "url": "https://git.kernel.org/stable/c/35265552c7fe9553c75e324c80f45e28ff14eb6e"
        },
        {
          "url": "https://git.kernel.org/stable/c/915452f40e2f495e187276c4407a4f567ec2307e"
        },
        {
          "url": "https://git.kernel.org/stable/c/6a931ceb0b9401fe18d0c500e08164bf9cc7be4b"
        },
        {
          "url": "https://git.kernel.org/stable/c/9b07b6973f7359e2dd6a9fe6db0c142634c823b7"
        },
        {
          "url": "https://git.kernel.org/stable/c/016002848c82eeb5d460489ce392d91fe18c475c"
        }
      ],
      "title": "serial: rp2: use \u0027request_firmware\u0027 instead of \u0027request_firmware_nowait\u0027",
      "x_generator": {
        "engine": "bippy-9e1c9544281a"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2021-47169",
    "datePublished": "2024-03-25T09:16:21.589Z",
    "dateReserved": "2024-03-25T09:12:14.111Z",
    "dateUpdated": "2024-11-04T12:00:45.155Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2021-47177

Vulnerability from cvelistv5

Published

2024-03-25 09:16

Modified

2024-11-04 12:00

Severity ?

Summary

iommu/vt-d: Fix sysfs leak in alloc_iommu()

References

▼	URL	Tags
	https://git.kernel.org/stable/c/22da9f4978381a99f1abaeaf6c9b83be6ab5ddd8
	https://git.kernel.org/stable/c/2ec5e9bb6b0560c90d315559c28a99723c80b996
	https://git.kernel.org/stable/c/044bbe8b92ab4e542de7f6c93c88ea65cccd8e29
	https://git.kernel.org/stable/c/f01134321d04f47c718bb41b799bcdeda27873d2
	https://git.kernel.org/stable/c/ca466561eef36d1ec657673e3944eb6340bddb5b
	https://git.kernel.org/stable/c/0ee74d5a48635c848c20f152d0d488bf84641304

Impacted products

▼	Vendor	Product
	Linux	Linux
	Linux	Linux

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T05:24:40.204Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/22da9f4978381a99f1abaeaf6c9b83be6ab5ddd8"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/2ec5e9bb6b0560c90d315559c28a99723c80b996"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/044bbe8b92ab4e542de7f6c93c88ea65cccd8e29"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/f01134321d04f47c718bb41b799bcdeda27873d2"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/ca466561eef36d1ec657673e3944eb6340bddb5b"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/0ee74d5a48635c848c20f152d0d488bf84641304"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2021-47177",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-09-10T15:54:24.969003Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-09-11T17:33:50.758Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "drivers/iommu/intel/dmar.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "22da9f497838",
              "status": "affected",
              "version": "39ab9555c241",
              "versionType": "git"
            },
            {
              "lessThan": "2ec5e9bb6b05",
              "status": "affected",
              "version": "39ab9555c241",
              "versionType": "git"
            },
            {
              "lessThan": "044bbe8b92ab",
              "status": "affected",
              "version": "39ab9555c241",
              "versionType": "git"
            },
            {
              "lessThan": "f01134321d04",
              "status": "affected",
              "version": "39ab9555c241",
              "versionType": "git"
            },
            {
              "lessThan": "ca466561eef3",
              "status": "affected",
              "version": "39ab9555c241",
              "versionType": "git"
            },
            {
              "lessThan": "0ee74d5a4863",
              "status": "affected",
              "version": "39ab9555c241",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "drivers/iommu/intel/dmar.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "status": "affected",
              "version": "4.11"
            },
            {
              "lessThan": "4.11",
              "status": "unaffected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "4.14.*",
              "status": "unaffected",
              "version": "4.14.235",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "4.19.*",
              "status": "unaffected",
              "version": "4.19.193",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.4.*",
              "status": "unaffected",
              "version": "5.4.124",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.10.*",
              "status": "unaffected",
              "version": "5.10.42",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.12.*",
              "status": "unaffected",
              "version": "5.12.9",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "5.13",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\niommu/vt-d: Fix sysfs leak in alloc_iommu()\n\niommu_device_sysfs_add() is called before, so is has to be cleaned on subsequent\nerrors."
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-11-04T12:00:54.433Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/22da9f4978381a99f1abaeaf6c9b83be6ab5ddd8"
        },
        {
          "url": "https://git.kernel.org/stable/c/2ec5e9bb6b0560c90d315559c28a99723c80b996"
        },
        {
          "url": "https://git.kernel.org/stable/c/044bbe8b92ab4e542de7f6c93c88ea65cccd8e29"
        },
        {
          "url": "https://git.kernel.org/stable/c/f01134321d04f47c718bb41b799bcdeda27873d2"
        },
        {
          "url": "https://git.kernel.org/stable/c/ca466561eef36d1ec657673e3944eb6340bddb5b"
        },
        {
          "url": "https://git.kernel.org/stable/c/0ee74d5a48635c848c20f152d0d488bf84641304"
        }
      ],
      "title": "iommu/vt-d: Fix sysfs leak in alloc_iommu()",
      "x_generator": {
        "engine": "bippy-9e1c9544281a"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2021-47177",
    "datePublished": "2024-03-25T09:16:27.371Z",
    "dateReserved": "2024-03-25T09:12:14.112Z",
    "dateUpdated": "2024-11-04T12:00:54.433Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2021-47162

Vulnerability from cvelistv5

Published

2024-03-25 09:16

Modified

2024-11-04 12:00

Severity ?

Summary

tipc: skb_linearize the head skb when reassembling msgs

References

▼	URL	Tags
	https://git.kernel.org/stable/c/b2c8d28c34b3070407cb1741f9ba3f15d0284b8b
	https://git.kernel.org/stable/c/5489f30bb78ff0dafb4229a69632afc2ba20765c
	https://git.kernel.org/stable/c/436d650d374329a591c30339a91fa5078052ed1e
	https://git.kernel.org/stable/c/4b1761898861117c97066aea6c58f68a7787f0bf
	https://git.kernel.org/stable/c/64d17ec9f1ded042c4b188d15734f33486ed9966
	https://git.kernel.org/stable/c/6da24cfc83ba4f97ea44fc7ae9999a006101755c
	https://git.kernel.org/stable/c/ace300eecbccaa698e2b472843c74a5f33f7dce8
	https://git.kernel.org/stable/c/b7df21cf1b79ab7026f545e7bf837bd5750ac026

Impacted products

▼	Vendor	Product
	Linux	Linux
	Linux	Linux

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2021-47162",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-06-26T20:36:04.317335Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-06-26T20:36:12.629Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T05:24:39.945Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/b2c8d28c34b3070407cb1741f9ba3f15d0284b8b"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/5489f30bb78ff0dafb4229a69632afc2ba20765c"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/436d650d374329a591c30339a91fa5078052ed1e"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/4b1761898861117c97066aea6c58f68a7787f0bf"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/64d17ec9f1ded042c4b188d15734f33486ed9966"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/6da24cfc83ba4f97ea44fc7ae9999a006101755c"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/ace300eecbccaa698e2b472843c74a5f33f7dce8"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/b7df21cf1b79ab7026f545e7bf837bd5750ac026"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "net/tipc/msg.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "b2c8d28c34b3",
              "status": "affected",
              "version": "45c8b7b175ce",
              "versionType": "git"
            },
            {
              "lessThan": "5489f30bb78f",
              "status": "affected",
              "version": "45c8b7b175ce",
              "versionType": "git"
            },
            {
              "lessThan": "436d650d3743",
              "status": "affected",
              "version": "45c8b7b175ce",
              "versionType": "git"
            },
            {
              "lessThan": "4b1761898861",
              "status": "affected",
              "version": "45c8b7b175ce",
              "versionType": "git"
            },
            {
              "lessThan": "64d17ec9f1de",
              "status": "affected",
              "version": "45c8b7b175ce",
              "versionType": "git"
            },
            {
              "lessThan": "6da24cfc83ba",
              "status": "affected",
              "version": "45c8b7b175ce",
              "versionType": "git"
            },
            {
              "lessThan": "ace300eecbcc",
              "status": "affected",
              "version": "45c8b7b175ce",
              "versionType": "git"
            },
            {
              "lessThan": "b7df21cf1b79",
              "status": "affected",
              "version": "45c8b7b175ce",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "net/tipc/msg.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "status": "affected",
              "version": "4.3"
            },
            {
              "lessThan": "4.3",
              "status": "unaffected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "4.4.*",
              "status": "unaffected",
              "version": "4.4.271",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "4.9.*",
              "status": "unaffected",
              "version": "4.9.271",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "4.14.*",
              "status": "unaffected",
              "version": "4.14.235",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "4.19.*",
              "status": "unaffected",
              "version": "4.19.193",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.4.*",
              "status": "unaffected",
              "version": "5.4.124",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.10.*",
              "status": "unaffected",
              "version": "5.10.42",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.12.*",
              "status": "unaffected",
              "version": "5.12.9",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "5.13",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ntipc: skb_linearize the head skb when reassembling msgs\n\nIt\u0027s not a good idea to append the frag skb to a skb\u0027s frag_list if\nthe frag_list already has skbs from elsewhere, such as this skb was\ncreated by pskb_copy() where the frag_list was cloned (all the skbs\nin it were skb_get\u0027ed) and shared by multiple skbs.\n\nHowever, the new appended frag skb should have been only seen by the\ncurrent skb. Otherwise, it will cause use after free crashes as this\nappended frag skb are seen by multiple skbs but it only got skb_get\ncalled once.\n\nThe same thing happens with a skb updated by pskb_may_pull() with a\nskb_cloned skb. Li Shuang has reported quite a few crashes caused\nby this when doing testing over macvlan devices:\n\n  [] kernel BUG at net/core/skbuff.c:1970!\n  [] Call Trace:\n  []  skb_clone+0x4d/0xb0\n  []  macvlan_broadcast+0xd8/0x160 [macvlan]\n  []  macvlan_process_broadcast+0x148/0x150 [macvlan]\n  []  process_one_work+0x1a7/0x360\n  []  worker_thread+0x30/0x390\n\n  [] kernel BUG at mm/usercopy.c:102!\n  [] Call Trace:\n  []  __check_heap_object+0xd3/0x100\n  []  __check_object_size+0xff/0x16b\n  []  simple_copy_to_iter+0x1c/0x30\n  []  __skb_datagram_iter+0x7d/0x310\n  []  __skb_datagram_iter+0x2a5/0x310\n  []  skb_copy_datagram_iter+0x3b/0x90\n  []  tipc_recvmsg+0x14a/0x3a0 [tipc]\n  []  ____sys_recvmsg+0x91/0x150\n  []  ___sys_recvmsg+0x7b/0xc0\n\n  [] kernel BUG at mm/slub.c:305!\n  [] Call Trace:\n  []  \u003cIRQ\u003e\n  []  kmem_cache_free+0x3ff/0x400\n  []  __netif_receive_skb_core+0x12c/0xc40\n  []  ? kmem_cache_alloc+0x12e/0x270\n  []  netif_receive_skb_internal+0x3d/0xb0\n  []  ? get_rx_page_info+0x8e/0xa0 [be2net]\n  []  be_poll+0x6ef/0xd00 [be2net]\n  []  ? irq_exit+0x4f/0x100\n  []  net_rx_action+0x149/0x3b0\n\n  ...\n\nThis patch is to fix it by linearizing the head skb if it has frag_list\nset in tipc_buf_append(). Note that we choose to do this before calling\nskb_unshare(), as __skb_linearize() will avoid skb_copy(). Also, we can\nnot just drop the frag_list either as the early time."
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-11-04T12:00:36.938Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/b2c8d28c34b3070407cb1741f9ba3f15d0284b8b"
        },
        {
          "url": "https://git.kernel.org/stable/c/5489f30bb78ff0dafb4229a69632afc2ba20765c"
        },
        {
          "url": "https://git.kernel.org/stable/c/436d650d374329a591c30339a91fa5078052ed1e"
        },
        {
          "url": "https://git.kernel.org/stable/c/4b1761898861117c97066aea6c58f68a7787f0bf"
        },
        {
          "url": "https://git.kernel.org/stable/c/64d17ec9f1ded042c4b188d15734f33486ed9966"
        },
        {
          "url": "https://git.kernel.org/stable/c/6da24cfc83ba4f97ea44fc7ae9999a006101755c"
        },
        {
          "url": "https://git.kernel.org/stable/c/ace300eecbccaa698e2b472843c74a5f33f7dce8"
        },
        {
          "url": "https://git.kernel.org/stable/c/b7df21cf1b79ab7026f545e7bf837bd5750ac026"
        }
      ],
      "title": "tipc: skb_linearize the head skb when reassembling msgs",
      "x_generator": {
        "engine": "bippy-9e1c9544281a"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2021-47162",
    "datePublished": "2024-03-25T09:16:15.857Z",
    "dateReserved": "2024-03-25T09:12:14.109Z",
    "dateUpdated": "2024-11-04T12:00:36.938Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2021-47136

Vulnerability from cvelistv5

Published

2024-03-25 09:07

Modified

2024-11-04 12:00

Severity ?

