Action not permitted
Modal body text goes here.
wid-sec-w-2024-1235
Vulnerability from csaf_certbund
Published
2024-05-26 22:00
Modified
2024-07-23 22:00
Summary
Linux Kernel: Mehrere Schwachstellen ermöglichen Denial of Service und unspezifische Angriffe
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung
Der Kernel stellt den Kern des Linux Betriebssystems dar.
Angriff
Ein lokaler Angreifer kann mehrere Schwachstellen im Linux-Kernel ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen oder unspezifische Angriffe durchzuführen.
Betroffene Betriebssysteme
- Linux
{ "document": { "aggregate_severity": { "text": "mittel" }, "category": "csaf_base", "csaf_version": "2.0", "distribution": { "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "de-DE", "notes": [ { "category": "legal_disclaimer", "text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen." }, { "category": "description", "text": "Der Kernel stellt den Kern des Linux Betriebssystems dar.", "title": "Produktbeschreibung" }, { "category": "summary", "text": "Ein lokaler Angreifer kann mehrere Schwachstellen im Linux-Kernel ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen oder unspezifische Angriffe durchzuf\u00fchren.", "title": "Angriff" }, { "category": "general", "text": "- Linux", "title": "Betroffene Betriebssysteme" } ], "publisher": { "category": "other", "contact_details": "csaf-provider@cert-bund.de", "name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik", "namespace": "https://www.bsi.bund.de" }, "references": [ { "category": "self", "summary": "WID-SEC-W-2024-1235 - CSAF Version", "url": "https://wid.cert-bund.de/.well-known/csaf/white/2024/wid-sec-w-2024-1235.json" }, { "category": "self", "summary": "WID-SEC-2024-1235 - Portal Version", "url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2024-1235" }, { "category": "external", "summary": "Linux CVE Announcement CVE-2021-47499 vom 2024-05-26", "url": "https://lore.kernel.org/linux-cve-announce/2024052447-CVE-2021-47499-bf2e@gregkh/T/" }, { "category": "external", "summary": "Linux CVE Announcement CVE-2021-47500 vom 2024-05-26", "url": "https://lore.kernel.org/linux-cve-announce/2024052450-CVE-2021-47500-3c02@gregkh/T/" }, { "category": "external", "summary": "Linux CVE Announcement CVE-2021-47501 vom 2024-05-26", "url": "https://lore.kernel.org/linux-cve-announce/2024052450-CVE-2021-47501-e183@gregkh/T/" }, { "category": "external", "summary": "Linux CVE Announcement CVE-2021-47502 vom 2024-05-26", "url": "https://lore.kernel.org/linux-cve-announce/2024052451-CVE-2021-47502-8650@gregkh/T/" }, { "category": "external", "summary": "Linux CVE Announcement CVE-2021-47503 vom 2024-05-26", "url": "https://lore.kernel.org/linux-cve-announce/2024052451-CVE-2021-47503-b1c2@gregkh/T/" }, { "category": "external", "summary": "Linux CVE Announcement CVE-2021-47504 vom 2024-05-26", "url": "https://lore.kernel.org/linux-cve-announce/2024052451-CVE-2021-47504-2a5d@gregkh/T/" }, { "category": "external", "summary": "Linux CVE Announcement CVE-2021-47505 vom 2024-05-26", "url": "https://lore.kernel.org/linux-cve-announce/2024052452-CVE-2021-47505-427f@gregkh/T/" }, { "category": "external", "summary": "Linux CVE Announcement CVE-2021-47506 vom 2024-05-26", "url": "https://lore.kernel.org/linux-cve-announce/2024052452-CVE-2021-47506-c143@gregkh/T/" }, { "category": "external", "summary": "Linux CVE Announcement CVE-2021-47507 vom 2024-05-26", "url": "https://lore.kernel.org/linux-cve-announce/2024052452-CVE-2021-47507-e722@gregkh/T/" }, { "category": "external", "summary": "Linux CVE Announcement CVE-2021-47508 vom 2024-05-26", "url": "https://lore.kernel.org/linux-cve-announce/2024052453-CVE-2021-47508-1a19@gregkh/T/" }, { "category": "external", "summary": "Linux CVE Announcement CVE-2021-47509 vom 2024-05-26", "url": "https://lore.kernel.org/linux-cve-announce/2024052429-CVE-2021-47509-a210@gregkh/T/" }, { "category": "external", "summary": "Linux CVE Announcement CVE-2021-47510 vom 2024-05-26", "url": "https://lore.kernel.org/linux-cve-announce/2024052430-CVE-2021-47510-7c3f@gregkh/T/" }, { "category": "external", "summary": "Linux CVE Announcement CVE-2021-47511 vom 2024-05-26", "url": "https://lore.kernel.org/linux-cve-announce/2024052430-CVE-2021-47511-7bec@gregkh/T/" }, { "category": "external", "summary": "Linux CVE Announcement CVE-2021-47512 vom 2024-05-26", "url": "https://lore.kernel.org/linux-cve-announce/2024052430-CVE-2021-47512-4d70@gregkh/T/" }, { "category": "external", "summary": "Linux CVE Announcement CVE-2021-47513 vom 2024-05-26", "url": "https://lore.kernel.org/linux-cve-announce/2024052430-CVE-2021-47513-c6d0@gregkh/T/" }, { "category": "external", "summary": "Linux CVE Announcement CVE-2021-47514 vom 2024-05-26", "url": "https://lore.kernel.org/linux-cve-announce/2024052431-CVE-2021-47514-9975@gregkh/T/" }, { "category": "external", "summary": "Linux CVE Announcement CVE-2021-47515 vom 2024-05-26", "url": "https://lore.kernel.org/linux-cve-announce/2024052431-CVE-2021-47515-5c06@gregkh/T/" }, { "category": "external", "summary": "Linux CVE Announcement CVE-2021-47516 vom 2024-05-26", "url": "https://lore.kernel.org/linux-cve-announce/2024052431-CVE-2021-47516-29dd@gregkh/T/" }, { "category": "external", "summary": "Linux CVE Announcement CVE-2021-47517 vom 2024-05-26", "url": "https://lore.kernel.org/linux-cve-announce/2024052432-CVE-2021-47517-df40@gregkh/T/" }, { "category": "external", "summary": "Linux CVE Announcement CVE-2021-47518 vom 2024-05-26", "url": "https://lore.kernel.org/linux-cve-announce/2024052432-CVE-2021-47518-632d@gregkh/T/" }, { "category": "external", "summary": "Linux CVE Announcement CVE-2021-47519 vom 2024-05-26", "url": "https://lore.kernel.org/linux-cve-announce/2024052432-CVE-2021-47519-ed69@gregkh/T/" }, { "category": "external", "summary": "Linux CVE Announcement CVE-2021-47520 vom 2024-05-26", "url": "https://lore.kernel.org/linux-cve-announce/2024052433-CVE-2021-47520-af45@gregkh/T/" }, { "category": "external", "summary": "Linux CVE Announcement CVE-2021-47521 vom 2024-05-26", "url": "https://lore.kernel.org/linux-cve-announce/2024052433-CVE-2021-47521-8637@gregkh/T/" }, { "category": "external", "summary": "Linux CVE Announcement CVE-2021-47522 vom 2024-05-26", "url": "https://lore.kernel.org/linux-cve-announce/2024052433-CVE-2021-47522-ad59@gregkh/T/" }, { "category": "external", "summary": "Linux CVE Announcement CVE-2021-47523 vom 2024-05-26", "url": "https://lore.kernel.org/linux-cve-announce/2024052433-CVE-2021-47523-6f3a@gregkh/T/" }, { "category": "external", "summary": "Linux CVE Announcement CVE-2021-47524 vom 2024-05-26", "url": "https://lore.kernel.org/linux-cve-announce/2024052434-CVE-2021-47524-7fd0@gregkh/T/" }, { "category": "external", "summary": "Linux CVE Announcement CVE-2021-47525 vom 2024-05-26", "url": "https://lore.kernel.org/linux-cve-announce/2024052434-CVE-2021-47525-2b58@gregkh/T/" }, { "category": "external", "summary": "Linux CVE Announcement CVE-2021-47526 vom 2024-05-26", "url": "https://lore.kernel.org/linux-cve-announce/2024052434-CVE-2021-47526-7f02@gregkh/T/" }, { "category": "external", "summary": "Linux CVE Announcement CVE-2021-47527 vom 2024-05-26", "url": "https://lore.kernel.org/linux-cve-announce/2024052435-CVE-2021-47527-e6f5@gregkh/T/" }, { "category": "external", "summary": "Linux CVE Announcement CVE-2021-47528 vom 2024-05-26", "url": "https://lore.kernel.org/linux-cve-announce/2024052435-CVE-2021-47528-da4e@gregkh/T/" }, { "category": "external", "summary": "Linux CVE Announcement CVE-2021-47529 vom 2024-05-26", "url": "https://lore.kernel.org/linux-cve-announce/2024052435-CVE-2021-47529-a476@gregkh/T/" }, { "category": "external", "summary": "Linux CVE Announcement CVE-2021-47530 vom 2024-05-26", "url": "https://lore.kernel.org/linux-cve-announce/2024052436-CVE-2021-47530-08d5@gregkh/T/" }, { "category": "external", "summary": "Linux CVE Announcement CVE-2021-47531 vom 2024-05-26", "url": "https://lore.kernel.org/linux-cve-announce/2024052436-CVE-2021-47531-3ab6@gregkh/T/" }, { "category": "external", "summary": "Linux CVE Announcement CVE-2021-47532 vom 2024-05-26", "url": "https://lore.kernel.org/linux-cve-announce/2024052436-CVE-2021-47532-9eaf@gregkh/T/" }, { "category": "external", "summary": "Linux CVE Announcement CVE-2021-47533 vom 2024-05-26", "url": "https://lore.kernel.org/linux-cve-announce/2024052436-CVE-2021-47533-a03a@gregkh/T/" }, { "category": "external", "summary": "Linux CVE Announcement CVE-2021-47534 vom 2024-05-26", "url": "https://lore.kernel.org/linux-cve-announce/2024052437-CVE-2021-47534-ef5f@gregkh/T/" }, { "category": "external", "summary": "Linux CVE Announcement CVE-2021-47535 vom 2024-05-26", "url": "https://lore.kernel.org/linux-cve-announce/2024052437-CVE-2021-47535-41d3@gregkh/T/" }, { "category": "external", "summary": "Linux CVE Announcement CVE-2021-47536 vom 2024-05-26", "url": "https://lore.kernel.org/linux-cve-announce/2024052437-CVE-2021-47536-fa00@gregkh/T/" }, { "category": "external", "summary": "Linux CVE Announcement CVE-2021-47537 vom 2024-05-26", "url": "https://lore.kernel.org/linux-cve-announce/2024052438-CVE-2021-47537-015c@gregkh/T/" }, { "category": "external", "summary": "Linux CVE Announcement CVE-2021-47538 vom 2024-05-26", "url": "https://lore.kernel.org/linux-cve-announce/2024052438-CVE-2021-47538-5639@gregkh/T/" }, { "category": "external", "summary": "Linux CVE Announcement CVE-2021-47539 vom 2024-05-26", "url": "https://lore.kernel.org/linux-cve-announce/2024052438-CVE-2021-47539-f0a6@gregkh/T/" }, { "category": "external", "summary": "Linux CVE Announcement CVE-2021-47540 vom 2024-05-26", "url": "https://lore.kernel.org/linux-cve-announce/2024052439-CVE-2021-47540-3bea@gregkh/T/" }, { "category": "external", "summary": "Linux CVE Announcement CVE-2021-47541 vom 2024-05-26", "url": "https://lore.kernel.org/linux-cve-announce/2024052439-CVE-2021-47541-c3da@gregkh/T/" }, { "category": "external", "summary": "Linux CVE Announcement CVE-2021-47542 vom 2024-05-26", "url": "https://lore.kernel.org/linux-cve-announce/2024052439-CVE-2021-47542-125d@gregkh/T/" }, { "category": "external", "summary": "Linux CVE Announcement CVE-2021-47543 vom 2024-05-26", "url": "https://lore.kernel.org/linux-cve-announce/2024052439-CVE-2021-47543-a01a@gregkh/T/" }, { "category": "external", "summary": "Linux CVE Announcement CVE-2021-47544 vom 2024-05-26", "url": "https://lore.kernel.org/linux-cve-announce/2024052440-CVE-2021-47544-ceb5@gregkh/T/" }, { "category": "external", "summary": "Linux CVE Announcement CVE-2021-47545 vom 2024-05-26", "url": "https://lore.kernel.org/linux-cve-announce/2024052440-CVE-2021-47545-0f72@gregkh/T/" }, { "category": "external", "summary": "Linux CVE Announcement CVE-2021-47546 vom 2024-05-26", "url": "https://lore.kernel.org/linux-cve-announce/2024052440-CVE-2021-47546-f25b@gregkh/T/" }, { "category": "external", "summary": "Linux CVE Announcement CVE-2021-47547 vom 2024-05-26", "url": "https://lore.kernel.org/linux-cve-announce/2024052441-CVE-2021-47547-f3e7@gregkh/T/" }, { "category": "external", "summary": "Linux CVE Announcement CVE-2021-47548 vom 2024-05-26", "url": "https://lore.kernel.org/linux-cve-announce/2024052441-CVE-2021-47548-e9c0@gregkh/T/" }, { "category": "external", "summary": "Linux CVE Announcement CVE-2021-47549 vom 2024-05-26", "url": "https://lore.kernel.org/linux-cve-announce/2024052441-CVE-2021-47549-5aac@gregkh/T/" }, { "category": "external", "summary": "Linux CVE Announcement CVE-2021-47550 vom 2024-05-26", "url": "https://lore.kernel.org/linux-cve-announce/2024052442-CVE-2021-47550-a5e1@gregkh/T/" }, { "category": "external", "summary": "Linux CVE Announcement CVE-2021-47551 vom 2024-05-26", "url": "https://lore.kernel.org/linux-cve-announce/2024052442-CVE-2021-47551-0318@gregkh/T/" }, { "category": "external", "summary": "Linux CVE Announcement CVE-2021-47552 vom 2024-05-26", "url": "https://lore.kernel.org/linux-cve-announce/2024052442-CVE-2021-47552-99f3@gregkh/T/" }, { "category": "external", "summary": "Linux CVE Announcement CVE-2021-47553 vom 2024-05-26", "url": "https://lore.kernel.org/linux-cve-announce/2024052442-CVE-2021-47553-1026@gregkh/T/" }, { "category": "external", "summary": "Linux CVE Announcement CVE-2021-47554 vom 2024-05-26", "url": "https://lore.kernel.org/linux-cve-announce/2024052443-CVE-2021-47554-f8a6@gregkh/T/" }, { "category": "external", "summary": "Linux CVE Announcement CVE-2021-47555 vom 2024-05-26", "url": "https://lore.kernel.org/linux-cve-announce/2024052443-CVE-2021-47555-3043@gregkh/T/" }, { "category": "external", "summary": "Linux CVE Announcement CVE-2021-47556 vom 2024-05-26", "url": "https://lore.kernel.org/linux-cve-announce/2024052443-CVE-2021-47556-558e@gregkh/T/" }, { "category": "external", "summary": "Linux CVE Announcement CVE-2021-47557 vom 2024-05-26", "url": "https://lore.kernel.org/linux-cve-announce/2024052444-CVE-2021-47557-bc88@gregkh/T/" }, { "category": "external", "summary": "Linux CVE Announcement CVE-2021-47558 vom 2024-05-26", "url": "https://lore.kernel.org/linux-cve-announce/2024052444-CVE-2021-47558-d713@gregkh/T/" }, { "category": "external", "summary": "Linux CVE Announcement CVE-2021-47559 vom 2024-05-26", "url": "https://lore.kernel.org/linux-cve-announce/2024052450-CVE-2021-47559-9909@gregkh/T/" }, { "category": "external", "summary": "Linux CVE Announcement CVE-2021-47560 vom 2024-05-26", "url": "https://lore.kernel.org/linux-cve-announce/2024052451-CVE-2021-47560-4a52@gregkh/T/" }, { "category": "external", "summary": "Linux CVE Announcement CVE-2021-47561 vom 2024-05-26", "url": "https://lore.kernel.org/linux-cve-announce/2024052451-CVE-2021-47561-4a07@gregkh/T/" }, { "category": "external", "summary": "Linux CVE Announcement CVE-2021-47562 vom 2024-05-26", "url": "https://lore.kernel.org/linux-cve-announce/2024052451-CVE-2021-47562-52ec@gregkh/T/" }, { "category": "external", "summary": "Linux CVE Announcement CVE-2021-47563 vom 2024-05-26", "url": "https://lore.kernel.org/linux-cve-announce/2024052452-CVE-2021-47563-008a@gregkh/T/" }, { "category": "external", "summary": "Linux CVE Announcement CVE-2021-47564 vom 2024-05-26", "url": "https://lore.kernel.org/linux-cve-announce/2024052452-CVE-2021-47564-2e3b@gregkh/T/" }, { "category": "external", "summary": "Linux CVE Announcement CVE-2021-47565 vom 2024-05-26", "url": "https://lore.kernel.org/linux-cve-announce/2024052452-CVE-2021-47565-5f60@gregkh/T/" }, { "category": "external", "summary": "Linux CVE Announcement CVE-2021-47566 vom 2024-05-26", "url": "https://lore.kernel.org/linux-cve-announce/2024052453-CVE-2021-47566-12b8@gregkh/T/" }, { "category": "external", "summary": "Linux CVE Announcement CVE-2021-47567 vom 2024-05-26", "url": "https://lore.kernel.org/linux-cve-announce/2024052453-CVE-2021-47567-b955@gregkh/T/" }, { "category": "external", "summary": "Linux CVE Announcement CVE-2021-47568 vom 2024-05-26", "url": "https://lore.kernel.org/linux-cve-announce/2024052453-CVE-2021-47568-bf15@gregkh/T/" }, { "category": "external", "summary": "Linux CVE Announcement CVE-2021-47569 vom 2024-05-26", "url": "https://lore.kernel.org/linux-cve-announce/2024052453-CVE-2021-47569-2d3a@gregkh/T/" }, { "category": "external", "summary": "Linux CVE Announcement CVE-2021-47570 vom 2024-05-26", "url": "https://lore.kernel.org/linux-cve-announce/2024052454-CVE-2021-47570-573d@gregkh/T/" }, { "category": "external", "summary": "Linux CVE Announcement CVE-2021-47571 vom 2024-05-26", "url": "https://lore.kernel.org/linux-cve-announce/2024052454-CVE-2021-47571-05b5@gregkh/T/" }, { "category": "external", "summary": "Linux CVE Announcement CVE-2021-47572 vom 2024-05-26", "url": "https://lore.kernel.org/linux-cve-announce/2024052454-CVE-2021-47572-50bc@gregkh/T/" }, { "category": "external", "summary": "Linux CVE Announcement CVE-2023-52880 vom 2024-05-26", "url": "https://lore.kernel.org/linux-cve-announce/2024052422-CVE-2023-52880-d2ff@gregkh/T/" }, { "category": "external", "summary": "SUSE Security Update SUSE-SU-2024:1979-1 vom 2024-06-11", "url": "https://lists.suse.com/pipermail/sle-security-updates/2024-June/018685.html" }, { "category": "external", "summary": "SUSE Security Update SUSE-SU-2024:1978-1 vom 2024-06-11", "url": "https://lists.suse.com/pipermail/sle-security-updates/2024-June/018686.html" }, { "category": "external", "summary": "SUSE Security Update SUSE-SU-2024:1983-1 vom 2024-06-11", "url": "https://lists.suse.com/pipermail/sle-security-updates/2024-June/018700.html" }, { "category": "external", "summary": "SUSE Security Update SUSE-SU-2024:2011-1 vom 2024-06-12", "url": "https://lists.suse.com/pipermail/sle-security-updates/2024-June/018710.html" }, { "category": "external", "summary": "SUSE Security Update SUSE-SU-2024:2008-1 vom 2024-06-12", "url": "https://lists.suse.com/pipermail/sle-security-updates/2024-June/018706.html" }, { "category": "external", "summary": "SUSE Security Update SUSE-SU-2024:2010-1 vom 2024-06-12", "url": "https://lists.suse.com/pipermail/sle-security-updates/2024-June/018711.html" }, { "category": "external", "summary": "SUSE Security Update SUSE-SU-2024:2184-1 vom 2024-06-24", "url": "https://lists.suse.com/pipermail/sle-security-updates/2024-June/018807.html" }, { "category": "external", "summary": "SUSE Security Update SUSE-SU-2024:2183-1 vom 2024-06-24", "url": "https://lists.suse.com/pipermail/sle-security-updates/2024-June/018808.html" }, { "category": "external", "summary": "SUSE Security Update SUSE-SU-2024:2185-1 vom 2024-06-24", "url": "https://lists.suse.com/pipermail/sle-security-updates/2024-June/018809.html" }, { "category": "external", "summary": "SUSE Security Update SUSE-SU-2024:2189-1 vom 2024-06-25", "url": "https://lists.suse.com/pipermail/sle-security-updates/2024-June/018811.html" }, { "category": "external", "summary": "SUSE Security Update SUSE-SU-2024:2190-1 vom 2024-06-25", "url": "https://lists.suse.com/pipermail/sle-security-updates/2024-June/018819.html" }, { "category": "external", "summary": "Debian Security Advisory DLA-3842 vom 2024-06-25", "url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html" }, { "category": "external", "summary": "Debian Security Advisory DLA-3840 vom 2024-06-27", "url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html" }, { "category": "external", "summary": "SUSE Security Update SUSE-SU-2024:2365-1 vom 2024-07-09", "url": "https://lists.suse.com/pipermail/sle-security-updates/2024-July/018897.html" }, { "category": "external", "summary": "SUSE Security Update SUSE-SU-2024:2372-1 vom 2024-07-09", "url": "https://lists.suse.com/pipermail/sle-security-updates/2024-July/018901.html" }, { "category": "external", "summary": "SUSE Security Update SUSE-SU-2024:2362-1 vom 2024-07-09", "url": "https://lists.suse.com/pipermail/sle-security-updates/2024-July/018905.html" }, { "category": "external", "summary": "SUSE Security Update SUSE-SU-2024:2360-1 vom 2024-07-09", "url": "https://lists.suse.com/pipermail/sle-security-updates/2024-July/018907.html" }, { "category": "external", "summary": "SUSE Security Update SUSE-SU-2024:2381-1 vom 2024-07-10", "url": "https://lists.suse.com/pipermail/sle-security-updates/2024-July/018916.html" }, { "category": "external", "summary": "SUSE Security Update SUSE-SU-2024:2385-1 vom 2024-07-10", "url": "https://lists.suse.com/pipermail/sle-security-updates/2024-July/018920.html" }, { "category": "external", "summary": "SUSE Security Update SUSE-SU-2024:2384-1 vom 2024-07-10", "url": "https://lists.suse.com/pipermail/sle-security-updates/2024-July/018921.html" }, { "category": "external", "summary": "SUSE Security Update SUSE-SU-2024:2394-1 vom 2024-07-10", "url": "https://lists.suse.com/pipermail/sle-security-updates/2024-July/018922.html" }, { "category": "external", "summary": "Red Hat Security Advisory RHSA-2024:4533 vom 2024-07-15", "url": "https://access.redhat.com/errata/RHSA-2024:4533" }, { "category": "external", "summary": "Ubuntu Security Notice USN-6896-1 vom 2024-07-12", "url": "https://ubuntu.com/security/notices/USN-6896-1" }, { "category": "external", "summary": "Ubuntu Security Notice USN-6895-1 vom 2024-07-12", "url": "https://ubuntu.com/security/notices/USN-6895-1" }, { "category": "external", "summary": "Ubuntu Security Notice USN-6898-1 vom 2024-07-15", "url": "https://ubuntu.com/security/notices/USN-6898-1" }, { "category": "external", "summary": "Red Hat Security Advisory RHSA-2024:4554 vom 2024-07-16", "url": "https://access.redhat.com/errata/RHSA-2024:4554" }, { "category": "external", "summary": "Ubuntu Security Notice USN-6895-2 vom 2024-07-16", "url": "https://ubuntu.com/security/notices/USN-6895-2" }, { "category": "external", "summary": "SUSE Security Update SUSE-SU-2024:2495-1 vom 2024-07-16", "url": "https://lists.suse.com/pipermail/sle-security-updates/2024-July/018982.html" }, { "category": "external", "summary": "SUSE Security Update SUSE-SU-2024:2493-1 vom 2024-07-16", "url": "https://lists.suse.com/pipermail/sle-security-updates/2024-July/018984.html" }, { "category": "external", "summary": "Red Hat Security Advisory RHSA-2024:4583 vom 2024-07-17", "url": "https://access.redhat.com/errata/RHSA-2024:4583" }, { "category": "external", "summary": "Ubuntu Security Notice USN-6896-2 vom 2024-07-16", "url": "https://ubuntu.com/security/notices/USN-6896-2" }, { "category": "external", "summary": "Ubuntu Security Notice USN-6900-1 vom 2024-07-17", "url": "https://ubuntu.com/security/notices/USN-6900-1" }, { "category": "external", "summary": "Ubuntu Security Notice USN-6898-2 vom 2024-07-17", "url": "https://ubuntu.com/security/notices/USN-6898-2" }, { "category": "external", "summary": "Ubuntu Security Notice USN-6896-3 vom 2024-07-17", "url": "https://ubuntu.com/security/notices/USN-6896-3" }, { "category": "external", "summary": "Oracle Linux Security Advisory ELSA-2024-4583 vom 2024-07-19", "url": "https://linux.oracle.com/errata/ELSA-2024-4583.html" }, { "category": "external", "summary": "SUSE Security Update SUSE-SU-2024:2561-1 vom 2024-07-18", "url": "https://lists.suse.com/pipermail/sle-security-updates/2024-July/019001.html" }, { "category": "external", "summary": "Ubuntu Security Notice USN-6895-3 vom 2024-07-19", "url": "https://ubuntu.com/security/notices/USN-6895-3" }, { "category": "external", "summary": "Ubuntu Security Notice USN-6898-3 vom 2024-07-19", "url": "https://ubuntu.com/security/notices/USN-6898-3" }, { "category": "external", "summary": "Ubuntu Security Notice USN-6896-4 vom 2024-07-19", "url": "https://ubuntu.com/security/notices/USN-6896-4" }, { "category": "external", "summary": "SUSE Security Update SUSE-SU-2024:2571-1 vom 2024-07-22", "url": "https://lists.suse.com/pipermail/sle-security-updates/2024-July/019019.html" }, { "category": "external", "summary": "Ubuntu Security Notice USN-6896-5 vom 2024-07-23", "url": "https://ubuntu.com/security/notices/USN-6896-5" }, { "category": "external", "summary": "Ubuntu Security Notice USN-6898-4 vom 2024-07-23", "url": "https://ubuntu.com/security/notices/USN-6898-4" }, { "category": "external", "summary": "Red Hat Security Advisory RHSA-2024:4740 vom 2024-07-24", "url": "https://access.redhat.com/errata/RHSA-2024:4740" } ], "source_lang": "en-US", "title": "Linux Kernel: Mehrere Schwachstellen erm\u00f6glichen Denial of Service und unspezifische Angriffe", "tracking": { "current_release_date": "2024-07-23T22:00:00.000+00:00", "generator": { "date": "2024-07-24T09:08:16.928+00:00", "engine": { "name": "BSI-WID", "version": "1.3.0" } }, "id": "WID-SEC-W-2024-1235", "initial_release_date": "2024-05-26T22:00:00.000+00:00", "revision_history": [ { "date": "2024-05-26T22:00:00.000+00:00", "number": "1", "summary": "Initiale Fassung" }, { "date": "2024-06-10T22:00:00.000+00:00", "number": "2", "summary": "Neue Updates von SUSE aufgenommen" }, { "date": "2024-06-11T22:00:00.000+00:00", "number": "3", "summary": "Neue Updates von SUSE aufgenommen" }, { "date": "2024-06-12T22:00:00.000+00:00", "number": "4", "summary": "Neue Updates von SUSE aufgenommen" }, { "date": "2024-06-24T22:00:00.000+00:00", "number": "5", "summary": "Neue Updates von SUSE aufgenommen" }, { "date": "2024-06-25T22:00:00.000+00:00", "number": "6", "summary": "Neue Updates von SUSE und Debian aufgenommen" }, { "date": "2024-06-27T22:00:00.000+00:00", "number": "7", "summary": "Neue Updates von Debian aufgenommen" }, { "date": "2024-07-09T22:00:00.000+00:00", "number": "8", "summary": "Neue Updates von SUSE aufgenommen" }, { "date": "2024-07-10T22:00:00.000+00:00", "number": "9", "summary": "Neue Updates von SUSE aufgenommen" }, { "date": "2024-07-14T22:00:00.000+00:00", "number": "10", "summary": "Neue Updates von Red Hat und Ubuntu aufgenommen" }, { "date": "2024-07-15T22:00:00.000+00:00", "number": "11", "summary": "Neue Updates von Ubuntu und Red Hat aufgenommen" }, { "date": "2024-07-16T22:00:00.000+00:00", "number": "12", "summary": "Neue Updates von Red Hat und Ubuntu aufgenommen" }, { "date": "2024-07-17T22:00:00.000+00:00", "number": "13", "summary": "Neue Updates von Ubuntu aufgenommen" }, { "date": "2024-07-18T22:00:00.000+00:00", "number": "14", "summary": "Neue Updates von Oracle Linux und SUSE aufgenommen" }, { "date": "2024-07-22T22:00:00.000+00:00", "number": "15", "summary": "Neue Updates von SUSE aufgenommen" }, { "date": "2024-07-23T22:00:00.000+00:00", "number": "16", "summary": "Neue Updates von Red Hat aufgenommen" } ], "status": "final", "version": "16" } }, "product_tree": { "branches": [ { "branches": [ { "category": "product_name", "name": "Debian Linux", "product": { "name": "Debian Linux", "product_id": "2951", "product_identification_helper": { "cpe": "cpe:/o:debian:debian_linux:-" } } } ], "category": "vendor", "name": "Debian" }, { "branches": [ { "category": "product_name", "name": "Open Source Linux Kernel", "product": { "name": "Open Source Linux Kernel", "product_id": "T035064", "product_identification_helper": { "cpe": "cpe:/o:linux:linux_kernel:-" } } } ], "category": "vendor", "name": "Open Source" }, { "branches": [ { "category": "product_name", "name": "Oracle Linux", "product": { "name": "Oracle Linux", "product_id": "T004914", "product_identification_helper": { "cpe": "cpe:/o:oracle:linux:-" } } } ], "category": "vendor", "name": "Oracle" }, { "branches": [ { "category": "product_name", "name": "Red Hat Enterprise Linux", "product": { "name": "Red Hat Enterprise Linux", "product_id": "67646", "product_identification_helper": { "cpe": "cpe:/o:redhat:enterprise_linux:-" } } } ], "category": "vendor", "name": "Red Hat" }, { "branches": [ { "category": "product_name", "name": "SUSE Linux", "product": { "name": "SUSE Linux", "product_id": "T002207", "product_identification_helper": { "cpe": "cpe:/o:suse:suse_linux:-" } } } ], "category": "vendor", "name": "SUSE" }, { "branches": [ { "category": "product_name", "name": "Ubuntu Linux", "product": { "name": "Ubuntu Linux", "product_id": "T000126", "product_identification_helper": { "cpe": "cpe:/o:canonical:ubuntu_linux:-" } } } ], "category": "vendor", "name": "Ubuntu" } ] }, "vulnerabilities": [ { "cve": "CVE-2021-47499", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie scsi, ethtool oder HID, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "2951", "T002207", "67646", "T000126", "T035064", "T004914" ] }, "release_date": "2024-05-26T22:00:00Z", "title": "CVE-2021-47499" }, { "cve": "CVE-2021-47500", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie scsi, ethtool oder HID, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "2951", "T002207", "67646", "T000126", "T035064", "T004914" ] }, "release_date": "2024-05-26T22:00:00Z", "title": "CVE-2021-47500" }, { "cve": "CVE-2021-47501", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie scsi, ethtool oder HID, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "2951", "T002207", "67646", "T000126", "T035064", "T004914" ] }, "release_date": "2024-05-26T22:00:00Z", "title": "CVE-2021-47501" }, { "cve": "CVE-2021-47502", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie scsi, ethtool oder HID, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "2951", "T002207", "67646", "T000126", "T035064", "T004914" ] }, "release_date": "2024-05-26T22:00:00Z", "title": "CVE-2021-47502" }, { "cve": "CVE-2021-47503", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie scsi, ethtool oder HID, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "2951", "T002207", "67646", "T000126", "T035064", "T004914" ] }, "release_date": "2024-05-26T22:00:00Z", "title": "CVE-2021-47503" }, { "cve": "CVE-2021-47504", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie scsi, ethtool oder HID, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "2951", "T002207", "67646", "T000126", "T035064", "T004914" ] }, "release_date": "2024-05-26T22:00:00Z", "title": "CVE-2021-47504" }, { "cve": "CVE-2021-47505", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie scsi, ethtool oder HID, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "2951", "T002207", "67646", "T000126", "T035064", "T004914" ] }, "release_date": "2024-05-26T22:00:00Z", "title": "CVE-2021-47505" }, { "cve": "CVE-2021-47506", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie scsi, ethtool oder HID, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "2951", "T002207", "67646", "T000126", "T035064", "T004914" ] }, "release_date": "2024-05-26T22:00:00Z", "title": "CVE-2021-47506" }, { "cve": "CVE-2021-47507", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie scsi, ethtool oder HID, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "2951", "T002207", "67646", "T000126", "T035064", "T004914" ] }, "release_date": "2024-05-26T22:00:00Z", "title": "CVE-2021-47507" }, { "cve": "CVE-2021-47508", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie scsi, ethtool oder HID, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "2951", "T002207", "67646", "T000126", "T035064", "T004914" ] }, "release_date": "2024-05-26T22:00:00Z", "title": "CVE-2021-47508" }, { "cve": "CVE-2021-47509", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie scsi, ethtool oder HID, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "2951", "T002207", "67646", "T000126", "T035064", "T004914" ] }, "release_date": "2024-05-26T22:00:00Z", "title": "CVE-2021-47509" }, { "cve": "CVE-2021-47510", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie scsi, ethtool oder HID, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "2951", "T002207", "67646", "T000126", "T035064", "T004914" ] }, "release_date": "2024-05-26T22:00:00Z", "title": "CVE-2021-47510" }, { "cve": "CVE-2021-47511", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie scsi, ethtool oder HID, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "2951", "T002207", "67646", "T000126", "T035064", "T004914" ] }, "release_date": "2024-05-26T22:00:00Z", "title": "CVE-2021-47511" }, { "cve": "CVE-2021-47512", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie scsi, ethtool oder HID, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "2951", "T002207", "67646", "T000126", "T035064", "T004914" ] }, "release_date": "2024-05-26T22:00:00Z", "title": "CVE-2021-47512" }, { "cve": "CVE-2021-47513", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie scsi, ethtool oder HID, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "2951", "T002207", "67646", "T000126", "T035064", "T004914" ] }, "release_date": "2024-05-26T22:00:00Z", "title": "CVE-2021-47513" }, { "cve": "CVE-2021-47514", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie scsi, ethtool oder HID, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "2951", "T002207", "67646", "T000126", "T035064", "T004914" ] }, "release_date": "2024-05-26T22:00:00Z", "title": "CVE-2021-47514" }, { "cve": "CVE-2021-47515", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie scsi, ethtool oder HID, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "2951", "T002207", "67646", "T000126", "T035064", "T004914" ] }, "release_date": "2024-05-26T22:00:00Z", "title": "CVE-2021-47515" }, { "cve": "CVE-2021-47516", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie scsi, ethtool oder HID, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "2951", "T002207", "67646", "T000126", "T035064", "T004914" ] }, "release_date": "2024-05-26T22:00:00Z", "title": "CVE-2021-47516" }, { "cve": "CVE-2021-47517", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie scsi, ethtool oder HID, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "2951", "T002207", "67646", "T000126", "T035064", "T004914" ] }, "release_date": "2024-05-26T22:00:00Z", "title": "CVE-2021-47517" }, { "cve": "CVE-2021-47518", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie scsi, ethtool oder HID, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "2951", "T002207", "67646", "T000126", "T035064", "T004914" ] }, "release_date": "2024-05-26T22:00:00Z", "title": "CVE-2021-47518" }, { "cve": "CVE-2021-47519", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie scsi, ethtool oder HID, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "2951", "T002207", "67646", "T000126", "T035064", "T004914" ] }, "release_date": "2024-05-26T22:00:00Z", "title": "CVE-2021-47519" }, { "cve": "CVE-2021-47520", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie scsi, ethtool oder HID, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "2951", "T002207", "67646", "T000126", "T035064", "T004914" ] }, "release_date": "2024-05-26T22:00:00Z", "title": "CVE-2021-47520" }, { "cve": "CVE-2021-47521", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie scsi, ethtool oder HID, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "2951", "T002207", "67646", "T000126", "T035064", "T004914" ] }, "release_date": "2024-05-26T22:00:00Z", "title": "CVE-2021-47521" }, { "cve": "CVE-2021-47522", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie scsi, ethtool oder HID, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "2951", "T002207", "67646", "T000126", "T035064", "T004914" ] }, "release_date": "2024-05-26T22:00:00Z", "title": "CVE-2021-47522" }, { "cve": "CVE-2021-47523", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie scsi, ethtool oder HID, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "2951", "T002207", "67646", "T000126", "T035064", "T004914" ] }, "release_date": "2024-05-26T22:00:00Z", "title": "CVE-2021-47523" }, { "cve": "CVE-2021-47524", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie scsi, ethtool oder HID, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "2951", "T002207", "67646", "T000126", "T035064", "T004914" ] }, "release_date": "2024-05-26T22:00:00Z", "title": "CVE-2021-47524" }, { "cve": "CVE-2021-47525", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie scsi, ethtool oder HID, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "2951", "T002207", "67646", "T000126", "T035064", "T004914" ] }, "release_date": "2024-05-26T22:00:00Z", "title": "CVE-2021-47525" }, { "cve": "CVE-2021-47526", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie scsi, ethtool oder HID, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "2951", "T002207", "67646", "T000126", "T035064", "T004914" ] }, "release_date": "2024-05-26T22:00:00Z", "title": "CVE-2021-47526" }, { "cve": "CVE-2021-47527", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie scsi, ethtool oder HID, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "2951", "T002207", "67646", "T000126", "T035064", "T004914" ] }, "release_date": "2024-05-26T22:00:00Z", "title": "CVE-2021-47527" }, { "cve": "CVE-2021-47528", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie scsi, ethtool oder HID, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "2951", "T002207", "67646", "T000126", "T035064", "T004914" ] }, "release_date": "2024-05-26T22:00:00Z", "title": "CVE-2021-47528" }, { "cve": "CVE-2021-47529", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie scsi, ethtool oder HID, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "2951", "T002207", "67646", "T000126", "T035064", "T004914" ] }, "release_date": "2024-05-26T22:00:00Z", "title": "CVE-2021-47529" }, { "cve": "CVE-2021-47530", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie scsi, ethtool oder HID, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "2951", "T002207", "67646", "T000126", "T035064", "T004914" ] }, "release_date": "2024-05-26T22:00:00Z", "title": "CVE-2021-47530" }, { "cve": "CVE-2021-47531", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie scsi, ethtool oder HID, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "2951", "T002207", "67646", "T000126", "T035064", "T004914" ] }, "release_date": "2024-05-26T22:00:00Z", "title": "CVE-2021-47531" }, { "cve": "CVE-2021-47532", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie scsi, ethtool oder HID, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "2951", "T002207", "67646", "T000126", "T035064", "T004914" ] }, "release_date": "2024-05-26T22:00:00Z", "title": "CVE-2021-47532" }, { "cve": "CVE-2021-47533", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie scsi, ethtool oder HID, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "2951", "T002207", "67646", "T000126", "T035064", "T004914" ] }, "release_date": "2024-05-26T22:00:00Z", "title": "CVE-2021-47533" }, { "cve": "CVE-2021-47534", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie scsi, ethtool oder HID, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "2951", "T002207", "67646", "T000126", "T035064", "T004914" ] }, "release_date": "2024-05-26T22:00:00Z", "title": "CVE-2021-47534" }, { "cve": "CVE-2021-47535", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie scsi, ethtool oder HID, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "2951", "T002207", "67646", "T000126", "T035064", "T004914" ] }, "release_date": "2024-05-26T22:00:00Z", "title": "CVE-2021-47535" }, { "cve": "CVE-2021-47536", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie scsi, ethtool oder HID, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "2951", "T002207", "67646", "T000126", "T035064", "T004914" ] }, "release_date": "2024-05-26T22:00:00Z", "title": "CVE-2021-47536" }, { "cve": "CVE-2021-47537", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie scsi, ethtool oder HID, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "2951", "T002207", "67646", "T000126", "T035064", "T004914" ] }, "release_date": "2024-05-26T22:00:00Z", "title": "CVE-2021-47537" }, { "cve": "CVE-2021-47538", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie scsi, ethtool oder HID, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "2951", "T002207", "67646", "T000126", "T035064", "T004914" ] }, "release_date": "2024-05-26T22:00:00Z", "title": "CVE-2021-47538" }, { "cve": "CVE-2021-47539", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie scsi, ethtool oder HID, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "2951", "T002207", "67646", "T000126", "T035064", "T004914" ] }, "release_date": "2024-05-26T22:00:00Z", "title": "CVE-2021-47539" }, { "cve": "CVE-2021-47540", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie scsi, ethtool oder HID, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "2951", "T002207", "67646", "T000126", "T035064", "T004914" ] }, "release_date": "2024-05-26T22:00:00Z", "title": "CVE-2021-47540" }, { "cve": "CVE-2021-47541", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie scsi, ethtool oder HID, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "2951", "T002207", "67646", "T000126", "T035064", "T004914" ] }, "release_date": "2024-05-26T22:00:00Z", "title": "CVE-2021-47541" }, { "cve": "CVE-2021-47542", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie scsi, ethtool oder HID, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "2951", "T002207", "67646", "T000126", "T035064", "T004914" ] }, "release_date": "2024-05-26T22:00:00Z", "title": "CVE-2021-47542" }, { "cve": "CVE-2021-47543", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie scsi, ethtool oder HID, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "2951", "T002207", "67646", "T000126", "T035064", "T004914" ] }, "release_date": "2024-05-26T22:00:00Z", "title": "CVE-2021-47543" }, { "cve": "CVE-2021-47544", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie scsi, ethtool oder HID, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "2951", "T002207", "67646", "T000126", "T035064", "T004914" ] }, "release_date": "2024-05-26T22:00:00Z", "title": "CVE-2021-47544" }, { "cve": "CVE-2021-47545", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie scsi, ethtool oder HID, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "2951", "T002207", "67646", "T000126", "T035064", "T004914" ] }, "release_date": "2024-05-26T22:00:00Z", "title": "CVE-2021-47545" }, { "cve": "CVE-2021-47546", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie scsi, ethtool oder HID, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "2951", "T002207", "67646", "T000126", "T035064", "T004914" ] }, "release_date": "2024-05-26T22:00:00Z", "title": "CVE-2021-47546" }, { "cve": "CVE-2021-47547", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie scsi, ethtool oder HID, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "2951", "T002207", "67646", "T000126", "T035064", "T004914" ] }, "release_date": "2024-05-26T22:00:00Z", "title": "CVE-2021-47547" }, { "cve": "CVE-2021-47548", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie scsi, ethtool oder HID, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "2951", "T002207", "67646", "T000126", "T035064", "T004914" ] }, "release_date": "2024-05-26T22:00:00Z", "title": "CVE-2021-47548" }, { "cve": "CVE-2021-47549", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie scsi, ethtool oder HID, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "2951", "T002207", "67646", "T000126", "T035064", "T004914" ] }, "release_date": "2024-05-26T22:00:00Z", "title": "CVE-2021-47549" }, { "cve": "CVE-2021-47550", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie scsi, ethtool oder HID, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "2951", "T002207", "67646", "T000126", "T035064", "T004914" ] }, "release_date": "2024-05-26T22:00:00Z", "title": "CVE-2021-47550" }, { "cve": "CVE-2021-47551", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie scsi, ethtool oder HID, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "2951", "T002207", "67646", "T000126", "T035064", "T004914" ] }, "release_date": "2024-05-26T22:00:00Z", "title": "CVE-2021-47551" }, { "cve": "CVE-2021-47552", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie scsi, ethtool oder HID, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "2951", "T002207", "67646", "T000126", "T035064", "T004914" ] }, "release_date": "2024-05-26T22:00:00Z", "title": "CVE-2021-47552" }, { "cve": "CVE-2021-47553", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie scsi, ethtool oder HID, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "2951", "T002207", "67646", "T000126", "T035064", "T004914" ] }, "release_date": "2024-05-26T22:00:00Z", "title": "CVE-2021-47553" }, { "cve": "CVE-2021-47554", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie scsi, ethtool oder HID, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "2951", "T002207", "67646", "T000126", "T035064", "T004914" ] }, "release_date": "2024-05-26T22:00:00Z", "title": "CVE-2021-47554" }, { "cve": "CVE-2021-47555", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie scsi, ethtool oder HID, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "2951", "T002207", "67646", "T000126", "T035064", "T004914" ] }, "release_date": "2024-05-26T22:00:00Z", "title": "CVE-2021-47555" }, { "cve": "CVE-2021-47556", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie scsi, ethtool oder HID, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "2951", "T002207", "67646", "T000126", "T035064", "T004914" ] }, "release_date": "2024-05-26T22:00:00Z", "title": "CVE-2021-47556" }, { "cve": "CVE-2021-47557", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie scsi, ethtool oder HID, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "2951", "T002207", "67646", "T000126", "T035064", "T004914" ] }, "release_date": "2024-05-26T22:00:00Z", "title": "CVE-2021-47557" }, { "cve": "CVE-2021-47558", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie scsi, ethtool oder HID, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "2951", "T002207", "67646", "T000126", "T035064", "T004914" ] }, "release_date": "2024-05-26T22:00:00Z", "title": "CVE-2021-47558" }, { "cve": "CVE-2021-47559", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie scsi, ethtool oder HID, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "2951", "T002207", "67646", "T000126", "T035064", "T004914" ] }, "release_date": "2024-05-26T22:00:00Z", "title": "CVE-2021-47559" }, { "cve": "CVE-2021-47560", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie scsi, ethtool oder HID, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "2951", "T002207", "67646", "T000126", "T035064", "T004914" ] }, "release_date": "2024-05-26T22:00:00Z", "title": "CVE-2021-47560" }, { "cve": "CVE-2021-47561", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie scsi, ethtool oder HID, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "2951", "T002207", "67646", "T000126", "T035064", "T004914" ] }, "release_date": "2024-05-26T22:00:00Z", "title": "CVE-2021-47561" }, { "cve": "CVE-2021-47562", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie scsi, ethtool oder HID, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "2951", "T002207", "67646", "T000126", "T035064", "T004914" ] }, "release_date": "2024-05-26T22:00:00Z", "title": "CVE-2021-47562" }, { "cve": "CVE-2021-47563", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie scsi, ethtool oder HID, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "2951", "T002207", "67646", "T000126", "T035064", "T004914" ] }, "release_date": "2024-05-26T22:00:00Z", "title": "CVE-2021-47563" }, { "cve": "CVE-2021-47564", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie scsi, ethtool oder HID, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "2951", "T002207", "67646", "T000126", "T035064", "T004914" ] }, "release_date": "2024-05-26T22:00:00Z", "title": "CVE-2021-47564" }, { "cve": "CVE-2021-47565", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie scsi, ethtool oder HID, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "2951", "T002207", "67646", "T000126", "T035064", "T004914" ] }, "release_date": "2024-05-26T22:00:00Z", "title": "CVE-2021-47565" }, { "cve": "CVE-2021-47566", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie scsi, ethtool oder HID, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "2951", "T002207", "67646", "T000126", "T035064", "T004914" ] }, "release_date": "2024-05-26T22:00:00Z", "title": "CVE-2021-47566" }, { "cve": "CVE-2021-47567", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie scsi, ethtool oder HID, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "2951", "T002207", "67646", "T000126", "T035064", "T004914" ] }, "release_date": "2024-05-26T22:00:00Z", "title": "CVE-2021-47567" }, { "cve": "CVE-2021-47568", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie scsi, ethtool oder HID, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "2951", "T002207", "67646", "T000126", "T035064", "T004914" ] }, "release_date": "2024-05-26T22:00:00Z", "title": "CVE-2021-47568" }, { "cve": "CVE-2021-47569", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie scsi, ethtool oder HID, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "2951", "T002207", "67646", "T000126", "T035064", "T004914" ] }, "release_date": "2024-05-26T22:00:00Z", "title": "CVE-2021-47569" }, { "cve": "CVE-2021-47570", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie scsi, ethtool oder HID, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "2951", "T002207", "67646", "T000126", "T035064", "T004914" ] }, "release_date": "2024-05-26T22:00:00Z", "title": "CVE-2021-47570" }, { "cve": "CVE-2021-47571", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie scsi, ethtool oder HID, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "2951", "T002207", "67646", "T000126", "T035064", "T004914" ] }, "release_date": "2024-05-26T22:00:00Z", "title": "CVE-2021-47571" }, { "cve": "CVE-2021-47572", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie scsi, ethtool oder HID, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "2951", "T002207", "67646", "T000126", "T035064", "T004914" ] }, "release_date": "2024-05-26T22:00:00Z", "title": "CVE-2021-47572" }, { "cve": "CVE-2023-52880", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen im Linux-Kernel. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie scsi, ethtool oder HID, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Use-after-free, einem Speicherleck oder einer NULL- Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren oder einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "2951", "T002207", "67646", "T000126", "T035064", "T004914" ] }, "release_date": "2024-05-26T22:00:00Z", "title": "CVE-2023-52880" } ] }
cve-2021-47546
Vulnerability from cvelistv5
Published
2024-05-24 15:09
Modified
2024-11-04 12:07
Severity ?
EPSS score ?
Summary
ipv6: fix memory leak in fib6_rule_suppress
References
{ "containers": { "adp": [ { "metrics": [ { "other": { "content": { "id": "CVE-2021-47546", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-06-17T17:34:31.593424Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-06-17T17:34:48.850Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-08-04T05:39:59.755Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/ee38eb8cf9a7323884c2b8e0adbbeb2192d31e29" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/209d35ee34e25f9668c404350a1c86d914c54ffa" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/8ef8a76a340ebdb2c2eea3f6fb0ebbed09a16383" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/cdef485217d30382f3bf6448c54b4401648fe3f1" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "Linux", "programFiles": [ "include/net/fib_rules.h", "net/core/fib_rules.c", "net/ipv4/fib_rules.c", "net/ipv6/fib6_rules.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "lessThan": "ee38eb8cf9a7", "status": "affected", "version": "ca7a03c41753", "versionType": "git" }, { "lessThan": "209d35ee34e2", "status": "affected", "version": "ca7a03c41753", "versionType": "git" }, { "lessThan": "8ef8a76a340e", "status": "affected", "version": "ca7a03c41753", "versionType": "git" }, { "lessThan": "cdef485217d3", "status": "affected", "version": "ca7a03c41753", "versionType": "git" } ] }, { "defaultStatus": "affected", "product": "Linux", "programFiles": [ "include/net/fib_rules.h", "net/core/fib_rules.c", "net/ipv4/fib_rules.c", "net/ipv6/fib6_rules.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "status": "affected", "version": "5.4" }, { "lessThan": "5.4", "status": "unaffected", "version": "0", "versionType": "semver" }, { "lessThanOrEqual": "5.4.*", "status": "unaffected", "version": "5.4.164", "versionType": "semver" }, { "lessThanOrEqual": "5.10.*", "status": "unaffected", "version": "5.10.84", "versionType": "semver" }, { "lessThanOrEqual": "5.15.*", "status": "unaffected", "version": "5.15.7", "versionType": "semver" }, { "lessThanOrEqual": "*", "status": "unaffected", "version": "5.16", "versionType": "original_commit_for_fix" } ] } ], "descriptions": [ { "lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nipv6: fix memory leak in fib6_rule_suppress\n\nThe kernel leaks memory when a `fib` rule is present in IPv6 nftables\nfirewall rules and a suppress_prefix rule is present in the IPv6 routing\nrules (used by certain tools such as wg-quick). In such scenarios, every\nincoming packet will leak an allocation in `ip6_dst_cache` slab cache.\n\nAfter some hours of `bpftrace`-ing and source code reading, I tracked\ndown the issue to ca7a03c41753 (\"ipv6: do not free rt if\nFIB_LOOKUP_NOREF is set on suppress rule\").\n\nThe problem with that change is that the generic `args-\u003eflags` always have\n`FIB_LOOKUP_NOREF` set[1][2] but the IPv6-specific flag\n`RT6_LOOKUP_F_DST_NOREF` might not be, leading to `fib6_rule_suppress` not\ndecreasing the refcount when needed.\n\nHow to reproduce:\n - Add the following nftables rule to a prerouting chain:\n meta nfproto ipv6 fib saddr . mark . iif oif missing drop\n This can be done with:\n sudo nft create table inet test\n sudo nft create chain inet test test_chain \u0027{ type filter hook prerouting priority filter + 10; policy accept; }\u0027\n sudo nft add rule inet test test_chain meta nfproto ipv6 fib saddr . mark . iif oif missing drop\n - Run:\n sudo ip -6 rule add table main suppress_prefixlength 0\n - Watch `sudo slabtop -o | grep ip6_dst_cache` to see memory usage increase\n with every incoming ipv6 packet.\n\nThis patch exposes the protocol-specific flags to the protocol\nspecific `suppress` function, and check the protocol-specific `flags`\nargument for RT6_LOOKUP_F_DST_NOREF instead of the generic\nFIB_LOOKUP_NOREF when decreasing the refcount, like this.\n\n[1]: https://github.com/torvalds/linux/blob/ca7a03c4175366a92cee0ccc4fec0038c3266e26/net/ipv6/fib6_rules.c#L71\n[2]: https://github.com/torvalds/linux/blob/ca7a03c4175366a92cee0ccc4fec0038c3266e26/net/ipv6/fib6_rules.c#L99" } ], "providerMetadata": { "dateUpdated": "2024-11-04T12:07:59.220Z", "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux" }, "references": [ { "url": "https://git.kernel.org/stable/c/ee38eb8cf9a7323884c2b8e0adbbeb2192d31e29" }, { "url": "https://git.kernel.org/stable/c/209d35ee34e25f9668c404350a1c86d914c54ffa" }, { "url": "https://git.kernel.org/stable/c/8ef8a76a340ebdb2c2eea3f6fb0ebbed09a16383" }, { "url": "https://git.kernel.org/stable/c/cdef485217d30382f3bf6448c54b4401648fe3f1" } ], "title": "ipv6: fix memory leak in fib6_rule_suppress", "x_generator": { "engine": "bippy-9e1c9544281a" } } }, "cveMetadata": { "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "assignerShortName": "Linux", "cveId": "CVE-2021-47546", "datePublished": "2024-05-24T15:09:51.286Z", "dateReserved": "2024-05-24T15:02:54.829Z", "dateUpdated": "2024-11-04T12:07:59.220Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2021-47572
Vulnerability from cvelistv5
Published
2024-05-24 15:12
Modified
2024-11-04 12:08
Severity ?
EPSS score ?
Summary
net: nexthop: fix null pointer dereference when IPv6 is not enabled
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-04T05:39:59.779Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/7b6f44856da5ba0b1aa61403eb9fddd272156503" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/b70ff391deeec35cdd8a05f5f63f5fe28bc4f225" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/39509d76a9a3d02f379d52cb4b1449469c56c0e0" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/1c743127cc54b112b155f434756bd4b5fa565a99" } ], "title": "CVE Program Container" }, { "metrics": [ { "other": { "content": { "id": "CVE-2021-47572", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-09-10T15:35:07.855330Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-09-11T17:33:19.470Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "Linux", "programFiles": [ "net/ipv4/nexthop.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "lessThan": "7b6f44856da5", "status": "affected", "version": "53010f991a9f", "versionType": "git" }, { "lessThan": "b70ff391deee", "status": "affected", "version": "53010f991a9f", "versionType": "git" }, { "lessThan": "39509d76a9a3", "status": "affected", "version": "53010f991a9f", "versionType": "git" }, { "lessThan": "1c743127cc54", "status": "affected", "version": "53010f991a9f", "versionType": "git" } ] }, { "defaultStatus": "affected", "product": "Linux", "programFiles": [ "net/ipv4/nexthop.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "status": "affected", "version": "5.3" }, { "lessThan": "5.3", "status": "unaffected", "version": "0", "versionType": "semver" }, { "lessThanOrEqual": "5.4.*", "status": "unaffected", "version": "5.4.163", "versionType": "semver" }, { "lessThanOrEqual": "5.10.*", "status": "unaffected", "version": "5.10.83", "versionType": "semver" }, { "lessThanOrEqual": "5.15.*", "status": "unaffected", "version": "5.15.6", "versionType": "semver" }, { "lessThanOrEqual": "*", "status": "unaffected", "version": "5.16", "versionType": "original_commit_for_fix" } ] } ], "descriptions": [ { "lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: nexthop: fix null pointer dereference when IPv6 is not enabled\n\nWhen we try to add an IPv6 nexthop and IPv6 is not enabled\n(!CONFIG_IPV6) we\u0027ll hit a NULL pointer dereference[1] in the error path\nof nh_create_ipv6() due to calling ipv6_stub-\u003efib6_nh_release. The bug\nhas been present since the beginning of IPv6 nexthop gateway support.\nCommit 1aefd3de7bc6 (\"ipv6: Add fib6_nh_init and release to stubs\") tells\nus that only fib6_nh_init has a dummy stub because fib6_nh_release should\nnot be called if fib6_nh_init returns an error, but the commit below added\na call to ipv6_stub-\u003efib6_nh_release in its error path. To fix it return\nthe dummy stub\u0027s -EAFNOSUPPORT error directly without calling\nipv6_stub-\u003efib6_nh_release in nh_create_ipv6()\u0027s error path.\n\n[1]\n Output is a bit truncated, but it clearly shows the error.\n BUG: kernel NULL pointer dereference, address: 000000000000000000\n #PF: supervisor instruction fetch in kernel modede\n #PF: error_code(0x0010) - not-present pagege\n PGD 0 P4D 0\n Oops: 0010 [#1] PREEMPT SMP NOPTI\n CPU: 4 PID: 638 Comm: ip Kdump: loaded Not tainted 5.16.0-rc1+ #446\n Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.14.0-4.fc34 04/01/2014\n RIP: 0010:0x0\n Code: Unable to access opcode bytes at RIP 0xffffffffffffffd6.\n RSP: 0018:ffff888109f5b8f0 EFLAGS: 00010286^Ac\n RAX: 0000000000000000 RBX: ffff888109f5ba28 RCX: 0000000000000000\n RDX: 0000000000000000 RSI: 0000000000000000 RDI: ffff8881008a2860\n RBP: ffff888109f5b9d8 R08: 0000000000000000 R09: 0000000000000000\n R10: ffff888109f5b978 R11: ffff888109f5b948 R12: 00000000ffffff9f\n R13: ffff8881008a2a80 R14: ffff8881008a2860 R15: ffff8881008a2840\n FS: 00007f98de70f100(0000) GS:ffff88822bf00000(0000) knlGS:0000000000000000\n CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n CR2: ffffffffffffffd6 CR3: 0000000100efc000 CR4: 00000000000006e0\n Call Trace:\n \u003cTASK\u003e\n nh_create_ipv6+0xed/0x10c\n rtm_new_nexthop+0x6d7/0x13f3\n ? check_preemption_disabled+0x3d/0xf2\n ? lock_is_held_type+0xbe/0xfd\n rtnetlink_rcv_msg+0x23f/0x26a\n ? check_preemption_disabled+0x3d/0xf2\n ? rtnl_calcit.isra.0+0x147/0x147\n netlink_rcv_skb+0x61/0xb2\n netlink_unicast+0x100/0x187\n netlink_sendmsg+0x37f/0x3a0\n ? netlink_unicast+0x187/0x187\n sock_sendmsg_nosec+0x67/0x9b\n ____sys_sendmsg+0x19d/0x1f9\n ? copy_msghdr_from_user+0x4c/0x5e\n ? rcu_read_lock_any_held+0x2a/0x78\n ___sys_sendmsg+0x6c/0x8c\n ? asm_sysvec_apic_timer_interrupt+0x12/0x20\n ? lockdep_hardirqs_on+0xd9/0x102\n ? sockfd_lookup_light+0x69/0x99\n __sys_sendmsg+0x50/0x6e\n do_syscall_64+0xcb/0xf2\n entry_SYSCALL_64_after_hwframe+0x44/0xae\n RIP: 0033:0x7f98dea28914\n Code: 00 f7 d8 64 89 02 48 c7 c0 ff ff ff ff eb b5 0f 1f 80 00 00 00 00 48 8d 05 e9 5d 0c 00 8b 00 85 c0 75 13 b8 2e 00 00 00 0f 05 \u003c48\u003e 3d 00 f0 ff ff 77 54 c3 0f 1f 00 41 54 41 89 d4 55 48 89 f5 53\n RSP: 002b:00007fff859f5e68 EFLAGS: 00000246 ORIG_RAX: 000000000000002e2e\n RAX: ffffffffffffffda RBX: 00000000619cb810 RCX: 00007f98dea28914\n RDX: 0000000000000000 RSI: 00007fff859f5ed0 RDI: 0000000000000003\n RBP: 0000000000000000 R08: 0000000000000001 R09: 0000000000000008\n R10: fffffffffffffce6 R11: 0000000000000246 R12: 0000000000000001\n R13: 000055c0097ae520 R14: 000055c0097957fd R15: 00007fff859f63a0\n \u003c/TASK\u003e\n Modules linked in: bridge stp llc bonding virtio_net" } ], "providerMetadata": { "dateUpdated": "2024-11-04T12:08:28.404Z", "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux" }, "references": [ { "url": "https://git.kernel.org/stable/c/7b6f44856da5ba0b1aa61403eb9fddd272156503" }, { "url": "https://git.kernel.org/stable/c/b70ff391deeec35cdd8a05f5f63f5fe28bc4f225" }, { "url": "https://git.kernel.org/stable/c/39509d76a9a3d02f379d52cb4b1449469c56c0e0" }, { "url": "https://git.kernel.org/stable/c/1c743127cc54b112b155f434756bd4b5fa565a99" } ], "title": "net: nexthop: fix null pointer dereference when IPv6 is not enabled", "x_generator": { "engine": "bippy-9e1c9544281a" } } }, "cveMetadata": { "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "assignerShortName": "Linux", "cveId": "CVE-2021-47572", "datePublished": "2024-05-24T15:12:58.397Z", "dateReserved": "2024-05-24T15:11:00.729Z", "dateUpdated": "2024-11-04T12:08:28.404Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2021-47536
Vulnerability from cvelistv5
Published
2024-05-24 15:09
Modified
2024-11-04 12:07
Severity ?
EPSS score ?
Summary
net/smc: fix wrong list_del in smc_lgr_cleanup_early
References
{ "containers": { "adp": [ { "metrics": [ { "other": { "content": { "id": "CVE-2021-47536", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-05-28T15:18:35.309729Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-06-04T17:14:10.859Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-08-04T05:39:59.717Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/77731fede297a23d26f2d169b4269466b2c82529" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/95518fe354d712dca6f431cf2a11b8f63bc9a66c" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/789b6cc2a5f9123b9c549b886fdc47c865cfe0ba" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "Linux", "programFiles": [ "net/smc/smc_core.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "lessThan": "77731fede297", "status": "affected", "version": "a0a62ee15a82", "versionType": "git" }, { "lessThan": "95518fe354d7", "status": "affected", "version": "a0a62ee15a82", "versionType": "git" }, { "lessThan": "789b6cc2a5f9", "status": "affected", "version": "a0a62ee15a82", "versionType": "git" } ] }, { "defaultStatus": "affected", "product": "Linux", "programFiles": [ "net/smc/smc_core.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "status": "affected", "version": "5.5" }, { "lessThan": "5.5", "status": "unaffected", "version": "0", "versionType": "semver" }, { "lessThanOrEqual": "5.10.*", "status": "unaffected", "version": "5.10.84", "versionType": "semver" }, { "lessThanOrEqual": "5.15.*", "status": "unaffected", "version": "5.15.7", "versionType": "semver" }, { "lessThanOrEqual": "*", "status": "unaffected", "version": "5.16", "versionType": "original_commit_for_fix" } ] } ], "descriptions": [ { "lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/smc: fix wrong list_del in smc_lgr_cleanup_early\n\nsmc_lgr_cleanup_early() meant to delete the link\ngroup from the link group list, but it deleted\nthe list head by mistake.\n\nThis may cause memory corruption since we didn\u0027t\nremove the real link group from the list and later\nmemseted the link group structure.\nWe got a list corruption panic when testing:\n\n[ \u00a0231.277259] list_del corruption. prev-\u003enext should be ffff8881398a8000, but was 0000000000000000\n[ \u00a0231.278222] ------------[ cut here ]------------\n[ \u00a0231.278726] kernel BUG at lib/list_debug.c:53!\n[ \u00a0231.279326] invalid opcode: 0000 [#1] SMP NOPTI\n[ \u00a0231.279803] CPU: 0 PID: 5 Comm: kworker/0:0 Not tainted 5.10.46+ #435\n[ \u00a0231.280466] Hardware name: Alibaba Cloud ECS, BIOS 8c24b4c 04/01/2014\n[ \u00a0231.281248] Workqueue: events smc_link_down_work\n[ \u00a0231.281732] RIP: 0010:__list_del_entry_valid+0x70/0x90\n[ \u00a0231.282258] Code: 4c 60 82 e8 7d cc 6a 00 0f 0b 48 89 fe 48 c7 c7 88 4c\n60 82 e8 6c cc 6a 00 0f 0b 48 89 fe 48 c7 c7 c0 4c 60 82 e8 5b cc 6a 00 \u003c0f\u003e\n0b 48 89 fe 48 c7 c7 00 4d 60 82 e8 4a cc 6a 00 0f 0b cc cc cc\n[ \u00a0231.284146] RSP: 0018:ffffc90000033d58 EFLAGS: 00010292\n[ \u00a0231.284685] RAX: 0000000000000054 RBX: ffff8881398a8000 RCX: 0000000000000000\n[ \u00a0231.285415] RDX: 0000000000000001 RSI: ffff88813bc18040 RDI: ffff88813bc18040\n[ \u00a0231.286141] RBP: ffffffff8305ad40 R08: 0000000000000003 R09: 0000000000000001\n[ \u00a0231.286873] R10: ffffffff82803da0 R11: ffffc90000033b90 R12: 0000000000000001\n[ \u00a0231.287606] R13: 0000000000000000 R14: ffff8881398a8000 R15: 0000000000000003\n[ \u00a0231.288337] FS: \u00a00000000000000000(0000) GS:ffff88813bc00000(0000) knlGS:0000000000000000\n[ \u00a0231.289160] CS: \u00a00010 DS: 0000 ES: 0000 CR0: 0000000080050033\n[ \u00a0231.289754] CR2: 0000000000e72058 CR3: 000000010fa96006 CR4: 00000000003706f0\n[ \u00a0231.290485] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\n[ \u00a0231.291211] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\n[ \u00a0231.291940] Call Trace:\n[ \u00a0231.292211] \u00a0smc_lgr_terminate_sched+0x53/0xa0\n[ \u00a0231.292677] \u00a0smc_switch_conns+0x75/0x6b0\n[ \u00a0231.293085] \u00a0? update_load_avg+0x1a6/0x590\n[ \u00a0231.293517] \u00a0? ttwu_do_wakeup+0x17/0x150\n[ \u00a0231.293907] \u00a0? update_load_avg+0x1a6/0x590\n[ \u00a0231.294317] \u00a0? newidle_balance+0xca/0x3d0\n[ \u00a0231.294716] \u00a0smcr_link_down+0x50/0x1a0\n[ \u00a0231.295090] \u00a0? __wake_up_common_lock+0x77/0x90\n[ \u00a0231.295534] \u00a0smc_link_down_work+0x46/0x60\n[ \u00a0231.295933] \u00a0process_one_work+0x18b/0x350" } ], "providerMetadata": { "dateUpdated": "2024-11-04T12:07:49.836Z", "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux" }, "references": [ { "url": "https://git.kernel.org/stable/c/77731fede297a23d26f2d169b4269466b2c82529" }, { "url": "https://git.kernel.org/stable/c/95518fe354d712dca6f431cf2a11b8f63bc9a66c" }, { "url": "https://git.kernel.org/stable/c/789b6cc2a5f9123b9c549b886fdc47c865cfe0ba" } ], "title": "net/smc: fix wrong list_del in smc_lgr_cleanup_early", "x_generator": { "engine": "bippy-9e1c9544281a" } } }, "cveMetadata": { "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "assignerShortName": "Linux", "cveId": "CVE-2021-47536", "datePublished": "2024-05-24T15:09:44.651Z", "dateReserved": "2024-05-24T15:02:54.827Z", "dateUpdated": "2024-11-04T12:07:49.836Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2021-47510
Vulnerability from cvelistv5
Published
2024-05-24 15:09
Modified
2024-11-04 12:07
Severity ?
EPSS score ?
Summary
btrfs: fix re-dirty process of tree-log nodes
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-04T05:39:59.687Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/477675049ca803aa95ff77468ffbddd966b415b0" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/84c25448929942edacba905cecc0474e91114e7a" } ], "title": "CVE Program Container" }, { "metrics": [ { "other": { "content": { "id": "CVE-2021-47510", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-09-10T15:35:36.503255Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-09-11T17:32:52.488Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "Linux", "programFiles": [ "fs/btrfs/tree-log.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "lessThan": "477675049ca8", "status": "affected", "version": "d3575156f662", "versionType": "git" }, { "lessThan": "84c254489299", "status": "affected", "version": "d3575156f662", "versionType": "git" } ] }, { "defaultStatus": "affected", "product": "Linux", "programFiles": [ "fs/btrfs/tree-log.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "status": "affected", "version": "5.12" }, { "lessThan": "5.12", "status": "unaffected", "version": "0", "versionType": "semver" }, { "lessThanOrEqual": "5.15.*", "status": "unaffected", "version": "5.15.8", "versionType": "semver" }, { "lessThanOrEqual": "*", "status": "unaffected", "version": "5.16", "versionType": "original_commit_for_fix" } ] } ], "descriptions": [ { "lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nbtrfs: fix re-dirty process of tree-log nodes\n\nThere is a report of a transaction abort of -EAGAIN with the following\nscript.\n\n #!/bin/sh\n\n for d in sda sdb; do\n mkfs.btrfs -d single -m single -f /dev/\\${d}\n done\n\n mount /dev/sda /mnt/test\n mount /dev/sdb /mnt/scratch\n\n for dir in test scratch; do\n echo 3 \u003e/proc/sys/vm/drop_caches\n fio --directory=/mnt/\\${dir} --name=fio.\\${dir} --rw=read --size=50G --bs=64m \\\n --numjobs=$(nproc) --time_based --ramp_time=5 --runtime=480 \\\n --group_reporting |\u0026 tee /dev/shm/fio.\\${dir}\n echo 3 \u003e/proc/sys/vm/drop_caches\n done\n\n for d in sda sdb; do\n umount /dev/\\${d}\n done\n\nThe stack trace is shown in below.\n\n [3310.967991] BTRFS: error (device sda) in btrfs_commit_transaction:2341: errno=-11 unknown (Error while writing out transaction)\n [3310.968060] BTRFS info (device sda): forced readonly\n [3310.968064] BTRFS warning (device sda): Skipping commit of aborted transaction.\n [3310.968065] ------------[ cut here ]------------\n [3310.968066] BTRFS: Transaction aborted (error -11)\n [3310.968074] WARNING: CPU: 14 PID: 1684 at fs/btrfs/transaction.c:1946 btrfs_commit_transaction.cold+0x209/0x2c8\n [3310.968131] CPU: 14 PID: 1684 Comm: fio Not tainted 5.14.10-300.fc35.x86_64 #1\n [3310.968135] Hardware name: DIAWAY Tartu/Tartu, BIOS V2.01.B10 04/08/2021\n [3310.968137] RIP: 0010:btrfs_commit_transaction.cold+0x209/0x2c8\n [3310.968144] RSP: 0018:ffffb284ce393e10 EFLAGS: 00010282\n [3310.968147] RAX: 0000000000000026 RBX: ffff973f147b0f60 RCX: 0000000000000027\n [3310.968149] RDX: ffff974ecf098a08 RSI: 0000000000000001 RDI: ffff974ecf098a00\n [3310.968150] RBP: ffff973f147b0f08 R08: 0000000000000000 R09: ffffb284ce393c48\n [3310.968151] R10: ffffb284ce393c40 R11: ffffffff84f47468 R12: ffff973f101bfc00\n [3310.968153] R13: ffff971f20cf2000 R14: 00000000fffffff5 R15: ffff973f147b0e58\n [3310.968154] FS: 00007efe65468740(0000) GS:ffff974ecf080000(0000) knlGS:0000000000000000\n [3310.968157] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n [3310.968158] CR2: 000055691bcbe260 CR3: 000000105cfa4001 CR4: 0000000000770ee0\n [3310.968160] PKRU: 55555554\n [3310.968161] Call Trace:\n [3310.968167] ? dput+0xd4/0x300\n [3310.968174] btrfs_sync_file+0x3f1/0x490\n [3310.968180] __x64_sys_fsync+0x33/0x60\n [3310.968185] do_syscall_64+0x3b/0x90\n [3310.968190] entry_SYSCALL_64_after_hwframe+0x44/0xae\n [3310.968194] RIP: 0033:0x7efe6557329b\n [3310.968200] RSP: 002b:00007ffe0236ebc0 EFLAGS: 00000293 ORIG_RAX: 000000000000004a\n [3310.968203] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007efe6557329b\n [3310.968204] RDX: 0000000000000000 RSI: 00007efe58d77010 RDI: 0000000000000006\n [3310.968205] RBP: 0000000004000000 R08: 0000000000000000 R09: 00007efe58d77010\n [3310.968207] R10: 0000000016cacc0c R11: 0000000000000293 R12: 00007efe5ce95980\n [3310.968208] R13: 0000000000000000 R14: 00007efe6447c790 R15: 0000000c80000000\n [3310.968212] ---[ end trace 1a346f4d3c0d96ba ]---\n [3310.968214] BTRFS: error (device sda) in cleanup_transaction:1946: errno=-11 unknown\n\nThe abort occurs because of a write hole while writing out freeing tree\nnodes of a tree-log tree. For zoned btrfs, we re-dirty a freed tree\nnode to ensure btrfs can write the region and does not leave a hole on\nwrite on a zoned device. The current code fails to re-dirty a node\nwhen the tree-log tree\u0027s depth is greater or equal to 2. That leads to\na transaction abort with -EAGAIN.\n\nFix the issue by properly re-dirtying a node on walking up the tree." } ], "providerMetadata": { "dateUpdated": "2024-11-04T12:07:19.466Z", "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux" }, "references": [ { "url": "https://git.kernel.org/stable/c/477675049ca803aa95ff77468ffbddd966b415b0" }, { "url": "https://git.kernel.org/stable/c/84c25448929942edacba905cecc0474e91114e7a" } ], "title": "btrfs: fix re-dirty process of tree-log nodes", "x_generator": { "engine": "bippy-9e1c9544281a" } } }, "cveMetadata": { "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "assignerShortName": "Linux", "cveId": "CVE-2021-47510", "datePublished": "2024-05-24T15:09:26.019Z", "dateReserved": "2024-05-24T15:02:54.823Z", "dateUpdated": "2024-11-04T12:07:19.466Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2021-47549
Vulnerability from cvelistv5
Published
2024-05-24 15:09
Modified
2024-11-04 12:08
Severity ?