Summary

net: zero-initialize tc skb extension on allocation

References

▼	URL	Tags
	https://git.kernel.org/stable/c/ac493452e937b8939eaf2d24cac51a4804b6c20e
	https://git.kernel.org/stable/c/86ab133b695ed7ba1f8786b12f4ca43137ad8c18
	https://git.kernel.org/stable/c/9453d45ecb6c2199d72e73c993e9d98677a2801b

Impacted products

▼	Vendor	Product
	Linux	Linux
	Linux	Linux

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T05:24:40.228Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/ac493452e937b8939eaf2d24cac51a4804b6c20e"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/86ab133b695ed7ba1f8786b12f4ca43137ad8c18"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/9453d45ecb6c2199d72e73c993e9d98677a2801b"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2021-47136",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-09-10T15:55:03.662373Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-09-11T17:33:16.207Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "drivers/net/ethernet/mellanox/mlx5/core/en/rep/tc.c",
            "drivers/net/ethernet/mellanox/mlx5/core/en_tc.c",
            "include/net/pkt_cls.h",
            "net/sched/cls_api.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "ac493452e937",
              "status": "affected",
              "version": "038ebb1a713d",
              "versionType": "git"
            },
            {
              "lessThan": "86ab133b695e",
              "status": "affected",
              "version": "038ebb1a713d",
              "versionType": "git"
            },
            {
              "lessThan": "9453d45ecb6c",
              "status": "affected",
              "version": "038ebb1a713d",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "drivers/net/ethernet/mellanox/mlx5/core/en/rep/tc.c",
            "drivers/net/ethernet/mellanox/mlx5/core/en_tc.c",
            "include/net/pkt_cls.h",
            "net/sched/cls_api.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "status": "affected",
              "version": "5.9"
            },
            {
              "lessThan": "5.9",
              "status": "unaffected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.10.*",
              "status": "unaffected",
              "version": "5.10.42",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.12.*",
              "status": "unaffected",
              "version": "5.12.9",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "5.13",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: zero-initialize tc skb extension on allocation\n\nFunction skb_ext_add() doesn\u0027t initialize created skb extension with any\nvalue and leaves it up to the user. However, since extension of type\nTC_SKB_EXT originally contained only single value tc_skb_ext-\u003echain its\nusers used to just assign the chain value without setting whole extension\nmemory to zero first. This assumption changed when TC_SKB_EXT extension was\nextended with additional fields but not all users were updated to\ninitialize the new fields which leads to use of uninitialized memory\nafterwards. UBSAN log:\n\n[  778.299821] UBSAN: invalid-load in net/openvswitch/flow.c:899:28\n[  778.301495] load of value 107 is not a valid value for type \u0027_Bool\u0027\n[  778.303215] CPU: 0 PID: 0 Comm: swapper/0 Not tainted 5.12.0-rc7+ #2\n[  778.304933] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS rel-1.13.0-0-gf21b5a4aeb02-prebuilt.qemu.org 04/01/2014\n[  778.307901] Call Trace:\n[  778.308680]  \u003cIRQ\u003e\n[  778.309358]  dump_stack+0xbb/0x107\n[  778.310307]  ubsan_epilogue+0x5/0x40\n[  778.311167]  __ubsan_handle_load_invalid_value.cold+0x43/0x48\n[  778.312454]  ? memset+0x20/0x40\n[  778.313230]  ovs_flow_key_extract.cold+0xf/0x14 [openvswitch]\n[  778.314532]  ovs_vport_receive+0x19e/0x2e0 [openvswitch]\n[  778.315749]  ? ovs_vport_find_upcall_portid+0x330/0x330 [openvswitch]\n[  778.317188]  ? create_prof_cpu_mask+0x20/0x20\n[  778.318220]  ? arch_stack_walk+0x82/0xf0\n[  778.319153]  ? secondary_startup_64_no_verify+0xb0/0xbb\n[  778.320399]  ? stack_trace_save+0x91/0xc0\n[  778.321362]  ? stack_trace_consume_entry+0x160/0x160\n[  778.322517]  ? lock_release+0x52e/0x760\n[  778.323444]  netdev_frame_hook+0x323/0x610 [openvswitch]\n[  778.324668]  ? ovs_netdev_get_vport+0xe0/0xe0 [openvswitch]\n[  778.325950]  __netif_receive_skb_core+0x771/0x2db0\n[  778.327067]  ? lock_downgrade+0x6e0/0x6f0\n[  778.328021]  ? lock_acquire+0x565/0x720\n[  778.328940]  ? generic_xdp_tx+0x4f0/0x4f0\n[  778.329902]  ? inet_gro_receive+0x2a7/0x10a0\n[  778.330914]  ? lock_downgrade+0x6f0/0x6f0\n[  778.331867]  ? udp4_gro_receive+0x4c4/0x13e0\n[  778.332876]  ? lock_release+0x52e/0x760\n[  778.333808]  ? dev_gro_receive+0xcc8/0x2380\n[  778.334810]  ? lock_downgrade+0x6f0/0x6f0\n[  778.335769]  __netif_receive_skb_list_core+0x295/0x820\n[  778.336955]  ? process_backlog+0x780/0x780\n[  778.337941]  ? mlx5e_rep_tc_netdevice_event_unregister+0x20/0x20 [mlx5_core]\n[  778.339613]  ? seqcount_lockdep_reader_access.constprop.0+0xa7/0xc0\n[  778.341033]  ? kvm_clock_get_cycles+0x14/0x20\n[  778.342072]  netif_receive_skb_list_internal+0x5f5/0xcb0\n[  778.343288]  ? __kasan_kmalloc+0x7a/0x90\n[  778.344234]  ? mlx5e_handle_rx_cqe_mpwrq+0x9e0/0x9e0 [mlx5_core]\n[  778.345676]  ? mlx5e_xmit_xdp_frame_mpwqe+0x14d0/0x14d0 [mlx5_core]\n[  778.347140]  ? __netif_receive_skb_list_core+0x820/0x820\n[  778.348351]  ? mlx5e_post_rx_mpwqes+0xa6/0x25d0 [mlx5_core]\n[  778.349688]  ? napi_gro_flush+0x26c/0x3c0\n[  778.350641]  napi_complete_done+0x188/0x6b0\n[  778.351627]  mlx5e_napi_poll+0x373/0x1b80 [mlx5_core]\n[  778.352853]  __napi_poll+0x9f/0x510\n[  778.353704]  ? mlx5_flow_namespace_set_mode+0x260/0x260 [mlx5_core]\n[  778.355158]  net_rx_action+0x34c/0xa40\n[  778.356060]  ? napi_threaded_poll+0x3d0/0x3d0\n[  778.357083]  ? sched_clock_cpu+0x18/0x190\n[  778.358041]  ? __common_interrupt+0x8e/0x1a0\n[  778.359045]  __do_softirq+0x1ce/0x984\n[  778.359938]  __irq_exit_rcu+0x137/0x1d0\n[  778.360865]  irq_exit_rcu+0xa/0x20\n[  778.361708]  common_interrupt+0x80/0xa0\n[  778.362640]  \u003c/IRQ\u003e\n[  778.363212]  asm_common_interrupt+0x1e/0x40\n[  778.364204] RIP: 0010:native_safe_halt+0xe/0x10\n[  778.365273] Code: 4f ff ff ff 4c 89 e7 e8 50 3f 40 fe e9 dc fe ff ff 48 89 df e8 43 3f 40 fe eb 90 cc e9 07 00 00 00 0f 00 2d 74 05 62 00 fb f4 \u003cc3\u003e 90 e9 07 00 00 00 0f 00 2d 64 05 62 00 f4 c3 cc cc 0f 1f 44 00\n[  778.369355] RSP: 0018:ffffffff84407e48 EFLAGS: 00000246\n[  778.370570] RAX\n---truncated---"
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-11-04T12:00:10.759Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/ac493452e937b8939eaf2d24cac51a4804b6c20e"
        },
        {
          "url": "https://git.kernel.org/stable/c/86ab133b695ed7ba1f8786b12f4ca43137ad8c18"
        },
        {
          "url": "https://git.kernel.org/stable/c/9453d45ecb6c2199d72e73c993e9d98677a2801b"
        }
      ],
      "title": "net: zero-initialize tc skb extension on allocation",
      "x_generator": {
        "engine": "bippy-9e1c9544281a"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2021-47136",
    "datePublished": "2024-03-25T09:07:36.064Z",
    "dateReserved": "2024-03-04T18:12:48.840Z",
    "dateUpdated": "2024-11-04T12:00:10.759Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2021-47144

Vulnerability from cvelistv5

Published

2024-03-25 09:07

Modified

2024-11-04 12:00

Severity ?

Summary

drm/amd/amdgpu: fix refcount leak

References

▼	URL	Tags
	https://git.kernel.org/stable/c/599e5d61ace952b0bb9bd942b198bbd0cfded1d7
	https://git.kernel.org/stable/c/dde2656e0bbb2ac7d83a7bd95a8d5c3c95bbc009
	https://git.kernel.org/stable/c/9fdb8ed37a3a44f9c49372b69f87fd5f61cb3240
	https://git.kernel.org/stable/c/95a4ec905e51a30c64cf2d78b04a7acbeae5ca94
	https://git.kernel.org/stable/c/fa7e6abc75f3d491bc561734312d065dc9dc2a77

Impacted products

▼	Vendor	Product
	Linux	Linux
	Linux	Linux

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2021-47144",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-03-25T15:12:18.646982Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-06-04T17:14:53.537Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T05:24:40.126Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/599e5d61ace952b0bb9bd942b198bbd0cfded1d7"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/dde2656e0bbb2ac7d83a7bd95a8d5c3c95bbc009"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/9fdb8ed37a3a44f9c49372b69f87fd5f61cb3240"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/95a4ec905e51a30c64cf2d78b04a7acbeae5ca94"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/fa7e6abc75f3d491bc561734312d065dc9dc2a77"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "drivers/gpu/drm/amd/amdgpu/amdgpu_fb.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "599e5d61ace9",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            },
            {
              "lessThan": "dde2656e0bbb",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            },
            {
              "lessThan": "9fdb8ed37a3a",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            },
            {
              "lessThan": "95a4ec905e51",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            },
            {
              "lessThan": "fa7e6abc75f3",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "drivers/gpu/drm/amd/amdgpu/amdgpu_fb.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThanOrEqual": "4.19.*",
              "status": "unaffected",
              "version": "4.19.193",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.4.*",
              "status": "unaffected",
              "version": "5.4.124",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.10.*",
              "status": "unaffected",
              "version": "5.10.42",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.12.*",
              "status": "unaffected",
              "version": "5.12.9",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "5.13",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd/amdgpu: fix refcount leak\n\n[Why]\nthe gem object rfb-\u003ebase.obj[0] is get according to num_planes\nin amdgpufb_create, but is not put according to num_planes\n\n[How]\nput rfb-\u003ebase.obj[0] in amdgpu_fbdev_destroy according to num_planes"
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-11-04T12:00:20.250Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/599e5d61ace952b0bb9bd942b198bbd0cfded1d7"
        },
        {
          "url": "https://git.kernel.org/stable/c/dde2656e0bbb2ac7d83a7bd95a8d5c3c95bbc009"
        },
        {
          "url": "https://git.kernel.org/stable/c/9fdb8ed37a3a44f9c49372b69f87fd5f61cb3240"
        },
        {
          "url": "https://git.kernel.org/stable/c/95a4ec905e51a30c64cf2d78b04a7acbeae5ca94"
        },
        {
          "url": "https://git.kernel.org/stable/c/fa7e6abc75f3d491bc561734312d065dc9dc2a77"
        }
      ],
      "title": "drm/amd/amdgpu: fix refcount leak",
      "x_generator": {
        "engine": "bippy-9e1c9544281a"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2021-47144",
    "datePublished": "2024-03-25T09:07:41.691Z",
    "dateReserved": "2024-03-04T18:12:48.844Z",
    "dateUpdated": "2024-11-04T12:00:20.250Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2021-47139

Vulnerability from cvelistv5

Published

2024-03-25 09:07

Modified

2024-11-04 12:00

Severity ?

Summary

net: hns3: put off calling register_netdev() until client initialize complete

References

▼	URL	Tags
	https://git.kernel.org/stable/c/a663c1e418a3b5b8e8edfad4bc8e7278c312d6fc
	https://git.kernel.org/stable/c/0921a0620b5077796fddffb22a8e6bc635a4bb50
	https://git.kernel.org/stable/c/a289a7e5c1d49b7d47df9913c1cc81fb48fab613

Impacted products

▼	Vendor	Product
	Linux	Linux
	Linux	Linux

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2021-47139",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-04-01T19:39:46.000821Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-06-04T17:15:16.732Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T05:24:39.957Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/a663c1e418a3b5b8e8edfad4bc8e7278c312d6fc"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/0921a0620b5077796fddffb22a8e6bc635a4bb50"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/a289a7e5c1d49b7d47df9913c1cc81fb48fab613"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "drivers/net/ethernet/hisilicon/hns3/hns3_enet.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "a663c1e418a3",
              "status": "affected",
              "version": "08a100689d4b",
              "versionType": "git"
            },
            {
              "lessThan": "0921a0620b50",
              "status": "affected",
              "version": "08a100689d4b",
              "versionType": "git"
            },
            {
              "lessThan": "a289a7e5c1d4",
              "status": "affected",
              "version": "08a100689d4b",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "drivers/net/ethernet/hisilicon/hns3/hns3_enet.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "status": "affected",
              "version": "5.6"
            },
            {
              "lessThan": "5.6",
              "status": "unaffected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.10.*",
              "status": "unaffected",
              "version": "5.10.42",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.12.*",
              "status": "unaffected",
              "version": "5.12.9",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "5.13",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: hns3: put off calling register_netdev() until client initialize complete\n\nCurrently, the netdevice is registered before client initializing\ncomplete. So there is a timewindow between netdevice available\nand usable. In this case, if user try to change the channel number\nor ring param, it may cause the hns3_set_rx_cpu_rmap() being called\ntwice, and report bug.\n\n[47199.416502] hns3 0000:35:00.0 eth1: set channels: tqp_num=1, rxfh=0\n[47199.430340] hns3 0000:35:00.0 eth1: already uninitialized\n[47199.438554] hns3 0000:35:00.0: rss changes from 4 to 1\n[47199.511854] hns3 0000:35:00.0: Channels changed, rss_size from 4 to 1, tqps from 4 to 1\n[47200.163524] ------------[ cut here ]------------\n[47200.171674] kernel BUG at lib/cpu_rmap.c:142!\n[47200.177847] Internal error: Oops - BUG: 0 [#1] PREEMPT SMP\n[47200.185259] Modules linked in: hclge(+) hns3(-) hns3_cae(O) hns_roce_hw_v2 hnae3 vfio_iommu_type1 vfio_pci vfio_virqfd vfio pv680_mii(O) [last unloaded: hclge]\n[47200.205912] CPU: 1 PID: 8260 Comm: ethtool Tainted: G           O      5.11.0-rc3+ #1\n[47200.215601] Hardware name:  , xxxxxx 02/04/2021\n[47200.223052] pstate: 60400009 (nZCv daif +PAN -UAO -TCO BTYPE=--)\n[47200.230188] pc : cpu_rmap_add+0x38/0x40\n[47200.237472] lr : irq_cpu_rmap_add+0x84/0x140\n[47200.243291] sp : ffff800010e93a30\n[47200.247295] x29: ffff800010e93a30 x28: ffff082100584880\n[47200.254155] x27: 0000000000000000 x26: 0000000000000000\n[47200.260712] x25: 0000000000000000 x24: 0000000000000004\n[47200.267241] x23: ffff08209ba03000 x22: ffff08209ba038c0\n[47200.273789] x21: 000000000000003f x20: ffff0820e2bc1680\n[47200.280400] x19: ffff0820c970ec80 x18: 00000000000000c0\n[47200.286944] x17: 0000000000000000 x16: ffffb43debe4a0d0\n[47200.293456] x15: fffffc2082990600 x14: dead000000000122\n[47200.300059] x13: ffffffffffffffff x12: 000000000000003e\n[47200.306606] x11: ffff0820815b8080 x10: ffff53e411988000\n[47200.313171] x9 : 0000000000000000 x8 : ffff0820e2bc1700\n[47200.319682] x7 : 0000000000000000 x6 : 000000000000003f\n[47200.326170] x5 : 0000000000000040 x4 : ffff800010e93a20\n[47200.332656] x3 : 0000000000000004 x2 : ffff0820c970ec80\n[47200.339168] x1 : ffff0820e2bc1680 x0 : 0000000000000004\n[47200.346058] Call trace:\n[47200.349324]  cpu_rmap_add+0x38/0x40\n[47200.354300]  hns3_set_rx_cpu_rmap+0x6c/0xe0 [hns3]\n[47200.362294]  hns3_reset_notify_init_enet+0x1cc/0x340 [hns3]\n[47200.370049]  hns3_change_channels+0x40/0xb0 [hns3]\n[47200.376770]  hns3_set_channels+0x12c/0x2a0 [hns3]\n[47200.383353]  ethtool_set_channels+0x140/0x250\n[47200.389772]  dev_ethtool+0x714/0x23d0\n[47200.394440]  dev_ioctl+0x4cc/0x640\n[47200.399277]  sock_do_ioctl+0x100/0x2a0\n[47200.404574]  sock_ioctl+0x28c/0x470\n[47200.409079]  __arm64_sys_ioctl+0xb4/0x100\n[47200.415217]  el0_svc_common.constprop.0+0x84/0x210\n[47200.422088]  do_el0_svc+0x28/0x34\n[47200.426387]  el0_svc+0x28/0x70\n[47200.431308]  el0_sync_handler+0x1a4/0x1b0\n[47200.436477]  el0_sync+0x174/0x180\n[47200.441562] Code: 11000405 79000c45 f8247861 d65f03c0 (d4210000)\n[47200.448869] ---[ end trace a01efe4ce42e5f34 ]---\n\nThe process is like below:\nexcuting hns3_client_init\n|\nregister_netdev()\n|                           hns3_set_channels()\n|                           |\nhns3_set_rx_cpu_rmap()      hns3_reset_notify_uninit_enet()\n|                               |\n|                            quit without calling function\n|                            hns3_free_rx_cpu_rmap for flag\n|                            HNS3_NIC_STATE_INITED is unset.\n|                           |\n|                           hns3_reset_notify_init_enet()\n|                               |\nset HNS3_NIC_STATE_INITED    call hns3_set_rx_cpu_rmap()-- crash\n\nFix it by calling register_netdev() at the end of function\nhns3_client_init()."
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-11-04T12:00:14.335Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/a663c1e418a3b5b8e8edfad4bc8e7278c312d6fc"
        },
        {
          "url": "https://git.kernel.org/stable/c/0921a0620b5077796fddffb22a8e6bc635a4bb50"
        },
        {
          "url": "https://git.kernel.org/stable/c/a289a7e5c1d49b7d47df9913c1cc81fb48fab613"
        }
      ],
      "title": "net: hns3: put off calling register_netdev() until client initialize complete",
      "x_generator": {
        "engine": "bippy-9e1c9544281a"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2021-47139",
    "datePublished": "2024-03-25T09:07:38.216Z",
    "dateReserved": "2024-03-04T18:12:48.841Z",
    "dateUpdated": "2024-11-04T12:00:14.335Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2021-47160

Vulnerability from cvelistv5

Published

2024-03-25 09:16

Modified

2024-11-04 12:00

Severity ?

Summary

net: dsa: mt7530: fix VLAN traffic leaks

References

▼	URL	Tags
	https://git.kernel.org/stable/c/ae389812733b1b1e8e07fcc238e41db166b5c78d
	https://git.kernel.org/stable/c/4fe4e1f48ba119bdbc7c897c83b04ba0d08f5488
	https://git.kernel.org/stable/c/b91117b66fe875723a4e79ec6263526fffdb44d2
	https://git.kernel.org/stable/c/82ae35b6c14feae5f216913d5b433e143c756d4e
	https://git.kernel.org/stable/c/474a2ddaa192777522a7499784f1d60691cd831a

Impacted products

▼	Vendor	Product
	Linux	Linux
	Linux	Linux

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2021-47160",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-03-25T13:55:35.659497Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-06-04T17:13:48.308Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T05:24:39.982Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/ae389812733b1b1e8e07fcc238e41db166b5c78d"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/4fe4e1f48ba119bdbc7c897c83b04ba0d08f5488"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/b91117b66fe875723a4e79ec6263526fffdb44d2"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/82ae35b6c14feae5f216913d5b433e143c756d4e"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/474a2ddaa192777522a7499784f1d60691cd831a"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "drivers/net/dsa/mt7530.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "ae389812733b",
              "status": "affected",
              "version": "83163f7dca56",
              "versionType": "git"
            },
            {
              "lessThan": "4fe4e1f48ba1",
              "status": "affected",
              "version": "83163f7dca56",
              "versionType": "git"
            },
            {
              "lessThan": "b91117b66fe8",
              "status": "affected",
              "version": "83163f7dca56",
              "versionType": "git"
            },
            {
              "lessThan": "82ae35b6c14f",
              "status": "affected",
              "version": "83163f7dca56",
              "versionType": "git"
            },
            {
              "lessThan": "474a2ddaa192",
              "status": "affected",
              "version": "83163f7dca56",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "drivers/net/dsa/mt7530.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "status": "affected",
              "version": "4.16"
            },
            {
              "lessThan": "4.16",
              "status": "unaffected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "4.19.*",
              "status": "unaffected",
              "version": "4.19.193",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.4.*",
              "status": "unaffected",
              "version": "5.4.124",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.10.*",
              "status": "unaffected",
              "version": "5.10.42",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.12.*",
              "status": "unaffected",
              "version": "5.12.9",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "5.13",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: dsa: mt7530: fix VLAN traffic leaks\n\nPCR_MATRIX field was set to all 1\u0027s when VLAN filtering is enabled, but\nwas not reset when it is disabled, which may cause traffic leaks:\n\n\tip link add br0 type bridge vlan_filtering 1\n\tip link add br1 type bridge vlan_filtering 1\n\tip link set swp0 master br0\n\tip link set swp1 master br1\n\tip link set br0 type bridge vlan_filtering 0\n\tip link set br1 type bridge vlan_filtering 0\n\t# traffic in br0 and br1 will start leaking to each other\n\nAs port_bridge_{add,del} have set up PCR_MATRIX properly, remove the\nPCR_MATRIX write from mt7530_port_set_vlan_aware."
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-11-04T12:00:34.579Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/ae389812733b1b1e8e07fcc238e41db166b5c78d"
        },
        {
          "url": "https://git.kernel.org/stable/c/4fe4e1f48ba119bdbc7c897c83b04ba0d08f5488"
        },
        {
          "url": "https://git.kernel.org/stable/c/b91117b66fe875723a4e79ec6263526fffdb44d2"
        },
        {
          "url": "https://git.kernel.org/stable/c/82ae35b6c14feae5f216913d5b433e143c756d4e"
        },
        {
          "url": "https://git.kernel.org/stable/c/474a2ddaa192777522a7499784f1d60691cd831a"
        }
      ],
      "title": "net: dsa: mt7530: fix VLAN traffic leaks",
      "x_generator": {
        "engine": "bippy-9e1c9544281a"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2021-47160",
    "datePublished": "2024-03-25T09:16:14.468Z",
    "dateReserved": "2024-03-25T09:12:14.109Z",
    "dateUpdated": "2024-11-04T12:00:34.579Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2021-47171

Vulnerability from cvelistv5

Published

2024-03-25 09:16

Modified

2024-11-04 12:00

Severity ?

Summary

net: usb: fix memory leak in smsc75xx_bind

References

▼	URL	Tags
	https://git.kernel.org/stable/c/200dbfcad8011e50c3cec269ed7b980836eeb1fa
	https://git.kernel.org/stable/c/22c840596af0c09068b6cf948616e6496e59e07f
	https://git.kernel.org/stable/c/9e6b8c1ff9d997e1fa16cbd2d60739adf6dc1bbc
	https://git.kernel.org/stable/c/9e6a3eccb28779710cbbafc4f4258d92509c6d07
	https://git.kernel.org/stable/c/b95fb96e6339e34694dd578fb6bde3575b01af17
	https://git.kernel.org/stable/c/635ac38b36255d3cfb8312cf7c471334f4d537e0
	https://git.kernel.org/stable/c/70c886ac93f87ae7214a0c69151a28a8075dd95b
	https://git.kernel.org/stable/c/46a8b29c6306d8bbfd92b614ef65a47c900d8e70

Impacted products

▼	Vendor	Product
	Linux	Linux
	Linux	Linux

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T05:24:39.965Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/200dbfcad8011e50c3cec269ed7b980836eeb1fa"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/22c840596af0c09068b6cf948616e6496e59e07f"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/9e6b8c1ff9d997e1fa16cbd2d60739adf6dc1bbc"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/9e6a3eccb28779710cbbafc4f4258d92509c6d07"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/b95fb96e6339e34694dd578fb6bde3575b01af17"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/635ac38b36255d3cfb8312cf7c471334f4d537e0"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/70c886ac93f87ae7214a0c69151a28a8075dd95b"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/46a8b29c6306d8bbfd92b614ef65a47c900d8e70"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2021-47171",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-09-10T15:54:28.610486Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-09-11T17:32:58.501Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "drivers/net/usb/smsc75xx.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "200dbfcad801",
              "status": "affected",
              "version": "d0cad871703b",
              "versionType": "git"
            },
            {
              "lessThan": "22c840596af0",
              "status": "affected",
              "version": "d0cad871703b",
              "versionType": "git"
            },
            {
              "lessThan": "9e6b8c1ff9d9",
              "status": "affected",
              "version": "d0cad871703b",
              "versionType": "git"
            },
            {
              "lessThan": "9e6a3eccb287",
              "status": "affected",
              "version": "d0cad871703b",
              "versionType": "git"
            },
            {
              "lessThan": "b95fb96e6339",
              "status": "affected",
              "version": "d0cad871703b",
              "versionType": "git"
            },
            {
              "lessThan": "635ac38b3625",
              "status": "affected",
              "version": "d0cad871703b",
              "versionType": "git"
            },
            {
              "lessThan": "70c886ac93f8",
              "status": "affected",
              "version": "d0cad871703b",
              "versionType": "git"
            },
            {
              "lessThan": "46a8b29c6306",
              "status": "affected",
              "version": "d0cad871703b",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "drivers/net/usb/smsc75xx.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "status": "affected",
              "version": "2.6.34"
            },
            {
              "lessThan": "2.6.34",
              "status": "unaffected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "4.4.*",
              "status": "unaffected",
              "version": "4.4.271",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "4.9.*",
              "status": "unaffected",
              "version": "4.9.271",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "4.14.*",
              "status": "unaffected",
              "version": "4.14.235",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "4.19.*",
              "status": "unaffected",
              "version": "4.19.193",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.4.*",
              "status": "unaffected",
              "version": "5.4.124",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.10.*",
              "status": "unaffected",
              "version": "5.10.42",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.12.*",
              "status": "unaffected",
              "version": "5.12.9",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "5.13",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: usb: fix memory leak in smsc75xx_bind\n\nSyzbot reported memory leak in smsc75xx_bind().\nThe problem was is non-freed memory in case of\nerrors after memory allocation.\n\nbacktrace:\n  [\u003cffffffff84245b62\u003e] kmalloc include/linux/slab.h:556 [inline]\n  [\u003cffffffff84245b62\u003e] kzalloc include/linux/slab.h:686 [inline]\n  [\u003cffffffff84245b62\u003e] smsc75xx_bind+0x7a/0x334 drivers/net/usb/smsc75xx.c:1460\n  [\u003cffffffff82b5b2e6\u003e] usbnet_probe+0x3b6/0xc30 drivers/net/usb/usbnet.c:1728"
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-11-04T12:00:47.533Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/200dbfcad8011e50c3cec269ed7b980836eeb1fa"
        },
        {
          "url": "https://git.kernel.org/stable/c/22c840596af0c09068b6cf948616e6496e59e07f"
        },
        {
          "url": "https://git.kernel.org/stable/c/9e6b8c1ff9d997e1fa16cbd2d60739adf6dc1bbc"
        },
        {
          "url": "https://git.kernel.org/stable/c/9e6a3eccb28779710cbbafc4f4258d92509c6d07"
        },
        {
          "url": "https://git.kernel.org/stable/c/b95fb96e6339e34694dd578fb6bde3575b01af17"
        },
        {
          "url": "https://git.kernel.org/stable/c/635ac38b36255d3cfb8312cf7c471334f4d537e0"
        },
        {
          "url": "https://git.kernel.org/stable/c/70c886ac93f87ae7214a0c69151a28a8075dd95b"
        },
        {
          "url": "https://git.kernel.org/stable/c/46a8b29c6306d8bbfd92b614ef65a47c900d8e70"
        }
      ],
      "title": "net: usb: fix memory leak in smsc75xx_bind",
      "x_generator": {
        "engine": "bippy-9e1c9544281a"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2021-47171",
    "datePublished": "2024-03-25T09:16:22.993Z",
    "dateReserved": "2024-03-25T09:12:14.111Z",
    "dateUpdated": "2024-11-04T12:00:47.533Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2021-47140

Vulnerability from cvelistv5

Published

2024-03-25 09:07

Modified

2024-11-07 16:55

Severity ?