EPSS score ?
Summary
sata_fsl: fix UAF in sata_fsl_port_stop when rmmod sata_fsl
References
{ "containers": { "adp": [ { "metrics": [ { "other": { "content": { "id": "CVE-2021-47549", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-06-10T18:51:57.611443Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-06-10T18:52:23.946Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-08-04T05:39:59.798Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/cdcd80292106df5cda325426e96495503e41f947" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/91ba94d3f7afca195b224f77a72044fbde1389ce" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/325ea49fc43cbc03a5e1e37de8f0ca6357ced4b1" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/0769449b0a5eabc3545337217ae690e46673e73a" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/77393806c76b6b44f1c44bd957788c8bd9152c45" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/4a46b2f5dce02539e88a300800812bd24a45e097" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/adf098e2a8a1e1fc075d6a5ba2edd13cf7189082" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/6c8ad7e8cf29eb55836e7a0215f967746ab2b504" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "Linux", "programFiles": [ "drivers/ata/sata_fsl.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "lessThan": "cdcd80292106", "status": "affected", "version": "faf0b2e5afe7", "versionType": "git" }, { "lessThan": "91ba94d3f7af", "status": "affected", "version": "faf0b2e5afe7", "versionType": "git" }, { "lessThan": "325ea49fc43c", "status": "affected", "version": "faf0b2e5afe7", "versionType": "git" }, { "lessThan": "0769449b0a5e", "status": "affected", "version": "faf0b2e5afe7", "versionType": "git" }, { "lessThan": "77393806c76b", "status": "affected", "version": "faf0b2e5afe7", "versionType": "git" }, { "lessThan": "4a46b2f5dce0", "status": "affected", "version": "faf0b2e5afe7", "versionType": "git" }, { "lessThan": "adf098e2a8a1", "status": "affected", "version": "faf0b2e5afe7", "versionType": "git" }, { "lessThan": "6c8ad7e8cf29", "status": "affected", "version": "faf0b2e5afe7", "versionType": "git" } ] }, { "defaultStatus": "affected", "product": "Linux", "programFiles": [ "drivers/ata/sata_fsl.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "status": "affected", "version": "2.6.24" }, { "lessThan": "2.6.24", "status": "unaffected", "version": "0", "versionType": "semver" }, { "lessThanOrEqual": "4.4.*", "status": "unaffected", "version": "4.4.294", "versionType": "semver" }, { "lessThanOrEqual": "4.9.*", "status": "unaffected", "version": "4.9.292", "versionType": "semver" }, { "lessThanOrEqual": "4.14.*", "status": "unaffected", "version": "4.14.257", "versionType": "semver" }, { "lessThanOrEqual": "4.19.*", "status": "unaffected", "version": "4.19.220", "versionType": "semver" }, { "lessThanOrEqual": "5.4.*", "status": "unaffected", "version": "5.4.164", "versionType": "semver" }, { "lessThanOrEqual": "5.10.*", "status": "unaffected", "version": "5.10.84", "versionType": "semver" }, { "lessThanOrEqual": "5.15.*", "status": "unaffected", "version": "5.15.7", "versionType": "semver" }, { "lessThanOrEqual": "*", "status": "unaffected", "version": "5.16", "versionType": "original_commit_for_fix" } ] } ], "descriptions": [ { "lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nsata_fsl: fix UAF in sata_fsl_port_stop when rmmod sata_fsl\n\nWhen the `rmmod sata_fsl.ko` command is executed in the PPC64 GNU/Linux,\na bug is reported:\n ==================================================================\n BUG: Unable to handle kernel data access on read at 0x80000800805b502c\n Oops: Kernel access of bad area, sig: 11 [#1]\n NIP [c0000000000388a4] .ioread32+0x4/0x20\n LR [80000000000c6034] .sata_fsl_port_stop+0x44/0xe0 [sata_fsl]\n Call Trace:\n .free_irq+0x1c/0x4e0 (unreliable)\n .ata_host_stop+0x74/0xd0 [libata]\n .release_nodes+0x330/0x3f0\n .device_release_driver_internal+0x178/0x2c0\n .driver_detach+0x64/0xd0\n .bus_remove_driver+0x70/0xf0\n .driver_unregister+0x38/0x80\n .platform_driver_unregister+0x14/0x30\n .fsl_sata_driver_exit+0x18/0xa20 [sata_fsl]\n .__se_sys_delete_module+0x1ec/0x2d0\n .system_call_exception+0xfc/0x1f0\n system_call_common+0xf8/0x200\n ==================================================================\n\nThe triggering of the BUG is shown in the following stack:\n\ndriver_detach\n device_release_driver_internal\n __device_release_driver\n drv-\u003eremove(dev) --\u003e platform_drv_remove/platform_remove\n drv-\u003eremove(dev) --\u003e sata_fsl_remove\n iounmap(host_priv-\u003ehcr_base);\t\t\t\u003c---- unmap\n kfree(host_priv); \u003c---- free\n devres_release_all\n release_nodes\n dr-\u003enode.release(dev, dr-\u003edata) --\u003e ata_host_stop\n ap-\u003eops-\u003eport_stop(ap) --\u003e sata_fsl_port_stop\n ioread32(hcr_base + HCONTROL) \u003c---- UAF\n host-\u003eops-\u003ehost_stop(host)\n\nThe iounmap(host_priv-\u003ehcr_base) and kfree(host_priv) functions should\nnot be executed in drv-\u003eremove. These functions should be executed in\nhost_stop after port_stop. Therefore, we move these functions to the\nnew function sata_fsl_host_stop and bind the new function to host_stop." } ], "providerMetadata": { "dateUpdated": "2024-11-04T12:08:02.803Z", "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux" }, "references": [ { "url": "https://git.kernel.org/stable/c/cdcd80292106df5cda325426e96495503e41f947" }, { "url": "https://git.kernel.org/stable/c/91ba94d3f7afca195b224f77a72044fbde1389ce" }, { "url": "https://git.kernel.org/stable/c/325ea49fc43cbc03a5e1e37de8f0ca6357ced4b1" }, { "url": "https://git.kernel.org/stable/c/0769449b0a5eabc3545337217ae690e46673e73a" }, { "url": "https://git.kernel.org/stable/c/77393806c76b6b44f1c44bd957788c8bd9152c45" }, { "url": "https://git.kernel.org/stable/c/4a46b2f5dce02539e88a300800812bd24a45e097" }, { "url": "https://git.kernel.org/stable/c/adf098e2a8a1e1fc075d6a5ba2edd13cf7189082" }, { "url": "https://git.kernel.org/stable/c/6c8ad7e8cf29eb55836e7a0215f967746ab2b504" } ], "title": "sata_fsl: fix UAF in sata_fsl_port_stop when rmmod sata_fsl", "x_generator": { "engine": "bippy-9e1c9544281a" } } }, "cveMetadata": { "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "assignerShortName": "Linux", "cveId": "CVE-2021-47549", "datePublished": "2024-05-24T15:09:53.292Z", "dateReserved": "2024-05-24T15:02:54.831Z", "dateUpdated": "2024-11-04T12:08:02.803Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2021-47550
Vulnerability from cvelistv5
Published
2024-05-24 15:09
Modified
2024-11-04 12:08
Severity ?
EPSS score ?
Summary
drm/amd/amdgpu: fix potential memleak
References
{ "containers": { "adp": [ { "metrics": [ { "other": { "content": { "id": "CVE-2021-47550", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-06-12T20:02:31.331869Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-06-12T20:02:53.390Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-08-04T05:39:59.851Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/c746945fb6bcbe3863c9ea6369c7ef376e38e5eb" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/75752ada77e0726327adf68018b9f50ae091baeb" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/27dfaedc0d321b4ea4e10c53e4679d6911ab17aa" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "Linux", "programFiles": [ "drivers/gpu/drm/amd/amdgpu/amdgpu_xgmi.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "lessThan": "c746945fb6bc", "status": "affected", "version": "1da177e4c3f4", "versionType": "git" }, { "lessThan": "75752ada77e0", "status": "affected", "version": "1da177e4c3f4", "versionType": "git" }, { "lessThan": "27dfaedc0d32", "status": "affected", "version": "1da177e4c3f4", "versionType": "git" } ] }, { "defaultStatus": "affected", "product": "Linux", "programFiles": [ "drivers/gpu/drm/amd/amdgpu/amdgpu_xgmi.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "lessThanOrEqual": "5.10.*", "status": "unaffected", "version": "5.10.84", "versionType": "semver" }, { "lessThanOrEqual": "5.15.*", "status": "unaffected", "version": "5.15.7", "versionType": "semver" }, { "lessThanOrEqual": "*", "status": "unaffected", "version": "5.16", "versionType": "original_commit_for_fix" } ] } ], "descriptions": [ { "lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd/amdgpu: fix potential memleak\n\nIn function amdgpu_get_xgmi_hive, when kobject_init_and_add failed\nThere is a potential memleak if not call kobject_put." } ], "providerMetadata": { "dateUpdated": "2024-11-04T12:08:03.951Z", "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux" }, "references": [ { "url": "https://git.kernel.org/stable/c/c746945fb6bcbe3863c9ea6369c7ef376e38e5eb" }, { "url": "https://git.kernel.org/stable/c/75752ada77e0726327adf68018b9f50ae091baeb" }, { "url": "https://git.kernel.org/stable/c/27dfaedc0d321b4ea4e10c53e4679d6911ab17aa" } ], "title": "drm/amd/amdgpu: fix potential memleak", "x_generator": { "engine": "bippy-9e1c9544281a" } } }, "cveMetadata": { "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "assignerShortName": "Linux", "cveId": "CVE-2021-47550", "datePublished": "2024-05-24T15:09:53.949Z", "dateReserved": "2024-05-24T15:02:54.831Z", "dateUpdated": "2024-11-04T12:08:03.951Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2021-47564
Vulnerability from cvelistv5
Published
2024-05-24 15:12
Modified
2024-11-04 12:08
Severity ?
EPSS score ?
Summary
net: marvell: prestera: fix double free issue on err path
References
{ "containers": { "adp": [ { "metrics": [ { "other": { "content": { "id": "CVE-2021-47564", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-05-24T17:03:20.536355Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-06-04T17:15:02.315Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-08-04T05:39:59.796Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/5dca8eff4627315df98feec09fff9dfe3356325e" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/03e5203d2161a00afe4d97d206d2293e40b2f253" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/e8d032507cb7912baf1d3e0af54516f823befefd" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "Linux", "programFiles": [ "drivers/net/ethernet/marvell/prestera/prestera_switchdev.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "lessThan": "5dca8eff4627", "status": "affected", "version": "e1189d9a5fbe", "versionType": "git" }, { "lessThan": "03e5203d2161", "status": "affected", "version": "e1189d9a5fbe", "versionType": "git" }, { "lessThan": "e8d032507cb7", "status": "affected", "version": "e1189d9a5fbe", "versionType": "git" } ] }, { "defaultStatus": "affected", "product": "Linux", "programFiles": [ "drivers/net/ethernet/marvell/prestera/prestera_switchdev.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "status": "affected", "version": "5.10" }, { "lessThan": "5.10", "status": "unaffected", "version": "0", "versionType": "semver" }, { "lessThanOrEqual": "5.10.*", "status": "unaffected", "version": "5.10.83", "versionType": "semver" }, { "lessThanOrEqual": "5.15.*", "status": "unaffected", "version": "5.15.6", "versionType": "semver" }, { "lessThanOrEqual": "*", "status": "unaffected", "version": "5.16", "versionType": "original_commit_for_fix" } ] } ], "descriptions": [ { "lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: marvell: prestera: fix double free issue on err path\n\nfix error path handling in prestera_bridge_port_join() that\ncases prestera driver to crash (see below).\n\n Trace:\n Internal error: Oops: 96000044 [#1] SMP\n Modules linked in: prestera_pci prestera uio_pdrv_genirq\n CPU: 1 PID: 881 Comm: ip Not tainted 5.15.0 #1\n pstate: 60000005 (nZCv daif -PAN -UAO -TCO -DIT -SSBS BTYPE=--)\n pc : prestera_bridge_destroy+0x2c/0xb0 [prestera]\n lr : prestera_bridge_port_join+0x2cc/0x350 [prestera]\n sp : ffff800011a1b0f0\n ...\n x2 : ffff000109ca6c80 x1 : dead000000000100 x0 : dead000000000122\n Call trace:\n prestera_bridge_destroy+0x2c/0xb0 [prestera]\n prestera_bridge_port_join+0x2cc/0x350 [prestera]\n prestera_netdev_port_event.constprop.0+0x3c4/0x450 [prestera]\n prestera_netdev_event_handler+0xf4/0x110 [prestera]\n raw_notifier_call_chain+0x54/0x80\n call_netdevice_notifiers_info+0x54/0xa0\n __netdev_upper_dev_link+0x19c/0x380" } ], "providerMetadata": { "dateUpdated": "2024-11-04T12:08:19.134Z", "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux" }, "references": [ { "url": "https://git.kernel.org/stable/c/5dca8eff4627315df98feec09fff9dfe3356325e" }, { "url": "https://git.kernel.org/stable/c/03e5203d2161a00afe4d97d206d2293e40b2f253" }, { "url": "https://git.kernel.org/stable/c/e8d032507cb7912baf1d3e0af54516f823befefd" } ], "title": "net: marvell: prestera: fix double free issue on err path", "x_generator": { "engine": "bippy-9e1c9544281a" } } }, "cveMetadata": { "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "assignerShortName": "Linux", "cveId": "CVE-2021-47564", "datePublished": "2024-05-24T15:12:52.129Z", "dateReserved": "2024-05-24T15:11:00.728Z", "dateUpdated": "2024-11-04T12:08:19.134Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2021-47548
Vulnerability from cvelistv5
Published
2024-05-24 15:09
Modified
2024-11-04 12:08
Severity ?
EPSS score ?
Summary
ethernet: hisilicon: hns: hns_dsaf_misc: fix a possible array overflow in hns_dsaf_ge_srst_by_port()
References
{ "containers": { "adp": [ { "affected": [ { "cpes": [ "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "linux_kernel", "vendor": "linux", "versions": [ { "lessThan": "948968f87476", "status": "affected", "version": "1da177e4c3f4", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "linux_kernel", "vendor": "linux", "versions": [ { "lessThan": "abbd5faa0748", "status": "affected", "version": "1da177e4c3f4", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "linux_kernel", "vendor": "linux", "versions": [ { "lessThan": "dd07f8971b81", "status": "affected", "version": "1da177e4c3f4", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "linux_kernel", "vendor": "linux", "versions": [ { "lessThan": "99bb25cb6753", "status": "affected", "version": "1da177e4c3f4", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "linux_kernel", "vendor": "linux", "versions": [ { "lessThan": "22519eff7df2", "status": "affected", "version": "1da177e4c3f4", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "linux_kernel", "vendor": "linux", "versions": [ { "lessThan": "fc7ffa7f10b9", "status": "affected", "version": "1da177e4c3f4", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "linux_kernel", "vendor": "linux", "versions": [ { "lessThan": "a66998e0fbf2", "status": "affected", "version": "1da177e4c3f4", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "linux_kernel", "vendor": "linux", "versions": [ { "lessThanOrEqual": "4.9.*", "status": "unaffected", "version": "4.9.292", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "linux_kernel", "vendor": "linux", "versions": [ { "lessThanOrEqual": "4.14*", "status": "unaffected", "version": "4.14.257", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "linux_kernel", "vendor": "linux", "versions": [ { "lessThanOrEqual": "4.19.*", "status": "unaffected", "version": "4.19.220", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "linux_kernel", "vendor": "linux", "versions": [ { "lessThanOrEqual": "5.4.*", "status": "unaffected", "version": "5.4.164", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "linux_kernel", "vendor": "linux", "versions": [ { "lessThanOrEqual": "5.10.*", "status": "unaffected", "version": "5.10.84", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "linux_kernel", "vendor": "linux", "versions": [ { "lessThanOrEqual": "5.15.*", "status": "unaffected", "version": "5.15.7", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "linux_kernel", "vendor": "linux", "versions": [ { "status": "unaffected", "version": "5.16" } ] } ], "metrics": [ { "cvssV3_1": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" } }, { "other": { "content": { "id": "CVE-2021-47548", "options": [ { "Exploitation": "none" }, { "Automatable": "yes" }, { "Technical Impact": "total" } ], "role": "CISA Coordinator", "timestamp": "2024-06-05T14:45:02.339644Z", "version": "2.0.3" }, "type": "ssvc" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-129", "description": "CWE-129 Improper Validation of Array Index", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-06-05T14:45:10.947Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-08-04T05:39:59.794Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/948968f8747650447c8f21c9fdba0e1973be040b" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/abbd5faa0748d0aa95d5191d56ff7a17a6275bd1" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/dd07f8971b81ad98cc754b179b331b57f35aa1ff" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/99bb25cb6753beaf2c2bc37927c2ecc0ceff3f6d" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/22519eff7df2d88adcc2568d86046ce1e2b52803" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/fc7ffa7f10b9454a86369405d9814bf141b30627" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/a66998e0fbf213d47d02813b9679426129d0d114" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "Linux", "programFiles": [ "drivers/net/ethernet/hisilicon/hns/hns_dsaf_misc.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "lessThan": "948968f87476", "status": "affected", "version": "1da177e4c3f4", "versionType": "git" }, { "lessThan": "abbd5faa0748", "status": "affected", "version": "1da177e4c3f4", "versionType": "git" }, { "lessThan": "dd07f8971b81", "status": "affected", "version": "1da177e4c3f4", "versionType": "git" }, { "lessThan": "99bb25cb6753", "status": "affected", "version": "1da177e4c3f4", "versionType": "git" }, { "lessThan": "22519eff7df2", "status": "affected", "version": "1da177e4c3f4", "versionType": "git" }, { "lessThan": "fc7ffa7f10b9", "status": "affected", "version": "1da177e4c3f4", "versionType": "git" }, { "lessThan": "a66998e0fbf2", "status": "affected", "version": "1da177e4c3f4", "versionType": "git" } ] }, { "defaultStatus": "affected", "product": "Linux", "programFiles": [ "drivers/net/ethernet/hisilicon/hns/hns_dsaf_misc.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "lessThanOrEqual": "4.9.*", "status": "unaffected", "version": "4.9.292", "versionType": "semver" }, { "lessThanOrEqual": "4.14.*", "status": "unaffected", "version": "4.14.257", "versionType": "semver" }, { "lessThanOrEqual": "4.19.*", "status": "unaffected", "version": "4.19.220", "versionType": "semver" }, { "lessThanOrEqual": "5.4.*", "status": "unaffected", "version": "5.4.164", "versionType": "semver" }, { "lessThanOrEqual": "5.10.*", "status": "unaffected", "version": "5.10.84", "versionType": "semver" }, { "lessThanOrEqual": "5.15.*", "status": "unaffected", "version": "5.15.7", "versionType": "semver" }, { "lessThanOrEqual": "*", "status": "unaffected", "version": "5.16", "versionType": "original_commit_for_fix" } ] } ], "descriptions": [ { "lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nethernet: hisilicon: hns: hns_dsaf_misc: fix a possible array overflow in hns_dsaf_ge_srst_by_port()\n\nThe if statement:\n if (port \u003e= DSAF_GE_NUM)\n return;\n\nlimits the value of port less than DSAF_GE_NUM (i.e., 8).\nHowever, if the value of port is 6 or 7, an array overflow could occur:\n port_rst_off = dsaf_dev-\u003emac_cb[port]-\u003eport_rst_off;\n\nbecause the length of dsaf_dev-\u003emac_cb is DSAF_MAX_PORT_NUM (i.e., 6).\n\nTo fix this possible array overflow, we first check port and if it is\ngreater than or equal to DSAF_MAX_PORT_NUM, the function returns." } ], "providerMetadata": { "dateUpdated": "2024-11-04T12:08:01.592Z", "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux" }, "references": [ { "url": "https://git.kernel.org/stable/c/948968f8747650447c8f21c9fdba0e1973be040b" }, { "url": "https://git.kernel.org/stable/c/abbd5faa0748d0aa95d5191d56ff7a17a6275bd1" }, { "url": "https://git.kernel.org/stable/c/dd07f8971b81ad98cc754b179b331b57f35aa1ff" }, { "url": "https://git.kernel.org/stable/c/99bb25cb6753beaf2c2bc37927c2ecc0ceff3f6d" }, { "url": "https://git.kernel.org/stable/c/22519eff7df2d88adcc2568d86046ce1e2b52803" }, { "url": "https://git.kernel.org/stable/c/fc7ffa7f10b9454a86369405d9814bf141b30627" }, { "url": "https://git.kernel.org/stable/c/a66998e0fbf213d47d02813b9679426129d0d114" } ], "title": "ethernet: hisilicon: hns: hns_dsaf_misc: fix a possible array overflow in hns_dsaf_ge_srst_by_port()", "x_generator": { "engine": "bippy-9e1c9544281a" } } }, "cveMetadata": { "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "assignerShortName": "Linux", "cveId": "CVE-2021-47548", "datePublished": "2024-05-24T15:09:52.634Z", "dateReserved": "2024-05-24T15:02:54.829Z", "dateUpdated": "2024-11-04T12:08:01.592Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2021-47545
Vulnerability from cvelistv5
This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.
Show details on NVD website{ "containers": { "cna": { "providerMetadata": { "dateUpdated": "2024-06-13T14:00:05.274Z", "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux" }, "rejectedReasons": [ { "lang": "en", "value": "This CVE ID has been rejected or withdrawn by its CVE Numbering Authority." } ] } }, "cveMetadata": { "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "assignerShortName": "Linux", "cveId": "CVE-2021-47545", "datePublished": "2024-05-24T15:09:50.605Z", "dateRejected": "2024-06-13T14:00:05.274Z", "dateReserved": "2024-05-24T15:02:54.829Z", "dateUpdated": "2024-06-13T14:00:05.274Z", "state": "REJECTED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2021-47504
Vulnerability from cvelistv5
Published
2024-05-24 15:01
Modified
2024-11-04 12:07
Severity ?
EPSS score ?
Summary
io_uring: ensure task_work gets run as part of cancelations
References
{ "containers": { "adp": [ { "metrics": [ { "other": { "content": { "id": "CVE-2021-47504", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-06-14T18:38:00.409763Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-06-14T18:38:32.174Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-08-04T05:39:59.615Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/8e12976c0c19ebc14b60046b1348c516a74c25a2" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/78a780602075d8b00c98070fa26e389b3b3efa72" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "Linux", "programFiles": [ "fs/io_uring.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "lessThan": "8e12976c0c19", "status": "affected", "version": "1da177e4c3f4", "versionType": "git" }, { "lessThan": "78a780602075", "status": "affected", "version": "1da177e4c3f4", "versionType": "git" } ] }, { "defaultStatus": "affected", "product": "Linux", "programFiles": [ "fs/io_uring.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "lessThanOrEqual": "5.15.*", "status": "unaffected", "version": "5.15.8", "versionType": "semver" }, { "lessThanOrEqual": "*", "status": "unaffected", "version": "5.16", "versionType": "original_commit_for_fix" } ] } ], "descriptions": [ { "lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nio_uring: ensure task_work gets run as part of cancelations\n\nIf we successfully cancel a work item but that work item needs to be\nprocessed through task_work, then we can be sleeping uninterruptibly\nin io_uring_cancel_generic() and never process it. Hence we don\u0027t\nmake forward progress and we end up with an uninterruptible sleep\nwarning.\n\nWhile in there, correct a comment that should be IFF, not IIF." } ], "providerMetadata": { "dateUpdated": "2024-11-04T12:07:12.467Z", "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux" }, "references": [ { "url": "https://git.kernel.org/stable/c/8e12976c0c19ebc14b60046b1348c516a74c25a2" }, { "url": "https://git.kernel.org/stable/c/78a780602075d8b00c98070fa26e389b3b3efa72" } ], "title": "io_uring: ensure task_work gets run as part of cancelations", "x_generator": { "engine": "bippy-9e1c9544281a" } } }, "cveMetadata": { "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "assignerShortName": "Linux", "cveId": "CVE-2021-47504", "datePublished": "2024-05-24T15:01:51.013Z", "dateReserved": "2024-05-22T06:20:56.205Z", "dateUpdated": "2024-11-04T12:07:12.467Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2021-47523
Vulnerability from cvelistv5
Published
2024-05-24 15:09
Modified
2024-11-04 12:07
Severity ?
EPSS score ?
Summary
IB/hfi1: Fix leak of rcvhdrtail_dummy_kvaddr
References
{ "containers": { "adp": [ { "metrics": [ { "other": { "content": { "id": "CVE-2021-47523", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-05-24T19:17:45.550563Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-06-04T17:14:34.257Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-08-04T05:39:59.792Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/2c08271f4ed0e24633b3f81ceff61052b9d45efc" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/834d0fb978643eaf09da425de197cc16a7c2761b" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/60a8b5a1611b4a26de4839ab9c1fc2a9cf3e17c1" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "Linux", "programFiles": [ "drivers/infiniband/hw/hfi1/init.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "lessThan": "2c08271f4ed0", "status": "affected", "version": "46b010d3eeb8", "versionType": "git" }, { "lessThan": "834d0fb97864", "status": "affected", "version": "46b010d3eeb8", "versionType": "git" }, { "lessThan": "60a8b5a1611b", "status": "affected", "version": "46b010d3eeb8", "versionType": "git" } ] }, { "defaultStatus": "affected", "product": "Linux", "programFiles": [ "drivers/infiniband/hw/hfi1/init.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "status": "affected", "version": "4.5" }, { "lessThan": "4.5", "status": "unaffected", "version": "0", "versionType": "semver" }, { "lessThanOrEqual": "5.10.*", "status": "unaffected", "version": "5.10.85", "versionType": "semver" }, { "lessThanOrEqual": "5.15.*", "status": "unaffected", "version": "5.15.8", "versionType": "semver" }, { "lessThanOrEqual": "*", "status": "unaffected", "version": "5.16", "versionType": "original_commit_for_fix" } ] } ], "descriptions": [ { "lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nIB/hfi1: Fix leak of rcvhdrtail_dummy_kvaddr\n\nThis buffer is currently allocated in hfi1_init():\n\n\tif (reinit)\n\t\tret = init_after_reset(dd);\n\telse\n\t\tret = loadtime_init(dd);\n\tif (ret)\n\t\tgoto done;\n\n\t/* allocate dummy tail memory for all receive contexts */\n\tdd-\u003ercvhdrtail_dummy_kvaddr = dma_alloc_coherent(\u0026dd-\u003epcidev-\u003edev,\n\t\t\t\t\t\t\t sizeof(u64),\n\t\t\t\t\t\t\t \u0026dd-\u003ercvhdrtail_dummy_dma,\n\t\t\t\t\t\t\t GFP_KERNEL);\n\n\tif (!dd-\u003ercvhdrtail_dummy_kvaddr) {\n\t\tdd_dev_err(dd, \"cannot allocate dummy tail memory\\n\");\n\t\tret = -ENOMEM;\n\t\tgoto done;\n\t}\n\nThe reinit triggered path will overwrite the old allocation and leak it.\n\nFix by moving the allocation to hfi1_alloc_devdata() and the deallocation\nto hfi1_free_devdata()." } ], "providerMetadata": { "dateUpdated": "2024-11-04T12:07:34.758Z", "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux" }, "references": [ { "url": "https://git.kernel.org/stable/c/2c08271f4ed0e24633b3f81ceff61052b9d45efc" }, { "url": "https://git.kernel.org/stable/c/834d0fb978643eaf09da425de197cc16a7c2761b" }, { "url": "https://git.kernel.org/stable/c/60a8b5a1611b4a26de4839ab9c1fc2a9cf3e17c1" } ], "title": "IB/hfi1: Fix leak of rcvhdrtail_dummy_kvaddr", "x_generator": { "engine": "bippy-9e1c9544281a" } } }, "cveMetadata": { "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "assignerShortName": "Linux", "cveId": "CVE-2021-47523", "datePublished": "2024-05-24T15:09:36.045Z", "dateReserved": "2024-05-24T15:02:54.825Z", "dateUpdated": "2024-11-04T12:07:34.758Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2021-47542
Vulnerability from cvelistv5
Published
2024-05-24 15:09
Modified
2024-11-04 12:07
Severity ?
EPSS score ?
Summary
net: qlogic: qlcnic: Fix a NULL pointer dereference in qlcnic_83xx_add_rings()
References
{ "containers": { "adp": [ { "metrics": [ { "other": { "content": { "id": "CVE-2021-47542", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-05-24T17:04:13.533892Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-06-04T17:14:29.864Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-08-04T05:39:59.608Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/3a061d54e260b701b538873b43e399d9b8b83e03" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/b4f217d6fcc00c3fdc0921a7691f30be7490b073" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/550658a2d61e4eaf522c8ebc7fad76dc376bfb45" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/57af54a56024435d83e44c78449513b414eb6edf" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/bbeb0325a7460ebf1e03f5e0bfc5c652fba9519f" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/15fa12c119f869173f9b710cbe6a4a14071d2105" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/c5ef33c1489b2cd74368057fa00b5d2183bb5853" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/e2dabc4f7e7b60299c20a36d6a7b24ed9bf8e572" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "Linux", "programFiles": [ "drivers/net/ethernet/qlogic/qlcnic/qlcnic_83xx_hw.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "lessThan": "3a061d54e260", "status": "affected", "version": "7f9664525f9c", "versionType": "git" }, { "lessThan": "b4f217d6fcc0", "status": "affected", "version": "7f9664525f9c", "versionType": "git" }, { "lessThan": "550658a2d61e", "status": "affected", "version": "7f9664525f9c", "versionType": "git" }, { "lessThan": "57af54a56024", "status": "affected", "version": "7f9664525f9c", "versionType": "git" }, { "lessThan": "bbeb0325a746", "status": "affected", "version": "7f9664525f9c", "versionType": "git" }, { "lessThan": "15fa12c119f8", "status": "affected", "version": "7f9664525f9c", "versionType": "git" }, { "lessThan": "c5ef33c1489b", "status": "affected", "version": "7f9664525f9c", "versionType": "git" }, { "lessThan": "e2dabc4f7e7b", "status": "affected", "version": "7f9664525f9c", "versionType": "git" } ] }, { "defaultStatus": "affected", "product": "Linux", "programFiles": [ "drivers/net/ethernet/qlogic/qlcnic/qlcnic_83xx_hw.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "status": "affected", "version": "3.9" }, { "lessThan": "3.9", "status": "unaffected", "version": "0", "versionType": "semver" }, { "lessThanOrEqual": "4.4.*", "status": "unaffected", "version": "4.4.294", "versionType": "semver" }, { "lessThanOrEqual": "4.9.*", "status": "unaffected", "version": "4.9.292", "versionType": "semver" }, { "lessThanOrEqual": "4.14.*", "status": "unaffected", "version": "4.14.257", "versionType": "semver" }, { "lessThanOrEqual": "4.19.*", "status": "unaffected", "version": "4.19.220", "versionType": "semver" }, { "lessThanOrEqual": "5.4.*", "status": "unaffected", "version": "5.4.164", "versionType": "semver" }, { "lessThanOrEqual": "5.10.*", "status": "unaffected", "version": "5.10.84", "versionType": "semver" }, { "lessThanOrEqual": "5.15.*", "status": "unaffected", "version": "5.15.7", "versionType": "semver" }, { "lessThanOrEqual": "*", "status": "unaffected", "version": "5.16", "versionType": "original_commit_for_fix" } ] } ], "descriptions": [ { "lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: qlogic: qlcnic: Fix a NULL pointer dereference in qlcnic_83xx_add_rings()\n\nIn qlcnic_83xx_add_rings(), the indirect function of\nahw-\u003ehw_ops-\u003ealloc_mbx_args will be called to allocate memory for\ncmd.req.arg, and there is a dereference of it in qlcnic_83xx_add_rings(),\nwhich could lead to a NULL pointer dereference on failure of the\nindirect function like qlcnic_83xx_alloc_mbx_args().\n\nFix this bug by adding a check of alloc_mbx_args(), this patch\nimitates the logic of mbx_cmd()\u0027s failure handling.\n\nThis bug was found by a static analyzer. The analysis employs\ndifferential checking to identify inconsistent security operations\n(e.g., checks or kfrees) between two code paths and confirms that the\ninconsistent operations are not recovered in the current function or\nthe callers, so they constitute bugs.\n\nNote that, as a bug found by static analysis, it can be a false\npositive or hard to trigger. Multiple researchers have cross-reviewed\nthe bug.\n\nBuilds with CONFIG_QLCNIC=m show no new warnings, and our\nstatic analyzer no longer warns about this code." } ], "providerMetadata": { "dateUpdated": "2024-11-04T12:07:56.853Z", "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux" }, "references": [ { "url": "https://git.kernel.org/stable/c/3a061d54e260b701b538873b43e399d9b8b83e03" }, { "url": "https://git.kernel.org/stable/c/b4f217d6fcc00c3fdc0921a7691f30be7490b073" }, { "url": "https://git.kernel.org/stable/c/550658a2d61e4eaf522c8ebc7fad76dc376bfb45" }, { "url": "https://git.kernel.org/stable/c/57af54a56024435d83e44c78449513b414eb6edf" }, { "url": "https://git.kernel.org/stable/c/bbeb0325a7460ebf1e03f5e0bfc5c652fba9519f" }, { "url": "https://git.kernel.org/stable/c/15fa12c119f869173f9b710cbe6a4a14071d2105" }, { "url": "https://git.kernel.org/stable/c/c5ef33c1489b2cd74368057fa00b5d2183bb5853" }, { "url": "https://git.kernel.org/stable/c/e2dabc4f7e7b60299c20a36d6a7b24ed9bf8e572" } ], "title": "net: qlogic: qlcnic: Fix a NULL pointer dereference in qlcnic_83xx_add_rings()", "x_generator": { "engine": "bippy-9e1c9544281a" } } }, "cveMetadata": { "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "assignerShortName": "Linux", "cveId": "CVE-2021-47542", "datePublished": "2024-05-24T15:09:48.578Z", "dateReserved": "2024-05-24T15:02:54.829Z", "dateUpdated": "2024-11-04T12:07:56.853Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2021-47544
Vulnerability from cvelistv5
Published
2024-05-24 15:09
Modified
2024-11-04 12:07
Severity ?
EPSS score ?
Summary
tcp: fix page frag corruption on page fault
References
{ "containers": { "adp": [ { "metrics": [ { "other": { "content": { "id": "CVE-2021-47544", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-05-28T17:06:35.022552Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-06-04T17:15:09.727Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-08-04T05:39:59.619Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/c6f340a331fb72e5ac23a083de9c780e132ca3ae" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/5a9afcd827cafe14a95c9fcbded2c2d104f18dfc" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/dacb5d8875cc6cd3a553363b4d6f06760fcbe70c" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "Linux", "programFiles": [ "include/net/sock.h" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "lessThan": "c6f340a331fb", "status": "affected", "version": "5640f7685831", "versionType": "git" }, { "lessThan": "5a9afcd827ca", "status": "affected", "version": "5640f7685831", "versionType": "git" }, { "lessThan": "dacb5d8875cc", "status": "affected", "version": "5640f7685831", "versionType": "git" } ] }, { "defaultStatus": "affected", "product": "Linux", "programFiles": [ "include/net/sock.h" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "status": "affected", "version": "3.7" }, { "lessThan": "3.7", "status": "unaffected", "version": "0", "versionType": "semver" }, { "lessThanOrEqual": "5.10.*", "status": "unaffected", "version": "5.10.84", "versionType": "semver" }, { "lessThanOrEqual": "5.15.*", "status": "unaffected", "version": "5.15.7", "versionType": "semver" }, { "lessThanOrEqual": "*", "status": "unaffected", "version": "5.16", "versionType": "original_commit_for_fix" } ] } ], "descriptions": [ { "lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ntcp: fix page frag corruption on page fault\n\nSteffen reported a TCP stream corruption for HTTP requests\nserved by the apache web-server using a cifs mount-point\nand memory mapping the relevant file.\n\nThe root cause is quite similar to the one addressed by\ncommit 20eb4f29b602 (\"net: fix sk_page_frag() recursion from\nmemory reclaim\"). Here the nested access to the task page frag\nis caused by a page fault on the (mmapped) user-space memory\nbuffer coming from the cifs file.\n\nThe page fault handler performs an smb transaction on a different\nsocket, inside the same process context. Since sk-\u003esk_allaction\nfor such socket does not prevent the usage for the task_frag,\nthe nested allocation modify \"under the hood\" the page frag\nin use by the outer sendmsg call, corrupting the stream.\n\nThe overall relevant stack trace looks like the following:\n\nhttpd 78268 [001] 3461630.850950: probe:tcp_sendmsg_locked:\n ffffffff91461d91 tcp_sendmsg_locked+0x1\n ffffffff91462b57 tcp_sendmsg+0x27\n ffffffff9139814e sock_sendmsg+0x3e\n ffffffffc06dfe1d smb_send_kvec+0x28\n [...]\n ffffffffc06cfaf8 cifs_readpages+0x213\n ffffffff90e83c4b read_pages+0x6b\n ffffffff90e83f31 __do_page_cache_readahead+0x1c1\n ffffffff90e79e98 filemap_fault+0x788\n ffffffff90eb0458 __do_fault+0x38\n ffffffff90eb5280 do_fault+0x1a0\n ffffffff90eb7c84 __handle_mm_fault+0x4d4\n ffffffff90eb8093 handle_mm_fault+0xc3\n ffffffff90c74f6d __do_page_fault+0x1ed\n ffffffff90c75277 do_page_fault+0x37\n ffffffff9160111e page_fault+0x1e\n ffffffff9109e7b5 copyin+0x25\n ffffffff9109eb40 _copy_from_iter_full+0xe0\n ffffffff91462370 tcp_sendmsg_locked+0x5e0\n ffffffff91462370 tcp_sendmsg_locked+0x5e0\n ffffffff91462b57 tcp_sendmsg+0x27\n ffffffff9139815c sock_sendmsg+0x4c\n ffffffff913981f7 sock_write_iter+0x97\n ffffffff90f2cc56 do_iter_readv_writev+0x156\n ffffffff90f2dff0 do_iter_write+0x80\n ffffffff90f2e1c3 vfs_writev+0xa3\n ffffffff90f2e27c do_writev+0x5c\n ffffffff90c042bb do_syscall_64+0x5b\n ffffffff916000ad entry_SYSCALL_64_after_hwframe+0x65\n\nThe cifs filesystem rightfully sets sk_allocations to GFP_NOFS,\nwe can avoid the nesting using the sk page frag for allocation\nlacking the __GFP_FS flag. Do not define an additional mm-helper\nfor that, as this is strictly tied to the sk page frag usage.\n\nv1 -\u003e v2:\n - use a stricted sk_page_frag() check instead of reordering the\n code (Eric)" } ], "providerMetadata": { "dateUpdated": "2024-11-04T12:07:57.998Z", "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux" }, "references": [ { "url": "https://git.kernel.org/stable/c/c6f340a331fb72e5ac23a083de9c780e132ca3ae" }, { "url": "https://git.kernel.org/stable/c/5a9afcd827cafe14a95c9fcbded2c2d104f18dfc" }, { "url": "https://git.kernel.org/stable/c/dacb5d8875cc6cd3a553363b4d6f06760fcbe70c" } ], "title": "tcp: fix page frag corruption on page fault", "x_generator": { "engine": "bippy-9e1c9544281a" } } }, "cveMetadata": { "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "assignerShortName": "Linux", "cveId": "CVE-2021-47544", "datePublished": "2024-05-24T15:09:49.895Z", "dateReserved": "2024-05-24T15:02:54.829Z", "dateUpdated": "2024-11-04T12:07:57.998Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2021-47501
Vulnerability from cvelistv5
Published
2024-05-24 15:01
Modified
2024-11-04 12:07
Severity ?
EPSS score ?
Summary
i40e: Fix NULL pointer dereference in i40e_dbg_dump_desc
References
{ "containers": { "adp": [ { "metrics": [ { "other": { "content": { "id": "CVE-2021-47501", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-06-10T18:53:53.614307Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-06-10T18:54:04.855Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-08-04T05:39:59.819Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/e5b7fb2198abc50058f1a29c395b004f76ab1c83" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/16431e442db248ecd8aa9457cf0a656f1885f56e" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/23ec111bf3549aae37140330c31a16abfc172421" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "Linux", "programFiles": [ "drivers/net/ethernet/intel/i40e/i40e_debugfs.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "lessThan": "e5b7fb2198ab", "status": "affected", "version": "02e9c290814c", "versionType": "git" }, { "lessThan": "16431e442db2", "status": "affected", "version": "02e9c290814c", "versionType": "git" }, { "lessThan": "23ec111bf354", "status": "affected", "version": "02e9c290814c", "versionType": "git" } ] }, { "defaultStatus": "affected", "product": "Linux", "programFiles": [ "drivers/net/ethernet/intel/i40e/i40e_debugfs.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "status": "affected", "version": "3.12" }, { "lessThan": "3.12", "status": "unaffected", "version": "0", "versionType": "semver" }, { "lessThanOrEqual": "5.10.*", "status": "unaffected", "version": "5.10.85", "versionType": "semver" }, { "lessThanOrEqual": "5.15.*", "status": "unaffected", "version": "5.15.8", "versionType": "semver" }, { "lessThanOrEqual": "*", "status": "unaffected", "version": "5.16", "versionType": "original_commit_for_fix" } ] } ], "descriptions": [ { "lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ni40e: Fix NULL pointer dereference in i40e_dbg_dump_desc\n\nWhen trying to dump VFs VSI RX/TX descriptors\nusing debugfs there was a crash\ndue to NULL pointer dereference in i40e_dbg_dump_desc.\nAdded a check to i40e_dbg_dump_desc that checks if\nVSI type is correct for dumping RX/TX descriptors." } ], "providerMetadata": { "dateUpdated": "2024-11-04T12:07:08.982Z", "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux" }, "references": [ { "url": "https://git.kernel.org/stable/c/e5b7fb2198abc50058f1a29c395b004f76ab1c83" }, { "url": "https://git.kernel.org/stable/c/16431e442db248ecd8aa9457cf0a656f1885f56e" }, { "url": "https://git.kernel.org/stable/c/23ec111bf3549aae37140330c31a16abfc172421" } ], "title": "i40e: Fix NULL pointer dereference in i40e_dbg_dump_desc", "x_generator": { "engine": "bippy-9e1c9544281a" } } }, "cveMetadata": { "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "assignerShortName": "Linux", "cveId": "CVE-2021-47501", "datePublished": "2024-05-24T15:01:49.040Z", "dateReserved": "2024-05-22T06:20:56.204Z", "dateUpdated": "2024-11-04T12:07:08.982Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2021-47527
Vulnerability from cvelistv5
Published
2024-05-24 15:09
Modified
2024-11-04 12:07
Severity ?
EPSS score ?
Summary
serial: core: fix transmit-buffer reset and memleak
References
{ "containers": { "adp": [ { "metrics": [ { "other": { "content": { "id": "CVE-2021-47527", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-06-10T18:53:22.735670Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-06-10T18:53:36.137Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-08-04T05:39:59.783Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/011f6c92b5bf6e1fbfdedc8b5232f64c1c493206" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/e74d9663fd57640fc3394abb5c76fa95b9cc2f2e" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/1179b168fa3f3a6aae3bd140000455a0e58457db" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/c5da8aa441053958594f94254592bb41264bdfbf" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/e1722acf4f0d4d67b60f57e08ce16f8b66cd4b8f" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/64e491c1634b73d3bddc081d08620bdc92ab2c12" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/00de977f9e0aa9760d9a79d1e41ff780f74e3424" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "Linux", "programFiles": [ "drivers/tty/serial/serial_core.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "lessThan": "011f6c92b5bf", "status": "affected", "version": "761ed4a94582", "versionType": "git" }, { "lessThan": "e74d9663fd57", "status": "affected", "version": "761ed4a94582", "versionType": "git" }, { "lessThan": "1179b168fa3f", "status": "affected", "version": "761ed4a94582", "versionType": "git" }, { "lessThan": "c5da8aa44105", "status": "affected", "version": "761ed4a94582", "versionType": "git" }, { "lessThan": "e1722acf4f0d", "status": "affected", "version": "761ed4a94582", "versionType": "git" }, { "lessThan": "64e491c1634b", "status": "affected", "version": "761ed4a94582", "versionType": "git" }, { "lessThan": "00de977f9e0a", "status": "affected", "version": "761ed4a94582", "versionType": "git" } ] }, { "defaultStatus": "affected", "product": "Linux", "programFiles": [ "drivers/tty/serial/serial_core.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "status": "affected", "version": "4.9" }, { "lessThan": "4.9", "status": "unaffected", "version": "0", "versionType": "semver" }, { "lessThanOrEqual": "4.9.*", "status": "unaffected", "version": "4.9.292", "versionType": "semver" }, { "lessThanOrEqual": "4.14.*", "status": "unaffected", "version": "4.14.257", "versionType": "semver" }, { "lessThanOrEqual": "4.19.*", "status": "unaffected", "version": "4.19.220", "versionType": "semver" }, { "lessThanOrEqual": "5.4.*", "status": "unaffected", "version": "5.4.164", "versionType": "semver" }, { "lessThanOrEqual": "5.10.*", "status": "unaffected", "version": "5.10.84", "versionType": "semver" }, { "lessThanOrEqual": "5.15.*", "status": "unaffected", "version": "5.15.7", "versionType": "semver" }, { "lessThanOrEqual": "*", "status": "unaffected", "version": "5.16", "versionType": "original_commit_for_fix" } ] } ], "descriptions": [ { "lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nserial: core: fix transmit-buffer reset and memleak\n\nCommit 761ed4a94582 (\"tty: serial_core: convert uart_close to use\ntty_port_close\") converted serial core to use tty_port_close() but\nfailed to notice that the transmit buffer still needs to be freed on\nfinal close.\n\nNot freeing the transmit buffer means that the buffer is no longer\ncleared on next open so that any ioctl() waiting for the buffer to drain\nmight wait indefinitely (e.g. on termios changes) or that stale data can\nend up being transmitted in case tx is restarted.\n\nFurthermore, the buffer of any port that has been opened would leak on\ndriver unbind.\n\nNote that the port lock is held when clearing the buffer pointer due to\nthe ldisc race worked around by commit a5ba1d95e46e (\"uart: fix race\nbetween uart_put_char() and uart_shutdown()\").\n\nAlso note that the tty-port shutdown() callback is not called for\nconsole ports so it is not strictly necessary to free the buffer page\nafter releasing the lock (cf. d72402145ace (\"tty/serial: do not free\ntrasnmit buffer page under port lock\"))." } ], "providerMetadata": { "dateUpdated": "2024-11-04T12:07:39.314Z", "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux" }, "references": [ { "url": "https://git.kernel.org/stable/c/011f6c92b5bf6e1fbfdedc8b5232f64c1c493206" }, { "url": "https://git.kernel.org/stable/c/e74d9663fd57640fc3394abb5c76fa95b9cc2f2e" }, { "url": "https://git.kernel.org/stable/c/1179b168fa3f3a6aae3bd140000455a0e58457db" }, { "url": "https://git.kernel.org/stable/c/c5da8aa441053958594f94254592bb41264bdfbf" }, { "url": "https://git.kernel.org/stable/c/e1722acf4f0d4d67b60f57e08ce16f8b66cd4b8f" }, { "url": "https://git.kernel.org/stable/c/64e491c1634b73d3bddc081d08620bdc92ab2c12" }, { "url": "https://git.kernel.org/stable/c/00de977f9e0aa9760d9a79d1e41ff780f74e3424" } ], "title": "serial: core: fix transmit-buffer reset and memleak", "x_generator": { "engine": "bippy-9e1c9544281a" } } }, "cveMetadata": { "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "assignerShortName": "Linux", "cveId": "CVE-2021-47527", "datePublished": "2024-05-24T15:09:38.690Z", "dateReserved": "2024-05-24T15:02:54.825Z", "dateUpdated": "2024-11-04T12:07:39.314Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2021-47529
Vulnerability from cvelistv5
Published
2024-05-24 15:09
Modified
2024-11-04 12:07
Severity ?
EPSS score ?
Summary
iwlwifi: Fix memory leaks in error handling path
References
{ "containers": { "adp": [ { "metrics": [ { "other": { "content": { "id": "CVE-2021-47529", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-05-28T15:20:42.461449Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-06-04T17:15:04.983Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-08-04T05:39:59.793Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/4768935c25403ba96e7a745645df24a51a774b7e" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/a571bc28326d9f3e13f5f2d9cda2883e0631b0ce" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "Linux", "programFiles": [ "drivers/net/wireless/intel/iwlwifi/fw/uefi.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "lessThan": "4768935c2540", "status": "affected", "version": "9dad325f9d57", "versionType": "git" }, { "lessThan": "a571bc28326d", "status": "affected", "version": "9dad325f9d57", "versionType": "git" } ] }, { "defaultStatus": "affected", "product": "Linux", "programFiles": [ "drivers/net/wireless/intel/iwlwifi/fw/uefi.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "status": "affected", "version": "5.14" }, { "lessThan": "5.14", "status": "unaffected", "version": "0", "versionType": "semver" }, { "lessThanOrEqual": "5.15.*", "status": "unaffected", "version": "5.15.7", "versionType": "semver" }, { "lessThanOrEqual": "*", "status": "unaffected", "version": "5.16", "versionType": "original_commit_for_fix" } ] } ], "descriptions": [ { "lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\niwlwifi: Fix memory leaks in error handling path\n\nShould an error occur (invalid TLV len or memory allocation failure), the\nmemory already allocated in \u0027reduce_power_data\u0027 should be freed before\nreturning, otherwise it is leaking." } ], "providerMetadata": { "dateUpdated": "2024-11-04T12:07:41.637Z", "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux" }, "references": [ { "url": "https://git.kernel.org/stable/c/4768935c25403ba96e7a745645df24a51a774b7e" }, { "url": "https://git.kernel.org/stable/c/a571bc28326d9f3e13f5f2d9cda2883e0631b0ce" } ], "title": "iwlwifi: Fix memory leaks in error handling path", "x_generator": { "engine": "bippy-9e1c9544281a" } } }, "cveMetadata": { "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "assignerShortName": "Linux", "cveId": "CVE-2021-47529", "datePublished": "2024-05-24T15:09:40.050Z", "dateReserved": "2024-05-24T15:02:54.825Z", "dateUpdated": "2024-11-04T12:07:41.637Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2021-47525
Vulnerability from cvelistv5
Published
2024-05-24 15:09
Modified
2024-11-04 12:07
Severity ?
EPSS score ?
Summary
serial: liteuart: fix use-after-free and memleak on unbind
References
{ "containers": { "adp": [ { "metrics": [ { "other": { "content": { "id": "CVE-2021-47525", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-05-28T15:21:08.763793Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-06-04T17:14:59.157Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-08-04T05:39:59.831Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/602824cf9aa9db8830ffe5cfb2cd54365cada4fe" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/05f929b395dec8957b636ff14e66b277ed022ed9" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "Linux", "programFiles": [ "drivers/tty/serial/liteuart.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "lessThan": "602824cf9aa9", "status": "affected", "version": "1da81e5562fa", "versionType": "git" }, { "lessThan": "05f929b395de", "status": "affected", "version": "1da81e5562fa", "versionType": "git" } ] }, { "defaultStatus": "affected", "product": "Linux", "programFiles": [ "drivers/tty/serial/liteuart.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "status": "affected", "version": "5.11" }, { "lessThan": "5.11", "status": "unaffected", "version": "0", "versionType": "semver" }, { "lessThanOrEqual": "5.15.*", "status": "unaffected", "version": "5.15.7", "versionType": "semver" }, { "lessThanOrEqual": "*", "status": "unaffected", "version": "5.16", "versionType": "original_commit_for_fix" } ] } ], "descriptions": [ { "lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nserial: liteuart: fix use-after-free and memleak on unbind\n\nDeregister the port when unbinding the driver to prevent it from being\nused after releasing the driver data and leaking memory allocated by\nserial core." } ], "providerMetadata": { "dateUpdated": "2024-11-04T12:07:37.048Z", "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux" }, "references": [ { "url": "https://git.kernel.org/stable/c/602824cf9aa9db8830ffe5cfb2cd54365cada4fe" }, { "url": "https://git.kernel.org/stable/c/05f929b395dec8957b636ff14e66b277ed022ed9" } ], "title": "serial: liteuart: fix use-after-free and memleak on unbind", "x_generator": { "engine": "bippy-9e1c9544281a" } } }, "cveMetadata": { "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "assignerShortName": "Linux", "cveId": "CVE-2021-47525", "datePublished": "2024-05-24T15:09:37.355Z", "dateReserved": "2024-05-24T15:02:54.825Z", "dateUpdated": "2024-11-04T12:07:37.048Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2021-47531
Vulnerability from cvelistv5
Published
2024-05-24 15:09
Modified
2024-11-04 12:07
Severity ?
EPSS score ?
Summary
drm/msm: Fix mmap to include VM_IO and VM_DONTDUMP
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-04T05:39:59.773Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/8e2b7fe5e8a4be5e571561d9afcfbd92097288ba" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/3466d9e217b337bf473ee629c608e53f9f3ab786" } ], "title": "CVE Program Container" }, { "metrics": [ { "other": { "content": { "id": "CVE-2021-47531", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-09-10T15:35:23.631797Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-09-11T17:33:21.334Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "Linux", "programFiles": [ "drivers/gpu/drm/msm/msm_gem.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "lessThan": "8e2b7fe5e8a4", "status": "affected", "version": "510410bfc034", "versionType": "git" }, { "lessThan": "3466d9e217b3", "status": "affected", "version": "510410bfc034", "versionType": "git" } ] }, { "defaultStatus": "affected", "product": "Linux", "programFiles": [ "drivers/gpu/drm/msm/msm_gem.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "status": "affected", "version": "5.15" }, { "lessThan": "5.15", "status": "unaffected", "version": "0", "versionType": "semver" }, { "lessThanOrEqual": "5.15.*", "status": "unaffected", "version": "5.15.7", "versionType": "semver" }, { "lessThanOrEqual": "*", "status": "unaffected", "version": "5.16", "versionType": "original_commit_for_fix" } ] } ], "descriptions": [ { "lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/msm: Fix mmap to include VM_IO and VM_DONTDUMP\n\nIn commit 510410bfc034 (\"drm/msm: Implement mmap as GEM object\nfunction\") we switched to a new/cleaner method of doing things. That\u0027s\ngood, but we missed a little bit.\n\nBefore that commit, we used to _first_ run through the\ndrm_gem_mmap_obj() case where `obj-\u003efuncs-\u003emmap()` was NULL. That meant\nthat we ran:\n\n vma-\u003evm_flags |= VM_IO | VM_PFNMAP | VM_DONTEXPAND | VM_DONTDUMP;\n vma-\u003evm_page_prot = pgprot_writecombine(vm_get_page_prot(vma-\u003evm_flags));\n vma-\u003evm_page_prot = pgprot_decrypted(vma-\u003evm_page_prot);\n\n...and _then_ we modified those mappings with our own. Now that\n`obj-\u003efuncs-\u003emmap()` is no longer NULL we don\u0027t run the default\ncode. It looks like the fact that the vm_flags got VM_IO / VM_DONTDUMP\nwas important because we\u0027re now getting crashes on Chromebooks that\nuse ARC++ while logging out. Specifically a crash that looks like this\n(this is on a 5.10 kernel w/ relevant backports but also seen on a\n5.15 kernel):\n\n Unable to handle kernel paging request at virtual address ffffffc008000000\n Mem abort info:\n ESR = 0x96000006\n EC = 0x25: DABT (current EL), IL = 32 bits\n SET = 0, FnV = 0\n EA = 0, S1PTW = 0\n Data abort info:\n ISV = 0, ISS = 0x00000006\n CM = 0, WnR = 0\n swapper pgtable: 4k pages, 39-bit VAs, pgdp=000000008293d000\n [ffffffc008000000] pgd=00000001002b3003, p4d=00000001002b3003,\n pud=00000001002b3003, pmd=0000000000000000\n Internal error: Oops: 96000006 [#1] PREEMPT SMP\n [...]\n CPU: 7 PID: 15734 Comm: crash_dump64 Tainted: G W 5.10.67 #1 [...]\n Hardware name: Qualcomm Technologies, Inc. sc7280 IDP SKU2 platform (DT)\n pstate: 80400009 (Nzcv daif +PAN -UAO -TCO BTYPE=--)\n pc : __arch_copy_to_user+0xc0/0x30c\n lr : copyout+0xac/0x14c\n [...]\n Call trace:\n __arch_copy_to_user+0xc0/0x30c\n copy_page_to_iter+0x1a0/0x294\n process_vm_rw_core+0x240/0x408\n process_vm_rw+0x110/0x16c\n __arm64_sys_process_vm_readv+0x30/0x3c\n el0_svc_common+0xf8/0x250\n do_el0_svc+0x30/0x80\n el0_svc+0x10/0x1c\n el0_sync_handler+0x78/0x108\n el0_sync+0x184/0x1c0\n Code: f8408423 f80008c3 910020c6 36100082 (b8404423)\n\nLet\u0027s add the two flags back in.\n\nWhile we\u0027re at it, the fact that we aren\u0027t running the default means\nthat we _don\u0027t_ need to clear out VM_PFNMAP, so remove that and save\nan instruction.\n\nNOTE: it was confirmed that VM_IO was the important flag to fix the\nproblem I was seeing, but adding back VM_DONTDUMP seems like a sane\nthing to do so I\u0027m doing that too." } ], "providerMetadata": { "dateUpdated": "2024-11-04T12:07:43.983Z", "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux" }, "references": [ { "url": "https://git.kernel.org/stable/c/8e2b7fe5e8a4be5e571561d9afcfbd92097288ba" }, { "url": "https://git.kernel.org/stable/c/3466d9e217b337bf473ee629c608e53f9f3ab786" } ], "title": "drm/msm: Fix mmap to include VM_IO and VM_DONTDUMP", "x_generator": { "engine": "bippy-9e1c9544281a" } } }, "cveMetadata": { "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "assignerShortName": "Linux", "cveId": "CVE-2021-47531", "datePublished": "2024-05-24T15:09:41.360Z", "dateReserved": "2024-05-24T15:02:54.826Z", "dateUpdated": "2024-11-04T12:07:43.983Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2021-47532
Vulnerability from cvelistv5
Published
2024-05-24 15:09
Modified
2024-11-04 12:07
Severity ?
EPSS score ?
Summary
drm/msm/devfreq: Fix OPP refcnt leak
References
{ "containers": { "adp": [ { "metrics": [ { "other": { "content": { "id": "CVE-2021-47532", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-05-24T19:15:57.265096Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-06-04T17:15:24.585Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-08-04T05:39:59.765Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/a4eb55901df1dce8c6944438bbdf57caf08911e2" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/59ba1b2b4825342676300f66d785764be3fcb093" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "Linux", "programFiles": [ "drivers/gpu/drm/msm/msm_gpu_devfreq.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "lessThan": "a4eb55901df1", "status": "affected", "version": "9bc95570175a", "versionType": "git" }, { "lessThan": "59ba1b2b4825", "status": "affected", "version": "9bc95570175a", "versionType": "git" } ] }, { "defaultStatus": "affected", "product": "Linux", "programFiles": [ "drivers/gpu/drm/msm/msm_gpu_devfreq.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "status": "affected", "version": "5.15" }, { "lessThan": "5.15", "status": "unaffected", "version": "0", "versionType": "semver" }, { "lessThanOrEqual": "5.15.*", "status": "unaffected", "version": "5.15.7", "versionType": "semver" }, { "lessThanOrEqual": "*", "status": "unaffected", "version": "5.16", "versionType": "original_commit_for_fix" } ] } ], "descriptions": [ { "lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/msm/devfreq: Fix OPP refcnt leak" } ], "providerMetadata": { "dateUpdated": "2024-11-04T12:07:45.169Z", "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux" }, "references": [ { "url": "https://git.kernel.org/stable/c/a4eb55901df1dce8c6944438bbdf57caf08911e2" }, { "url": "https://git.kernel.org/stable/c/59ba1b2b4825342676300f66d785764be3fcb093" } ], "title": "drm/msm/devfreq: Fix OPP refcnt leak", "x_generator": { "engine": "bippy-9e1c9544281a" } } }, "cveMetadata": { "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "assignerShortName": "Linux", "cveId": "CVE-2021-47532", "datePublished": "2024-05-24T15:09:42.027Z", "dateReserved": "2024-05-24T15:02:54.826Z", "dateUpdated": "2024-11-04T12:07:45.169Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2021-47539
Vulnerability from cvelistv5
Published
2024-05-24 15:09
Modified
2024-11-04 12:07
Severity ?
EPSS score ?
Summary
rxrpc: Fix rxrpc_peer leak in rxrpc_look_up_bundle()
References
{ "containers": { "adp": [ { "metrics": [ { "other": { "content": { "id": "CVE-2021-47539", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-06-10T18:53:02.140647Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-06-10T18:53:09.609Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-08-04T05:39:59.613Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/35b40f724c4ef0f683d94dab3af9ab38261d782b" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/bc97458620e38961af9505cc060ad4cf5c9e4af7" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/ca77fba821351190777b236ce749d7c4d353102e" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "Linux", "programFiles": [ "net/rxrpc/conn_client.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "lessThan": "35b40f724c4e", "status": "affected", "version": "245500d853e9", "versionType": "git" }, { "lessThan": "bc97458620e3", "status": "affected", "version": "245500d853e9", "versionType": "git" }, { "lessThan": "ca77fba82135", "status": "affected", "version": "245500d853e9", "versionType": "git" } ] }, { "defaultStatus": "affected", "product": "Linux", "programFiles": [ "net/rxrpc/conn_client.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "status": "affected", "version": "5.10" }, { "lessThan": "5.10", "status": "unaffected", "version": "0", "versionType": "semver" }, { "lessThanOrEqual": "5.10.*", "status": "unaffected", "version": "5.10.84", "versionType": "semver" }, { "lessThanOrEqual": "5.15.*", "status": "unaffected", "version": "5.15.7", "versionType": "semver" }, { "lessThanOrEqual": "*", "status": "unaffected", "version": "5.16", "versionType": "original_commit_for_fix" } ] } ], "descriptions": [ { "lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nrxrpc: Fix rxrpc_peer leak in rxrpc_look_up_bundle()\n\nNeed to call rxrpc_put_peer() for bundle candidate before kfree() as it\nholds a ref to rxrpc_peer.\n\n[DH: v2: Changed to abstract out the bundle freeing code into a function]" } ], "providerMetadata": { "dateUpdated": "2024-11-04T12:07:53.291Z", "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux" }, "references": [ { "url": "https://git.kernel.org/stable/c/35b40f724c4ef0f683d94dab3af9ab38261d782b" }, { "url": "https://git.kernel.org/stable/c/bc97458620e38961af9505cc060ad4cf5c9e4af7" }, { "url": "https://git.kernel.org/stable/c/ca77fba821351190777b236ce749d7c4d353102e" } ], "title": "rxrpc: Fix rxrpc_peer leak in rxrpc_look_up_bundle()", "x_generator": { "engine": "bippy-9e1c9544281a" } } }, "cveMetadata": { "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "assignerShortName": "Linux", "cveId": "CVE-2021-47539", "datePublished": "2024-05-24T15:09:46.609Z", "dateReserved": "2024-05-24T15:02:54.828Z", "dateUpdated": "2024-11-04T12:07:53.291Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2021-47553
Vulnerability from cvelistv5
Published
2024-05-24 15:09
Modified
2024-11-04 12:08
Severity ?
EPSS score ?
Summary
sched/scs: Reset task stack state in bringup_cpu()
References
{ "containers": { "adp": [ { "metrics": [ { "other": { "content": { "id": "CVE-2021-47553", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-06-12T19:56:42.885646Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-06-12T19:57:05.890Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-08-04T05:39:59.871Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/e6ee7abd6bfe559ad9989004b34c320fd638c526" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/229c555260cb9c1ccdab861e16f0410f1718f302" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/dce1ca0525bfdc8a69a9343bc714fbc19a2f04b3" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "Linux", "programFiles": [ "kernel/cpu.c", "kernel/sched/core.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "lessThan": "e6ee7abd6bfe", "status": "affected", "version": "3c51d82d0b78", "versionType": "git" }, { "lessThan": "229c555260cb", "status": "affected", "version": "f1a0a376ca0c", "versionType": "git" }, { "lessThan": "dce1ca0525bf", "status": "affected", "version": "f1a0a376ca0c", "versionType": "git" } ] }, { "defaultStatus": "affected", "product": "Linux", "programFiles": [ "kernel/cpu.c", "kernel/sched/core.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "status": "affected", "version": "5.14" }, { "lessThan": "5.14", "status": "unaffected", "version": "0", "versionType": "semver" }, { "lessThanOrEqual": "5.10.*", "status": "unaffected", "version": "5.10.83", "versionType": "semver" }, { "lessThanOrEqual": "5.15.*", "status": "unaffected", "version": "5.15.6", "versionType": "semver" }, { "lessThanOrEqual": "*", "status": "unaffected", "version": "5.16", "versionType": "original_commit_for_fix" } ] } ], "descriptions": [ { "lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nsched/scs: Reset task stack state in bringup_cpu()\n\nTo hot unplug a CPU, the idle task on that CPU calls a few layers of C\ncode before finally leaving the kernel. When KASAN is in use, poisoned\nshadow is left around for each of the active stack frames, and when\nshadow call stacks are in use. When shadow call stacks (SCS) are in use\nthe task\u0027s saved SCS SP is left pointing at an arbitrary point within\nthe task\u0027s shadow call stack.\n\nWhen a CPU is offlined than onlined back into the kernel, this stale\nstate can adversely affect execution. Stale KASAN shadow can alias new\nstackframes and result in bogus KASAN warnings. A stale SCS SP is\neffectively a memory leak, and prevents a portion of the shadow call\nstack being used. Across a number of hotplug cycles the idle task\u0027s\nentire shadow call stack can become unusable.\n\nWe previously fixed the KASAN issue in commit:\n\n e1b77c92981a5222 (\"sched/kasan: remove stale KASAN poison after hotplug\")\n\n... by removing any stale KASAN stack poison immediately prior to\nonlining a CPU.\n\nSubsequently in commit:\n\n f1a0a376ca0c4ef1 (\"sched/core: Initialize the idle task with preemption disabled\")\n\n... the refactoring left the KASAN and SCS cleanup in one-time idle\nthread initialization code rather than something invoked prior to each\nCPU being onlined, breaking both as above.\n\nWe fixed SCS (but not KASAN) in commit:\n\n 63acd42c0d4942f7 (\"sched/scs: Reset the shadow stack when idle_task_exit\")\n\n... but as this runs in the context of the idle task being offlined it\u0027s\npotentially fragile.\n\nTo fix these consistently and more robustly, reset the SCS SP and KASAN\nshadow of a CPU\u0027s idle task immediately before we online that CPU in\nbringup_cpu(). This ensures the idle task always has a consistent state\nwhen it is running, and removes the need to so so when exiting an idle\ntask.\n\nWhenever any thread is created, dup_task_struct() will give the task a\nstack which is free of KASAN shadow, and initialize the task\u0027s SCS SP,\nso there\u0027s no need to specially initialize either for idle thread within\ninit_idle(), as this was only necessary to handle hotplug cycles.\n\nI\u0027ve tested this on arm64 with:\n\n* gcc 11.1.0, defconfig +KASAN_INLINE, KASAN_STACK\n* clang 12.0.0, defconfig +KASAN_INLINE, KASAN_STACK, SHADOW_CALL_STACK\n\n... offlining and onlining CPUS with:\n\n| while true; do\n| for C in /sys/devices/system/cpu/cpu*/online; do\n| echo 0 \u003e $C;\n| echo 1 \u003e $C;\n| done\n| done" } ], "providerMetadata": { "dateUpdated": "2024-11-04T12:08:07.432Z", "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux" }, "references": [ { "url": "https://git.kernel.org/stable/c/e6ee7abd6bfe559ad9989004b34c320fd638c526" }, { "url": "https://git.kernel.org/stable/c/229c555260cb9c1ccdab861e16f0410f1718f302" }, { "url": "https://git.kernel.org/stable/c/dce1ca0525bfdc8a69a9343bc714fbc19a2f04b3" } ], "title": "sched/scs: Reset task stack state in bringup_cpu()", "x_generator": { "engine": "bippy-9e1c9544281a" } } }, "cveMetadata": { "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "assignerShortName": "Linux", "cveId": "CVE-2021-47553", "datePublished": "2024-05-24T15:09:55.961Z", "dateReserved": "2024-05-24T15:02:54.833Z", "dateUpdated": "2024-11-04T12:08:07.432Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2021-47502
Vulnerability from cvelistv5
Published
2024-05-24 15:01
Modified
2024-11-04 12:07
Severity ?
EPSS score ?
Summary
ASoC: codecs: wcd934x: handle channel mappping list correctly
References
{ "containers": { "adp": [ { "metrics": [ { "other": { "content": { "id": "CVE-2021-47502", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-05-24T19:19:30.436874Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-06-04T17:14:49.622Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-08-04T05:39:59.770Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/1089dac26c6b4b833323ae6c0ceab29fb30ede72" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/339ffb5b56005582aacc860524d2d208604049d1" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/23ba28616d3063bd4c4953598ed5e439ca891101" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "Linux", "programFiles": [ "sound/soc/codecs/wcd934x.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "lessThan": "1089dac26c6b", "status": "affected", "version": "a70d9245759a", "versionType": "git" }, { "lessThan": "339ffb5b5600", "status": "affected", "version": "a70d9245759a", "versionType": "git" }, { "lessThan": "23ba28616d30", "status": "affected", "version": "a70d9245759a", "versionType": "git" } ] }, { "defaultStatus": "affected", "product": "Linux", "programFiles": [ "sound/soc/codecs/wcd934x.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "status": "affected", "version": "5.6" }, { "lessThan": "5.6", "status": "unaffected", "version": "0", "versionType": "semver" }, { "lessThanOrEqual": "5.10.*", "status": "unaffected", "version": "5.10.85", "versionType": "semver" }, { "lessThanOrEqual": "5.15.*", "status": "unaffected", "version": "5.15.8", "versionType": "semver" }, { "lessThanOrEqual": "*", "status": "unaffected", "version": "5.16", "versionType": "original_commit_for_fix" } ] } ], "descriptions": [ { "lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nASoC: codecs: wcd934x: handle channel mappping list correctly\n\nCurrently each channel is added as list to dai channel list, however\nthere is danger of adding same channel to multiple dai channel list\nwhich endups corrupting the other list where its already added.\n\nThis patch ensures that the channel is actually free before adding to\nthe dai channel list and also ensures that the channel is on the list\nbefore deleting it.\n\nThis check was missing previously, and we did not hit this issue as\nwe were testing very simple usecases with sequence of amixer commands." } ], "providerMetadata": { "dateUpdated": "2024-11-04T12:07:10.120Z", "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux" }, "references": [ { "url": "https://git.kernel.org/stable/c/1089dac26c6b4b833323ae6c0ceab29fb30ede72" }, { "url": "https://git.kernel.org/stable/c/339ffb5b56005582aacc860524d2d208604049d1" }, { "url": "https://git.kernel.org/stable/c/23ba28616d3063bd4c4953598ed5e439ca891101" } ], "title": "ASoC: codecs: wcd934x: handle channel mappping list correctly", "x_generator": { "engine": "bippy-9e1c9544281a" } } }, "cveMetadata": { "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "assignerShortName": "Linux", "cveId": "CVE-2021-47502", "datePublished": "2024-05-24T15:01:49.699Z", "dateReserved": "2024-05-22T06:20:56.204Z", "dateUpdated": "2024-11-04T12:07:10.120Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2021-47511
Vulnerability from cvelistv5
Published
2024-05-24 15:09
Modified
2024-11-04 20:38
Severity ?
EPSS score ?