5.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

Summary

iommu/amd: Clear DMA ops when switching domain

References

▼	URL	Tags
	https://git.kernel.org/stable/c/f3f2cf46291a693eab21adb94171b0128c2a9ec1
	https://git.kernel.org/stable/c/d6177a6556f853785867e2ec6d5b7f4906f0d809

Impacted products

▼	Vendor	Product
	Linux	Linux
	Linux	Linux

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "cvssV3_1": {
              "attackComplexity": "LOW",
              "attackVector": "NETWORK",
              "availabilityImpact": "LOW",
              "baseScore": 5.3,
              "baseSeverity": "MEDIUM",
              "confidentialityImpact": "NONE",
              "integrityImpact": "NONE",
              "privilegesRequired": "NONE",
              "scope": "UNCHANGED",
              "userInteraction": "NONE",
              "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
              "version": "3.1"
            }
          },
          {
            "other": {
              "content": {
                "id": "CVE-2021-47140",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-03-28T18:23:40.850053Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "problemTypes": [
          {
            "descriptions": [
              {
                "description": "CWE-noinfo Not enough information",
                "lang": "en",
                "type": "CWE"
              }
            ]
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-11-07T16:55:13.305Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T05:24:39.961Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/f3f2cf46291a693eab21adb94171b0128c2a9ec1"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/d6177a6556f853785867e2ec6d5b7f4906f0d809"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "drivers/iommu/amd/iommu.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "f3f2cf46291a",
              "status": "affected",
              "version": "08a27c1c3ecf",
              "versionType": "git"
            },
            {
              "lessThan": "d6177a6556f8",
              "status": "affected",
              "version": "08a27c1c3ecf",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "drivers/iommu/amd/iommu.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "status": "affected",
              "version": "5.11"
            },
            {
              "lessThan": "5.11",
              "status": "unaffected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.12.*",
              "status": "unaffected",
              "version": "5.12.9",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "5.13",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\niommu/amd: Clear DMA ops when switching domain\n\nSince commit 08a27c1c3ecf (\"iommu: Add support to change default domain\nof an iommu group\") a user can switch a device between IOMMU and direct\nDMA through sysfs. This doesn\u0027t work for AMD IOMMU at the moment because\ndev-\u003edma_ops is not cleared when switching from a DMA to an identity\nIOMMU domain. The DMA layer thus attempts to use the dma-iommu ops on an\nidentity domain, causing an oops:\n\n  # echo 0000:00:05.0 \u003e /sys/sys/bus/pci/drivers/e1000e/unbind\n  # echo identity \u003e /sys/bus/pci/devices/0000:00:05.0/iommu_group/type\n  # echo 0000:00:05.0 \u003e /sys/sys/bus/pci/drivers/e1000e/bind\n   ...\n  BUG: kernel NULL pointer dereference, address: 0000000000000028\n   ...\n   Call Trace:\n    iommu_dma_alloc\n    e1000e_setup_tx_resources\n    e1000e_open\n\nSince iommu_change_dev_def_domain() calls probe_finalize() again, clear\nthe dma_ops there like Vt-d does."
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-11-04T12:00:15.519Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/f3f2cf46291a693eab21adb94171b0128c2a9ec1"
        },
        {
          "url": "https://git.kernel.org/stable/c/d6177a6556f853785867e2ec6d5b7f4906f0d809"
        }
      ],
      "title": "iommu/amd: Clear DMA ops when switching domain",
      "x_generator": {
        "engine": "bippy-9e1c9544281a"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2021-47140",
    "datePublished": "2024-03-25T09:07:38.949Z",
    "dateReserved": "2024-03-04T18:12:48.842Z",
    "dateUpdated": "2024-11-07T16:55:13.305Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2021-47170

Vulnerability from cvelistv5

Published

2024-03-25 09:16

Modified

2024-11-04 12:00

Severity ?

Summary

USB: usbfs: Don't WARN about excessively large memory allocations

References

▼	URL	Tags
	https://git.kernel.org/stable/c/2ab21d6e1411999b5fb43434f421f00bf50002eb
	https://git.kernel.org/stable/c/2c835fede13e03f2743a333e4370b5ed2db91e83
	https://git.kernel.org/stable/c/8d83f109e920d2776991fa142bb904d985dca2ed
	https://git.kernel.org/stable/c/9f7cb3f01a10d9064cf13b3d26fb7e7a5827d098
	https://git.kernel.org/stable/c/4f2629ea67e7225c3fd292c7fe4f5b3c9d6392de

Impacted products

▼	Vendor	Product
	Linux	Linux
	Linux	Linux

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T05:24:40.234Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/2ab21d6e1411999b5fb43434f421f00bf50002eb"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/2c835fede13e03f2743a333e4370b5ed2db91e83"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/8d83f109e920d2776991fa142bb904d985dca2ed"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/9f7cb3f01a10d9064cf13b3d26fb7e7a5827d098"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/4f2629ea67e7225c3fd292c7fe4f5b3c9d6392de"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2021-47170",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-09-10T15:54:31.690189Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-09-11T17:33:51.941Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "drivers/usb/core/devio.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "2ab21d6e1411",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            },
            {
              "lessThan": "2c835fede13e",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            },
            {
              "lessThan": "8d83f109e920",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            },
            {
              "lessThan": "9f7cb3f01a10",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            },
            {
              "lessThan": "4f2629ea67e7",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "drivers/usb/core/devio.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThanOrEqual": "4.19.*",
              "status": "unaffected",
              "version": "4.19.193",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.4.*",
              "status": "unaffected",
              "version": "5.4.124",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.10.*",
              "status": "unaffected",
              "version": "5.10.42",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.12.*",
              "status": "unaffected",
              "version": "5.12.9",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "5.13",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nUSB: usbfs: Don\u0027t WARN about excessively large memory allocations\n\nSyzbot found that the kernel generates a WARNing if the user tries to\nsubmit a bulk transfer through usbfs with a buffer that is way too\nlarge.  This isn\u0027t a bug in the kernel; it\u0027s merely an invalid request\nfrom the user and the usbfs code does handle it correctly.\n\nIn theory the same thing can happen with async transfers, or with the\npacket descriptor table for isochronous transfers.\n\nTo prevent the MM subsystem from complaining about these bad\nallocation requests, add the __GFP_NOWARN flag to the kmalloc calls\nfor these buffers."
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-11-04T12:00:46.330Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/2ab21d6e1411999b5fb43434f421f00bf50002eb"
        },
        {
          "url": "https://git.kernel.org/stable/c/2c835fede13e03f2743a333e4370b5ed2db91e83"
        },
        {
          "url": "https://git.kernel.org/stable/c/8d83f109e920d2776991fa142bb904d985dca2ed"
        },
        {
          "url": "https://git.kernel.org/stable/c/9f7cb3f01a10d9064cf13b3d26fb7e7a5827d098"
        },
        {
          "url": "https://git.kernel.org/stable/c/4f2629ea67e7225c3fd292c7fe4f5b3c9d6392de"
        }
      ],
      "title": "USB: usbfs: Don\u0027t WARN about excessively large memory allocations",
      "x_generator": {
        "engine": "bippy-9e1c9544281a"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2021-47170",
    "datePublished": "2024-03-25T09:16:22.313Z",
    "dateReserved": "2024-03-25T09:12:14.111Z",
    "dateUpdated": "2024-11-04T12:00:46.330Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2021-47148

Vulnerability from cvelistv5

Published

2024-03-25 09:07

Modified

2024-11-04 12:00

Severity ?

Summary

octeontx2-pf: fix a buffer overflow in otx2_set_rxfh_context()

References

▼	URL	Tags
	https://git.kernel.org/stable/c/389146bc6d2bbb20714d06624b74856320ce40f7
	https://git.kernel.org/stable/c/e5cc361e21648b75f935f9571d4003aaee480214

Impacted products

▼	Vendor	Product
	Linux	Linux
	Linux	Linux

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2021-47148",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-06-26T20:36:23.128673Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-06-26T20:36:29.271Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T05:24:40.199Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/389146bc6d2bbb20714d06624b74856320ce40f7"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/e5cc361e21648b75f935f9571d4003aaee480214"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "drivers/net/ethernet/marvell/octeontx2/nic/otx2_ethtool.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "389146bc6d2b",
              "status": "affected",
              "version": "81a4362016e7",
              "versionType": "git"
            },
            {
              "lessThan": "e5cc361e2164",
              "status": "affected",
              "version": "81a4362016e7",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "drivers/net/ethernet/marvell/octeontx2/nic/otx2_ethtool.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "status": "affected",
              "version": "5.12"
            },
            {
              "lessThan": "5.12",
              "status": "unaffected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.12.*",
              "status": "unaffected",
              "version": "5.12.9",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "5.13",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nocteontx2-pf: fix a buffer overflow in otx2_set_rxfh_context()\n\nThis function is called from ethtool_set_rxfh() and \"*rss_context\"\ncomes from the user.  Add some bounds checking to prevent memory\ncorruption."
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-11-04T12:00:25.140Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/389146bc6d2bbb20714d06624b74856320ce40f7"
        },
        {
          "url": "https://git.kernel.org/stable/c/e5cc361e21648b75f935f9571d4003aaee480214"
        }
      ],
      "title": "octeontx2-pf: fix a buffer overflow in otx2_set_rxfh_context()",
      "x_generator": {
        "engine": "bippy-9e1c9544281a"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2021-47148",
    "datePublished": "2024-03-25T09:07:44.472Z",
    "dateReserved": "2024-03-04T18:12:48.845Z",
    "dateUpdated": "2024-11-04T12:00:25.140Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2021-47153

Vulnerability from cvelistv5

Published

2024-03-25 09:07

Modified

2024-11-05 16:55

Severity ?

6.0 (Medium) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:H

Summary

i2c: i801: Don't generate an interrupt on bus reset

References

▼	URL	Tags
	https://git.kernel.org/stable/c/f9469082126cebb7337db3992d143f5e4edfe629
	https://git.kernel.org/stable/c/09c9e79f4c10cfb6b9e0e1b4dd355232e4b5a3b3
	https://git.kernel.org/stable/c/dfa8929e117b0228a7765f5c3f5988a4a028f3c6
	https://git.kernel.org/stable/c/c70e1ba2e7e65255a0ce004f531dd90dada97a8c
	https://git.kernel.org/stable/c/04cc05e3716ae31b17ecdab7bc55c8170def1b8b
	https://git.kernel.org/stable/c/b523feb7e8e44652f92f3babb953a976e7ccbbef
	https://git.kernel.org/stable/c/1f583d3813f204449037cd2acbfc09168171362a
	https://git.kernel.org/stable/c/e4d8716c3dcec47f1557024add24e1f3c09eb24b

Impacted products

▼	Vendor	Product
	Linux	Linux
	Linux	Linux

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "cvssV3_1": {
              "attackComplexity": "LOW",
              "attackVector": "LOCAL",
              "availabilityImpact": "HIGH",
              "baseScore": 6,
              "baseSeverity": "MEDIUM",
              "confidentialityImpact": "HIGH",
              "integrityImpact": "NONE",
              "privilegesRequired": "HIGH",
              "scope": "UNCHANGED",
              "userInteraction": "NONE",
              "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:H",
              "version": "3.1"
            }
          },
          {
            "other": {
              "content": {
                "id": "CVE-2021-47153",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-03-25T19:20:15.941507Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "problemTypes": [
          {
            "descriptions": [
              {
                "description": "CWE-noinfo Not enough information",
                "lang": "en",
                "type": "CWE"
              }
            ]
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-11-05T16:55:32.968Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T05:24:39.990Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/f9469082126cebb7337db3992d143f5e4edfe629"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/09c9e79f4c10cfb6b9e0e1b4dd355232e4b5a3b3"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/dfa8929e117b0228a7765f5c3f5988a4a028f3c6"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/c70e1ba2e7e65255a0ce004f531dd90dada97a8c"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/04cc05e3716ae31b17ecdab7bc55c8170def1b8b"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/b523feb7e8e44652f92f3babb953a976e7ccbbef"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/1f583d3813f204449037cd2acbfc09168171362a"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/e4d8716c3dcec47f1557024add24e1f3c09eb24b"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "drivers/i2c/busses/i2c-i801.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "f9469082126c",
              "status": "affected",
              "version": "636752bcb517",
              "versionType": "git"
            },
            {
              "lessThan": "09c9e79f4c10",
              "status": "affected",
              "version": "636752bcb517",
              "versionType": "git"
            },
            {
              "lessThan": "dfa8929e117b",
              "status": "affected",
              "version": "636752bcb517",
              "versionType": "git"
            },
            {
              "lessThan": "c70e1ba2e7e6",
              "status": "affected",
              "version": "636752bcb517",
              "versionType": "git"
            },
            {
              "lessThan": "04cc05e3716a",
              "status": "affected",
              "version": "636752bcb517",
              "versionType": "git"
            },
            {
              "lessThan": "b523feb7e8e4",
              "status": "affected",
              "version": "636752bcb517",
              "versionType": "git"
            },
            {
              "lessThan": "1f583d3813f2",
              "status": "affected",
              "version": "636752bcb517",
              "versionType": "git"
            },
            {
              "lessThan": "e4d8716c3dce",
              "status": "affected",
              "version": "636752bcb517",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "drivers/i2c/busses/i2c-i801.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "status": "affected",
              "version": "3.6"
            },
            {
              "lessThan": "3.6",
              "status": "unaffected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "4.4.*",
              "status": "unaffected",
              "version": "4.4.271",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "4.9.*",
              "status": "unaffected",
              "version": "4.9.271",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "4.14.*",
              "status": "unaffected",
              "version": "4.14.235",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "4.19.*",
              "status": "unaffected",
              "version": "4.19.193",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.4.*",
              "status": "unaffected",
              "version": "5.4.124",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.10.*",
              "status": "unaffected",
              "version": "5.10.42",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.12.*",
              "status": "unaffected",
              "version": "5.12.9",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "5.13",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ni2c: i801: Don\u0027t generate an interrupt on bus reset\n\nNow that the i2c-i801 driver supports interrupts, setting the KILL bit\nin a attempt to recover from a timed out transaction triggers an\ninterrupt. Unfortunately, the interrupt handler (i801_isr) is not\nprepared for this situation and will try to process the interrupt as\nif it was signaling the end of a successful transaction. In the case\nof a block transaction, this can result in an out-of-range memory\naccess.\n\nThis condition was reproduced several times by syzbot:\nhttps://syzkaller.appspot.com/bug?extid=ed71512d469895b5b34e\nhttps://syzkaller.appspot.com/bug?extid=8c8dedc0ba9e03f6c79e\nhttps://syzkaller.appspot.com/bug?extid=c8ff0b6d6c73d81b610e\nhttps://syzkaller.appspot.com/bug?extid=33f6c360821c399d69eb\nhttps://syzkaller.appspot.com/bug?extid=be15dc0b1933f04b043a\nhttps://syzkaller.appspot.com/bug?extid=b4d3fd1dfd53e90afd79\n\nSo disable interrupts while trying to reset the bus. Interrupts will\nbe enabled again for the following transaction."
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-11-04T12:00:31.102Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/f9469082126cebb7337db3992d143f5e4edfe629"
        },
        {
          "url": "https://git.kernel.org/stable/c/09c9e79f4c10cfb6b9e0e1b4dd355232e4b5a3b3"
        },
        {
          "url": "https://git.kernel.org/stable/c/dfa8929e117b0228a7765f5c3f5988a4a028f3c6"
        },
        {
          "url": "https://git.kernel.org/stable/c/c70e1ba2e7e65255a0ce004f531dd90dada97a8c"
        },
        {
          "url": "https://git.kernel.org/stable/c/04cc05e3716ae31b17ecdab7bc55c8170def1b8b"
        },
        {
          "url": "https://git.kernel.org/stable/c/b523feb7e8e44652f92f3babb953a976e7ccbbef"
        },
        {
          "url": "https://git.kernel.org/stable/c/1f583d3813f204449037cd2acbfc09168171362a"
        },
        {
          "url": "https://git.kernel.org/stable/c/e4d8716c3dcec47f1557024add24e1f3c09eb24b"
        }
      ],
      "title": "i2c: i801: Don\u0027t generate an interrupt on bus reset",
      "x_generator": {
        "engine": "bippy-9e1c9544281a"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2021-47153",
    "datePublished": "2024-03-25T09:07:47.873Z",
    "dateReserved": "2024-03-04T18:12:48.846Z",
    "dateUpdated": "2024-11-05T16:55:32.968Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2021-47145

Vulnerability from cvelistv5

Published

2024-03-25 09:07

Modified

2024-11-04 12:00

Severity ?

Summary

btrfs: do not BUG_ON in link_to_fixup_dir

References

▼	URL	Tags
	https://git.kernel.org/stable/c/76bfd8ac20bebeae599452a03dfc5724c0475dcf
	https://git.kernel.org/stable/c/e934c4ee17b33bafb0444f2f9766cda7166d3c40
	https://git.kernel.org/stable/c/0eaf383c6a4a83c09f60fd07a1bea9f1a9181611
	https://git.kernel.org/stable/c/6eccfb28f8dca70c9b1b3bb3194ca54cbe73a9fa
	https://git.kernel.org/stable/c/0ed102453aa1cd12fefde8f6b60b9519b0b1f003
	https://git.kernel.org/stable/c/7e13db503918820e6333811cdc6f151dcea5090a
	https://git.kernel.org/stable/c/b545442133580dcb2f2496133bf850824d41255c
	https://git.kernel.org/stable/c/91df99a6eb50d5a1bc70fff4a09a0b7ae6aab96d

Impacted products

▼	Vendor	Product
	Linux	Linux
	Linux	Linux

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2021-47145",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-03-25T14:12:43.029638Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-06-04T17:14:28.150Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T05:24:39.917Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/76bfd8ac20bebeae599452a03dfc5724c0475dcf"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/e934c4ee17b33bafb0444f2f9766cda7166d3c40"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/0eaf383c6a4a83c09f60fd07a1bea9f1a9181611"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/6eccfb28f8dca70c9b1b3bb3194ca54cbe73a9fa"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/0ed102453aa1cd12fefde8f6b60b9519b0b1f003"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/7e13db503918820e6333811cdc6f151dcea5090a"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/b545442133580dcb2f2496133bf850824d41255c"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/91df99a6eb50d5a1bc70fff4a09a0b7ae6aab96d"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "fs/btrfs/tree-log.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "76bfd8ac20be",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            },
            {
              "lessThan": "e934c4ee17b3",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            },
            {
              "lessThan": "0eaf383c6a4a",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            },
            {
              "lessThan": "6eccfb28f8dc",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            },
            {
              "lessThan": "0ed102453aa1",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            },
            {
              "lessThan": "7e13db503918",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            },
            {
              "lessThan": "b54544213358",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            },
            {
              "lessThan": "91df99a6eb50",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "fs/btrfs/tree-log.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThanOrEqual": "4.4.*",
              "status": "unaffected",
              "version": "4.4.271",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "4.9.*",
              "status": "unaffected",
              "version": "4.9.271",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "4.14.*",
              "status": "unaffected",
              "version": "4.14.235",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "4.19.*",
              "status": "unaffected",
              "version": "4.19.193",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.4.*",
              "status": "unaffected",
              "version": "5.4.124",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.10.*",
              "status": "unaffected",
              "version": "5.10.42",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.12.*",
              "status": "unaffected",
              "version": "5.12.9",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "5.13",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nbtrfs: do not BUG_ON in link_to_fixup_dir\n\nWhile doing error injection testing I got the following panic\n\n  kernel BUG at fs/btrfs/tree-log.c:1862!\n  invalid opcode: 0000 [#1] SMP NOPTI\n  CPU: 1 PID: 7836 Comm: mount Not tainted 5.13.0-rc1+ #305\n  Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.13.0-2.fc32 04/01/2014\n  RIP: 0010:link_to_fixup_dir+0xd5/0xe0\n  RSP: 0018:ffffb5800180fa30 EFLAGS: 00010216\n  RAX: fffffffffffffffb RBX: 00000000fffffffb RCX: ffff8f595287faf0\n  RDX: ffffb5800180fa37 RSI: ffff8f5954978800 RDI: 0000000000000000\n  RBP: ffff8f5953af9450 R08: 0000000000000019 R09: 0000000000000001\n  R10: 000151f408682970 R11: 0000000120021001 R12: ffff8f5954978800\n  R13: ffff8f595287faf0 R14: ffff8f5953c77dd0 R15: 0000000000000065\n  FS:  00007fc5284c8c40(0000) GS:ffff8f59bbd00000(0000) knlGS:0000000000000000\n  CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n  CR2: 00007fc5287f47c0 CR3: 000000011275e002 CR4: 0000000000370ee0\n  Call Trace:\n   replay_one_buffer+0x409/0x470\n   ? btree_read_extent_buffer_pages+0xd0/0x110\n   walk_up_log_tree+0x157/0x1e0\n   walk_log_tree+0xa6/0x1d0\n   btrfs_recover_log_trees+0x1da/0x360\n   ? replay_one_extent+0x7b0/0x7b0\n   open_ctree+0x1486/0x1720\n   btrfs_mount_root.cold+0x12/0xea\n   ? __kmalloc_track_caller+0x12f/0x240\n   legacy_get_tree+0x24/0x40\n   vfs_get_tree+0x22/0xb0\n   vfs_kern_mount.part.0+0x71/0xb0\n   btrfs_mount+0x10d/0x380\n   ? vfs_parse_fs_string+0x4d/0x90\n   legacy_get_tree+0x24/0x40\n   vfs_get_tree+0x22/0xb0\n   path_mount+0x433/0xa10\n   __x64_sys_mount+0xe3/0x120\n   do_syscall_64+0x3d/0x80\n   entry_SYSCALL_64_after_hwframe+0x44/0xae\n\nWe can get -EIO or any number of legitimate errors from\nbtrfs_search_slot(), panicing here is not the appropriate response.  The\nerror path for this code handles errors properly, simply return the\nerror."
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-11-04T12:00:21.515Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/76bfd8ac20bebeae599452a03dfc5724c0475dcf"
        },
        {
          "url": "https://git.kernel.org/stable/c/e934c4ee17b33bafb0444f2f9766cda7166d3c40"
        },
        {
          "url": "https://git.kernel.org/stable/c/0eaf383c6a4a83c09f60fd07a1bea9f1a9181611"
        },
        {
          "url": "https://git.kernel.org/stable/c/6eccfb28f8dca70c9b1b3bb3194ca54cbe73a9fa"
        },
        {
          "url": "https://git.kernel.org/stable/c/0ed102453aa1cd12fefde8f6b60b9519b0b1f003"
        },
        {
          "url": "https://git.kernel.org/stable/c/7e13db503918820e6333811cdc6f151dcea5090a"
        },
        {
          "url": "https://git.kernel.org/stable/c/b545442133580dcb2f2496133bf850824d41255c"
        },
        {
          "url": "https://git.kernel.org/stable/c/91df99a6eb50d5a1bc70fff4a09a0b7ae6aab96d"
        }
      ],
      "title": "btrfs: do not BUG_ON in link_to_fixup_dir",
      "x_generator": {
        "engine": "bippy-9e1c9544281a"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2021-47145",
    "datePublished": "2024-03-25T09:07:42.384Z",
    "dateReserved": "2024-03-04T18:12:48.845Z",
    "dateUpdated": "2024-11-04T12:00:21.515Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2021-47178

Vulnerability from cvelistv5

Published

2024-03-25 09:16

Modified

2024-11-04 12:00

Severity ?