Summary
ALSA: pcm: oss: Fix negative period/buffer sizes
References
{ "containers": { "adp": [ { "metrics": [ { "cvssV3_1": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" } }, { "other": { "content": { "id": "CVE-2021-47511", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-05-29T17:05:32.798414Z", "version": "2.0.3" }, "type": "ssvc" } } ], "problemTypes": [ { "descriptions": [ { "description": "CWE-noinfo Not enough information", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-11-04T20:38:49.373Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-08-04T05:39:59.645Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/be8869d388593e57223ad39297c8e54be632f2f2" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/502e1146873d870f87da3b8f93d6bf2de5f38d0c" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/8af815ab052eaf74addbbfb556d63ce2137c0e1b" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/f96c0959c1ee92adc911c10d6ec209af50105049" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/f12c8a7515f641885677960af450082569a87243" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/02b2b691b77cd7b951fa7b6c9d44d4e472cdc823" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/00a860678098fcd9fa8db2b5fb9d2ddf4776d4cc" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/9d2479c960875ca1239bcb899f386970c13d9cfe" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "Linux", "programFiles": [ "sound/core/oss/pcm_oss.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "lessThan": "be8869d38859", "status": "affected", "version": "1da177e4c3f4", "versionType": "git" }, { "lessThan": "502e1146873d", "status": "affected", "version": "1da177e4c3f4", "versionType": "git" }, { "lessThan": "8af815ab052e", "status": "affected", "version": "1da177e4c3f4", "versionType": "git" }, { "lessThan": "f96c0959c1ee", "status": "affected", "version": "1da177e4c3f4", "versionType": "git" }, { "lessThan": "f12c8a7515f6", "status": "affected", "version": "1da177e4c3f4", "versionType": "git" }, { "lessThan": "02b2b691b77c", "status": "affected", "version": "1da177e4c3f4", "versionType": "git" }, { "lessThan": "00a860678098", "status": "affected", "version": "1da177e4c3f4", "versionType": "git" }, { "lessThan": "9d2479c96087", "status": "affected", "version": "1da177e4c3f4", "versionType": "git" } ] }, { "defaultStatus": "affected", "product": "Linux", "programFiles": [ "sound/core/oss/pcm_oss.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "lessThanOrEqual": "4.4.*", "status": "unaffected", "version": "4.4.295", "versionType": "semver" }, { "lessThanOrEqual": "4.9.*", "status": "unaffected", "version": "4.9.293", "versionType": "semver" }, { "lessThanOrEqual": "4.14.*", "status": "unaffected", "version": "4.14.258", "versionType": "semver" }, { "lessThanOrEqual": "4.19.*", "status": "unaffected", "version": "4.19.221", "versionType": "semver" }, { "lessThanOrEqual": "5.4.*", "status": "unaffected", "version": "5.4.165", "versionType": "semver" }, { "lessThanOrEqual": "5.10.*", "status": "unaffected", "version": "5.10.85", "versionType": "semver" }, { "lessThanOrEqual": "5.15.*", "status": "unaffected", "version": "5.15.8", "versionType": "semver" }, { "lessThanOrEqual": "*", "status": "unaffected", "version": "5.16", "versionType": "original_commit_for_fix" } ] } ], "descriptions": [ { "lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nALSA: pcm: oss: Fix negative period/buffer sizes\n\nThe period size calculation in OSS layer may receive a negative value\nas an error, but the code there assumes only the positive values and\nhandle them with size_t. Due to that, a too big value may be passed\nto the lower layers.\n\nThis patch changes the code to handle with ssize_t and adds the proper\nerror checks appropriately." } ], "providerMetadata": { "dateUpdated": "2024-11-04T12:07:20.629Z", "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux" }, "references": [ { "url": "https://git.kernel.org/stable/c/be8869d388593e57223ad39297c8e54be632f2f2" }, { "url": "https://git.kernel.org/stable/c/502e1146873d870f87da3b8f93d6bf2de5f38d0c" }, { "url": "https://git.kernel.org/stable/c/8af815ab052eaf74addbbfb556d63ce2137c0e1b" }, { "url": "https://git.kernel.org/stable/c/f96c0959c1ee92adc911c10d6ec209af50105049" }, { "url": "https://git.kernel.org/stable/c/f12c8a7515f641885677960af450082569a87243" }, { "url": "https://git.kernel.org/stable/c/02b2b691b77cd7b951fa7b6c9d44d4e472cdc823" }, { "url": "https://git.kernel.org/stable/c/00a860678098fcd9fa8db2b5fb9d2ddf4776d4cc" }, { "url": "https://git.kernel.org/stable/c/9d2479c960875ca1239bcb899f386970c13d9cfe" } ], "title": "ALSA: pcm: oss: Fix negative period/buffer sizes", "x_generator": { "engine": "bippy-9e1c9544281a" } } }, "cveMetadata": { "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "assignerShortName": "Linux", "cveId": "CVE-2021-47511", "datePublished": "2024-05-24T15:09:26.695Z", "dateReserved": "2024-05-24T15:02:54.823Z", "dateUpdated": "2024-11-04T20:38:49.373Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2021-47533
Vulnerability from cvelistv5
Published
2024-05-24 15:09
Modified
2024-11-04 12:07
Severity ?
EPSS score ?
Summary
drm/vc4: kms: Clear the HVS FIFO commit pointer once done
References
{ "containers": { "adp": [ { "metrics": [ { "other": { "content": { "id": "CVE-2021-47533", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-05-24T19:17:49.041066Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-06-04T17:15:00.137Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-08-04T05:39:59.620Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/2931db9a5ed219546cf2ae0546698faf78281b89" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/d134c5ff71c7f2320fc7997f2fbbdedf0c76889a" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "Linux", "programFiles": [ "drivers/gpu/drm/vc4/vc4_kms.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "lessThan": "2931db9a5ed2", "status": "affected", "version": "9ec03d7f1ed3", "versionType": "git" }, { "lessThan": "d134c5ff71c7", "status": "affected", "version": "9ec03d7f1ed3", "versionType": "git" } ] }, { "defaultStatus": "affected", "product": "Linux", "programFiles": [ "drivers/gpu/drm/vc4/vc4_kms.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "status": "affected", "version": "5.12" }, { "lessThan": "5.12", "status": "unaffected", "version": "0", "versionType": "semver" }, { "lessThanOrEqual": "5.15.*", "status": "unaffected", "version": "5.15.7", "versionType": "semver" }, { "lessThanOrEqual": "*", "status": "unaffected", "version": "5.16", "versionType": "original_commit_for_fix" } ] } ], "descriptions": [ { "lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/vc4: kms: Clear the HVS FIFO commit pointer once done\n\nCommit 9ec03d7f1ed3 (\"drm/vc4: kms: Wait on previous FIFO users before a\ncommit\") introduced a wait on the previous commit done on a given HVS\nFIFO.\n\nHowever, we never cleared that pointer once done. Since\ndrm_crtc_commit_put can free the drm_crtc_commit structure directly if\nwe were the last user, this means that it can lead to a use-after free\nif we were to duplicate the state, and that stale pointer would even be\ncopied to the new state.\n\nSet the pointer to NULL once we\u0027re done with the wait so that we don\u0027t\ncarry over a pointer to a free\u0027d structure." } ], "providerMetadata": { "dateUpdated": "2024-11-04T12:07:46.356Z", "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux" }, "references": [ { "url": "https://git.kernel.org/stable/c/2931db9a5ed219546cf2ae0546698faf78281b89" }, { "url": "https://git.kernel.org/stable/c/d134c5ff71c7f2320fc7997f2fbbdedf0c76889a" } ], "title": "drm/vc4: kms: Clear the HVS FIFO commit pointer once done", "x_generator": { "engine": "bippy-9e1c9544281a" } } }, "cveMetadata": { "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "assignerShortName": "Linux", "cveId": "CVE-2021-47533", "datePublished": "2024-05-24T15:09:42.683Z", "dateReserved": "2024-05-24T15:02:54.826Z", "dateUpdated": "2024-11-04T12:07:46.356Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2021-47556
Vulnerability from cvelistv5
Published
2024-05-24 15:09
Modified
2024-11-04 12:08
Severity ?
EPSS score ?
Summary
ethtool: ioctl: fix potential NULL deref in ethtool_set_coalesce()
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-04T05:39:59.696Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/abfdd9e2f0f9699015d72317f74154d3e53664e6" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/0276af2176c78771da7f311621a25d7608045827" } ], "title": "CVE Program Container" }, { "metrics": [ { "other": { "content": { "id": "CVE-2021-47556", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-09-10T15:35:17.251127Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-09-11T17:33:20.673Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "Linux", "programFiles": [ "net/ethtool/ioctl.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "lessThan": "abfdd9e2f0f9", "status": "affected", "version": "f3ccfda19319", "versionType": "git" }, { "lessThan": "0276af2176c7", "status": "affected", "version": "f3ccfda19319", "versionType": "git" } ] }, { "defaultStatus": "affected", "product": "Linux", "programFiles": [ "net/ethtool/ioctl.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "status": "affected", "version": "5.15" }, { "lessThan": "5.15", "status": "unaffected", "version": "0", "versionType": "semver" }, { "lessThanOrEqual": "5.15.*", "status": "unaffected", "version": "5.15.6", "versionType": "semver" }, { "lessThanOrEqual": "*", "status": "unaffected", "version": "5.16", "versionType": "original_commit_for_fix" } ] } ], "descriptions": [ { "lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nethtool: ioctl: fix potential NULL deref in ethtool_set_coalesce()\n\nethtool_set_coalesce() now uses both the .get_coalesce() and\n.set_coalesce() callbacks. But the check for their availability is\nbuggy, so changing the coalesce settings on a device where the driver\nprovides only _one_ of the callbacks results in a NULL pointer\ndereference instead of an -EOPNOTSUPP.\n\nFix the condition so that the availability of both callbacks is\nensured. This also matches the netlink code.\n\nNote that reproducing this requires some effort - it only affects the\nlegacy ioctl path, and needs a specific combination of driver options:\n- have .get_coalesce() and .coalesce_supported but no\n .set_coalesce(), or\n- have .set_coalesce() but no .get_coalesce(). Here eg. ethtool doesn\u0027t\n cause the crash as it first attempts to call ethtool_get_coalesce()\n and bails out on error." } ], "providerMetadata": { "dateUpdated": "2024-11-04T12:08:09.833Z", "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux" }, "references": [ { "url": "https://git.kernel.org/stable/c/abfdd9e2f0f9699015d72317f74154d3e53664e6" }, { "url": "https://git.kernel.org/stable/c/0276af2176c78771da7f311621a25d7608045827" } ], "title": "ethtool: ioctl: fix potential NULL deref in ethtool_set_coalesce()", "x_generator": { "engine": "bippy-9e1c9544281a" } } }, "cveMetadata": { "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "assignerShortName": "Linux", "cveId": "CVE-2021-47556", "datePublished": "2024-05-24T15:09:57.983Z", "dateReserved": "2024-05-24T15:02:54.833Z", "dateUpdated": "2024-11-04T12:08:09.833Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2021-47571
Vulnerability from cvelistv5
Published
2024-05-24 15:12
Modified
2024-11-04 12:08
Severity ?
EPSS score ?
Summary
staging: rtl8192e: Fix use after free in _rtl92e_pci_disconnect()
References
{ "containers": { "adp": [ { "metrics": [ { "other": { "content": { "id": "CVE-2021-47571", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-05-24T19:15:02.697856Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-06-04T17:13:45.282Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-08-04T05:39:59.912Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/d43aecb694b10db9a4228ce2d38b5ae8de374443" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/9186680382934b0e7529d3d70dcc0a21d087683b" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/c0ef0e75a858cbd8618b473f22fbca36106dcf82" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/bca19bb2dc2d89ce60c4a4a6e59609d4cf2e13ef" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/2e1ec01af2c7139c6a600bbfaea1a018b35094b6" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/8d0163cec7de995f9eb9c3128c83fb84f0cb1c64" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/e27ee2f607fe6a9b923ef1fc65461c0613c97594" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/b535917c51acc97fb0761b1edec85f1f3d02bda4" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "Linux", "programFiles": [ "drivers/staging/rtl8192e/rtl8192e/rtl_core.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "lessThan": "d43aecb694b1", "status": "affected", "version": "66898177e7e5", "versionType": "git" }, { "lessThan": "918668038293", "status": "affected", "version": "66898177e7e5", "versionType": "git" }, { "lessThan": "c0ef0e75a858", "status": "affected", "version": "66898177e7e5", "versionType": "git" }, { "lessThan": "bca19bb2dc2d", "status": "affected", "version": "66898177e7e5", "versionType": "git" }, { "lessThan": "2e1ec01af2c7", "status": "affected", "version": "66898177e7e5", "versionType": "git" }, { "lessThan": "8d0163cec7de", "status": "affected", "version": "66898177e7e5", "versionType": "git" }, { "lessThan": "e27ee2f607fe", "status": "affected", "version": "66898177e7e5", "versionType": "git" }, { "lessThan": "b535917c51ac", "status": "affected", "version": "66898177e7e5", "versionType": "git" } ] }, { "defaultStatus": "affected", "product": "Linux", "programFiles": [ "drivers/staging/rtl8192e/rtl8192e/rtl_core.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "status": "affected", "version": "3.2" }, { "lessThan": "3.2", "status": "unaffected", "version": "0", "versionType": "semver" }, { "lessThanOrEqual": "4.4.*", "status": "unaffected", "version": "4.4.294", "versionType": "semver" }, { "lessThanOrEqual": "4.9.*", "status": "unaffected", "version": "4.9.292", "versionType": "semver" }, { "lessThanOrEqual": "4.14.*", "status": "unaffected", "version": "4.14.257", "versionType": "semver" }, { "lessThanOrEqual": "4.19.*", "status": "unaffected", "version": "4.19.219", "versionType": "semver" }, { "lessThanOrEqual": "5.4.*", "status": "unaffected", "version": "5.4.163", "versionType": "semver" }, { "lessThanOrEqual": "5.10.*", "status": "unaffected", "version": "5.10.83", "versionType": "semver" }, { "lessThanOrEqual": "5.15.*", "status": "unaffected", "version": "5.15.6", "versionType": "semver" }, { "lessThanOrEqual": "*", "status": "unaffected", "version": "5.16", "versionType": "original_commit_for_fix" } ] } ], "descriptions": [ { "lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nstaging: rtl8192e: Fix use after free in _rtl92e_pci_disconnect()\n\nThe free_rtllib() function frees the \"dev\" pointer so there is use\nafter free on the next line. Re-arrange things to avoid that." } ], "providerMetadata": { "dateUpdated": "2024-11-04T12:08:27.250Z", "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux" }, "references": [ { "url": "https://git.kernel.org/stable/c/d43aecb694b10db9a4228ce2d38b5ae8de374443" }, { "url": "https://git.kernel.org/stable/c/9186680382934b0e7529d3d70dcc0a21d087683b" }, { "url": "https://git.kernel.org/stable/c/c0ef0e75a858cbd8618b473f22fbca36106dcf82" }, { "url": "https://git.kernel.org/stable/c/bca19bb2dc2d89ce60c4a4a6e59609d4cf2e13ef" }, { "url": "https://git.kernel.org/stable/c/2e1ec01af2c7139c6a600bbfaea1a018b35094b6" }, { "url": "https://git.kernel.org/stable/c/8d0163cec7de995f9eb9c3128c83fb84f0cb1c64" }, { "url": "https://git.kernel.org/stable/c/e27ee2f607fe6a9b923ef1fc65461c0613c97594" }, { "url": "https://git.kernel.org/stable/c/b535917c51acc97fb0761b1edec85f1f3d02bda4" } ], "title": "staging: rtl8192e: Fix use after free in _rtl92e_pci_disconnect()", "x_generator": { "engine": "bippy-9e1c9544281a" } } }, "cveMetadata": { "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "assignerShortName": "Linux", "cveId": "CVE-2021-47571", "datePublished": "2024-05-24T15:12:57.732Z", "dateReserved": "2024-05-24T15:11:00.729Z", "dateUpdated": "2024-11-04T12:08:27.250Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2021-47516
Vulnerability from cvelistv5
Published
2024-05-24 15:09
Modified
2024-11-04 12:07
Severity ?
EPSS score ?
Summary
nfp: Fix memory leak in nfp_cpp_area_cache_add()
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-04T05:39:59.775Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/3e93abcdcec0436fbf0b6a88ae806902426895a2" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/eb51f639ef3fd5498b7def290ed8681b6aadd9a7" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/2e0e072e62fdaf7816220af08e05c020f0fcb77a" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/484069b5de9d223cc1c64c6f80389a99cfef51f1" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/f707820c09239d6f67699d9b2ff57863cc7905b0" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/c56c96303e9289cc34716b1179597b6f470833de" } ], "title": "CVE Program Container" }, { "metrics": [ { "other": { "content": { "id": "CVE-2021-47516", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-09-10T15:35:30.048758Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-09-11T17:32:51.440Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "Linux", "programFiles": [ "drivers/net/ethernet/netronome/nfp/nfpcore/nfp_cppcore.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "lessThan": "3e93abcdcec0", "status": "affected", "version": "4cb584e0ee7d", "versionType": "git" }, { "lessThan": "eb51f639ef3f", "status": "affected", "version": "4cb584e0ee7d", "versionType": "git" }, { "lessThan": "2e0e072e62fd", "status": "affected", "version": "4cb584e0ee7d", "versionType": "git" }, { "lessThan": "484069b5de9d", "status": "affected", "version": "4cb584e0ee7d", "versionType": "git" }, { "lessThan": "f707820c0923", "status": "affected", "version": "4cb584e0ee7d", "versionType": "git" }, { "lessThan": "c56c96303e92", "status": "affected", "version": "4cb584e0ee7d", "versionType": "git" } ] }, { "defaultStatus": "affected", "product": "Linux", "programFiles": [ "drivers/net/ethernet/netronome/nfp/nfpcore/nfp_cppcore.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "status": "affected", "version": "4.11" }, { "lessThan": "4.11", "status": "unaffected", "version": "0", "versionType": "semver" }, { "lessThanOrEqual": "4.14.*", "status": "unaffected", "version": "4.14.258", "versionType": "semver" }, { "lessThanOrEqual": "4.19.*", "status": "unaffected", "version": "4.19.221", "versionType": "semver" }, { "lessThanOrEqual": "5.4.*", "status": "unaffected", "version": "5.4.165", "versionType": "semver" }, { "lessThanOrEqual": "5.10.*", "status": "unaffected", "version": "5.10.85", "versionType": "semver" }, { "lessThanOrEqual": "5.15.*", "status": "unaffected", "version": "5.15.8", "versionType": "semver" }, { "lessThanOrEqual": "*", "status": "unaffected", "version": "5.16", "versionType": "original_commit_for_fix" } ] } ], "descriptions": [ { "lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnfp: Fix memory leak in nfp_cpp_area_cache_add()\n\nIn line 800 (#1), nfp_cpp_area_alloc() allocates and initializes a\nCPP area structure. But in line 807 (#2), when the cache is allocated\nfailed, this CPP area structure is not freed, which will result in\nmemory leak.\n\nWe can fix it by freeing the CPP area when the cache is allocated\nfailed (#2).\n\n792 int nfp_cpp_area_cache_add(struct nfp_cpp *cpp, size_t size)\n793 {\n794 \tstruct nfp_cpp_area_cache *cache;\n795 \tstruct nfp_cpp_area *area;\n\n800\tarea = nfp_cpp_area_alloc(cpp, NFP_CPP_ID(7, NFP_CPP_ACTION_RW, 0),\n801 \t\t\t\t 0, size);\n\t// #1: allocates and initializes\n\n802 \tif (!area)\n803 \t\treturn -ENOMEM;\n\n805 \tcache = kzalloc(sizeof(*cache), GFP_KERNEL);\n806 \tif (!cache)\n807 \t\treturn -ENOMEM; // #2: missing free\n\n817\treturn 0;\n818 }" } ], "providerMetadata": { "dateUpdated": "2024-11-04T12:07:26.448Z", "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux" }, "references": [ { "url": "https://git.kernel.org/stable/c/3e93abcdcec0436fbf0b6a88ae806902426895a2" }, { "url": "https://git.kernel.org/stable/c/eb51f639ef3fd5498b7def290ed8681b6aadd9a7" }, { "url": "https://git.kernel.org/stable/c/2e0e072e62fdaf7816220af08e05c020f0fcb77a" }, { "url": "https://git.kernel.org/stable/c/484069b5de9d223cc1c64c6f80389a99cfef51f1" }, { "url": "https://git.kernel.org/stable/c/f707820c09239d6f67699d9b2ff57863cc7905b0" }, { "url": "https://git.kernel.org/stable/c/c56c96303e9289cc34716b1179597b6f470833de" } ], "title": "nfp: Fix memory leak in nfp_cpp_area_cache_add()", "x_generator": { "engine": "bippy-9e1c9544281a" } } }, "cveMetadata": { "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "assignerShortName": "Linux", "cveId": "CVE-2021-47516", "datePublished": "2024-05-24T15:09:30.022Z", "dateReserved": "2024-05-24T15:02:54.824Z", "dateUpdated": "2024-11-04T12:07:26.448Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2021-47526
Vulnerability from cvelistv5
Published
2024-05-24 15:09
Modified
2024-11-04 12:07
Severity ?
EPSS score ?
Summary
serial: liteuart: Fix NULL pointer dereference in ->remove()
References
{ "containers": { "adp": [ { "metrics": [ { "other": { "content": { "id": "CVE-2021-47526", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-06-12T20:03:43.426133Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-06-12T20:04:10.423Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-08-04T05:39:59.768Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/189c99c629bbf85916c02c153f904649cc0a9d7f" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/0f55f89d98c8b3e12b4f55f71c127a173e29557c" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "Linux", "programFiles": [ "drivers/tty/serial/liteuart.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "lessThan": "189c99c629bb", "status": "affected", "version": "1da81e5562fa", "versionType": "git" }, { "lessThan": "0f55f89d98c8", "status": "affected", "version": "1da81e5562fa", "versionType": "git" } ] }, { "defaultStatus": "affected", "product": "Linux", "programFiles": [ "drivers/tty/serial/liteuart.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "status": "affected", "version": "5.11" }, { "lessThan": "5.11", "status": "unaffected", "version": "0", "versionType": "semver" }, { "lessThanOrEqual": "5.15.*", "status": "unaffected", "version": "5.15.7", "versionType": "semver" }, { "lessThanOrEqual": "*", "status": "unaffected", "version": "5.16", "versionType": "original_commit_for_fix" } ] } ], "descriptions": [ { "lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nserial: liteuart: Fix NULL pointer dereference in -\u003eremove()\n\ndrvdata has to be set in _probe() - otherwise platform_get_drvdata()\ncauses null pointer dereference BUG in _remove()." } ], "providerMetadata": { "dateUpdated": "2024-11-04T12:07:38.184Z", "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux" }, "references": [ { "url": "https://git.kernel.org/stable/c/189c99c629bbf85916c02c153f904649cc0a9d7f" }, { "url": "https://git.kernel.org/stable/c/0f55f89d98c8b3e12b4f55f71c127a173e29557c" } ], "title": "serial: liteuart: Fix NULL pointer dereference in -\u003eremove()", "x_generator": { "engine": "bippy-9e1c9544281a" } } }, "cveMetadata": { "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "assignerShortName": "Linux", "cveId": "CVE-2021-47526", "datePublished": "2024-05-24T15:09:38.024Z", "dateReserved": "2024-05-24T15:02:54.825Z", "dateUpdated": "2024-11-04T12:07:38.184Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2021-47541
Vulnerability from cvelistv5
Published
2024-05-24 15:09
Modified
2024-11-04 12:07
Severity ?
EPSS score ?
Summary
net/mlx4_en: Fix an use-after-free bug in mlx4_en_try_alloc_resources()
References
{ "containers": { "adp": [ { "metrics": [ { "other": { "content": { "id": "CVE-2021-47541", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-06-10T18:52:32.131525Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-06-10T18:52:41.480Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-08-04T05:39:59.831Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/be12572c5ddc8ad7453bada4eec8fa46967dc757" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/676dc7d9b15bf8733233a2db1ec3f9091ab34275" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/e461a9816a1ac5b4aeb61621b817225b61e46a68" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/f1d43efa59f1edd3e7eca0e94559b4c6b1cd4e2b" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/75917372eef0dbfb290ae45474314d35f97aea18" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/addad7643142f500080417dd7272f49b7a185570" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "Linux", "programFiles": [ "drivers/net/ethernet/mellanox/mlx4/en_netdev.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "lessThan": "be12572c5ddc", "status": "affected", "version": "ec25bc04ed8e", "versionType": "git" }, { "lessThan": "676dc7d9b15b", "status": "affected", "version": "ec25bc04ed8e", "versionType": "git" }, { "lessThan": "e461a9816a1a", "status": "affected", "version": "ec25bc04ed8e", "versionType": "git" }, { "lessThan": "f1d43efa59f1", "status": "affected", "version": "ec25bc04ed8e", "versionType": "git" }, { "lessThan": "75917372eef0", "status": "affected", "version": "ec25bc04ed8e", "versionType": "git" }, { "lessThan": "addad7643142", "status": "affected", "version": "ec25bc04ed8e", "versionType": "git" } ] }, { "defaultStatus": "affected", "product": "Linux", "programFiles": [ "drivers/net/ethernet/mellanox/mlx4/en_netdev.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "status": "affected", "version": "4.7" }, { "lessThan": "4.7", "status": "unaffected", "version": "0", "versionType": "semver" }, { "lessThanOrEqual": "4.14.*", "status": "unaffected", "version": "4.14.257", "versionType": "semver" }, { "lessThanOrEqual": "4.19.*", "status": "unaffected", "version": "4.19.220", "versionType": "semver" }, { "lessThanOrEqual": "5.4.*", "status": "unaffected", "version": "5.4.164", "versionType": "semver" }, { "lessThanOrEqual": "5.10.*", "status": "unaffected", "version": "5.10.84", "versionType": "semver" }, { "lessThanOrEqual": "5.15.*", "status": "unaffected", "version": "5.15.7", "versionType": "semver" }, { "lessThanOrEqual": "*", "status": "unaffected", "version": "5.16", "versionType": "original_commit_for_fix" } ] } ], "descriptions": [ { "lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/mlx4_en: Fix an use-after-free bug in mlx4_en_try_alloc_resources()\n\nIn mlx4_en_try_alloc_resources(), mlx4_en_copy_priv() is called and\ntmp-\u003etx_cq will be freed on the error path of mlx4_en_copy_priv().\nAfter that mlx4_en_alloc_resources() is called and there is a dereference\nof \u0026tmp-\u003etx_cq[t][i] in mlx4_en_alloc_resources(), which could lead to\na use after free problem on failure of mlx4_en_copy_priv().\n\nFix this bug by adding a check of mlx4_en_copy_priv()\n\nThis bug was found by a static analyzer. The analysis employs\ndifferential checking to identify inconsistent security operations\n(e.g., checks or kfrees) between two code paths and confirms that the\ninconsistent operations are not recovered in the current function or\nthe callers, so they constitute bugs.\n\nNote that, as a bug found by static analysis, it can be a false\npositive or hard to trigger. Multiple researchers have cross-reviewed\nthe bug.\n\nBuilds with CONFIG_MLX4_EN=m show no new warnings,\nand our static analyzer no longer warns about this code." } ], "providerMetadata": { "dateUpdated": "2024-11-04T12:07:55.727Z", "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux" }, "references": [ { "url": "https://git.kernel.org/stable/c/be12572c5ddc8ad7453bada4eec8fa46967dc757" }, { "url": "https://git.kernel.org/stable/c/676dc7d9b15bf8733233a2db1ec3f9091ab34275" }, { "url": "https://git.kernel.org/stable/c/e461a9816a1ac5b4aeb61621b817225b61e46a68" }, { "url": "https://git.kernel.org/stable/c/f1d43efa59f1edd3e7eca0e94559b4c6b1cd4e2b" }, { "url": "https://git.kernel.org/stable/c/75917372eef0dbfb290ae45474314d35f97aea18" }, { "url": "https://git.kernel.org/stable/c/addad7643142f500080417dd7272f49b7a185570" } ], "title": "net/mlx4_en: Fix an use-after-free bug in mlx4_en_try_alloc_resources()", "x_generator": { "engine": "bippy-9e1c9544281a" } } }, "cveMetadata": { "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "assignerShortName": "Linux", "cveId": "CVE-2021-47541", "datePublished": "2024-05-24T15:09:47.916Z", "dateReserved": "2024-05-24T15:02:54.829Z", "dateUpdated": "2024-11-04T12:07:55.727Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2021-47547
Vulnerability from cvelistv5
Published
2024-05-24 15:09
Modified
2024-11-04 18:27
Severity ?
EPSS score ?
Summary
net: tulip: de4x5: fix the problem that the array 'lp->phy[8]' may be out of bound
References
{ "containers": { "adp": [ { "metrics": [ { "cvssV3_1": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "LOW", "baseScore": 4.4, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L", "version": "3.1" } }, { "other": { "content": { "id": "CVE-2021-47547", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-05-29T16:50:18.618811Z", "version": "2.0.3" }, "type": "ssvc" } } ], "problemTypes": [ { "descriptions": [ { "description": "CWE-noinfo Not enough information", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-11-04T18:27:32.027Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-08-04T05:39:59.807Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/ec5bd0aef1cec96830d0c7e06d3597d9e786cc98" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/142ead3dc70411bd5977e8c47a6d8bf22287b3f8" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/d3dedaa5a601107cfedda087209772c76e364d58" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/2c1a6a9a011d622a7c61324a97a49801ba425eff" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/77ff166909458646e66450e42909e0adacc99049" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/f059fa40f0fcc6bc7a12e0f2a2504e9a4ff74f1f" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/12f907cb11576b8cd0b1d95a16d1f10ed5bb7237" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/61217be886b5f7402843677e4be7e7e83de9cb41" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "Linux", "programFiles": [ "drivers/net/ethernet/dec/tulip/de4x5.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "lessThan": "ec5bd0aef1ce", "status": "affected", "version": "1da177e4c3f4", "versionType": "git" }, { "lessThan": "142ead3dc704", "status": "affected", "version": "1da177e4c3f4", "versionType": "git" }, { "lessThan": "d3dedaa5a601", "status": "affected", "version": "1da177e4c3f4", "versionType": "git" }, { "lessThan": "2c1a6a9a011d", "status": "affected", "version": "1da177e4c3f4", "versionType": "git" }, { "lessThan": "77ff16690945", "status": "affected", "version": "1da177e4c3f4", "versionType": "git" }, { "lessThan": "f059fa40f0fc", "status": "affected", "version": "1da177e4c3f4", "versionType": "git" }, { "lessThan": "12f907cb1157", "status": "affected", "version": "1da177e4c3f4", "versionType": "git" }, { "lessThan": "61217be886b5", "status": "affected", "version": "1da177e4c3f4", "versionType": "git" } ] }, { "defaultStatus": "affected", "product": "Linux", "programFiles": [ "drivers/net/ethernet/dec/tulip/de4x5.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "lessThanOrEqual": "4.4.*", "status": "unaffected", "version": "4.4.294", "versionType": "semver" }, { "lessThanOrEqual": "4.9.*", "status": "unaffected", "version": "4.9.292", "versionType": "semver" }, { "lessThanOrEqual": "4.14.*", "status": "unaffected", "version": "4.14.257", "versionType": "semver" }, { "lessThanOrEqual": "4.19.*", "status": "unaffected", "version": "4.19.220", "versionType": "semver" }, { "lessThanOrEqual": "5.4.*", "status": "unaffected", "version": "5.4.164", "versionType": "semver" }, { "lessThanOrEqual": "5.10.*", "status": "unaffected", "version": "5.10.84", "versionType": "semver" }, { "lessThanOrEqual": "5.15.*", "status": "unaffected", "version": "5.15.7", "versionType": "semver" }, { "lessThanOrEqual": "*", "status": "unaffected", "version": "5.16", "versionType": "original_commit_for_fix" } ] } ], "descriptions": [ { "lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: tulip: de4x5: fix the problem that the array \u0027lp-\u003ephy[8]\u0027 may be out of bound\n\nIn line 5001, if all id in the array \u0027lp-\u003ephy[8]\u0027 is not 0, when the\n\u0027for\u0027 end, the \u0027k\u0027 is 8.\n\nAt this time, the array \u0027lp-\u003ephy[8]\u0027 may be out of bound." } ], "providerMetadata": { "dateUpdated": "2024-11-04T12:08:00.395Z", "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux" }, "references": [ { "url": "https://git.kernel.org/stable/c/ec5bd0aef1cec96830d0c7e06d3597d9e786cc98" }, { "url": "https://git.kernel.org/stable/c/142ead3dc70411bd5977e8c47a6d8bf22287b3f8" }, { "url": "https://git.kernel.org/stable/c/d3dedaa5a601107cfedda087209772c76e364d58" }, { "url": "https://git.kernel.org/stable/c/2c1a6a9a011d622a7c61324a97a49801ba425eff" }, { "url": "https://git.kernel.org/stable/c/77ff166909458646e66450e42909e0adacc99049" }, { "url": "https://git.kernel.org/stable/c/f059fa40f0fcc6bc7a12e0f2a2504e9a4ff74f1f" }, { "url": "https://git.kernel.org/stable/c/12f907cb11576b8cd0b1d95a16d1f10ed5bb7237" }, { "url": "https://git.kernel.org/stable/c/61217be886b5f7402843677e4be7e7e83de9cb41" } ], "title": "net: tulip: de4x5: fix the problem that the array \u0027lp-\u003ephy[8]\u0027 may be out of bound", "x_generator": { "engine": "bippy-9e1c9544281a" } } }, "cveMetadata": { "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "assignerShortName": "Linux", "cveId": "CVE-2021-47547", "datePublished": "2024-05-24T15:09:51.940Z", "dateReserved": "2024-05-24T15:02:54.829Z", "dateUpdated": "2024-11-04T18:27:32.027Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2021-47551
Vulnerability from cvelistv5
Published
2024-05-24 15:09
Modified
2024-11-04 17:34
Severity ?
EPSS score ?
Summary
drm/amd/amdkfd: Fix kernel panic when reset failed and been triggered again
References
{ "containers": { "adp": [ { "affected": [ { "cpes": [ "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "linux_kernel", "vendor": "linux", "versions": [ { "lessThanOrEqual": "5.16", "status": "unaffected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:linux:linux_kernel:5.10.84:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "linux_kernel", "vendor": "linux", "versions": [ { "lessThanOrEqual": "5.10.84", "status": "unaffected", "version": "0", "versionType": "custom" } ] } ], "metrics": [ { "cvssV3_1": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H", "version": "3.1" } }, { "other": { "content": { "id": "CVE-2021-47551", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-05-28T15:41:59.377852Z", "version": "2.0.3" }, "type": "ssvc" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-770", "description": "CWE-770 Allocation of Resources Without Limits or Throttling", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-11-04T17:34:00.605Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-08-04T05:39:59.853Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/74aafe99efb68f15e50be9f7032c2168512f98a8" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/06c6f8f86ec243b89e52f0c3dc7062bcb9de74df" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/2cf49e00d40d5132e3d067b5aa6d84791929ab15" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "Linux", "programFiles": [ "drivers/gpu/drm/amd/amdkfd/kfd_device_queue_manager.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "lessThan": "74aafe99efb6", "status": "affected", "version": "1da177e4c3f4", "versionType": "git" }, { "lessThan": "06c6f8f86ec2", "status": "affected", "version": "1da177e4c3f4", "versionType": "git" }, { "lessThan": "2cf49e00d40d", "status": "affected", "version": "1da177e4c3f4", "versionType": "git" } ] }, { "defaultStatus": "affected", "product": "Linux", "programFiles": [ "drivers/gpu/drm/amd/amdkfd/kfd_device_queue_manager.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "lessThanOrEqual": "5.10.*", "status": "unaffected", "version": "5.10.84", "versionType": "semver" }, { "lessThanOrEqual": "5.15.*", "status": "unaffected", "version": "5.15.7", "versionType": "semver" }, { "lessThanOrEqual": "*", "status": "unaffected", "version": "5.16", "versionType": "original_commit_for_fix" } ] } ], "descriptions": [ { "lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd/amdkfd: Fix kernel panic when reset failed and been triggered again\n\nIn SRIOV configuration, the reset may failed to bring asic back to normal but stop cpsch\nalready been called, the start_cpsch will not be called since there is no resume in this\ncase. When reset been triggered again, driver should avoid to do uninitialization again." } ], "providerMetadata": { "dateUpdated": "2024-11-04T12:08:05.097Z", "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux" }, "references": [ { "url": "https://git.kernel.org/stable/c/74aafe99efb68f15e50be9f7032c2168512f98a8" }, { "url": "https://git.kernel.org/stable/c/06c6f8f86ec243b89e52f0c3dc7062bcb9de74df" }, { "url": "https://git.kernel.org/stable/c/2cf49e00d40d5132e3d067b5aa6d84791929ab15" } ], "title": "drm/amd/amdkfd: Fix kernel panic when reset failed and been triggered again", "x_generator": { "engine": "bippy-9e1c9544281a" } } }, "cveMetadata": { "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "assignerShortName": "Linux", "cveId": "CVE-2021-47551", "datePublished": "2024-05-24T15:09:54.635Z", "dateReserved": "2024-05-24T15:02:54.832Z", "dateUpdated": "2024-11-04T17:34:00.605Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2021-47522
Vulnerability from cvelistv5
Published
2024-05-24 15:09
Modified
2024-11-04 12:07
Severity ?
EPSS score ?