Summary

scsi: target: core: Avoid smp_processor_id() in preemptible code

References

▼	URL	Tags
	https://git.kernel.org/stable/c/a222d2794c53f8165de20aa91b39e35e4b72bce9
	https://git.kernel.org/stable/c/a20b6eaf4f35046a429cde57bee7eb5f13d6857f
	https://git.kernel.org/stable/c/70ca3c57ff914113f681e657634f7fbfa68e1ad1

Impacted products

▼	Vendor	Product
	Linux	Linux
	Linux	Linux

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T05:24:39.944Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/a222d2794c53f8165de20aa91b39e35e4b72bce9"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/a20b6eaf4f35046a429cde57bee7eb5f13d6857f"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/70ca3c57ff914113f681e657634f7fbfa68e1ad1"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2021-47178",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-09-10T15:54:21.876109Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-09-11T17:33:47.925Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "drivers/target/target_core_transport.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "a222d2794c53",
              "status": "affected",
              "version": "008b936bbde3",
              "versionType": "git"
            },
            {
              "lessThan": "a20b6eaf4f35",
              "status": "affected",
              "version": "1526d9f10c61",
              "versionType": "git"
            },
            {
              "lessThan": "70ca3c57ff91",
              "status": "affected",
              "version": "1526d9f10c61",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "drivers/target/target_core_transport.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "status": "affected",
              "version": "5.11"
            },
            {
              "lessThan": "5.11",
              "status": "unaffected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.12.*",
              "status": "unaffected",
              "version": "5.12.9",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "5.13",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: target: core: Avoid smp_processor_id() in preemptible code\n\nThe BUG message \"BUG: using smp_processor_id() in preemptible [00000000]\ncode\" was observed for TCMU devices with kernel config DEBUG_PREEMPT.\n\nThe message was observed when blktests block/005 was run on TCMU devices\nwith fileio backend or user:zbc backend [1]. The commit 1130b499b4a7\n(\"scsi: target: tcm_loop: Use LIO wq cmd submission helper\") triggered the\nsymptom. The commit modified work queue to handle commands and changed\n\u0027current-\u003enr_cpu_allowed\u0027 at smp_processor_id() call.\n\nThe message was also observed at system shutdown when TCMU devices were not\ncleaned up [2]. The function smp_processor_id() was called in SCSI host\nwork queue for abort handling, and triggered the BUG message. This symptom\nwas observed regardless of the commit 1130b499b4a7 (\"scsi: target:\ntcm_loop: Use LIO wq cmd submission helper\").\n\nTo avoid the preemptible code check at smp_processor_id(), get CPU ID with\nraw_smp_processor_id() instead. The CPU ID is used for performance\nimprovement then thread move to other CPU will not affect the code.\n\n[1]\n\n[   56.468103] run blktests block/005 at 2021-05-12 14:16:38\n[   57.369473] check_preemption_disabled: 85 callbacks suppressed\n[   57.369480] BUG: using smp_processor_id() in preemptible [00000000] code: fio/1511\n[   57.369506] BUG: using smp_processor_id() in preemptible [00000000] code: fio/1510\n[   57.369512] BUG: using smp_processor_id() in preemptible [00000000] code: fio/1506\n[   57.369552] caller is __target_init_cmd+0x157/0x170 [target_core_mod]\n[   57.369606] CPU: 4 PID: 1506 Comm: fio Not tainted 5.13.0-rc1+ #34\n[   57.369613] Hardware name: System manufacturer System Product Name/PRIME Z270-A, BIOS 1302 03/15/2018\n[   57.369617] Call Trace:\n[   57.369621] BUG: using smp_processor_id() in preemptible [00000000] code: fio/1507\n[   57.369628]  dump_stack+0x6d/0x89\n[   57.369642]  check_preemption_disabled+0xc8/0xd0\n[   57.369628] caller is __target_init_cmd+0x157/0x170 [target_core_mod]\n[   57.369655]  __target_init_cmd+0x157/0x170 [target_core_mod]\n[   57.369695]  target_init_cmd+0x76/0x90 [target_core_mod]\n[   57.369732]  tcm_loop_queuecommand+0x109/0x210 [tcm_loop]\n[   57.369744]  scsi_queue_rq+0x38e/0xc40\n[   57.369761]  __blk_mq_try_issue_directly+0x109/0x1c0\n[   57.369779]  blk_mq_try_issue_directly+0x43/0x90\n[   57.369790]  blk_mq_submit_bio+0x4e5/0x5d0\n[   57.369812]  submit_bio_noacct+0x46e/0x4e0\n[   57.369830]  __blkdev_direct_IO_simple+0x1a3/0x2d0\n[   57.369859]  ? set_init_blocksize.isra.0+0x60/0x60\n[   57.369880]  generic_file_read_iter+0x89/0x160\n[   57.369898]  blkdev_read_iter+0x44/0x60\n[   57.369906]  new_sync_read+0x102/0x170\n[   57.369929]  vfs_read+0xd4/0x160\n[   57.369941]  __x64_sys_pread64+0x6e/0xa0\n[   57.369946]  ? lockdep_hardirqs_on+0x79/0x100\n[   57.369958]  do_syscall_64+0x3a/0x70\n[   57.369965]  entry_SYSCALL_64_after_hwframe+0x44/0xae\n[   57.369973] RIP: 0033:0x7f7ed4c1399f\n[   57.369979] Code: 08 89 3c 24 48 89 4c 24 18 e8 7d f3 ff ff 4c 8b 54 24 18 48 8b 54 24 10 41 89 c0 48 8b 74 24 08 8b 3c 24 b8 11 00 00 00 0f 05 \u003c48\u003e 3d 00 f0 ff ff 77 31 44 89 c7 48 89 04 24 e8 cd f3 ff ff 48 8b\n[   57.369983] RSP: 002b:00007ffd7918c580 EFLAGS: 00000293 ORIG_RAX: 0000000000000011\n[   57.369990] RAX: ffffffffffffffda RBX: 00000000015b4540 RCX: 00007f7ed4c1399f\n[   57.369993] RDX: 0000000000001000 RSI: 00000000015de000 RDI: 0000000000000009\n[   57.369996] RBP: 00000000015b4540 R08: 0000000000000000 R09: 0000000000000001\n[   57.369999] R10: 0000000000e5c000 R11: 0000000000000293 R12: 00007f7eb5269a70\n[   57.370002] R13: 0000000000000000 R14: 0000000000001000 R15: 00000000015b4568\n[   57.370031] CPU: 7 PID: 1507 Comm: fio Not tainted 5.13.0-rc1+ #34\n[   57.370036] Hardware name: System manufacturer System Product Name/PRIME Z270-A, BIOS 1302 03/15/2018\n[   57.370039] Call Trace:\n[   57.370045]  dump_stack+0x6d/0x89\n[   57.370056]  ch\n---truncated---"
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-11-04T12:00:55.604Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/a222d2794c53f8165de20aa91b39e35e4b72bce9"
        },
        {
          "url": "https://git.kernel.org/stable/c/a20b6eaf4f35046a429cde57bee7eb5f13d6857f"
        },
        {
          "url": "https://git.kernel.org/stable/c/70ca3c57ff914113f681e657634f7fbfa68e1ad1"
        }
      ],
      "title": "scsi: target: core: Avoid smp_processor_id() in preemptible code",
      "x_generator": {
        "engine": "bippy-9e1c9544281a"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2021-47178",
    "datePublished": "2024-03-25T09:16:28.024Z",
    "dateReserved": "2024-03-25T09:12:14.112Z",
    "dateUpdated": "2024-11-04T12:00:55.604Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2021-47146

Vulnerability from cvelistv5

Published

2024-03-25 09:07

Modified

2024-11-04 12:00

Severity ?

Summary

mld: fix panic in mld_newpack()

References

▼	URL	Tags
	https://git.kernel.org/stable/c/0e35b7457b7b6e73ffeaaca1a577fdf1af0feca1
	https://git.kernel.org/stable/c/17728616a4c85baf0edc975c60ba4e4157684d9a
	https://git.kernel.org/stable/c/221142038f36d9f28b64e83e954774da4d4ccd17
	https://git.kernel.org/stable/c/4b77ad9097067b31237eeeee0bf70f80849680a0
	https://git.kernel.org/stable/c/37d697759958d111439080bab7e14d2b0e7b39f5
	https://git.kernel.org/stable/c/beb39adb150f8f3b516ddf7c39835a9788704d23
	https://git.kernel.org/stable/c/a76fb9ba545289379acf409653ad5f74417be59c
	https://git.kernel.org/stable/c/020ef930b826d21c5446fdc9db80fd72a791bc21

Impacted products

▼	Vendor	Product
	Linux	Linux
	Linux	Linux

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T05:24:39.987Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/0e35b7457b7b6e73ffeaaca1a577fdf1af0feca1"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/17728616a4c85baf0edc975c60ba4e4157684d9a"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/221142038f36d9f28b64e83e954774da4d4ccd17"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/4b77ad9097067b31237eeeee0bf70f80849680a0"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/37d697759958d111439080bab7e14d2b0e7b39f5"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/beb39adb150f8f3b516ddf7c39835a9788704d23"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/a76fb9ba545289379acf409653ad5f74417be59c"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/020ef930b826d21c5446fdc9db80fd72a791bc21"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2021-47146",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-09-10T15:54:54.361995Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-09-11T17:33:13.921Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "net/ipv6/mcast.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "0e35b7457b7b",
              "status": "affected",
              "version": "72e09ad107e7",
              "versionType": "git"
            },
            {
              "lessThan": "17728616a4c8",
              "status": "affected",
              "version": "72e09ad107e7",
              "versionType": "git"
            },
            {
              "lessThan": "221142038f36",
              "status": "affected",
              "version": "72e09ad107e7",
              "versionType": "git"
            },
            {
              "lessThan": "4b77ad909706",
              "status": "affected",
              "version": "72e09ad107e7",
              "versionType": "git"
            },
            {
              "lessThan": "37d697759958",
              "status": "affected",
              "version": "72e09ad107e7",
              "versionType": "git"
            },
            {
              "lessThan": "beb39adb150f",
              "status": "affected",
              "version": "72e09ad107e7",
              "versionType": "git"
            },
            {
              "lessThan": "a76fb9ba5452",
              "status": "affected",
              "version": "72e09ad107e7",
              "versionType": "git"
            },
            {
              "lessThan": "020ef930b826",
              "status": "affected",
              "version": "72e09ad107e7",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "net/ipv6/mcast.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "status": "affected",
              "version": "2.6.35"
            },
            {
              "lessThan": "2.6.35",
              "status": "unaffected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "4.4.*",
              "status": "unaffected",
              "version": "4.4.271",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "4.9.*",
              "status": "unaffected",
              "version": "4.9.271",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "4.14.*",
              "status": "unaffected",
              "version": "4.14.235",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "4.19.*",
              "status": "unaffected",
              "version": "4.19.193",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.4.*",
              "status": "unaffected",
              "version": "5.4.124",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.10.*",
              "status": "unaffected",
              "version": "5.10.42",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.12.*",
              "status": "unaffected",
              "version": "5.12.9",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "5.13",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nmld: fix panic in mld_newpack()\n\nmld_newpack() doesn\u0027t allow to allocate high order page,\nonly order-0 allocation is allowed.\nIf headroom size is too large, a kernel panic could occur in skb_put().\n\nTest commands:\n    ip netns del A\n    ip netns del B\n    ip netns add A\n    ip netns add B\n    ip link add veth0 type veth peer name veth1\n    ip link set veth0 netns A\n    ip link set veth1 netns B\n\n    ip netns exec A ip link set lo up\n    ip netns exec A ip link set veth0 up\n    ip netns exec A ip -6 a a 2001:db8:0::1/64 dev veth0\n    ip netns exec B ip link set lo up\n    ip netns exec B ip link set veth1 up\n    ip netns exec B ip -6 a a 2001:db8:0::2/64 dev veth1\n    for i in {1..99}\n    do\n        let A=$i-1\n        ip netns exec A ip link add ip6gre$i type ip6gre \\\n\tlocal 2001:db8:$A::1 remote 2001:db8:$A::2 encaplimit 100\n        ip netns exec A ip -6 a a 2001:db8:$i::1/64 dev ip6gre$i\n        ip netns exec A ip link set ip6gre$i up\n\n        ip netns exec B ip link add ip6gre$i type ip6gre \\\n\tlocal 2001:db8:$A::2 remote 2001:db8:$A::1 encaplimit 100\n        ip netns exec B ip -6 a a 2001:db8:$i::2/64 dev ip6gre$i\n        ip netns exec B ip link set ip6gre$i up\n    done\n\nSplat looks like:\nkernel BUG at net/core/skbuff.c:110!\ninvalid opcode: 0000 [#1] SMP DEBUG_PAGEALLOC KASAN PTI\nCPU: 0 PID: 7 Comm: kworker/0:1 Not tainted 5.12.0+ #891\nWorkqueue: ipv6_addrconf addrconf_dad_work\nRIP: 0010:skb_panic+0x15d/0x15f\nCode: 92 fe 4c 8b 4c 24 10 53 8b 4d 70 45 89 e0 48 c7 c7 00 ae 79 83\n41 57 41 56 41 55 48 8b 54 24 a6 26 f9 ff \u003c0f\u003e 0b 48 8b 6c 24 20 89\n34 24 e8 4a 4e 92 fe 8b 34 24 48 c7 c1 20\nRSP: 0018:ffff88810091f820 EFLAGS: 00010282\nRAX: 0000000000000089 RBX: ffff8881086e9000 RCX: 0000000000000000\nRDX: 0000000000000089 RSI: 0000000000000008 RDI: ffffed1020123efb\nRBP: ffff888005f6eac0 R08: ffffed1022fc0031 R09: ffffed1022fc0031\nR10: ffff888117e00187 R11: ffffed1022fc0030 R12: 0000000000000028\nR13: ffff888008284eb0 R14: 0000000000000ed8 R15: 0000000000000ec0\nFS:  0000000000000000(0000) GS:ffff888117c00000(0000)\nknlGS:0000000000000000\nCS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 00007f8b801c5640 CR3: 0000000033c2c006 CR4: 00000000003706f0\nDR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\nDR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\nCall Trace:\n ? ip6_mc_hdr.isra.26.constprop.46+0x12a/0x600\n ? ip6_mc_hdr.isra.26.constprop.46+0x12a/0x600\n skb_put.cold.104+0x22/0x22\n ip6_mc_hdr.isra.26.constprop.46+0x12a/0x600\n ? rcu_read_lock_sched_held+0x91/0xc0\n mld_newpack+0x398/0x8f0\n ? ip6_mc_hdr.isra.26.constprop.46+0x600/0x600\n ? lock_contended+0xc40/0xc40\n add_grhead.isra.33+0x280/0x380\n add_grec+0x5ca/0xff0\n ? mld_sendpack+0xf40/0xf40\n ? lock_downgrade+0x690/0x690\n mld_send_initial_cr.part.34+0xb9/0x180\n ipv6_mc_dad_complete+0x15d/0x1b0\n addrconf_dad_completed+0x8d2/0xbb0\n ? lock_downgrade+0x690/0x690\n ? addrconf_rs_timer+0x660/0x660\n ? addrconf_dad_work+0x73c/0x10e0\n addrconf_dad_work+0x73c/0x10e0\n\nAllowing high order page allocation could fix this problem."
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-11-04T12:00:22.794Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/0e35b7457b7b6e73ffeaaca1a577fdf1af0feca1"
        },
        {
          "url": "https://git.kernel.org/stable/c/17728616a4c85baf0edc975c60ba4e4157684d9a"
        },
        {
          "url": "https://git.kernel.org/stable/c/221142038f36d9f28b64e83e954774da4d4ccd17"
        },
        {
          "url": "https://git.kernel.org/stable/c/4b77ad9097067b31237eeeee0bf70f80849680a0"
        },
        {
          "url": "https://git.kernel.org/stable/c/37d697759958d111439080bab7e14d2b0e7b39f5"
        },
        {
          "url": "https://git.kernel.org/stable/c/beb39adb150f8f3b516ddf7c39835a9788704d23"
        },
        {
          "url": "https://git.kernel.org/stable/c/a76fb9ba545289379acf409653ad5f74417be59c"
        },
        {
          "url": "https://git.kernel.org/stable/c/020ef930b826d21c5446fdc9db80fd72a791bc21"
        }
      ],
      "title": "mld: fix panic in mld_newpack()",
      "x_generator": {
        "engine": "bippy-9e1c9544281a"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2021-47146",
    "datePublished": "2024-03-25T09:07:43.043Z",
    "dateReserved": "2024-03-04T18:12:48.845Z",
    "dateUpdated": "2024-11-04T12:00:22.794Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2021-47141

Vulnerability from cvelistv5

Published

2024-03-25 09:07

Modified

2024-11-04 12:00

Severity ?

Summary

gve: Add NULL pointer checks when freeing irqs.

References

▼	URL	Tags
	https://git.kernel.org/stable/c/821149ee88c206fa37e79c1868cc270518484876
	https://git.kernel.org/stable/c/da21a35c00ff1a1794d4f166d3b3fa8db4d0f6fb
	https://git.kernel.org/stable/c/5278c75266c5094d3c0958793bf12fc90300e580
	https://git.kernel.org/stable/c/5218e919c8d06279884aa0baf76778a6817d5b93

Impacted products

▼	Vendor	Product
	Linux	Linux
	Linux	Linux

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2021-47141",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-03-25T18:19:57.763630Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-06-04T17:13:31.440Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T05:24:39.872Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/821149ee88c206fa37e79c1868cc270518484876"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/da21a35c00ff1a1794d4f166d3b3fa8db4d0f6fb"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/5278c75266c5094d3c0958793bf12fc90300e580"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/5218e919c8d06279884aa0baf76778a6817d5b93"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "drivers/net/ethernet/google/gve/gve_main.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "821149ee88c2",
              "status": "affected",
              "version": "893ce44df565",
              "versionType": "git"
            },
            {
              "lessThan": "da21a35c00ff",
              "status": "affected",
              "version": "893ce44df565",
              "versionType": "git"
            },
            {
              "lessThan": "5278c75266c5",
              "status": "affected",
              "version": "893ce44df565",
              "versionType": "git"
            },
            {
              "lessThan": "5218e919c8d0",
              "status": "affected",
              "version": "893ce44df565",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "drivers/net/ethernet/google/gve/gve_main.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "status": "affected",
              "version": "5.3"
            },
            {
              "lessThan": "5.3",
              "status": "unaffected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.4.*",
              "status": "unaffected",
              "version": "5.4.124",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.10.*",
              "status": "unaffected",
              "version": "5.10.42",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.12.*",
              "status": "unaffected",
              "version": "5.12.9",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "5.13",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ngve: Add NULL pointer checks when freeing irqs.\n\nWhen freeing notification blocks, we index priv-\u003emsix_vectors.\nIf we failed to allocate priv-\u003emsix_vectors (see abort_with_msix_vectors)\nthis could lead to a NULL pointer dereference if the driver is unloaded."
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-11-04T12:00:16.707Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/821149ee88c206fa37e79c1868cc270518484876"
        },
        {
          "url": "https://git.kernel.org/stable/c/da21a35c00ff1a1794d4f166d3b3fa8db4d0f6fb"
        },
        {
          "url": "https://git.kernel.org/stable/c/5278c75266c5094d3c0958793bf12fc90300e580"
        },
        {
          "url": "https://git.kernel.org/stable/c/5218e919c8d06279884aa0baf76778a6817d5b93"
        }
      ],
      "title": "gve: Add NULL pointer checks when freeing irqs.",
      "x_generator": {
        "engine": "bippy-9e1c9544281a"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2021-47141",
    "datePublished": "2024-03-25T09:07:39.737Z",
    "dateReserved": "2024-03-04T18:12:48.842Z",
    "dateUpdated": "2024-11-04T12:00:16.707Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2021-47161

Vulnerability from cvelistv5

Published

2024-03-25 09:16

Modified

2024-11-06 14:55

Severity ?

5.5 (Medium) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Summary

spi: spi-fsl-dspi: Fix a resource leak in an error handling path

References

▼	URL	Tags
	https://git.kernel.org/stable/c/10a089bae827ec30ad9b6cb7048020a62fae0cfa
	https://git.kernel.org/stable/c/00450ed03a17143e2433b461a656ef9cd17c2f1d
	https://git.kernel.org/stable/c/15d1cc4b4b585f9a2ce72c52cca004d5d735bdf1
	https://git.kernel.org/stable/c/fe6921e3b8451a537e01c031b8212366bb386e3e
	https://git.kernel.org/stable/c/12391be4724acc9269e1845ccbd881df37de4b56
	https://git.kernel.org/stable/c/680ec0549a055eb464dce6ffb4bfb736ef87236e

Impacted products

▼	Vendor	Product
	Linux	Linux
	Linux	Linux

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "cvssV3_1": {
              "attackComplexity": "LOW",
              "attackVector": "LOCAL",
              "availabilityImpact": "HIGH",
              "baseScore": 5.5,
              "baseSeverity": "MEDIUM",
              "confidentialityImpact": "NONE",
              "integrityImpact": "NONE",
              "privilegesRequired": "LOW",
              "scope": "UNCHANGED",
              "userInteraction": "NONE",
              "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
              "version": "3.1"
            }
          },
          {
            "other": {
              "content": {
                "id": "CVE-2021-47161",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-07-17T17:24:18.714532Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "problemTypes": [
          {
            "descriptions": [
              {
                "cweId": "CWE-209",
                "description": "CWE-209 Generation of Error Message Containing Sensitive Information",
                "lang": "en",
                "type": "CWE"
              }
            ]
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-11-06T14:55:37.234Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T05:24:39.988Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/10a089bae827ec30ad9b6cb7048020a62fae0cfa"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/00450ed03a17143e2433b461a656ef9cd17c2f1d"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/15d1cc4b4b585f9a2ce72c52cca004d5d735bdf1"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/fe6921e3b8451a537e01c031b8212366bb386e3e"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/12391be4724acc9269e1845ccbd881df37de4b56"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/680ec0549a055eb464dce6ffb4bfb736ef87236e"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "drivers/spi/spi-fsl-dspi.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "10a089bae827",
              "status": "affected",
              "version": "90ba37033cb9",
              "versionType": "git"
            },
            {
              "lessThan": "00450ed03a17",
              "status": "affected",
              "version": "90ba37033cb9",
              "versionType": "git"
            },
            {
              "lessThan": "15d1cc4b4b58",
              "status": "affected",
              "version": "90ba37033cb9",
              "versionType": "git"
            },
            {
              "lessThan": "fe6921e3b845",
              "status": "affected",
              "version": "90ba37033cb9",
              "versionType": "git"
            },
            {
              "lessThan": "12391be4724a",
              "status": "affected",
              "version": "90ba37033cb9",
              "versionType": "git"
            },
            {
              "lessThan": "680ec0549a05",
              "status": "affected",
              "version": "90ba37033cb9",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "drivers/spi/spi-fsl-dspi.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "status": "affected",
              "version": "4.10"
            },
            {
              "lessThan": "4.10",
              "status": "unaffected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "4.14.*",
              "status": "unaffected",
              "version": "4.14.241",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "4.19.*",
              "status": "unaffected",
              "version": "4.19.199",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.4.*",
              "status": "unaffected",
              "version": "5.4.124",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.10.*",
              "status": "unaffected",
              "version": "5.10.42",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.12.*",
              "status": "unaffected",
              "version": "5.12.9",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "5.13",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nspi: spi-fsl-dspi: Fix a resource leak in an error handling path\n\n\u0027dspi_request_dma()\u0027 should be undone by a \u0027dspi_release_dma()\u0027 call in the\nerror handling path of the probe function, as already done in the remove\nfunction"
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-11-04T12:00:35.741Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/10a089bae827ec30ad9b6cb7048020a62fae0cfa"
        },
        {
          "url": "https://git.kernel.org/stable/c/00450ed03a17143e2433b461a656ef9cd17c2f1d"
        },
        {
          "url": "https://git.kernel.org/stable/c/15d1cc4b4b585f9a2ce72c52cca004d5d735bdf1"
        },
        {
          "url": "https://git.kernel.org/stable/c/fe6921e3b8451a537e01c031b8212366bb386e3e"
        },
        {
          "url": "https://git.kernel.org/stable/c/12391be4724acc9269e1845ccbd881df37de4b56"
        },
        {
          "url": "https://git.kernel.org/stable/c/680ec0549a055eb464dce6ffb4bfb736ef87236e"
        }
      ],
      "title": "spi: spi-fsl-dspi: Fix a resource leak in an error handling path",
      "x_generator": {
        "engine": "bippy-9e1c9544281a"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2021-47161",
    "datePublished": "2024-03-25T09:16:15.132Z",
    "dateReserved": "2024-03-25T09:12:14.109Z",
    "dateUpdated": "2024-11-06T14:55:37.234Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2021-47152

Vulnerability from cvelistv5

Published

2024-03-25 09:07

Modified

2024-11-04 12:00

Severity ?

Summary

mptcp: fix data stream corruption

References

▼	URL	Tags
	https://git.kernel.org/stable/c/3267a061096efc91eda52c2a0c61ba76e46e4b34
	https://git.kernel.org/stable/c/18e7f0580da15cac1e79d73683ada5a9e70980f8
	https://git.kernel.org/stable/c/29249eac5225429b898f278230a6ca2baa1ae154

Impacted products

▼	Vendor	Product
	Linux	Linux
	Linux	Linux

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T05:24:39.850Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/3267a061096efc91eda52c2a0c61ba76e46e4b34"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/18e7f0580da15cac1e79d73683ada5a9e70980f8"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/29249eac5225429b898f278230a6ca2baa1ae154"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2021-47152",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-09-10T15:54:51.146188Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-09-11T17:33:55.837Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "net/mptcp/protocol.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "3267a061096e",
              "status": "affected",
              "version": "18b683bff89d",
              "versionType": "git"
            },
            {
              "lessThan": "18e7f0580da1",
              "status": "affected",
              "version": "18b683bff89d",
              "versionType": "git"
            },
            {
              "lessThan": "29249eac5225",
              "status": "affected",
              "version": "18b683bff89d",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "net/mptcp/protocol.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "status": "affected",
              "version": "5.7"
            },
            {
              "lessThan": "5.7",
              "status": "unaffected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.10.*",
              "status": "unaffected",
              "version": "5.10.42",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.12.*",
              "status": "unaffected",
              "version": "5.12.9",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "5.13",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nmptcp: fix data stream corruption\n\nMaxim reported several issues when forcing a TCP transparent proxy\nto use the MPTCP protocol for the inbound connections. He also\nprovided a clean reproducer.\n\nThe problem boils down to \u0027mptcp_frag_can_collapse_to()\u0027 assuming\nthat only MPTCP will use the given page_frag.\n\nIf others - e.g. the plain TCP protocol - allocate page fragments,\nwe can end-up re-using already allocated memory for mptcp_data_frag.\n\nFix the issue ensuring that the to-be-expanded data fragment is\nlocated at the current page frag end.\n\nv1 -\u003e v2:\n - added missing fixes tag (Mat)"
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-11-04T12:00:29.864Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/3267a061096efc91eda52c2a0c61ba76e46e4b34"
        },
        {
          "url": "https://git.kernel.org/stable/c/18e7f0580da15cac1e79d73683ada5a9e70980f8"
        },
        {
          "url": "https://git.kernel.org/stable/c/29249eac5225429b898f278230a6ca2baa1ae154"
        }
      ],
      "title": "mptcp: fix data stream corruption",
      "x_generator": {
        "engine": "bippy-9e1c9544281a"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2021-47152",
    "datePublished": "2024-03-25T09:07:47.235Z",
    "dateReserved": "2024-03-04T18:12:48.846Z",
    "dateUpdated": "2024-11-04T12:00:29.864Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2021-47165

Vulnerability from cvelistv5

Published

2024-03-25 09:16

Modified

2024-11-04 12:00

Severity ?