Summary
HID: bigbenff: prevent null pointer dereference
References
{ "containers": { "adp": [ { "metrics": [ { "other": { "content": { "id": "CVE-2021-47522", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-05-28T15:21:40.399716Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-06-04T17:14:47.355Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-08-04T05:39:59.612Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/8e0ceff632f48175ec7fb4706129c55ca8a7c7bd" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/6272b17001e6fdcf7b4a16206287010a1523fa6e" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/58f15f5ae7786c824868f3a7e093859b74669ce7" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/918aa1ef104d286d16b9e7ef139a463ac7a296f0" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "Linux", "programFiles": [ "drivers/hid/hid-bigbenff.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "lessThan": "8e0ceff632f4", "status": "affected", "version": "1da177e4c3f4", "versionType": "git" }, { "lessThan": "6272b17001e6", "status": "affected", "version": "1da177e4c3f4", "versionType": "git" }, { "lessThan": "58f15f5ae778", "status": "affected", "version": "1da177e4c3f4", "versionType": "git" }, { "lessThan": "918aa1ef104d", "status": "affected", "version": "1da177e4c3f4", "versionType": "git" } ] }, { "defaultStatus": "affected", "product": "Linux", "programFiles": [ "drivers/hid/hid-bigbenff.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "lessThanOrEqual": "5.4.*", "status": "unaffected", "version": "5.4.165", "versionType": "semver" }, { "lessThanOrEqual": "5.10.*", "status": "unaffected", "version": "5.10.85", "versionType": "semver" }, { "lessThanOrEqual": "5.15.*", "status": "unaffected", "version": "5.15.8", "versionType": "semver" }, { "lessThanOrEqual": "*", "status": "unaffected", "version": "5.16", "versionType": "original_commit_for_fix" } ] } ], "descriptions": [ { "lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nHID: bigbenff: prevent null pointer dereference\n\nWhen emulating the device through uhid, there is a chance we don\u0027t have\noutput reports and so report_field is null." } ], "providerMetadata": { "dateUpdated": "2024-11-04T12:07:33.619Z", "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux" }, "references": [ { "url": "https://git.kernel.org/stable/c/8e0ceff632f48175ec7fb4706129c55ca8a7c7bd" }, { "url": "https://git.kernel.org/stable/c/6272b17001e6fdcf7b4a16206287010a1523fa6e" }, { "url": "https://git.kernel.org/stable/c/58f15f5ae7786c824868f3a7e093859b74669ce7" }, { "url": "https://git.kernel.org/stable/c/918aa1ef104d286d16b9e7ef139a463ac7a296f0" } ], "title": "HID: bigbenff: prevent null pointer dereference", "x_generator": { "engine": "bippy-9e1c9544281a" } } }, "cveMetadata": { "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "assignerShortName": "Linux", "cveId": "CVE-2021-47522", "datePublished": "2024-05-24T15:09:35.118Z", "dateReserved": "2024-05-24T15:02:54.825Z", "dateUpdated": "2024-11-04T12:07:33.619Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2021-47565
Vulnerability from cvelistv5
Published
2024-05-24 15:12
Modified
2024-11-04 12:08
Severity ?
EPSS score ?
Summary
scsi: mpt3sas: Fix kernel panic during drive powercycle test
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-04T05:39:59.770Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/5d4d50b1f159a5ebab7617f47121b4370aa58afe" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/58ef2c7a6de13721865d84b80eecf56d6cba0937" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/dd035ca0e7a142870a970d46b1d19276cfe2bc8c" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/0d4b29eaadc1f59cec0c7e85eae77d08fcca9824" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/7e324f734a914957b8cc3ff4b4c9f0409558adb5" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/2bf9c5a5039c8f4b037236aed505e6a25c1d5f7b" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/8485649a7655e791a6e4e9f15b4d30fdae937184" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/0ee4ba13e09c9d9c1cb6abb59da8295d9952328b" } ], "title": "CVE Program Container" }, { "metrics": [ { "other": { "content": { "id": "CVE-2021-47565", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-09-10T15:35:14.174817Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-09-11T17:33:20.028Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "Linux", "programFiles": [ "drivers/scsi/mpt3sas/mpt3sas_scsih.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "lessThan": "5d4d50b1f159", "status": "affected", "version": "f92363d12359", "versionType": "git" }, { "lessThan": "58ef2c7a6de1", "status": "affected", "version": "f92363d12359", "versionType": "git" }, { "lessThan": "dd035ca0e7a1", "status": "affected", "version": "f92363d12359", "versionType": "git" }, { "lessThan": "0d4b29eaadc1", "status": "affected", "version": "f92363d12359", "versionType": "git" }, { "lessThan": "7e324f734a91", "status": "affected", "version": "f92363d12359", "versionType": "git" }, { "lessThan": "2bf9c5a5039c", "status": "affected", "version": "f92363d12359", "versionType": "git" }, { "lessThan": "8485649a7655", "status": "affected", "version": "f92363d12359", "versionType": "git" }, { "lessThan": "0ee4ba13e09c", "status": "affected", "version": "f92363d12359", "versionType": "git" } ] }, { "defaultStatus": "affected", "product": "Linux", "programFiles": [ "drivers/scsi/mpt3sas/mpt3sas_scsih.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "status": "affected", "version": "3.8" }, { "lessThan": "3.8", "status": "unaffected", "version": "0", "versionType": "semver" }, { "lessThanOrEqual": "4.4.*", "status": "unaffected", "version": "4.4.294", "versionType": "semver" }, { "lessThanOrEqual": "4.9.*", "status": "unaffected", "version": "4.9.292", "versionType": "semver" }, { "lessThanOrEqual": "4.14.*", "status": "unaffected", "version": "4.14.257", "versionType": "semver" }, { "lessThanOrEqual": "4.19.*", "status": "unaffected", "version": "4.19.219", "versionType": "semver" }, { "lessThanOrEqual": "5.4.*", "status": "unaffected", "version": "5.4.163", "versionType": "semver" }, { "lessThanOrEqual": "5.10.*", "status": "unaffected", "version": "5.10.83", "versionType": "semver" }, { "lessThanOrEqual": "5.15.*", "status": "unaffected", "version": "5.15.6", "versionType": "semver" }, { "lessThanOrEqual": "*", "status": "unaffected", "version": "5.16", "versionType": "original_commit_for_fix" } ] } ], "descriptions": [ { "lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: mpt3sas: Fix kernel panic during drive powercycle test\n\nWhile looping over shost\u0027s sdev list it is possible that one\nof the drives is getting removed and its sas_target object is\nfreed but its sdev object remains intact.\n\nConsequently, a kernel panic can occur while the driver is trying to access\nthe sas_address field of sas_target object without also checking the\nsas_target object for NULL." } ], "providerMetadata": { "dateUpdated": "2024-11-04T12:08:20.325Z", "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux" }, "references": [ { "url": "https://git.kernel.org/stable/c/5d4d50b1f159a5ebab7617f47121b4370aa58afe" }, { "url": "https://git.kernel.org/stable/c/58ef2c7a6de13721865d84b80eecf56d6cba0937" }, { "url": "https://git.kernel.org/stable/c/dd035ca0e7a142870a970d46b1d19276cfe2bc8c" }, { "url": "https://git.kernel.org/stable/c/0d4b29eaadc1f59cec0c7e85eae77d08fcca9824" }, { "url": "https://git.kernel.org/stable/c/7e324f734a914957b8cc3ff4b4c9f0409558adb5" }, { "url": "https://git.kernel.org/stable/c/2bf9c5a5039c8f4b037236aed505e6a25c1d5f7b" }, { "url": "https://git.kernel.org/stable/c/8485649a7655e791a6e4e9f15b4d30fdae937184" }, { "url": "https://git.kernel.org/stable/c/0ee4ba13e09c9d9c1cb6abb59da8295d9952328b" } ], "title": "scsi: mpt3sas: Fix kernel panic during drive powercycle test", "x_generator": { "engine": "bippy-9e1c9544281a" } } }, "cveMetadata": { "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "assignerShortName": "Linux", "cveId": "CVE-2021-47565", "datePublished": "2024-05-24T15:12:52.786Z", "dateReserved": "2024-05-24T15:11:00.728Z", "dateUpdated": "2024-11-04T12:08:20.325Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2021-47518
Vulnerability from cvelistv5
Published
2024-05-24 15:09
Modified
2024-11-04 12:07
Severity ?
EPSS score ?
Summary
nfc: fix potential NULL pointer deref in nfc_genl_dump_ses_done
References
{ "containers": { "adp": [ { "metrics": [ { "other": { "content": { "id": "CVE-2021-47518", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-06-17T17:36:30.333493Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-06-17T17:36:34.295Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-08-04T05:39:59.765Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/87cdb8789c38e44ae5454aafe277997c950d00ed" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/69bb79a8f5bb9f436b6f1434ca9742591b7bbe18" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/811a7576747760bcaf60502f096d1e6e91d566fa" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/3b861a40325eac9c4c13b6c53874ad90617e944d" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/48fcd08fdbe05e35b650a252ec2a2d96057a1c7a" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/83ea620a1be840bf05089a5061fb8323ca42f38c" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/fae9705d281091254d4a81fa2da9d22346097dca" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/4cd8371a234d051f9c9557fcbb1f8c523b1c0d10" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "Linux", "programFiles": [ "net/nfc/netlink.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "lessThan": "87cdb8789c38", "status": "affected", "version": "ac22ac466a65", "versionType": "git" }, { "lessThan": "69bb79a8f5bb", "status": "affected", "version": "ac22ac466a65", "versionType": "git" }, { "lessThan": "811a75767477", "status": "affected", "version": "ac22ac466a65", "versionType": "git" }, { "lessThan": "3b861a40325e", "status": "affected", "version": "ac22ac466a65", "versionType": "git" }, { "lessThan": "48fcd08fdbe0", "status": "affected", "version": "ac22ac466a65", "versionType": "git" }, { "lessThan": "83ea620a1be8", "status": "affected", "version": "ac22ac466a65", "versionType": "git" }, { "lessThan": "fae9705d2810", "status": "affected", "version": "ac22ac466a65", "versionType": "git" }, { "lessThan": "4cd8371a234d", "status": "affected", "version": "ac22ac466a65", "versionType": "git" } ] }, { "defaultStatus": "affected", "product": "Linux", "programFiles": [ "net/nfc/netlink.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "status": "affected", "version": "3.12" }, { "lessThan": "3.12", "status": "unaffected", "version": "0", "versionType": "semver" }, { "lessThanOrEqual": "4.4.*", "status": "unaffected", "version": "4.4.295", "versionType": "semver" }, { "lessThanOrEqual": "4.9.*", "status": "unaffected", "version": "4.9.293", "versionType": "semver" }, { "lessThanOrEqual": "4.14.*", "status": "unaffected", "version": "4.14.258", "versionType": "semver" }, { "lessThanOrEqual": "4.19.*", "status": "unaffected", "version": "4.19.221", "versionType": "semver" }, { "lessThanOrEqual": "5.4.*", "status": "unaffected", "version": "5.4.165", "versionType": "semver" }, { "lessThanOrEqual": "5.10.*", "status": "unaffected", "version": "5.10.85", "versionType": "semver" }, { "lessThanOrEqual": "5.15.*", "status": "unaffected", "version": "5.15.8", "versionType": "semver" }, { "lessThanOrEqual": "*", "status": "unaffected", "version": "5.16", "versionType": "original_commit_for_fix" } ] } ], "descriptions": [ { "lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnfc: fix potential NULL pointer deref in nfc_genl_dump_ses_done\n\nThe done() netlink callback nfc_genl_dump_ses_done() should check if\nreceived argument is non-NULL, because its allocation could fail earlier\nin dumpit() (nfc_genl_dump_ses())." } ], "providerMetadata": { "dateUpdated": "2024-11-04T12:07:28.757Z", "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux" }, "references": [ { "url": "https://git.kernel.org/stable/c/87cdb8789c38e44ae5454aafe277997c950d00ed" }, { "url": "https://git.kernel.org/stable/c/69bb79a8f5bb9f436b6f1434ca9742591b7bbe18" }, { "url": "https://git.kernel.org/stable/c/811a7576747760bcaf60502f096d1e6e91d566fa" }, { "url": "https://git.kernel.org/stable/c/3b861a40325eac9c4c13b6c53874ad90617e944d" }, { "url": "https://git.kernel.org/stable/c/48fcd08fdbe05e35b650a252ec2a2d96057a1c7a" }, { "url": "https://git.kernel.org/stable/c/83ea620a1be840bf05089a5061fb8323ca42f38c" }, { "url": "https://git.kernel.org/stable/c/fae9705d281091254d4a81fa2da9d22346097dca" }, { "url": "https://git.kernel.org/stable/c/4cd8371a234d051f9c9557fcbb1f8c523b1c0d10" } ], "title": "nfc: fix potential NULL pointer deref in nfc_genl_dump_ses_done", "x_generator": { "engine": "bippy-9e1c9544281a" } } }, "cveMetadata": { "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "assignerShortName": "Linux", "cveId": "CVE-2021-47518", "datePublished": "2024-05-24T15:09:31.334Z", "dateReserved": "2024-05-24T15:02:54.824Z", "dateUpdated": "2024-11-04T12:07:28.757Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2021-47513
Vulnerability from cvelistv5
Published
2024-05-24 15:09
Modified
2024-11-04 12:07
Severity ?
EPSS score ?
Summary
net: dsa: felix: Fix memory leak in felix_setup_mmio_filtering
References
{ "containers": { "adp": [ { "metrics": [ { "other": { "content": { "id": "CVE-2021-47513", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-06-14T18:36:49.820029Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-06-14T18:37:04.647Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-08-04T05:39:59.788Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/973a0373e88cc19129bd6ef0ec193040535397d9" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/e8b1d7698038e76363859fb47ae0a262080646f5" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "Linux", "programFiles": [ "drivers/net/dsa/ocelot/felix.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "lessThan": "973a0373e88c", "status": "affected", "version": "8d5f7954b7c8", "versionType": "git" }, { "lessThan": "e8b1d7698038", "status": "affected", "version": "8d5f7954b7c8", "versionType": "git" } ] }, { "defaultStatus": "affected", "product": "Linux", "programFiles": [ "drivers/net/dsa/ocelot/felix.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "status": "affected", "version": "5.15" }, { "lessThan": "5.15", "status": "unaffected", "version": "0", "versionType": "semver" }, { "lessThanOrEqual": "5.15.*", "status": "unaffected", "version": "5.15.8", "versionType": "semver" }, { "lessThanOrEqual": "*", "status": "unaffected", "version": "5.16", "versionType": "original_commit_for_fix" } ] } ], "descriptions": [ { "lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: dsa: felix: Fix memory leak in felix_setup_mmio_filtering\n\nAvoid a memory leak if there is not a CPU port defined.\n\nAddresses-Coverity-ID: 1492897 (\"Resource leak\")\nAddresses-Coverity-ID: 1492899 (\"Resource leak\")" } ], "providerMetadata": { "dateUpdated": "2024-11-04T12:07:22.942Z", "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux" }, "references": [ { "url": "https://git.kernel.org/stable/c/973a0373e88cc19129bd6ef0ec193040535397d9" }, { "url": "https://git.kernel.org/stable/c/e8b1d7698038e76363859fb47ae0a262080646f5" } ], "title": "net: dsa: felix: Fix memory leak in felix_setup_mmio_filtering", "x_generator": { "engine": "bippy-9e1c9544281a" } } }, "cveMetadata": { "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "assignerShortName": "Linux", "cveId": "CVE-2021-47513", "datePublished": "2024-05-24T15:09:28.028Z", "dateReserved": "2024-05-24T15:02:54.824Z", "dateUpdated": "2024-11-04T12:07:22.942Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2021-47515
Vulnerability from cvelistv5
Published
2024-05-24 15:09
Modified
2024-11-04 12:07
Severity ?
EPSS score ?
Summary
seg6: fix the iif in the IPv6 socket control block
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-04T05:39:59.755Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/b16d412e5f79734033df04e97d7ea2f50a8e9fe3" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/6431e71093f3da586a00c6d931481ffb0dc2db0e" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/ef8804e47c0a44ae106ead1740408af5ea6c6ee9" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/666521b3852d2b2f52d570f9122b1e4b50d96831" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/98adb2bbfa407c9290bda299d4c6f7a1c4ebd5e1" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/ae68d93354e5bf5191ee673982251864ea24dd5c" } ], "title": "CVE Program Container" }, { "metrics": [ { "other": { "content": { "id": "CVE-2021-47515", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-09-10T15:35:33.340330Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-09-11T17:32:52.378Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "Linux", "programFiles": [ "net/ipv6/seg6_iptunnel.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "lessThan": "b16d412e5f79", "status": "affected", "version": "c630ec8bdada", "versionType": "git" }, { "lessThan": "6431e71093f3", "status": "affected", "version": "2f704348c93f", "versionType": "git" }, { "lessThan": "ef8804e47c0a", "status": "affected", "version": "ef489749aae5", "versionType": "git" }, { "lessThan": "666521b3852d", "status": "affected", "version": "ef489749aae5", "versionType": "git" }, { "lessThan": "98adb2bbfa40", "status": "affected", "version": "ef489749aae5", "versionType": "git" }, { "lessThan": "ae68d93354e5", "status": "affected", "version": "ef489749aae5", "versionType": "git" } ] }, { "defaultStatus": "affected", "product": "Linux", "programFiles": [ "net/ipv6/seg6_iptunnel.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "status": "affected", "version": "5.0" }, { "lessThan": "5.0", "status": "unaffected", "version": "0", "versionType": "semver" }, { "lessThanOrEqual": "4.14.*", "status": "unaffected", "version": "4.14.258", "versionType": "semver" }, { "lessThanOrEqual": "4.19.*", "status": "unaffected", "version": "4.19.221", "versionType": "semver" }, { "lessThanOrEqual": "5.4.*", "status": "unaffected", "version": "5.4.165", "versionType": "semver" }, { "lessThanOrEqual": "5.10.*", "status": "unaffected", "version": "5.10.85", "versionType": "semver" }, { "lessThanOrEqual": "5.15.*", "status": "unaffected", "version": "5.15.8", "versionType": "semver" }, { "lessThanOrEqual": "*", "status": "unaffected", "version": "5.16", "versionType": "original_commit_for_fix" } ] } ], "descriptions": [ { "lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nseg6: fix the iif in the IPv6 socket control block\n\nWhen an IPv4 packet is received, the ip_rcv_core(...) sets the receiving\ninterface index into the IPv4 socket control block (v5.16-rc4,\nnet/ipv4/ip_input.c line 510):\n\n IPCB(skb)-\u003eiif = skb-\u003eskb_iif;\n\nIf that IPv4 packet is meant to be encapsulated in an outer IPv6+SRH\nheader, the seg6_do_srh_encap(...) performs the required encapsulation.\nIn this case, the seg6_do_srh_encap function clears the IPv6 socket control\nblock (v5.16-rc4 net/ipv6/seg6_iptunnel.c line 163):\n\n memset(IP6CB(skb), 0, sizeof(*IP6CB(skb)));\n\nThe memset(...) was introduced in commit ef489749aae5 (\"ipv6: sr: clear\nIP6CB(skb) on SRH ip4ip6 encapsulation\") a long time ago (2019-01-29).\n\nSince the IPv6 socket control block and the IPv4 socket control block share\nthe same memory area (skb-\u003ecb), the receiving interface index info is lost\n(IP6CB(skb)-\u003eiif is set to zero).\n\nAs a side effect, that condition triggers a NULL pointer dereference if\ncommit 0857d6f8c759 (\"ipv6: When forwarding count rx stats on the orig\nnetdev\") is applied.\n\nTo fix that issue, we set the IP6CB(skb)-\u003eiif with the index of the\nreceiving interface once again." } ], "providerMetadata": { "dateUpdated": "2024-11-04T12:07:25.308Z", "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux" }, "references": [ { "url": "https://git.kernel.org/stable/c/b16d412e5f79734033df04e97d7ea2f50a8e9fe3" }, { "url": "https://git.kernel.org/stable/c/6431e71093f3da586a00c6d931481ffb0dc2db0e" }, { "url": "https://git.kernel.org/stable/c/ef8804e47c0a44ae106ead1740408af5ea6c6ee9" }, { "url": "https://git.kernel.org/stable/c/666521b3852d2b2f52d570f9122b1e4b50d96831" }, { "url": "https://git.kernel.org/stable/c/98adb2bbfa407c9290bda299d4c6f7a1c4ebd5e1" }, { "url": "https://git.kernel.org/stable/c/ae68d93354e5bf5191ee673982251864ea24dd5c" } ], "title": "seg6: fix the iif in the IPv6 socket control block", "x_generator": { "engine": "bippy-9e1c9544281a" } } }, "cveMetadata": { "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "assignerShortName": "Linux", "cveId": "CVE-2021-47515", "datePublished": "2024-05-24T15:09:29.334Z", "dateReserved": "2024-05-24T15:02:54.824Z", "dateUpdated": "2024-11-04T12:07:25.308Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2021-47517
Vulnerability from cvelistv5
Published
2024-05-24 15:09
Modified
2024-11-04 12:07
Severity ?
EPSS score ?
Summary
ethtool: do not perform operations on net devices being unregistered
References
{ "containers": { "adp": [ { "metrics": [ { "other": { "content": { "id": "CVE-2021-47517", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-05-24T19:18:28.551288Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-06-04T17:13:57.373Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-08-04T05:39:59.610Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/7c26da3be1e9843a15b5318f90db8a564479d2ac" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/cfd719f04267108f5f5bf802b9d7de69e99a99f9" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/dde91ccfa25fd58f64c397d91b81a4b393100ffa" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "Linux", "programFiles": [ "net/ethtool/netlink.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "lessThan": "7c26da3be1e9", "status": "affected", "version": "041b1c5d4a53", "versionType": "git" }, { "lessThan": "cfd719f04267", "status": "affected", "version": "041b1c5d4a53", "versionType": "git" }, { "lessThan": "dde91ccfa25f", "status": "affected", "version": "041b1c5d4a53", "versionType": "git" } ] }, { "defaultStatus": "affected", "product": "Linux", "programFiles": [ "net/ethtool/netlink.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "status": "affected", "version": "5.6" }, { "lessThan": "5.6", "status": "unaffected", "version": "0", "versionType": "semver" }, { "lessThanOrEqual": "5.10.*", "status": "unaffected", "version": "5.10.87", "versionType": "semver" }, { "lessThanOrEqual": "5.15.*", "status": "unaffected", "version": "5.15.8", "versionType": "semver" }, { "lessThanOrEqual": "*", "status": "unaffected", "version": "5.16", "versionType": "original_commit_for_fix" } ] } ], "descriptions": [ { "lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nethtool: do not perform operations on net devices being unregistered\n\nThere is a short period between a net device starts to be unregistered\nand when it is actually gone. In that time frame ethtool operations\ncould still be performed, which might end up in unwanted or undefined\nbehaviours[1].\n\nDo not allow ethtool operations after a net device starts its\nunregistration. This patch targets the netlink part as the ioctl one\nisn\u0027t affected: the reference to the net device is taken and the\noperation is executed within an rtnl lock section and the net device\nwon\u0027t be found after unregister.\n\n[1] For example adding Tx queues after unregister ends up in NULL\n pointer exceptions and UaFs, such as:\n\n BUG: KASAN: use-after-free in kobject_get+0x14/0x90\n Read of size 1 at addr ffff88801961248c by task ethtool/755\n\n CPU: 0 PID: 755 Comm: ethtool Not tainted 5.15.0-rc6+ #778\n Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.14.0-4.fc34 04/014\n Call Trace:\n dump_stack_lvl+0x57/0x72\n print_address_description.constprop.0+0x1f/0x140\n kasan_report.cold+0x7f/0x11b\n kobject_get+0x14/0x90\n kobject_add_internal+0x3d1/0x450\n kobject_init_and_add+0xba/0xf0\n netdev_queue_update_kobjects+0xcf/0x200\n netif_set_real_num_tx_queues+0xb4/0x310\n veth_set_channels+0x1c3/0x550\n ethnl_set_channels+0x524/0x610" } ], "providerMetadata": { "dateUpdated": "2024-11-04T12:07:27.596Z", "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux" }, "references": [ { "url": "https://git.kernel.org/stable/c/7c26da3be1e9843a15b5318f90db8a564479d2ac" }, { "url": "https://git.kernel.org/stable/c/cfd719f04267108f5f5bf802b9d7de69e99a99f9" }, { "url": "https://git.kernel.org/stable/c/dde91ccfa25fd58f64c397d91b81a4b393100ffa" } ], "title": "ethtool: do not perform operations on net devices being unregistered", "x_generator": { "engine": "bippy-9e1c9544281a" } } }, "cveMetadata": { "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "assignerShortName": "Linux", "cveId": "CVE-2021-47517", "datePublished": "2024-05-24T15:09:30.675Z", "dateReserved": "2024-05-24T15:02:54.824Z", "dateUpdated": "2024-11-04T12:07:27.596Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2021-47560
Vulnerability from cvelistv5
Published
2024-05-24 15:12
Modified
2024-11-04 12:08
Severity ?
EPSS score ?
Summary
mlxsw: spectrum: Protect driver from buggy firmware
References
{ "containers": { "adp": [ { "metrics": [ { "other": { "content": { "id": "CVE-2021-47560", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-05-24T19:11:25.762617Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-06-04T17:14:04.132Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-08-04T05:39:59.814Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/90d0736876c50ecde1a3275636a06b9ddb1cace9" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/da4d70199e5d82da664a80077508d6c18f5e76df" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/63b08b1f6834bbb0b4f7783bf63b80c8c8e9a047" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "Linux", "programFiles": [ "drivers/net/ethernet/mellanox/mlxsw/spectrum.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "lessThan": "90d0736876c5", "status": "affected", "version": "28b1987ef506", "versionType": "git" }, { "lessThan": "da4d70199e5d", "status": "affected", "version": "28b1987ef506", "versionType": "git" }, { "lessThan": "63b08b1f6834", "status": "affected", "version": "28b1987ef506", "versionType": "git" } ] }, { "defaultStatus": "affected", "product": "Linux", "programFiles": [ "drivers/net/ethernet/mellanox/mlxsw/spectrum.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "status": "affected", "version": "5.4" }, { "lessThan": "5.4", "status": "unaffected", "version": "0", "versionType": "semver" }, { "lessThanOrEqual": "5.10.*", "status": "unaffected", "version": "5.10.83", "versionType": "semver" }, { "lessThanOrEqual": "5.15.*", "status": "unaffected", "version": "5.15.6", "versionType": "semver" }, { "lessThanOrEqual": "*", "status": "unaffected", "version": "5.16", "versionType": "original_commit_for_fix" } ] } ], "descriptions": [ { "lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nmlxsw: spectrum: Protect driver from buggy firmware\n\nWhen processing port up/down events generated by the device\u0027s firmware,\nthe driver protects itself from events reported for non-existent local\nports, but not the CPU port (local port 0), which exists, but lacks a\nnetdev.\n\nThis can result in a NULL pointer dereference when calling\nnetif_carrier_{on,off}().\n\nFix this by bailing early when processing an event reported for the CPU\nport. Problem was only observed when running on top of a buggy emulator." } ], "providerMetadata": { "dateUpdated": "2024-11-04T12:08:14.508Z", "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux" }, "references": [ { "url": "https://git.kernel.org/stable/c/90d0736876c50ecde1a3275636a06b9ddb1cace9" }, { "url": "https://git.kernel.org/stable/c/da4d70199e5d82da664a80077508d6c18f5e76df" }, { "url": "https://git.kernel.org/stable/c/63b08b1f6834bbb0b4f7783bf63b80c8c8e9a047" } ], "title": "mlxsw: spectrum: Protect driver from buggy firmware", "x_generator": { "engine": "bippy-9e1c9544281a" } } }, "cveMetadata": { "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "assignerShortName": "Linux", "cveId": "CVE-2021-47560", "datePublished": "2024-05-24T15:12:49.369Z", "dateReserved": "2024-05-24T15:11:00.727Z", "dateUpdated": "2024-11-04T12:08:14.508Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2021-47563
Vulnerability from cvelistv5
Published
2024-05-24 15:12
Modified
2024-11-05 16:52
Severity ?
EPSS score ?
Summary
ice: avoid bpf_prog refcount underflow
References
{ "containers": { "adp": [ { "metrics": [ { "cvssV3_1": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" } }, { "other": { "content": { "id": "CVE-2021-47563", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-05-29T16:50:07.805074Z", "version": "2.0.3" }, "type": "ssvc" } } ], "problemTypes": [ { "descriptions": [ { "description": "CWE-noinfo Not enough information", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-11-05T16:52:12.886Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-08-04T05:39:59.865Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/e65a8707b4cd756d26d246bb2b9fab06eebafac1" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/1f10b09ccc832698ef4624a6ab9a213b6ccbda76" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/f65ee535df775a13a1046c0a0b2d72db342f8a5b" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "Linux", "programFiles": [ "drivers/net/ethernet/intel/ice/ice_main.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "lessThan": "e65a8707b4cd", "status": "affected", "version": "efc2214b6047", "versionType": "git" }, { "lessThan": "1f10b09ccc83", "status": "affected", "version": "efc2214b6047", "versionType": "git" }, { "lessThan": "f65ee535df77", "status": "affected", "version": "efc2214b6047", "versionType": "git" } ] }, { "defaultStatus": "affected", "product": "Linux", "programFiles": [ "drivers/net/ethernet/intel/ice/ice_main.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "status": "affected", "version": "5.5" }, { "lessThan": "5.5", "status": "unaffected", "version": "0", "versionType": "semver" }, { "lessThanOrEqual": "5.10.*", "status": "unaffected", "version": "5.10.83", "versionType": "semver" }, { "lessThanOrEqual": "5.15.*", "status": "unaffected", "version": "5.15.6", "versionType": "semver" }, { "lessThanOrEqual": "*", "status": "unaffected", "version": "5.16", "versionType": "original_commit_for_fix" } ] } ], "descriptions": [ { "lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nice: avoid bpf_prog refcount underflow\n\nIce driver has the routines for managing XDP resources that are shared\nbetween ndo_bpf op and VSI rebuild flow. The latter takes place for\nexample when user changes queue count on an interface via ethtool\u0027s\nset_channels().\n\nThere is an issue around the bpf_prog refcounting when VSI is being\nrebuilt - since ice_prepare_xdp_rings() is called with vsi-\u003exdp_prog as\nan argument that is used later on by ice_vsi_assign_bpf_prog(), same\nbpf_prog pointers are swapped with each other. Then it is also\ninterpreted as an \u0027old_prog\u0027 which in turn causes us to call\nbpf_prog_put on it that will decrement its refcount.\n\nBelow splat can be interpreted in a way that due to zero refcount of a\nbpf_prog it is wiped out from the system while kernel still tries to\nrefer to it:\n\n[ 481.069429] BUG: unable to handle page fault for address: ffffc9000640f038\n[ 481.077390] #PF: supervisor read access in kernel mode\n[ 481.083335] #PF: error_code(0x0000) - not-present page\n[ 481.089276] PGD 100000067 P4D 100000067 PUD 1001cb067 PMD 106d2b067 PTE 0\n[ 481.097141] Oops: 0000 [#1] PREEMPT SMP PTI\n[ 481.101980] CPU: 12 PID: 3339 Comm: sudo Tainted: G OE 5.15.0-rc5+ #1\n[ 481.110840] Hardware name: Intel Corp. GRANTLEY/GRANTLEY, BIOS GRRFCRB1.86B.0276.D07.1605190235 05/19/2016\n[ 481.122021] RIP: 0010:dev_xdp_prog_id+0x25/0x40\n[ 481.127265] Code: 80 00 00 00 00 0f 1f 44 00 00 89 f6 48 c1 e6 04 48 01 fe 48 8b 86 98 08 00 00 48 85 c0 74 13 48 8b 50 18 31 c0 48 85 d2 74 07 \u003c48\u003e 8b 42 38 8b 40 20 c3 48 8b 96 90 08 00 00 eb e8 66 2e 0f 1f 84\n[ 481.148991] RSP: 0018:ffffc90007b63868 EFLAGS: 00010286\n[ 481.155034] RAX: 0000000000000000 RBX: ffff889080824000 RCX: 0000000000000000\n[ 481.163278] RDX: ffffc9000640f000 RSI: ffff889080824010 RDI: ffff889080824000\n[ 481.171527] RBP: ffff888107af7d00 R08: 0000000000000000 R09: ffff88810db5f6e0\n[ 481.179776] R10: 0000000000000000 R11: ffff8890885b9988 R12: ffff88810db5f4bc\n[ 481.188026] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000\n[ 481.196276] FS: 00007f5466d5bec0(0000) GS:ffff88903fb00000(0000) knlGS:0000000000000000\n[ 481.205633] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n[ 481.212279] CR2: ffffc9000640f038 CR3: 000000014429c006 CR4: 00000000003706e0\n[ 481.220530] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\n[ 481.228771] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\n[ 481.237029] Call Trace:\n[ 481.239856] rtnl_fill_ifinfo+0x768/0x12e0\n[ 481.244602] rtnl_dump_ifinfo+0x525/0x650\n[ 481.249246] ? __alloc_skb+0xa5/0x280\n[ 481.253484] netlink_dump+0x168/0x3c0\n[ 481.257725] netlink_recvmsg+0x21e/0x3e0\n[ 481.262263] ____sys_recvmsg+0x87/0x170\n[ 481.266707] ? __might_fault+0x20/0x30\n[ 481.271046] ? _copy_from_user+0x66/0xa0\n[ 481.275591] ? iovec_from_user+0xf6/0x1c0\n[ 481.280226] ___sys_recvmsg+0x82/0x100\n[ 481.284566] ? sock_sendmsg+0x5e/0x60\n[ 481.288791] ? __sys_sendto+0xee/0x150\n[ 481.293129] __sys_recvmsg+0x56/0xa0\n[ 481.297267] do_syscall_64+0x3b/0xc0\n[ 481.301395] entry_SYSCALL_64_after_hwframe+0x44/0xae\n[ 481.307238] RIP: 0033:0x7f5466f39617\n[ 481.311373] Code: 0c 00 f7 d8 64 89 02 48 c7 c0 ff ff ff ff eb bd 0f 1f 00 f3 0f 1e fa 64 8b 04 25 18 00 00 00 85 c0 75 10 b8 2f 00 00 00 0f 05 \u003c48\u003e 3d 00 f0 ff ff 77 51 c3 48 83 ec 28 89 54 24 1c 48 89 74 24 10\n[ 481.342944] RSP: 002b:00007ffedc7f4308 EFLAGS: 00000246 ORIG_RAX: 000000000000002f\n[ 481.361783] RAX: ffffffffffffffda RBX: 00007ffedc7f5460 RCX: 00007f5466f39617\n[ 481.380278] RDX: 0000000000000000 RSI: 00007ffedc7f5360 RDI: 0000000000000003\n[ 481.398500] RBP: 00007ffedc7f53f0 R08: 0000000000000000 R09: 000055d556f04d50\n[ 481.416463] R10: 0000000000000077 R11: 0000000000000246 R12: 00007ffedc7f5360\n[ 481.434131] R13: 00007ffedc7f5350 R14: 00007ffedc7f5344 R15: 0000000000000e98\n[ 481.451520] Modules linked in: ice\n---truncated---" } ], "providerMetadata": { "dateUpdated": "2024-11-04T12:08:17.960Z", "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux" }, "references": [ { "url": "https://git.kernel.org/stable/c/e65a8707b4cd756d26d246bb2b9fab06eebafac1" }, { "url": "https://git.kernel.org/stable/c/1f10b09ccc832698ef4624a6ab9a213b6ccbda76" }, { "url": "https://git.kernel.org/stable/c/f65ee535df775a13a1046c0a0b2d72db342f8a5b" } ], "title": "ice: avoid bpf_prog refcount underflow", "x_generator": { "engine": "bippy-9e1c9544281a" } } }, "cveMetadata": { "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "assignerShortName": "Linux", "cveId": "CVE-2021-47563", "datePublished": "2024-05-24T15:12:51.398Z", "dateReserved": "2024-05-24T15:11:00.728Z", "dateUpdated": "2024-11-05T16:52:12.886Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2021-47559
Vulnerability from cvelistv5
Published
2024-05-24 15:12
Modified
2024-11-04 12:08
Severity ?
EPSS score ?
Summary
net/smc: Fix NULL pointer dereferencing in smc_vlan_by_tcpsk()
References
{ "containers": { "adp": [ { "metrics": [ { "other": { "content": { "id": "CVE-2021-47559", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-05-24T19:14:31.432418Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-06-04T17:14:40.808Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-08-04T05:39:59.699Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/c94cbd262b6aa3b54d73a1ed1f9c0d19df57f4ff" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/bb851d0fb02547d03cd40106b5f2391c4fed6ed1" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/587acad41f1bc48e16f42bb2aca63bf323380be8" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "Linux", "programFiles": [ "net/smc/smc_core.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "lessThan": "c94cbd262b6a", "status": "affected", "version": "cb9d43f67754", "versionType": "git" }, { "lessThan": "bb851d0fb025", "status": "affected", "version": "cb9d43f67754", "versionType": "git" }, { "lessThan": "587acad41f1b", "status": "affected", "version": "cb9d43f67754", "versionType": "git" } ] }, { "defaultStatus": "affected", "product": "Linux", "programFiles": [ "net/smc/smc_core.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "status": "affected", "version": "4.18" }, { "lessThan": "4.18", "status": "unaffected", "version": "0", "versionType": "semver" }, { "lessThanOrEqual": "5.10.*", "status": "unaffected", "version": "5.10.83", "versionType": "semver" }, { "lessThanOrEqual": "5.15.*", "status": "unaffected", "version": "5.15.6", "versionType": "semver" }, { "lessThanOrEqual": "*", "status": "unaffected", "version": "5.16", "versionType": "original_commit_for_fix" } ] } ], "descriptions": [ { "lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/smc: Fix NULL pointer dereferencing in smc_vlan_by_tcpsk()\n\nCoverity reports a possible NULL dereferencing problem:\n\nin smc_vlan_by_tcpsk():\n6. returned_null: netdev_lower_get_next returns NULL (checked 29 out of 30 times).\n7. var_assigned: Assigning: ndev = NULL return value from netdev_lower_get_next.\n1623 ndev = (struct net_device *)netdev_lower_get_next(ndev, \u0026lower);\nCID 1468509 (#1 of 1): Dereference null return value (NULL_RETURNS)\n8. dereference: Dereferencing a pointer that might be NULL ndev when calling is_vlan_dev.\n1624 if (is_vlan_dev(ndev)) {\n\nRemove the manual implementation and use netdev_walk_all_lower_dev() to\niterate over the lower devices. While on it remove an obsolete function\nparameter comment." } ], "providerMetadata": { "dateUpdated": "2024-11-04T12:08:13.283Z", "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux" }, "references": [ { "url": "https://git.kernel.org/stable/c/c94cbd262b6aa3b54d73a1ed1f9c0d19df57f4ff" }, { "url": "https://git.kernel.org/stable/c/bb851d0fb02547d03cd40106b5f2391c4fed6ed1" }, { "url": "https://git.kernel.org/stable/c/587acad41f1bc48e16f42bb2aca63bf323380be8" } ], "title": "net/smc: Fix NULL pointer dereferencing in smc_vlan_by_tcpsk()", "x_generator": { "engine": "bippy-9e1c9544281a" } } }, "cveMetadata": { "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "assignerShortName": "Linux", "cveId": "CVE-2021-47559", "datePublished": "2024-05-24T15:12:48.675Z", "dateReserved": "2024-05-24T15:11:00.727Z", "dateUpdated": "2024-11-04T12:08:13.283Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2021-47520
Vulnerability from cvelistv5
Published
2024-05-24 15:09
Modified
2024-11-04 12:07
Severity ?