Summary

drm/meson: fix shutdown crash when component not probed

References

▼	URL	Tags
	https://git.kernel.org/stable/c/b4298d33c1fcce511ffe84d8d3de07e220300f9b
	https://git.kernel.org/stable/c/e256a0eb43e17209e347409a80805b1659398d68
	https://git.kernel.org/stable/c/4ce2bf20b4a6e307e114847d60b2bf40a6a1fac0
	https://git.kernel.org/stable/c/d66083c0d6f5125a4d982aa177dd71ab4cd3d212
	https://git.kernel.org/stable/c/b4b91033a0b11fe9ade58156cd9168f89f4a8c1a
	https://git.kernel.org/stable/c/7cfc4ea78fc103ea51ecbacd9236abb5b1c490d2

Impacted products

▼	Vendor	Product
	Linux	Linux
	Linux	Linux

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2021-47165",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-03-25T18:15:28.552428Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-06-04T17:14:35.550Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T05:24:40.287Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/b4298d33c1fcce511ffe84d8d3de07e220300f9b"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/e256a0eb43e17209e347409a80805b1659398d68"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/4ce2bf20b4a6e307e114847d60b2bf40a6a1fac0"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/d66083c0d6f5125a4d982aa177dd71ab4cd3d212"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/b4b91033a0b11fe9ade58156cd9168f89f4a8c1a"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/7cfc4ea78fc103ea51ecbacd9236abb5b1c490d2"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "drivers/gpu/drm/meson/meson_drv.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "b4298d33c1fc",
              "status": "affected",
              "version": "8a5160cc8488",
              "versionType": "git"
            },
            {
              "lessThan": "e256a0eb43e1",
              "status": "affected",
              "version": "8fbbf2b38494",
              "versionType": "git"
            },
            {
              "lessThan": "4ce2bf20b4a6",
              "status": "affected",
              "version": "d2100ef32a8c",
              "versionType": "git"
            },
            {
              "lessThan": "d66083c0d6f5",
              "status": "affected",
              "version": "d4ec1ffbdaa8",
              "versionType": "git"
            },
            {
              "lessThan": "b4b91033a0b1",
              "status": "affected",
              "version": "fa0c16caf3d7",
              "versionType": "git"
            },
            {
              "lessThan": "7cfc4ea78fc1",
              "status": "affected",
              "version": "fa0c16caf3d7",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "drivers/gpu/drm/meson/meson_drv.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "status": "affected",
              "version": "5.12"
            },
            {
              "lessThan": "5.12",
              "status": "unaffected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "4.14.*",
              "status": "unaffected",
              "version": "4.14.235",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "4.19.*",
              "status": "unaffected",
              "version": "4.19.193",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.4.*",
              "status": "unaffected",
              "version": "5.4.124",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.10.*",
              "status": "unaffected",
              "version": "5.10.42",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.12.*",
              "status": "unaffected",
              "version": "5.12.9",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "5.13",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/meson: fix shutdown crash when component not probed\n\nWhen main component is not probed, by example when the dw-hdmi module is\nnot loaded yet or in probe defer, the following crash appears on shutdown:\n\nUnable to handle kernel NULL pointer dereference at virtual address 0000000000000038\n...\npc : meson_drv_shutdown+0x24/0x50\nlr : platform_drv_shutdown+0x20/0x30\n...\nCall trace:\nmeson_drv_shutdown+0x24/0x50\nplatform_drv_shutdown+0x20/0x30\ndevice_shutdown+0x158/0x360\nkernel_restart_prepare+0x38/0x48\nkernel_restart+0x18/0x68\n__do_sys_reboot+0x224/0x250\n__arm64_sys_reboot+0x24/0x30\n...\n\nSimply check if the priv struct has been allocated before using it."
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-11-04T12:00:40.446Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/b4298d33c1fcce511ffe84d8d3de07e220300f9b"
        },
        {
          "url": "https://git.kernel.org/stable/c/e256a0eb43e17209e347409a80805b1659398d68"
        },
        {
          "url": "https://git.kernel.org/stable/c/4ce2bf20b4a6e307e114847d60b2bf40a6a1fac0"
        },
        {
          "url": "https://git.kernel.org/stable/c/d66083c0d6f5125a4d982aa177dd71ab4cd3d212"
        },
        {
          "url": "https://git.kernel.org/stable/c/b4b91033a0b11fe9ade58156cd9168f89f4a8c1a"
        },
        {
          "url": "https://git.kernel.org/stable/c/7cfc4ea78fc103ea51ecbacd9236abb5b1c490d2"
        }
      ],
      "title": "drm/meson: fix shutdown crash when component not probed",
      "x_generator": {
        "engine": "bippy-9e1c9544281a"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2021-47165",
    "datePublished": "2024-03-25T09:16:18.321Z",
    "dateReserved": "2024-03-25T09:12:14.110Z",
    "dateUpdated": "2024-11-04T12:00:40.446Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2021-47163

Vulnerability from cvelistv5

Published

2024-03-25 09:16

Modified

2024-11-04 12:00

Severity ?

Summary

tipc: wait and exit until all work queues are done

References

▼	URL	Tags
	https://git.kernel.org/stable/c/d1f76dfadaf8f47ed1753f97dbcbd41c16215ffa
	https://git.kernel.org/stable/c/5195ec5e365a2a9331bfeb585b613a6e94f98dba
	https://git.kernel.org/stable/c/b9f5b7ad4ac3af006443f535b1ce7bff1d130d7d
	https://git.kernel.org/stable/c/04c26faa51d1e2fe71cf13c45791f5174c37f986

Impacted products

▼	Vendor	Product
	Linux	Linux
	Linux	Linux

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2021-47163",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-04-01T19:41:39.688056Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-06-04T17:15:00.578Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T05:24:39.948Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/d1f76dfadaf8f47ed1753f97dbcbd41c16215ffa"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/5195ec5e365a2a9331bfeb585b613a6e94f98dba"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/b9f5b7ad4ac3af006443f535b1ce7bff1d130d7d"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/04c26faa51d1e2fe71cf13c45791f5174c37f986"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "net/tipc/core.c",
            "net/tipc/core.h",
            "net/tipc/udp_media.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "d1f76dfadaf8",
              "status": "affected",
              "version": "d0f91938bede",
              "versionType": "git"
            },
            {
              "lessThan": "5195ec5e365a",
              "status": "affected",
              "version": "d0f91938bede",
              "versionType": "git"
            },
            {
              "lessThan": "b9f5b7ad4ac3",
              "status": "affected",
              "version": "d0f91938bede",
              "versionType": "git"
            },
            {
              "lessThan": "04c26faa51d1",
              "status": "affected",
              "version": "d0f91938bede",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "net/tipc/core.c",
            "net/tipc/core.h",
            "net/tipc/udp_media.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "status": "affected",
              "version": "4.1"
            },
            {
              "lessThan": "4.1",
              "status": "unaffected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.4.*",
              "status": "unaffected",
              "version": "5.4.124",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.10.*",
              "status": "unaffected",
              "version": "5.10.42",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.12.*",
              "status": "unaffected",
              "version": "5.12.9",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "5.13",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ntipc: wait and exit until all work queues are done\n\nOn some host, a crash could be triggered simply by repeating these\ncommands several times:\n\n  # modprobe tipc\n  # tipc bearer enable media udp name UDP1 localip 127.0.0.1\n  # rmmod tipc\n\n  [] BUG: unable to handle kernel paging request at ffffffffc096bb00\n  [] Workqueue: events 0xffffffffc096bb00\n  [] Call Trace:\n  []  ? process_one_work+0x1a7/0x360\n  []  ? worker_thread+0x30/0x390\n  []  ? create_worker+0x1a0/0x1a0\n  []  ? kthread+0x116/0x130\n  []  ? kthread_flush_work_fn+0x10/0x10\n  []  ? ret_from_fork+0x35/0x40\n\nWhen removing the TIPC module, the UDP tunnel sock will be delayed to\nrelease in a work queue as sock_release() can\u0027t be done in rtnl_lock().\nIf the work queue is schedule to run after the TIPC module is removed,\nkernel will crash as the work queue function cleanup_beareri() code no\nlonger exists when trying to invoke it.\n\nTo fix it, this patch introduce a member wq_count in tipc_net to track\nthe numbers of work queues in schedule, and  wait and exit until all\nwork queues are done in tipc_exit_net()."
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-11-04T12:00:38.100Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/d1f76dfadaf8f47ed1753f97dbcbd41c16215ffa"
        },
        {
          "url": "https://git.kernel.org/stable/c/5195ec5e365a2a9331bfeb585b613a6e94f98dba"
        },
        {
          "url": "https://git.kernel.org/stable/c/b9f5b7ad4ac3af006443f535b1ce7bff1d130d7d"
        },
        {
          "url": "https://git.kernel.org/stable/c/04c26faa51d1e2fe71cf13c45791f5174c37f986"
        }
      ],
      "title": "tipc: wait and exit until all work queues are done",
      "x_generator": {
        "engine": "bippy-9e1c9544281a"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2021-47163",
    "datePublished": "2024-03-25T09:16:16.676Z",
    "dateReserved": "2024-03-25T09:12:14.109Z",
    "dateUpdated": "2024-11-04T12:00:38.100Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2021-47176

Vulnerability from cvelistv5

Published

2024-03-25 09:16

Modified

2024-11-04 12:00

Severity ?

Summary

s390/dasd: add missing discipline function

References

▼	URL	Tags
	https://git.kernel.org/stable/c/6a16810068e70959bc1df686424aa35ce05578f1
	https://git.kernel.org/stable/c/aa8579bc084673c651204f7cd0d6308a47dffc16
	https://git.kernel.org/stable/c/a16be88a3d7e5efcb59a15edea87a8bd369630c6
	https://git.kernel.org/stable/c/c0c8a8397fa8a74d04915f4d3d28cb4a5d401427

Impacted products

▼	Vendor	Product
	Linux	Linux
	Linux	Linux

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2021-47176",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-03-25T18:12:45.015543Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-06-04T17:13:47.029Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T05:24:39.950Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/6a16810068e70959bc1df686424aa35ce05578f1"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/aa8579bc084673c651204f7cd0d6308a47dffc16"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/a16be88a3d7e5efcb59a15edea87a8bd369630c6"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/c0c8a8397fa8a74d04915f4d3d28cb4a5d401427"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "drivers/s390/block/dasd_diag.c",
            "drivers/s390/block/dasd_fba.c",
            "drivers/s390/block/dasd_int.h"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "6a16810068e7",
              "status": "affected",
              "version": "8bc5a76268fb",
              "versionType": "git"
            },
            {
              "lessThan": "aa8579bc0846",
              "status": "affected",
              "version": "72aebdac390b",
              "versionType": "git"
            },
            {
              "lessThan": "a16be88a3d7e",
              "status": "affected",
              "version": "b72949328869",
              "versionType": "git"
            },
            {
              "lessThan": "c0c8a8397fa8",
              "status": "affected",
              "version": "b72949328869",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "drivers/s390/block/dasd_diag.c",
            "drivers/s390/block/dasd_fba.c",
            "drivers/s390/block/dasd_int.h"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "status": "affected",
              "version": "5.11"
            },
            {
              "lessThan": "5.11",
              "status": "unaffected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.4.*",
              "status": "unaffected",
              "version": "5.4.237",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.10.*",
              "status": "unaffected",
              "version": "5.10.175",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.12.*",
              "status": "unaffected",
              "version": "5.12.9",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "5.13",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ns390/dasd: add missing discipline function\n\nFix crash with illegal operation exception in dasd_device_tasklet.\nCommit b72949328869 (\"s390/dasd: Prepare for additional path event handling\")\nrenamed the verify_path function for ECKD but not for FBA and DIAG.\nThis leads to a panic when the path verification function is called for a\nFBA or DIAG device.\n\nFix by defining a wrapper function for dasd_generic_verify_path()."
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-11-04T12:00:53.282Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/6a16810068e70959bc1df686424aa35ce05578f1"
        },
        {
          "url": "https://git.kernel.org/stable/c/aa8579bc084673c651204f7cd0d6308a47dffc16"
        },
        {
          "url": "https://git.kernel.org/stable/c/a16be88a3d7e5efcb59a15edea87a8bd369630c6"
        },
        {
          "url": "https://git.kernel.org/stable/c/c0c8a8397fa8a74d04915f4d3d28cb4a5d401427"
        }
      ],
      "title": "s390/dasd: add missing discipline function",
      "x_generator": {
        "engine": "bippy-9e1c9544281a"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2021-47176",
    "datePublished": "2024-03-25T09:16:26.731Z",
    "dateReserved": "2024-03-25T09:12:14.112Z",
    "dateUpdated": "2024-11-04T12:00:53.282Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
Confirmed: The vulnerability is confirmed from an analyst perspective.
Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
Patched: This vulnerability was successfully patched by the user reporting the sighting.
Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
Not confirmed: The user expresses doubt about the veracity of the vulnerability.
Not patched: This vulnerability was not successfully patched by the user reporting the sighting.

Action not permitted

Vulnerability from csaf_certbund

Vulnerability from cvelistv5

Vulnerability from cvelistv5

Vulnerability from cvelistv5

Vulnerability from cvelistv5

Vulnerability from cvelistv5

Vulnerability from cvelistv5

Vulnerability from cvelistv5

Vulnerability from cvelistv5

Vulnerability from cvelistv5

Vulnerability from cvelistv5

Vulnerability from cvelistv5

Vulnerability from cvelistv5

Vulnerability from cvelistv5

Vulnerability from cvelistv5

Vulnerability from cvelistv5

Vulnerability from cvelistv5

Vulnerability from cvelistv5

Vulnerability from cvelistv5

Vulnerability from cvelistv5

Vulnerability from cvelistv5

Vulnerability from cvelistv5

Vulnerability from cvelistv5

Vulnerability from cvelistv5

Vulnerability from cvelistv5

Vulnerability from cvelistv5

Vulnerability from cvelistv5

Vulnerability from cvelistv5

Vulnerability from cvelistv5

Vulnerability from cvelistv5

Vulnerability from cvelistv5

Vulnerability from cvelistv5

Vulnerability from cvelistv5

Vulnerability from cvelistv5

Vulnerability from cvelistv5

Vulnerability from cvelistv5

Vulnerability from cvelistv5

Vulnerability from cvelistv5

Vulnerability from cvelistv5

Vulnerability from cvelistv5

Vulnerability from cvelistv5

Vulnerability from cvelistv5

Tags

Sightings

Nomenclature