EPSS score ?
Summary
can: pch_can: pch_can_rx_normal: fix use after free
References
{ "containers": { "adp": [ { "metrics": [ { "other": { "content": { "id": "CVE-2021-47520", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-06-17T18:03:24.271974Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-06-17T18:03:39.525Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-08-04T05:39:59.800Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/bafe343a885c70dddf358379cf0b2a1c07355d8d" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/3a3c46e2eff0577454860a203be1a8295f4acb76" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/affbad02bf80380a7403885b9fe4a1587d1bb4f3" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/3e193ef4e0a3f5bf92ede83ef214cb09d01b00aa" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/abb4eff3dcd2e583060082a18a8dbf31f02689d4" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/703dde112021c93d6e89443c070e7dbd4dea612e" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/6c73fc931658d8cbc8a1714b326cb31eb71d16a7" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/94cddf1e9227a171b27292509d59691819c458db" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "Linux", "programFiles": [ "drivers/net/can/pch_can.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "lessThan": "bafe343a885c", "status": "affected", "version": "b21d18b51b31", "versionType": "git" }, { "lessThan": "3a3c46e2eff0", "status": "affected", "version": "b21d18b51b31", "versionType": "git" }, { "lessThan": "affbad02bf80", "status": "affected", "version": "b21d18b51b31", "versionType": "git" }, { "lessThan": "3e193ef4e0a3", "status": "affected", "version": "b21d18b51b31", "versionType": "git" }, { "lessThan": "abb4eff3dcd2", "status": "affected", "version": "b21d18b51b31", "versionType": "git" }, { "lessThan": "703dde112021", "status": "affected", "version": "b21d18b51b31", "versionType": "git" }, { "lessThan": "6c73fc931658", "status": "affected", "version": "b21d18b51b31", "versionType": "git" }, { "lessThan": "94cddf1e9227", "status": "affected", "version": "b21d18b51b31", "versionType": "git" } ] }, { "defaultStatus": "affected", "product": "Linux", "programFiles": [ "drivers/net/can/pch_can.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "status": "affected", "version": "2.6.37" }, { "lessThan": "2.6.37", "status": "unaffected", "version": "0", "versionType": "semver" }, { "lessThanOrEqual": "4.4.*", "status": "unaffected", "version": "4.4.295", "versionType": "semver" }, { "lessThanOrEqual": "4.9.*", "status": "unaffected", "version": "4.9.293", "versionType": "semver" }, { "lessThanOrEqual": "4.14.*", "status": "unaffected", "version": "4.14.258", "versionType": "semver" }, { "lessThanOrEqual": "4.19.*", "status": "unaffected", "version": "4.19.221", "versionType": "semver" }, { "lessThanOrEqual": "5.4.*", "status": "unaffected", "version": "5.4.165", "versionType": "semver" }, { "lessThanOrEqual": "5.10.*", "status": "unaffected", "version": "5.10.85", "versionType": "semver" }, { "lessThanOrEqual": "5.15.*", "status": "unaffected", "version": "5.15.8", "versionType": "semver" }, { "lessThanOrEqual": "*", "status": "unaffected", "version": "5.16", "versionType": "original_commit_for_fix" } ] } ], "descriptions": [ { "lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ncan: pch_can: pch_can_rx_normal: fix use after free\n\nAfter calling netif_receive_skb(skb), dereferencing skb is unsafe.\nEspecially, the can_frame cf which aliases skb memory is dereferenced\njust after the call netif_receive_skb(skb).\n\nReordering the lines solves the issue." } ], "providerMetadata": { "dateUpdated": "2024-11-04T12:07:31.177Z", "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux" }, "references": [ { "url": "https://git.kernel.org/stable/c/bafe343a885c70dddf358379cf0b2a1c07355d8d" }, { "url": "https://git.kernel.org/stable/c/3a3c46e2eff0577454860a203be1a8295f4acb76" }, { "url": "https://git.kernel.org/stable/c/affbad02bf80380a7403885b9fe4a1587d1bb4f3" }, { "url": "https://git.kernel.org/stable/c/3e193ef4e0a3f5bf92ede83ef214cb09d01b00aa" }, { "url": "https://git.kernel.org/stable/c/abb4eff3dcd2e583060082a18a8dbf31f02689d4" }, { "url": "https://git.kernel.org/stable/c/703dde112021c93d6e89443c070e7dbd4dea612e" }, { "url": "https://git.kernel.org/stable/c/6c73fc931658d8cbc8a1714b326cb31eb71d16a7" }, { "url": "https://git.kernel.org/stable/c/94cddf1e9227a171b27292509d59691819c458db" } ], "title": "can: pch_can: pch_can_rx_normal: fix use after free", "x_generator": { "engine": "bippy-9e1c9544281a" } } }, "cveMetadata": { "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "assignerShortName": "Linux", "cveId": "CVE-2021-47520", "datePublished": "2024-05-24T15:09:33.796Z", "dateReserved": "2024-05-24T15:02:54.824Z", "dateUpdated": "2024-11-04T12:07:31.177Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2021-47519
Vulnerability from cvelistv5
Published
2024-05-24 15:09
Modified
2024-11-04 12:07
Severity ?
EPSS score ?
Summary
can: m_can: m_can_read_fifo: fix memory leak in error branch
References
{ "containers": { "adp": [ { "affected": [ { "cpes": [ "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "linux_kernel", "vendor": "linux", "versions": [ { "lessThan": "75a422165477", "status": "affected", "version": "e39381770ec9", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "linux_kernel", "vendor": "linux", "versions": [ { "lessThan": "31cb32a590d6", "status": "affected", "version": "e39381770ec9", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "linux_kernel", "vendor": "linux", "versions": [ { "lessThan": "5.15", "status": "unaffected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "linux_kernel", "vendor": "linux", "versions": [ { "lessThan": "5.16", "status": "unaffected", "version": "5.15.8", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "linux_kernel", "vendor": "linux", "versions": [ { "status": "unaffected", "version": "5.16" } ] }, { "cpes": [ "cpe:2.3:o:linux:linux_kernel:5.15:-:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "linux_kernel", "vendor": "linux", "versions": [ { "status": "affected", "version": "5.15" } ] } ], "metrics": [ { "cvssV3_1": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" } }, { "other": { "content": { "id": "CVE-2021-47519", "options": [ { "Exploitation": "none" }, { "Automatable": "yes" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-06-05T16:07:08.194411Z", "version": "2.0.3" }, "type": "ssvc" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-401", "description": "CWE-401 Missing Release of Memory after Effective Lifetime", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-06-06T19:59:00.023Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-08-04T05:39:59.702Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/75a422165477dd12d2d20aa7c9ee7c9a281c9908" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/31cb32a590d62b18f69a9a6d433f4e69c74fdd56" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "Linux", "programFiles": [ "drivers/net/can/m_can/m_can.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "lessThan": "75a422165477", "status": "affected", "version": "e39381770ec9", "versionType": "git" }, { "lessThan": "31cb32a590d6", "status": "affected", "version": "e39381770ec9", "versionType": "git" } ] }, { "defaultStatus": "affected", "product": "Linux", "programFiles": [ "drivers/net/can/m_can/m_can.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "status": "affected", "version": "5.15" }, { "lessThan": "5.15", "status": "unaffected", "version": "0", "versionType": "semver" }, { "lessThanOrEqual": "5.15.*", "status": "unaffected", "version": "5.15.8", "versionType": "semver" }, { "lessThanOrEqual": "*", "status": "unaffected", "version": "5.16", "versionType": "original_commit_for_fix" } ] } ], "descriptions": [ { "lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ncan: m_can: m_can_read_fifo: fix memory leak in error branch\n\nIn m_can_read_fifo(), if the second call to m_can_fifo_read() fails,\nthe function jump to the out_fail label and returns without calling\nm_can_receive_skb(). This means that the skb previously allocated by\nalloc_can_skb() is not freed. In other terms, this is a memory leak.\n\nThis patch adds a goto label to destroy the skb if an error occurs.\n\nIssue was found with GCC -fanalyzer, please follow the link below for\ndetails." } ], "providerMetadata": { "dateUpdated": "2024-11-04T12:07:29.920Z", "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux" }, "references": [ { "url": "https://git.kernel.org/stable/c/75a422165477dd12d2d20aa7c9ee7c9a281c9908" }, { "url": "https://git.kernel.org/stable/c/31cb32a590d62b18f69a9a6d433f4e69c74fdd56" } ], "title": "can: m_can: m_can_read_fifo: fix memory leak in error branch", "x_generator": { "engine": "bippy-9e1c9544281a" } } }, "cveMetadata": { "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "assignerShortName": "Linux", "cveId": "CVE-2021-47519", "datePublished": "2024-05-24T15:09:33.118Z", "dateReserved": "2024-05-24T15:02:54.824Z", "dateUpdated": "2024-11-04T12:07:29.920Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2021-47507
Vulnerability from cvelistv5
Published
2024-05-24 15:01
Modified
2024-11-04 12:07
Severity ?
EPSS score ?
Summary
nfsd: Fix nsfd startup race (again)
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-04T05:39:59.833Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/f5734b1714ca355703e9ea8fb61d04beff1790b9" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/c520943a00ad5015704969ad3304c956bcd49d25" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/8bf902fee5893cfc2f04a698abab47629699ae9a" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/b10252c7ae9c9d7c90552f88b544a44ee773af64" } ], "title": "CVE Program Container" }, { "metrics": [ { "other": { "content": { "id": "CVE-2021-47507", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-09-10T15:35:42.793649Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-09-11T17:32:52.727Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "Linux", "programFiles": [ "fs/nfsd/nfs4recover.c", "fs/nfsd/nfsctl.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "lessThan": "f5734b1714ca", "status": "affected", "version": "8677e99150b0", "versionType": "git" }, { "lessThan": "c520943a00ad", "status": "affected", "version": "7c7cb07d4aff", "versionType": "git" }, { "lessThan": "8bf902fee589", "status": "affected", "version": "bd5ae9288d64", "versionType": "git" }, { "lessThan": "b10252c7ae9c", "status": "affected", "version": "bd5ae9288d64", "versionType": "git" } ] }, { "defaultStatus": "affected", "product": "Linux", "programFiles": [ "fs/nfsd/nfs4recover.c", "fs/nfsd/nfsctl.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "status": "affected", "version": "5.12" }, { "lessThan": "5.12", "status": "unaffected", "version": "0", "versionType": "semver" }, { "lessThanOrEqual": "5.4.*", "status": "unaffected", "version": "5.4.165", "versionType": "semver" }, { "lessThanOrEqual": "5.10.*", "status": "unaffected", "version": "5.10.85", "versionType": "semver" }, { "lessThanOrEqual": "5.15.*", "status": "unaffected", "version": "5.15.8", "versionType": "semver" }, { "lessThanOrEqual": "*", "status": "unaffected", "version": "5.16", "versionType": "original_commit_for_fix" } ] } ], "descriptions": [ { "lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnfsd: Fix nsfd startup race (again)\n\nCommit bd5ae9288d64 (\"nfsd: register pernet ops last, unregister first\")\nhas re-opened rpc_pipefs_event() race against nfsd_net_id registration\n(register_pernet_subsys()) which has been fixed by commit bb7ffbf29e76\n(\"nfsd: fix nsfd startup race triggering BUG_ON\").\n\nRestore the order of register_pernet_subsys() vs register_cld_notifier().\nAdd WARN_ON() to prevent a future regression.\n\nCrash info:\nUnable to handle kernel NULL pointer dereference at virtual address 0000000000000012\nCPU: 8 PID: 345 Comm: mount Not tainted 5.4.144-... #1\npc : rpc_pipefs_event+0x54/0x120 [nfsd]\nlr : rpc_pipefs_event+0x48/0x120 [nfsd]\nCall trace:\n rpc_pipefs_event+0x54/0x120 [nfsd]\n blocking_notifier_call_chain\n rpc_fill_super\n get_tree_keyed\n rpc_fs_get_tree\n vfs_get_tree\n do_mount\n ksys_mount\n __arm64_sys_mount\n el0_svc_handler\n el0_svc" } ], "providerMetadata": { "dateUpdated": "2024-11-04T12:07:15.974Z", "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux" }, "references": [ { "url": "https://git.kernel.org/stable/c/f5734b1714ca355703e9ea8fb61d04beff1790b9" }, { "url": "https://git.kernel.org/stable/c/c520943a00ad5015704969ad3304c956bcd49d25" }, { "url": "https://git.kernel.org/stable/c/8bf902fee5893cfc2f04a698abab47629699ae9a" }, { "url": "https://git.kernel.org/stable/c/b10252c7ae9c9d7c90552f88b544a44ee773af64" } ], "title": "nfsd: Fix nsfd startup race (again)", "x_generator": { "engine": "bippy-9e1c9544281a" } } }, "cveMetadata": { "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "assignerShortName": "Linux", "cveId": "CVE-2021-47507", "datePublished": "2024-05-24T15:01:53.401Z", "dateReserved": "2024-05-22T06:20:56.206Z", "dateUpdated": "2024-11-04T12:07:15.974Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2021-47534
Vulnerability from cvelistv5
Published
2024-05-24 15:09
Modified
2024-11-07 16:13
Severity ?
EPSS score ?
Summary
drm/vc4: kms: Add missing drm_crtc_commit_put
References
{ "containers": { "adp": [ { "metrics": [ { "cvssV3_1": { "attackComplexity": "HIGH", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 4.1, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" } }, { "other": { "content": { "id": "CVE-2021-47534", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-05-29T16:50:30.871991Z", "version": "2.0.3" }, "type": "ssvc" } } ], "problemTypes": [ { "descriptions": [ { "description": "CWE-noinfo Not enough information", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-11-07T16:13:57.750Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-08-04T05:39:59.777Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/53f9601e908d42481addd67cdb01a9288c611124" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/049cfff8d53a30cae3349ff71a4c01b7d9981bc2" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "Linux", "programFiles": [ "drivers/gpu/drm/vc4/vc4_kms.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "lessThan": "53f9601e908d", "status": "affected", "version": "9ec03d7f1ed3", "versionType": "git" }, { "lessThan": "049cfff8d53a", "status": "affected", "version": "9ec03d7f1ed3", "versionType": "git" } ] }, { "defaultStatus": "affected", "product": "Linux", "programFiles": [ "drivers/gpu/drm/vc4/vc4_kms.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "status": "affected", "version": "5.12" }, { "lessThan": "5.12", "status": "unaffected", "version": "0", "versionType": "semver" }, { "lessThanOrEqual": "5.15.*", "status": "unaffected", "version": "5.15.7", "versionType": "semver" }, { "lessThanOrEqual": "*", "status": "unaffected", "version": "5.16", "versionType": "original_commit_for_fix" } ] } ], "descriptions": [ { "lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/vc4: kms: Add missing drm_crtc_commit_put\n\nCommit 9ec03d7f1ed3 (\"drm/vc4: kms: Wait on previous FIFO users before a\ncommit\") introduced a global state for the HVS, with each FIFO storing\nthe current CRTC commit so that we can properly synchronize commits.\n\nHowever, the refcounting was off and we thus ended up leaking the\ndrm_crtc_commit structure every commit. Add a drm_crtc_commit_put to\nprevent the leakage." } ], "providerMetadata": { "dateUpdated": "2024-11-04T12:07:47.487Z", "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux" }, "references": [ { "url": "https://git.kernel.org/stable/c/53f9601e908d42481addd67cdb01a9288c611124" }, { "url": "https://git.kernel.org/stable/c/049cfff8d53a30cae3349ff71a4c01b7d9981bc2" } ], "title": "drm/vc4: kms: Add missing drm_crtc_commit_put", "x_generator": { "engine": "bippy-9e1c9544281a" } } }, "cveMetadata": { "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "assignerShortName": "Linux", "cveId": "CVE-2021-47534", "datePublished": "2024-05-24T15:09:43.344Z", "dateReserved": "2024-05-24T15:02:54.826Z", "dateUpdated": "2024-11-07T16:13:57.750Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2021-47566
Vulnerability from cvelistv5
Published
2024-05-24 15:12
Modified
2024-11-04 12:08
Severity ?
EPSS score ?
Summary
proc/vmcore: fix clearing user buffer by properly using clear_user()
References
{ "containers": { "adp": [ { "metrics": [ { "other": { "content": { "id": "CVE-2021-47566", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-06-12T19:44:25.541373Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-06-12T19:44:36.617Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-08-04T05:39:59.769Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/a9e164bd160be8cbee1df70acb379129e3cd2e7c" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/33a7d698f30fa0b99d50569e9909d3baa65d8f6a" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/99d348b82bcb36171f24411d3f1a15706a2a937a" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/9ef384ed300d1bcfb23d0ab0b487d544444d4b52" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/fd7974c547abfb03072a4ee706d3a6f182266f89" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/a8a917058faf4abaec9fb614bb6d5f8fe3529ec6" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/7b3a34f08d11e7f05cd00b8e09adaa15192f0ad1" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/c1e63117711977cc4295b2ce73de29dd17066c82" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "Linux", "programFiles": [ "fs/proc/vmcore.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "lessThan": "a9e164bd160b", "status": "affected", "version": "997c136f518c", "versionType": "git" }, { "lessThan": "33a7d698f30f", "status": "affected", "version": "997c136f518c", "versionType": "git" }, { "lessThan": "99d348b82bcb", "status": "affected", "version": "997c136f518c", "versionType": "git" }, { "lessThan": "9ef384ed300d", "status": "affected", "version": "997c136f518c", "versionType": "git" }, { "lessThan": "fd7974c547ab", "status": "affected", "version": "997c136f518c", "versionType": "git" }, { "lessThan": "a8a917058faf", "status": "affected", "version": "997c136f518c", "versionType": "git" }, { "lessThan": "7b3a34f08d11", "status": "affected", "version": "997c136f518c", "versionType": "git" }, { "lessThan": "c1e631177119", "status": "affected", "version": "997c136f518c", "versionType": "git" } ] }, { "defaultStatus": "affected", "product": "Linux", "programFiles": [ "fs/proc/vmcore.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "status": "affected", "version": "3.0" }, { "lessThan": "3.0", "status": "unaffected", "version": "0", "versionType": "semver" }, { "lessThanOrEqual": "4.4.*", "status": "unaffected", "version": "4.4.294", "versionType": "semver" }, { "lessThanOrEqual": "4.9.*", "status": "unaffected", "version": "4.9.292", "versionType": "semver" }, { "lessThanOrEqual": "4.14.*", "status": "unaffected", "version": "4.14.257", "versionType": "semver" }, { "lessThanOrEqual": "4.19.*", "status": "unaffected", "version": "4.19.219", "versionType": "semver" }, { "lessThanOrEqual": "5.4.*", "status": "unaffected", "version": "5.4.163", "versionType": "semver" }, { "lessThanOrEqual": "5.10.*", "status": "unaffected", "version": "5.10.83", "versionType": "semver" }, { "lessThanOrEqual": "5.15.*", "status": "unaffected", "version": "5.15.6", "versionType": "semver" }, { "lessThanOrEqual": "*", "status": "unaffected", "version": "5.16", "versionType": "original_commit_for_fix" } ] } ], "descriptions": [ { "lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nproc/vmcore: fix clearing user buffer by properly using clear_user()\n\nTo clear a user buffer we cannot simply use memset, we have to use\nclear_user(). With a virtio-mem device that registers a vmcore_cb and\nhas some logically unplugged memory inside an added Linux memory block,\nI can easily trigger a BUG by copying the vmcore via \"cp\":\n\n systemd[1]: Starting Kdump Vmcore Save Service...\n kdump[420]: Kdump is using the default log level(3).\n kdump[453]: saving to /sysroot/var/crash/127.0.0.1-2021-11-11-14:59:22/\n kdump[458]: saving vmcore-dmesg.txt to /sysroot/var/crash/127.0.0.1-2021-11-11-14:59:22/\n kdump[465]: saving vmcore-dmesg.txt complete\n kdump[467]: saving vmcore\n BUG: unable to handle page fault for address: 00007f2374e01000\n #PF: supervisor write access in kernel mode\n #PF: error_code(0x0003) - permissions violation\n PGD 7a523067 P4D 7a523067 PUD 7a528067 PMD 7a525067 PTE 800000007048f867\n Oops: 0003 [#1] PREEMPT SMP NOPTI\n CPU: 0 PID: 468 Comm: cp Not tainted 5.15.0+ #6\n Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS rel-1.14.0-27-g64f37cc530f1-prebuilt.qemu.org 04/01/2014\n RIP: 0010:read_from_oldmem.part.0.cold+0x1d/0x86\n Code: ff ff ff e8 05 ff fe ff e9 b9 e9 7f ff 48 89 de 48 c7 c7 38 3b 60 82 e8 f1 fe fe ff 83 fd 08 72 3c 49 8d 7d 08 4c 89 e9 89 e8 \u003c49\u003e c7 45 00 00 00 00 00 49 c7 44 05 f8 00 00 00 00 48 83 e7 f81\n RSP: 0018:ffffc9000073be08 EFLAGS: 00010212\n RAX: 0000000000001000 RBX: 00000000002fd000 RCX: 00007f2374e01000\n RDX: 0000000000000001 RSI: 00000000ffffdfff RDI: 00007f2374e01008\n RBP: 0000000000001000 R08: 0000000000000000 R09: ffffc9000073bc50\n R10: ffffc9000073bc48 R11: ffffffff829461a8 R12: 000000000000f000\n R13: 00007f2374e01000 R14: 0000000000000000 R15: ffff88807bd421e8\n FS: 00007f2374e12140(0000) GS:ffff88807f000000(0000) knlGS:0000000000000000\n CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n CR2: 00007f2374e01000 CR3: 000000007a4aa000 CR4: 0000000000350eb0\n Call Trace:\n read_vmcore+0x236/0x2c0\n proc_reg_read+0x55/0xa0\n vfs_read+0x95/0x190\n ksys_read+0x4f/0xc0\n do_syscall_64+0x3b/0x90\n entry_SYSCALL_64_after_hwframe+0x44/0xae\n\nSome x86-64 CPUs have a CPU feature called \"Supervisor Mode Access\nPrevention (SMAP)\", which is used to detect wrong access from the kernel\nto user buffers like this: SMAP triggers a permissions violation on\nwrong access. In the x86-64 variant of clear_user(), SMAP is properly\nhandled via clac()+stac().\n\nTo fix, properly use clear_user() when we\u0027re dealing with a user buffer." } ], "providerMetadata": { "dateUpdated": "2024-11-04T12:08:21.518Z", "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux" }, "references": [ { "url": "https://git.kernel.org/stable/c/a9e164bd160be8cbee1df70acb379129e3cd2e7c" }, { "url": "https://git.kernel.org/stable/c/33a7d698f30fa0b99d50569e9909d3baa65d8f6a" }, { "url": "https://git.kernel.org/stable/c/99d348b82bcb36171f24411d3f1a15706a2a937a" }, { "url": "https://git.kernel.org/stable/c/9ef384ed300d1bcfb23d0ab0b487d544444d4b52" }, { "url": "https://git.kernel.org/stable/c/fd7974c547abfb03072a4ee706d3a6f182266f89" }, { "url": "https://git.kernel.org/stable/c/a8a917058faf4abaec9fb614bb6d5f8fe3529ec6" }, { "url": "https://git.kernel.org/stable/c/7b3a34f08d11e7f05cd00b8e09adaa15192f0ad1" }, { "url": "https://git.kernel.org/stable/c/c1e63117711977cc4295b2ce73de29dd17066c82" } ], "title": "proc/vmcore: fix clearing user buffer by properly using clear_user()", "x_generator": { "engine": "bippy-9e1c9544281a" } } }, "cveMetadata": { "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "assignerShortName": "Linux", "cveId": "CVE-2021-47566", "datePublished": "2024-05-24T15:12:53.432Z", "dateReserved": "2024-05-24T15:11:00.728Z", "dateUpdated": "2024-11-04T12:08:21.518Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2021-47530
Vulnerability from cvelistv5
Published
2024-05-24 15:09
Modified
2024-11-04 12:07
Severity ?
EPSS score ?
Summary
drm/msm: Fix wait_fence submitqueue leak
References
{ "containers": { "adp": [ { "metrics": [ { "other": { "content": { "id": "CVE-2021-47530", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-06-17T17:34:37.808286Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-06-17T17:35:01.471Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-08-04T05:39:59.617Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/4c3cdbf2540319ea674f1f3c54f31f14c6f39647" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/ea0006d390a28012f8187717aea61498b2b341e5" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "Linux", "programFiles": [ "drivers/gpu/drm/msm/msm_drv.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "lessThan": "4c3cdbf25403", "status": "affected", "version": "a61acbbe9cf8", "versionType": "git" }, { "lessThan": "ea0006d390a2", "status": "affected", "version": "a61acbbe9cf8", "versionType": "git" } ] }, { "defaultStatus": "affected", "product": "Linux", "programFiles": [ "drivers/gpu/drm/msm/msm_drv.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "status": "affected", "version": "5.15" }, { "lessThan": "5.15", "status": "unaffected", "version": "0", "versionType": "semver" }, { "lessThanOrEqual": "5.15.*", "status": "unaffected", "version": "5.15.7", "versionType": "semver" }, { "lessThanOrEqual": "*", "status": "unaffected", "version": "5.16", "versionType": "original_commit_for_fix" } ] } ], "descriptions": [ { "lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/msm: Fix wait_fence submitqueue leak\n\nWe weren\u0027t dropping the submitqueue reference in all paths. In\nparticular, when the fence has already been signalled. Split out\na helper to simplify handling this in the various different return\npaths." } ], "providerMetadata": { "dateUpdated": "2024-11-04T12:07:42.792Z", "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux" }, "references": [ { "url": "https://git.kernel.org/stable/c/4c3cdbf2540319ea674f1f3c54f31f14c6f39647" }, { "url": "https://git.kernel.org/stable/c/ea0006d390a28012f8187717aea61498b2b341e5" } ], "title": "drm/msm: Fix wait_fence submitqueue leak", "x_generator": { "engine": "bippy-9e1c9544281a" } } }, "cveMetadata": { "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "assignerShortName": "Linux", "cveId": "CVE-2021-47530", "datePublished": "2024-05-24T15:09:40.707Z", "dateReserved": "2024-05-24T15:02:54.825Z", "dateUpdated": "2024-11-04T12:07:42.792Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2021-47569
Vulnerability from cvelistv5
Published
2024-05-24 15:12
Modified
2024-11-04 12:08
Severity ?
EPSS score ?
Summary
io_uring: fail cancellation for EXITING tasks
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-04T05:39:59.633Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/3d2a1e68fd9904fdc1b02f2e7d40ca47df7ba39f" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/617a89484debcd4e7999796d693cf0b77d2519de" } ], "title": "CVE Program Container" }, { "metrics": [ { "other": { "content": { "id": "CVE-2021-47569", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-09-10T15:35:11.017717Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-09-11T17:32:50.979Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "Linux", "programFiles": [ "fs/io_uring.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "lessThan": "3d2a1e68fd99", "status": "affected", "version": "89b263f6d56e", "versionType": "git" }, { "lessThan": "617a89484deb", "status": "affected", "version": "89b263f6d56e", "versionType": "git" } ] }, { "defaultStatus": "affected", "product": "Linux", "programFiles": [ "fs/io_uring.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "status": "affected", "version": "5.15" }, { "lessThan": "5.15", "status": "unaffected", "version": "0", "versionType": "semver" }, { "lessThanOrEqual": "5.15.*", "status": "unaffected", "version": "5.15.6", "versionType": "semver" }, { "lessThanOrEqual": "*", "status": "unaffected", "version": "5.16", "versionType": "original_commit_for_fix" } ] } ], "descriptions": [ { "lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nio_uring: fail cancellation for EXITING tasks\n\nWARNING: CPU: 1 PID: 20 at fs/io_uring.c:6269 io_try_cancel_userdata+0x3c5/0x640 fs/io_uring.c:6269\nCPU: 1 PID: 20 Comm: kworker/1:0 Not tainted 5.16.0-rc1-syzkaller #0\nWorkqueue: events io_fallback_req_func\nRIP: 0010:io_try_cancel_userdata+0x3c5/0x640 fs/io_uring.c:6269\nCall Trace:\n \u003cTASK\u003e\n io_req_task_link_timeout+0x6b/0x1e0 fs/io_uring.c:6886\n io_fallback_req_func+0xf9/0x1ae fs/io_uring.c:1334\n process_one_work+0x9b2/0x1690 kernel/workqueue.c:2298\n worker_thread+0x658/0x11f0 kernel/workqueue.c:2445\n kthread+0x405/0x4f0 kernel/kthread.c:327\n ret_from_fork+0x1f/0x30 arch/x86/entry/entry_64.S:295\n \u003c/TASK\u003e\n\nWe need original task\u0027s context to do cancellations, so if it\u0027s dying\nand the callback is executed in a fallback mode, fail the cancellation\nattempt." } ], "providerMetadata": { "dateUpdated": "2024-11-04T12:08:24.958Z", "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux" }, "references": [ { "url": "https://git.kernel.org/stable/c/3d2a1e68fd9904fdc1b02f2e7d40ca47df7ba39f" }, { "url": "https://git.kernel.org/stable/c/617a89484debcd4e7999796d693cf0b77d2519de" } ], "title": "io_uring: fail cancellation for EXITING tasks", "x_generator": { "engine": "bippy-9e1c9544281a" } } }, "cveMetadata": { "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "assignerShortName": "Linux", "cveId": "CVE-2021-47569", "datePublished": "2024-05-24T15:12:55.394Z", "dateReserved": "2024-05-24T15:11:00.729Z", "dateUpdated": "2024-11-04T12:08:24.958Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2021-47538
Vulnerability from cvelistv5
Published
2024-05-24 15:09
Modified
2024-11-04 12:07
Severity ?
EPSS score ?
Summary
rxrpc: Fix rxrpc_local leak in rxrpc_lookup_peer()
References
{ "containers": { "adp": [ { "metrics": [ { "other": { "content": { "id": "CVE-2021-47538", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-05-24T19:15:07.366329Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-06-04T17:14:56.132Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-08-04T05:39:59.621Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/913c24af2d13a3fd304462916ee98e298d56bdce" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/3e70e3a72d80b16094faccbe438cd53761c3503a" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/60f0b9c42cb80833a03ca57c1c8b078d716e71d1" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/9469273e616ca8f1b6e3773c5019f21b4c8d828c" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/beacff50edbd6c9659a6f15fc7f6126909fade29" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "Linux", "programFiles": [ "net/rxrpc/peer_object.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "lessThan": "913c24af2d13", "status": "affected", "version": "e8e51ce79c15", "versionType": "git" }, { "lessThan": "3e70e3a72d80", "status": "affected", "version": "9ebeddef58c4", "versionType": "git" }, { "lessThan": "60f0b9c42cb8", "status": "affected", "version": "9ebeddef58c4", "versionType": "git" }, { "lessThan": "9469273e616c", "status": "affected", "version": "9ebeddef58c4", "versionType": "git" }, { "lessThan": "beacff50edbd", "status": "affected", "version": "9ebeddef58c4", "versionType": "git" } ] }, { "defaultStatus": "affected", "product": "Linux", "programFiles": [ "net/rxrpc/peer_object.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "status": "affected", "version": "5.4" }, { "lessThan": "5.4", "status": "unaffected", "version": "0", "versionType": "semver" }, { "lessThanOrEqual": "4.19.*", "status": "unaffected", "version": "4.19.220", "versionType": "semver" }, { "lessThanOrEqual": "5.4.*", "status": "unaffected", "version": "5.4.164", "versionType": "semver" }, { "lessThanOrEqual": "5.10.*", "status": "unaffected", "version": "5.10.84", "versionType": "semver" }, { "lessThanOrEqual": "5.15.*", "status": "unaffected", "version": "5.15.7", "versionType": "semver" }, { "lessThanOrEqual": "*", "status": "unaffected", "version": "5.16", "versionType": "original_commit_for_fix" } ] } ], "descriptions": [ { "lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nrxrpc: Fix rxrpc_local leak in rxrpc_lookup_peer()\n\nNeed to call rxrpc_put_local() for peer candidate before kfree() as it\nholds a ref to rxrpc_local.\n\n[DH: v2: Changed to abstract the peer freeing code out into a function]" } ], "providerMetadata": { "dateUpdated": "2024-11-04T12:07:52.125Z", "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux" }, "references": [ { "url": "https://git.kernel.org/stable/c/913c24af2d13a3fd304462916ee98e298d56bdce" }, { "url": "https://git.kernel.org/stable/c/3e70e3a72d80b16094faccbe438cd53761c3503a" }, { "url": "https://git.kernel.org/stable/c/60f0b9c42cb80833a03ca57c1c8b078d716e71d1" }, { "url": "https://git.kernel.org/stable/c/9469273e616ca8f1b6e3773c5019f21b4c8d828c" }, { "url": "https://git.kernel.org/stable/c/beacff50edbd6c9659a6f15fc7f6126909fade29" } ], "title": "rxrpc: Fix rxrpc_local leak in rxrpc_lookup_peer()", "x_generator": { "engine": "bippy-9e1c9544281a" } } }, "cveMetadata": { "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "assignerShortName": "Linux", "cveId": "CVE-2021-47538", "datePublished": "2024-05-24T15:09:45.959Z", "dateReserved": "2024-05-24T15:02:54.828Z", "dateUpdated": "2024-11-04T12:07:52.125Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2021-47558
Vulnerability from cvelistv5
Published
2024-05-24 15:09
Modified
2024-11-04 12:08
Severity ?
EPSS score ?
Summary
net: stmmac: Disable Tx queues when reconfiguring the interface
References
{ "containers": { "adp": [ { "metrics": [ { "other": { "content": { "id": "CVE-2021-47558", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-06-10T18:51:23.012354Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-06-10T18:51:31.116Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-08-04T05:39:59.721Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/a92f0eebb8dc008b9e8c51c6f7b8c93b27a29a43" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/b270bfe697367776eca2e6759a71d700fb8d82a2" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "Linux", "programFiles": [ "drivers/net/ethernet/stmicro/stmmac/stmmac_main.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "lessThan": "a92f0eebb8dc", "status": "affected", "version": "0366f7e06a6b", "versionType": "git" }, { "lessThan": "b270bfe69736", "status": "affected", "version": "0366f7e06a6b", "versionType": "git" } ] }, { "defaultStatus": "affected", "product": "Linux", "programFiles": [ "drivers/net/ethernet/stmicro/stmmac/stmmac_main.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "status": "affected", "version": "5.10" }, { "lessThan": "5.10", "status": "unaffected", "version": "0", "versionType": "semver" }, { "lessThanOrEqual": "5.15.*", "status": "unaffected", "version": "5.15.6", "versionType": "semver" }, { "lessThanOrEqual": "*", "status": "unaffected", "version": "5.16", "versionType": "original_commit_for_fix" } ] } ], "descriptions": [ { "lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: stmmac: Disable Tx queues when reconfiguring the interface\n\nThe Tx queues were not disabled in situations where the driver needed to\nstop the interface to apply a new configuration. This could result in a\nkernel panic when doing any of the 3 following actions:\n* reconfiguring the number of queues (ethtool -L)\n* reconfiguring the size of the ring buffers (ethtool -G)\n* installing/removing an XDP program (ip l set dev ethX xdp)\n\nPrevent the panic by making sure netif_tx_disable is called when stopping\nan interface.\n\nWithout this patch, the following kernel panic can be observed when doing\nany of the actions above:\n\nUnable to handle kernel paging request at virtual address ffff80001238d040\n[....]\n Call trace:\n dwmac4_set_addr+0x8/0x10\n dev_hard_start_xmit+0xe4/0x1ac\n sch_direct_xmit+0xe8/0x39c\n __dev_queue_xmit+0x3ec/0xaf0\n dev_queue_xmit+0x14/0x20\n[...]\n[ end trace 0000000000000002 ]---" } ], "providerMetadata": { "dateUpdated": "2024-11-04T12:08:12.142Z", "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux" }, "references": [ { "url": "https://git.kernel.org/stable/c/a92f0eebb8dc008b9e8c51c6f7b8c93b27a29a43" }, { "url": "https://git.kernel.org/stable/c/b270bfe697367776eca2e6759a71d700fb8d82a2" } ], "title": "net: stmmac: Disable Tx queues when reconfiguring the interface", "x_generator": { "engine": "bippy-9e1c9544281a" } } }, "cveMetadata": { "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "assignerShortName": "Linux", "cveId": "CVE-2021-47558", "datePublished": "2024-05-24T15:09:59.315Z", "dateReserved": "2024-05-24T15:02:54.834Z", "dateUpdated": "2024-11-04T12:08:12.142Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2021-47524
Vulnerability from cvelistv5
Published
2024-05-24 15:09
Modified
2024-11-04 12:07
Severity ?
EPSS score ?
Summary
serial: liteuart: fix minor-number leak on probe errors
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-04T05:39:59.754Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/888fc81107cacd2a4f681bac7bb785cef868214f" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/dd5e90b16cca8a697cbe17b72e2a5f49291cabb2" } ], "title": "CVE Program Container" }, { "metrics": [ { "other": { "content": { "id": "CVE-2021-47524", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-09-10T15:35:26.786876Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-09-11T17:32:51.218Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "Linux", "programFiles": [ "drivers/tty/serial/liteuart.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "lessThan": "888fc81107ca", "status": "affected", "version": "1da81e5562fa", "versionType": "git" }, { "lessThan": "dd5e90b16cca", "status": "affected", "version": "1da81e5562fa", "versionType": "git" } ] }, { "defaultStatus": "affected", "product": "Linux", "programFiles": [ "drivers/tty/serial/liteuart.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "status": "affected", "version": "5.11" }, { "lessThan": "5.11", "status": "unaffected", "version": "0", "versionType": "semver" }, { "lessThanOrEqual": "5.15.*", "status": "unaffected", "version": "5.15.7", "versionType": "semver" }, { "lessThanOrEqual": "*", "status": "unaffected", "version": "5.16", "versionType": "original_commit_for_fix" } ] } ], "descriptions": [ { "lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nserial: liteuart: fix minor-number leak on probe errors\n\nMake sure to release the allocated minor number before returning on\nprobe errors." } ], "providerMetadata": { "dateUpdated": "2024-11-04T12:07:35.875Z", "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux" }, "references": [ { "url": "https://git.kernel.org/stable/c/888fc81107cacd2a4f681bac7bb785cef868214f" }, { "url": "https://git.kernel.org/stable/c/dd5e90b16cca8a697cbe17b72e2a5f49291cabb2" } ], "title": "serial: liteuart: fix minor-number leak on probe errors", "x_generator": { "engine": "bippy-9e1c9544281a" } } }, "cveMetadata": { "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "assignerShortName": "Linux", "cveId": "CVE-2021-47524", "datePublished": "2024-05-24T15:09:36.706Z", "dateReserved": "2024-05-24T15:02:54.825Z", "dateUpdated": "2024-11-04T12:07:35.875Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2021-47561
Vulnerability from cvelistv5
Published
2024-05-24 15:12
Modified
2024-11-04 12:08
Severity ?
EPSS score ?
Summary
i2c: virtio: disable timeout handling
References
{ "containers": { "adp": [ { "metrics": [ { "other": { "content": { "id": "CVE-2021-47561", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-06-10T18:51:06.665618Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-06-10T18:51:14.257Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-08-04T05:39:59.771Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/cc432b0727ce404cc13e8f6b5ce29f412c3f9f1f" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/84e1d0bf1d7121759622dabf8fbef4c99ad597c5" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "Linux", "programFiles": [ "drivers/i2c/busses/i2c-virtio.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "lessThan": "cc432b0727ce", "status": "affected", "version": "3cfc88380413", "versionType": "git" }, { "lessThan": "84e1d0bf1d71", "status": "affected", "version": "3cfc88380413", "versionType": "git" } ] }, { "defaultStatus": "affected", "product": "Linux", "programFiles": [ "drivers/i2c/busses/i2c-virtio.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "status": "affected", "version": "5.15" }, { "lessThan": "5.15", "status": "unaffected", "version": "0", "versionType": "semver" }, { "lessThanOrEqual": "5.15.*", "status": "unaffected", "version": "5.15.6", "versionType": "semver" }, { "lessThanOrEqual": "*", "status": "unaffected", "version": "5.16", "versionType": "original_commit_for_fix" } ] } ], "descriptions": [ { "lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ni2c: virtio: disable timeout handling\n\nIf a timeout is hit, it can result is incorrect data on the I2C bus\nand/or memory corruptions in the guest since the device can still be\noperating on the buffers it was given while the guest has freed them.\n\nHere is, for example, the start of a slub_debug splat which was\ntriggered on the next transfer after one transfer was forced to timeout\nby setting a breakpoint in the backend (rust-vmm/vhost-device):\n\n BUG kmalloc-1k (Not tainted): Poison overwritten\n First byte 0x1 instead of 0x6b\n Allocated in virtio_i2c_xfer+0x65/0x35c age=350 cpu=0 pid=29\n \t__kmalloc+0xc2/0x1c9\n \tvirtio_i2c_xfer+0x65/0x35c\n \t__i2c_transfer+0x429/0x57d\n \ti2c_transfer+0x115/0x134\n \ti2cdev_ioctl_rdwr+0x16a/0x1de\n \ti2cdev_ioctl+0x247/0x2ed\n \tvfs_ioctl+0x21/0x30\n \tsys_ioctl+0xb18/0xb41\n Freed in virtio_i2c_xfer+0x32e/0x35c age=244 cpu=0 pid=29\n \tkfree+0x1bd/0x1cc\n \tvirtio_i2c_xfer+0x32e/0x35c\n \t__i2c_transfer+0x429/0x57d\n \ti2c_transfer+0x115/0x134\n \ti2cdev_ioctl_rdwr+0x16a/0x1de\n \ti2cdev_ioctl+0x247/0x2ed\n \tvfs_ioctl+0x21/0x30\n \tsys_ioctl+0xb18/0xb41\n\nThere is no simple fix for this (the driver would have to always create\nbounce buffers and hold on to them until the device eventually returns\nthe buffers), so just disable the timeout support for now." } ], "providerMetadata": { "dateUpdated": "2024-11-04T12:08:15.645Z", "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux" }, "references": [ { "url": "https://git.kernel.org/stable/c/cc432b0727ce404cc13e8f6b5ce29f412c3f9f1f" }, { "url": "https://git.kernel.org/stable/c/84e1d0bf1d7121759622dabf8fbef4c99ad597c5" } ], "title": "i2c: virtio: disable timeout handling", "x_generator": { "engine": "bippy-9e1c9544281a" } } }, "cveMetadata": { "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "assignerShortName": "Linux", "cveId": "CVE-2021-47561", "datePublished": "2024-05-24T15:12:50.061Z", "dateReserved": "2024-05-24T15:11:00.727Z", "dateUpdated": "2024-11-04T12:08:15.645Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2021-47568
Vulnerability from cvelistv5
Published
2024-05-24 15:12
Modified
2024-11-04 12:08
Severity ?
EPSS score ?
Summary
ksmbd: fix memleak in get_file_stream_info()
References
{ "containers": { "adp": [ { "metrics": [ { "other": { "content": { "id": "CVE-2021-47568", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-06-20T19:25:13.311391Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-06-20T19:25:21.892Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-08-04T05:39:59.820Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/11e659827c3a2facb3a04e08cc97ff14d5091f51" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/178ca6f85aa3231094467691f5ea1ff2f398aa8d" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "Linux", "programFiles": [ "fs/ksmbd/smb2pdu.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "lessThan": "11e659827c3a", "status": "affected", "version": "34061d6b76a4", "versionType": "git" }, { "lessThan": "178ca6f85aa3", "status": "affected", "version": "34061d6b76a4", "versionType": "git" } ] }, { "defaultStatus": "affected", "product": "Linux", "programFiles": [ "fs/ksmbd/smb2pdu.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "status": "affected", "version": "5.15" }, { "lessThan": "5.15", "status": "unaffected", "version": "0", "versionType": "semver" }, { "lessThanOrEqual": "5.15.*", "status": "unaffected", "version": "5.15.6", "versionType": "semver" }, { "lessThanOrEqual": "*", "status": "unaffected", "version": "5.16", "versionType": "original_commit_for_fix" } ] } ], "descriptions": [ { "lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nksmbd: fix memleak in get_file_stream_info()\n\nFix memleak in get_file_stream_info()" } ], "providerMetadata": { "dateUpdated": "2024-11-04T12:08:23.789Z", "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux" }, "references": [ { "url": "https://git.kernel.org/stable/c/11e659827c3a2facb3a04e08cc97ff14d5091f51" }, { "url": "https://git.kernel.org/stable/c/178ca6f85aa3231094467691f5ea1ff2f398aa8d" } ], "title": "ksmbd: fix memleak in get_file_stream_info()", "x_generator": { "engine": "bippy-9e1c9544281a" } } }, "cveMetadata": { "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "assignerShortName": "Linux", "cveId": "CVE-2021-47568", "datePublished": "2024-05-24T15:12:54.742Z", "dateReserved": "2024-05-24T15:11:00.728Z", "dateUpdated": "2024-11-04T12:08:23.789Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2021-47509
Vulnerability from cvelistv5
Published
2024-05-24 15:09
Modified
2024-11-07 17:32
Severity ?
EPSS score ?
Summary
ALSA: pcm: oss: Limit the period size to 16MB
References
{ "containers": { "adp": [ { "metrics": [ { "cvssV3_1": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" } }, { "other": { "content": { "id": "CVE-2021-47509", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-05-29T17:05:25.970699Z", "version": "2.0.3" }, "type": "ssvc" } } ], "problemTypes": [ { "descriptions": [ { "description": "CWE-noinfo Not enough information", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-11-07T17:32:21.679Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-08-04T05:39:59.773Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/d1bb703ad050de9095f10b2d3416c32921ac6bcc" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/b02a41eebcc36d4f07196780f2e165ca2c499257" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/be55f306396cd62c6889286a7194fd8b53363aeb" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/2e54cf6794bf82a54aaefc78da13819aea9cd28a" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/76f19e4cbb548e28547f8c328aa0bfb3a10222d3" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/ad45babf7886e7a212ee1d5eda9ef49f696db43c" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/35a3e511032146941085f87dd9fb5b82ea5c00a2" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/8839c8c0f77ab8fc0463f4ab8b37fca3f70677c2" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "Linux", "programFiles": [ "sound/core/oss/pcm_oss.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "lessThan": "d1bb703ad050", "status": "affected", "version": "1da177e4c3f4", "versionType": "git" }, { "lessThan": "b02a41eebcc3", "status": "affected", "version": "1da177e4c3f4", "versionType": "git" }, { "lessThan": "be55f306396c", "status": "affected", "version": "1da177e4c3f4", "versionType": "git" }, { "lessThan": "2e54cf6794bf", "status": "affected", "version": "1da177e4c3f4", "versionType": "git" }, { "lessThan": "76f19e4cbb54", "status": "affected", "version": "1da177e4c3f4", "versionType": "git" }, { "lessThan": "ad45babf7886", "status": "affected", "version": "1da177e4c3f4", "versionType": "git" }, { "lessThan": "35a3e5110321", "status": "affected", "version": "1da177e4c3f4", "versionType": "git" }, { "lessThan": "8839c8c0f77a", "status": "affected", "version": "1da177e4c3f4", "versionType": "git" } ] }, { "defaultStatus": "affected", "product": "Linux", "programFiles": [ "sound/core/oss/pcm_oss.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "lessThanOrEqual": "4.4.*", "status": "unaffected", "version": "4.4.295", "versionType": "semver" }, { "lessThanOrEqual": "4.9.*", "status": "unaffected", "version": "4.9.293", "versionType": "semver" }, { "lessThanOrEqual": "4.14.*", "status": "unaffected", "version": "4.14.258", "versionType": "semver" }, { "lessThanOrEqual": "4.19.*", "status": "unaffected", "version": "4.19.221", "versionType": "semver" }, { "lessThanOrEqual": "5.4.*", "status": "unaffected", "version": "5.4.165", "versionType": "semver" }, { "lessThanOrEqual": "5.10.*", "status": "unaffected", "version": "5.10.85", "versionType": "semver" }, { "lessThanOrEqual": "5.15.*", "status": "unaffected", "version": "5.15.8", "versionType": "semver" }, { "lessThanOrEqual": "*", "status": "unaffected", "version": "5.16", "versionType": "original_commit_for_fix" } ] } ], "descriptions": [ { "lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nALSA: pcm: oss: Limit the period size to 16MB\n\nSet the practical limit to the period size (the fragment shift in OSS)\ninstead of a full 31bit; a too large value could lead to the exhaust\nof memory as we allocate temporary buffers of the period size, too.\n\nAs of this patch, we set to 16MB limit, which should cover all use\ncases." } ], "providerMetadata": { "dateUpdated": "2024-11-04T12:07:18.283Z", "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux" }, "references": [ { "url": "https://git.kernel.org/stable/c/d1bb703ad050de9095f10b2d3416c32921ac6bcc" }, { "url": "https://git.kernel.org/stable/c/b02a41eebcc36d4f07196780f2e165ca2c499257" }, { "url": "https://git.kernel.org/stable/c/be55f306396cd62c6889286a7194fd8b53363aeb" }, { "url": "https://git.kernel.org/stable/c/2e54cf6794bf82a54aaefc78da13819aea9cd28a" }, { "url": "https://git.kernel.org/stable/c/76f19e4cbb548e28547f8c328aa0bfb3a10222d3" }, { "url": "https://git.kernel.org/stable/c/ad45babf7886e7a212ee1d5eda9ef49f696db43c" }, { "url": "https://git.kernel.org/stable/c/35a3e511032146941085f87dd9fb5b82ea5c00a2" }, { "url": "https://git.kernel.org/stable/c/8839c8c0f77ab8fc0463f4ab8b37fca3f70677c2" } ], "title": "ALSA: pcm: oss: Limit the period size to 16MB", "x_generator": { "engine": "bippy-9e1c9544281a" } } }, "cveMetadata": { "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "assignerShortName": "Linux", "cveId": "CVE-2021-47509", "datePublished": "2024-05-24T15:09:25.349Z", "dateReserved": "2024-05-24T15:02:54.823Z", "dateUpdated": "2024-11-07T17:32:21.679Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-52880
Vulnerability from cvelistv5
Published
2024-05-24 15:33
Modified
2024-11-04 14:54
Severity ?
EPSS score ?
Summary
tty: n_gsm: require CAP_NET_ADMIN to attach N_GSM0710 ldisc
References
{ "containers": { "adp": [ { "metrics": [ { "other": { "content": { "id": "CVE-2023-52880", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-05-24T19:10:27.057428Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-06-04T17:23:31.686Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-08-02T23:18:41.167Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/7d303dee473ba3529d75b63491e9963342107bed" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/7a529c9023a197ab3bf09bb95df32a3813f7ba58" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/ada28eb4b9561aab93942f3224a2e41d76fe57fa" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/2d154a54c58f9c8375bfbea9f7e51ba3bfb2e43a" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/2b85977977cbd120591b23c2450e90a5806a7167" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/67c37756898a5a6b2941a13ae7260c89b54e0d88" }, { "tags": [ "x_transferred" ], "url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html" }, { "tags": [ "x_transferred" ], "url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "Linux", "programFiles": [ "drivers/tty/n_gsm.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "lessThan": "7d303dee473b", "status": "affected", "version": "1da177e4c3f4", "versionType": "git" }, { "lessThan": "7a529c9023a1", "status": "affected", "version": "1da177e4c3f4", "versionType": "git" }, { "lessThan": "ada28eb4b956", "status": "affected", "version": "1da177e4c3f4", "versionType": "git" }, { "lessThan": "2d154a54c58f", "status": "affected", "version": "1da177e4c3f4", "versionType": "git" }, { "lessThan": "2b85977977cb", "status": "affected", "version": "1da177e4c3f4", "versionType": "git" }, { "lessThan": "67c37756898a", "status": "affected", "version": "1da177e4c3f4", "versionType": "git" } ] }, { "defaultStatus": "affected", "product": "Linux", "programFiles": [ "drivers/tty/n_gsm.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "lessThanOrEqual": "4.19.*", "status": "unaffected", "version": "4.19.312", "versionType": "semver" }, { "lessThanOrEqual": "5.4.*", "status": "unaffected", "version": "5.4.274", "versionType": "semver" }, { "lessThanOrEqual": "5.10.*", "status": "unaffected", "version": "5.10.215", "versionType": "semver" }, { "lessThanOrEqual": "5.15.*", "status": "unaffected", "version": "5.15.155", "versionType": "semver" }, { "lessThanOrEqual": "6.1.*", "status": "unaffected", "version": "6.1.86", "versionType": "semver" }, { "lessThanOrEqual": "*", "status": "unaffected", "version": "6.6", "versionType": "original_commit_for_fix" } ] } ], "descriptions": [ { "lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ntty: n_gsm: require CAP_NET_ADMIN to attach N_GSM0710 ldisc\n\nAny unprivileged user can attach N_GSM0710 ldisc, but it requires\nCAP_NET_ADMIN to create a GSM network anyway.\n\nRequire initial namespace CAP_NET_ADMIN to do that." } ], "providerMetadata": { "dateUpdated": "2024-11-04T14:54:28.359Z", "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux" }, "references": [ { "url": "https://git.kernel.org/stable/c/7d303dee473ba3529d75b63491e9963342107bed" }, { "url": "https://git.kernel.org/stable/c/7a529c9023a197ab3bf09bb95df32a3813f7ba58" }, { "url": "https://git.kernel.org/stable/c/ada28eb4b9561aab93942f3224a2e41d76fe57fa" }, { "url": "https://git.kernel.org/stable/c/2d154a54c58f9c8375bfbea9f7e51ba3bfb2e43a" }, { "url": "https://git.kernel.org/stable/c/2b85977977cbd120591b23c2450e90a5806a7167" }, { "url": "https://git.kernel.org/stable/c/67c37756898a5a6b2941a13ae7260c89b54e0d88" } ], "title": "tty: n_gsm: require CAP_NET_ADMIN to attach N_GSM0710 ldisc", "x_generator": { "engine": "bippy-9e1c9544281a" } } }, "cveMetadata": { "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "assignerShortName": "Linux", "cveId": "CVE-2023-52880", "datePublished": "2024-05-24T15:33:17.439Z", "dateReserved": "2024-05-21T15:35:00.781Z", "dateUpdated": "2024-11-04T14:54:28.359Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2021-47500
Vulnerability from cvelistv5
Published
2024-05-24 15:01
Modified
2024-11-04 12:07
Severity ?
EPSS score ?
Summary
iio: mma8452: Fix trigger reference couting
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-04T05:39:59.752Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/094d513b78b1714113bc016684b8142382e071ba" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/fb75cc4740d81264cd5bcb0e17d961d018a8be96" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/794c0898f6bf39a458655d5fb4af70ec43a5cfcb" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/f5deab10ced368c807866283f8b79144c4823be8" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/acf0088ac073ca6e7f4cad6acac112177e08df5e" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/db12d95085367de8b0223929d1332731024441f1" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/c43517071dfc9fce34f8f69dbb98a86017f6b739" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/cd0082235783f814241a1c9483fb89e405f4f892" } ], "title": "CVE Program Container" }, { "metrics": [ { "other": { "content": { "id": "CVE-2021-47500", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-09-10T15:35:45.977945Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-09-11T17:32:52.849Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "Linux", "programFiles": [ "drivers/iio/accel/mma8452.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "lessThan": "094d513b78b1", "status": "affected", "version": "ae6d9ce05691", "versionType": "git" }, { "lessThan": "fb75cc4740d8", "status": "affected", "version": "ae6d9ce05691", "versionType": "git" }, { "lessThan": "794c0898f6bf", "status": "affected", "version": "ae6d9ce05691", "versionType": "git" }, { "lessThan": "f5deab10ced3", "status": "affected", "version": "ae6d9ce05691", "versionType": "git" }, { "lessThan": "acf0088ac073", "status": "affected", "version": "ae6d9ce05691", "versionType": "git" }, { "lessThan": "db12d9508536", "status": "affected", "version": "ae6d9ce05691", "versionType": "git" }, { "lessThan": "c43517071dfc", "status": "affected", "version": "ae6d9ce05691", "versionType": "git" }, { "lessThan": "cd0082235783", "status": "affected", "version": "ae6d9ce05691", "versionType": "git" } ] }, { "defaultStatus": "affected", "product": "Linux", "programFiles": [ "drivers/iio/accel/mma8452.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "status": "affected", "version": "4.2" }, { "lessThan": "4.2", "status": "unaffected", "version": "0", "versionType": "semver" }, { "lessThanOrEqual": "4.4.*", "status": "unaffected", "version": "4.4.295", "versionType": "semver" }, { "lessThanOrEqual": "4.9.*", "status": "unaffected", "version": "4.9.293", "versionType": "semver" }, { "lessThanOrEqual": "4.14.*", "status": "unaffected", "version": "4.14.258", "versionType": "semver" }, { "lessThanOrEqual": "4.19.*", "status": "unaffected", "version": "4.19.221", "versionType": "semver" }, { "lessThanOrEqual": "5.4.*", "status": "unaffected", "version": "5.4.165", "versionType": "semver" }, { "lessThanOrEqual": "5.10.*", "status": "unaffected", "version": "5.10.85", "versionType": "semver" }, { "lessThanOrEqual": "5.15.*", "status": "unaffected", "version": "5.15.8", "versionType": "semver" }, { "lessThanOrEqual": "*", "status": "unaffected", "version": "5.16", "versionType": "original_commit_for_fix" } ] } ], "descriptions": [ { "lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\niio: mma8452: Fix trigger reference couting\n\nThe mma8452 driver directly assigns a trigger to the struct iio_dev. The\nIIO core when done using this trigger will call `iio_trigger_put()` to drop\nthe reference count by 1.\n\nWithout the matching `iio_trigger_get()` in the driver the reference count\ncan reach 0 too early, the trigger gets freed while still in use and a\nuse-after-free occurs.\n\nFix this by getting a reference to the trigger before assigning it to the\nIIO device." } ], "providerMetadata": { "dateUpdated": "2024-11-04T12:07:07.793Z", "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux" }, "references": [ { "url": "https://git.kernel.org/stable/c/094d513b78b1714113bc016684b8142382e071ba" }, { "url": "https://git.kernel.org/stable/c/fb75cc4740d81264cd5bcb0e17d961d018a8be96" }, { "url": "https://git.kernel.org/stable/c/794c0898f6bf39a458655d5fb4af70ec43a5cfcb" }, { "url": "https://git.kernel.org/stable/c/f5deab10ced368c807866283f8b79144c4823be8" }, { "url": "https://git.kernel.org/stable/c/acf0088ac073ca6e7f4cad6acac112177e08df5e" }, { "url": "https://git.kernel.org/stable/c/db12d95085367de8b0223929d1332731024441f1" }, { "url": "https://git.kernel.org/stable/c/c43517071dfc9fce34f8f69dbb98a86017f6b739" }, { "url": "https://git.kernel.org/stable/c/cd0082235783f814241a1c9483fb89e405f4f892" } ], "title": "iio: mma8452: Fix trigger reference couting", "x_generator": { "engine": "bippy-9e1c9544281a" } } }, "cveMetadata": { "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "assignerShortName": "Linux", "cveId": "CVE-2021-47500", "datePublished": "2024-05-24T15:01:43.362Z", "dateReserved": "2024-05-22T06:20:56.204Z", "dateUpdated": "2024-11-04T12:07:07.793Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2021-47535
Vulnerability from cvelistv5
Published
2024-05-24 15:09
Modified
2024-11-04 12:07
Severity ?
EPSS score ?
Summary
drm/msm/a6xx: Allocate enough space for GMU registers
References
{ "containers": { "adp": [ { "metrics": [ { "other": { "content": { "id": "CVE-2021-47535", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-06-17T17:34:34.685290Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-06-17T17:34:55.686Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-08-04T05:39:59.827Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/d646856a600e8635ba498f20b194219b158626e8" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/83e54fcf0b14ca2d869dd37abe1bb6542805f538" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/b4d25abf9720b69a03465b09d0d62d1998ed6708" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "Linux", "programFiles": [ "drivers/gpu/drm/msm/adreno/a6xx_gpu_state.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "lessThan": "d646856a600e", "status": "affected", "version": "142639a52a01", "versionType": "git" }, { "lessThan": "83e54fcf0b14", "status": "affected", "version": "142639a52a01", "versionType": "git" }, { "lessThan": "b4d25abf9720", "status": "affected", "version": "142639a52a01", "versionType": "git" } ] }, { "defaultStatus": "affected", "product": "Linux", "programFiles": [ "drivers/gpu/drm/msm/adreno/a6xx_gpu_state.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "status": "affected", "version": "5.9" }, { "lessThan": "5.9", "status": "unaffected", "version": "0", "versionType": "semver" }, { "lessThanOrEqual": "5.10.*", "status": "unaffected", "version": "5.10.84", "versionType": "semver" }, { "lessThanOrEqual": "5.15.*", "status": "unaffected", "version": "5.15.7", "versionType": "semver" }, { "lessThanOrEqual": "*", "status": "unaffected", "version": "5.16", "versionType": "original_commit_for_fix" } ] } ], "descriptions": [ { "lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/msm/a6xx: Allocate enough space for GMU registers\n\nIn commit 142639a52a01 (\"drm/msm/a6xx: fix crashstate capture for\nA650\") we changed a6xx_get_gmu_registers() to read 3 sets of\nregisters. Unfortunately, we didn\u0027t change the memory allocation for\nthe array. That leads to a KASAN warning (this was on the chromeos-5.4\nkernel, which has the problematic commit backported to it):\n\n BUG: KASAN: slab-out-of-bounds in _a6xx_get_gmu_registers+0x144/0x430\n Write of size 8 at addr ffffff80c89432b0 by task A618-worker/209\n CPU: 5 PID: 209 Comm: A618-worker Tainted: G W 5.4.156-lockdep #22\n Hardware name: Google Lazor Limozeen without Touchscreen (rev5 - rev8) (DT)\n Call trace:\n dump_backtrace+0x0/0x248\n show_stack+0x20/0x2c\n dump_stack+0x128/0x1ec\n print_address_description+0x88/0x4a0\n __kasan_report+0xfc/0x120\n kasan_report+0x10/0x18\n __asan_report_store8_noabort+0x1c/0x24\n _a6xx_get_gmu_registers+0x144/0x430\n a6xx_gpu_state_get+0x330/0x25d4\n msm_gpu_crashstate_capture+0xa0/0x84c\n recover_worker+0x328/0x838\n kthread_worker_fn+0x32c/0x574\n kthread+0x2dc/0x39c\n ret_from_fork+0x10/0x18\n\n Allocated by task 209:\n __kasan_kmalloc+0xfc/0x1c4\n kasan_kmalloc+0xc/0x14\n kmem_cache_alloc_trace+0x1f0/0x2a0\n a6xx_gpu_state_get+0x164/0x25d4\n msm_gpu_crashstate_capture+0xa0/0x84c\n recover_worker+0x328/0x838\n kthread_worker_fn+0x32c/0x574\n kthread+0x2dc/0x39c\n ret_from_fork+0x10/0x18" } ], "providerMetadata": { "dateUpdated": "2024-11-04T12:07:48.679Z", "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux" }, "references": [ { "url": "https://git.kernel.org/stable/c/d646856a600e8635ba498f20b194219b158626e8" }, { "url": "https://git.kernel.org/stable/c/83e54fcf0b14ca2d869dd37abe1bb6542805f538" }, { "url": "https://git.kernel.org/stable/c/b4d25abf9720b69a03465b09d0d62d1998ed6708" } ], "title": "drm/msm/a6xx: Allocate enough space for GMU registers", "x_generator": { "engine": "bippy-9e1c9544281a" } } }, "cveMetadata": { "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "assignerShortName": "Linux", "cveId": "CVE-2021-47535", "datePublished": "2024-05-24T15:09:43.994Z", "dateReserved": "2024-05-24T15:02:54.826Z", "dateUpdated": "2024-11-04T12:07:48.679Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2021-47514
Vulnerability from cvelistv5
Published
2024-05-24 15:09
Modified
2024-11-04 12:07
Severity ?
EPSS score ?
Summary
devlink: fix netns refcount leak in devlink_nl_cmd_reload()
References
{ "containers": { "adp": [ { "metrics": [ { "other": { "content": { "id": "CVE-2021-47514", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-05-24T19:18:46.534167Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-06-04T17:14:53.095Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-08-04T05:39:59.599Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/4b7e90672af8e0c78205db006f1b0a20ebd07f5f" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/fe30b70ca84da9c4aca85c03ad86e7a9b89c5ded" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/4dbb0dad8e63fcd0b5a117c2861d2abe7ff5f186" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "Linux", "programFiles": [ "net/core/devlink.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "lessThan": "4b7e90672af8", "status": "affected", "version": "ccdf07219da6", "versionType": "git" }, { "lessThan": "fe30b70ca84d", "status": "affected", "version": "ccdf07219da6", "versionType": "git" }, { "lessThan": "4dbb0dad8e63", "status": "affected", "version": "ccdf07219da6", "versionType": "git" } ] }, { "defaultStatus": "affected", "product": "Linux", "programFiles": [ "net/core/devlink.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "status": "affected", "version": "5.10" }, { "lessThan": "5.10", "status": "unaffected", "version": "0", "versionType": "semver" }, { "lessThanOrEqual": "5.10.*", "status": "unaffected", "version": "5.10.85", "versionType": "semver" }, { "lessThanOrEqual": "5.15.*", "status": "unaffected", "version": "5.15.8", "versionType": "semver" }, { "lessThanOrEqual": "*", "status": "unaffected", "version": "5.16", "versionType": "original_commit_for_fix" } ] } ], "descriptions": [ { "lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ndevlink: fix netns refcount leak in devlink_nl_cmd_reload()\n\nWhile preparing my patch series adding netns refcount tracking,\nI spotted bugs in devlink_nl_cmd_reload()\n\nSome error paths forgot to release a refcount on a netns.\n\nTo fix this, we can reduce the scope of get_net()/put_net()\nsection around the call to devlink_reload()." } ], "providerMetadata": { "dateUpdated": "2024-11-04T12:07:24.143Z", "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux" }, "references": [ { "url": "https://git.kernel.org/stable/c/4b7e90672af8e0c78205db006f1b0a20ebd07f5f" }, { "url": "https://git.kernel.org/stable/c/fe30b70ca84da9c4aca85c03ad86e7a9b89c5ded" }, { "url": "https://git.kernel.org/stable/c/4dbb0dad8e63fcd0b5a117c2861d2abe7ff5f186" } ], "title": "devlink: fix netns refcount leak in devlink_nl_cmd_reload()", "x_generator": { "engine": "bippy-9e1c9544281a" } } }, "cveMetadata": { "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "assignerShortName": "Linux", "cveId": "CVE-2021-47514", "datePublished": "2024-05-24T15:09:28.686Z", "dateReserved": "2024-05-24T15:02:54.824Z", "dateUpdated": "2024-11-04T12:07:24.143Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2021-47540
Vulnerability from cvelistv5
Published
2024-05-24 15:09
Modified
2024-11-04 12:07
Severity ?
EPSS score ?
Summary
mt76: mt7915: fix NULL pointer dereference in mt7915_get_phy_mode
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-04T05:39:59.621Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/932b338f4e5c4cb0c2ed640da3bced1e63620198" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/14b03b8cebdf18ff13c39d58501b625411314de2" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/6e53d6d26920d5221d3f4d4f5ffdd629ea69aa5c" } ], "title": "CVE Program Container" }, { "metrics": [ { "other": { "content": { "id": "CVE-2021-47540", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-09-10T15:35:20.346625Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-09-11T17:33:20.936Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "Linux", "programFiles": [ "drivers/net/wireless/mediatek/mt76/mt7915/mcu.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "lessThan": "932b338f4e5c", "status": "affected", "version": "37f4ca907c46", "versionType": "git" }, { "lessThan": "14b03b8cebdf", "status": "affected", "version": "37f4ca907c46", "versionType": "git" }, { "lessThan": "6e53d6d26920", "status": "affected", "version": "37f4ca907c46", "versionType": "git" } ] }, { "defaultStatus": "affected", "product": "Linux", "programFiles": [ "drivers/net/wireless/mediatek/mt76/mt7915/mcu.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "status": "affected", "version": "5.8" }, { "lessThan": "5.8", "status": "unaffected", "version": "0", "versionType": "semver" }, { "lessThanOrEqual": "5.10.*", "status": "unaffected", "version": "5.10.84", "versionType": "semver" }, { "lessThanOrEqual": "5.15.*", "status": "unaffected", "version": "5.15.7", "versionType": "semver" }, { "lessThanOrEqual": "*", "status": "unaffected", "version": "5.16", "versionType": "original_commit_for_fix" } ] } ], "descriptions": [ { "lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nmt76: mt7915: fix NULL pointer dereference in mt7915_get_phy_mode\n\nFix the following NULL pointer dereference in mt7915_get_phy_mode\nroutine adding an ibss interface to the mt7915 driver.\n\n[ 101.137097] wlan0: Trigger new scan to find an IBSS to join\n[ 102.827039] wlan0: Creating new IBSS network, BSSID 26:a4:50:1a:6e:69\n[ 103.064756] Unable to handle kernel NULL pointer dereference at virtual address 0000000000000000\n[ 103.073670] Mem abort info:\n[ 103.076520] ESR = 0x96000005\n[ 103.079614] EC = 0x25: DABT (current EL), IL = 32 bits\n[ 103.084934] SET = 0, FnV = 0\n[ 103.088042] EA = 0, S1PTW = 0\n[ 103.091215] Data abort info:\n[ 103.094104] ISV = 0, ISS = 0x00000005\n[ 103.098041] CM = 0, WnR = 0\n[ 103.101044] user pgtable: 4k pages, 39-bit VAs, pgdp=00000000460b1000\n[ 103.107565] [0000000000000000] pgd=0000000000000000, p4d=0000000000000000, pud=0000000000000000\n[ 103.116590] Internal error: Oops: 96000005 [#1] SMP\n[ 103.189066] CPU: 1 PID: 333 Comm: kworker/u4:3 Not tainted 5.10.75 #0\n[ 103.195498] Hardware name: MediaTek MT7622 RFB1 board (DT)\n[ 103.201124] Workqueue: phy0 ieee80211_iface_work [mac80211]\n[ 103.206695] pstate: 20000005 (nzCv daif -PAN -UAO -TCO BTYPE=--)\n[ 103.212705] pc : mt7915_get_phy_mode+0x68/0x120 [mt7915e]\n[ 103.218103] lr : mt7915_mcu_add_bss_info+0x11c/0x760 [mt7915e]\n[ 103.223927] sp : ffffffc011cdb9e0\n[ 103.227235] x29: ffffffc011cdb9e0 x28: ffffff8006563098\n[ 103.232545] x27: ffffff8005f4da22 x26: ffffff800685ac40\n[ 103.237855] x25: 0000000000000001 x24: 000000000000011f\n[ 103.243165] x23: ffffff8005f4e260 x22: ffffff8006567918\n[ 103.248475] x21: ffffff8005f4df80 x20: ffffff800685ac58\n[ 103.253785] x19: ffffff8006744400 x18: 0000000000000000\n[ 103.259094] x17: 0000000000000000 x16: 0000000000000001\n[ 103.264403] x15: 000899c3a2d9d2e4 x14: 000899bdc3c3a1c8\n[ 103.269713] x13: 0000000000000000 x12: 0000000000000000\n[ 103.275024] x11: ffffffc010e30c20 x10: 0000000000000000\n[ 103.280333] x9 : 0000000000000050 x8 : ffffff8006567d88\n[ 103.285642] x7 : ffffff8006563b5c x6 : ffffff8006563b44\n[ 103.290952] x5 : 0000000000000002 x4 : 0000000000000001\n[ 103.296262] x3 : 0000000000000001 x2 : 0000000000000001\n[ 103.301572] x1 : 0000000000000000 x0 : 0000000000000011\n[ 103.306882] Call trace:\n[ 103.309328] mt7915_get_phy_mode+0x68/0x120 [mt7915e]\n[ 103.314378] mt7915_bss_info_changed+0x198/0x200 [mt7915e]\n[ 103.319941] ieee80211_bss_info_change_notify+0x128/0x290 [mac80211]\n[ 103.326360] __ieee80211_sta_join_ibss+0x308/0x6c4 [mac80211]\n[ 103.332171] ieee80211_sta_create_ibss+0x8c/0x10c [mac80211]\n[ 103.337895] ieee80211_ibss_work+0x3dc/0x614 [mac80211]\n[ 103.343185] ieee80211_iface_work+0x388/0x3f0 [mac80211]\n[ 103.348495] process_one_work+0x288/0x690\n[ 103.352499] worker_thread+0x70/0x464\n[ 103.356157] kthread+0x144/0x150\n[ 103.359380] ret_from_fork+0x10/0x18\n[ 103.362952] Code: 394008c3 52800220 394000e4 7100007f (39400023)" } ], "providerMetadata": { "dateUpdated": "2024-11-04T12:07:54.561Z", "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux" }, "references": [ { "url": "https://git.kernel.org/stable/c/932b338f4e5c4cb0c2ed640da3bced1e63620198" }, { "url": "https://git.kernel.org/stable/c/14b03b8cebdf18ff13c39d58501b625411314de2" }, { "url": "https://git.kernel.org/stable/c/6e53d6d26920d5221d3f4d4f5ffdd629ea69aa5c" } ], "title": "mt76: mt7915: fix NULL pointer dereference in mt7915_get_phy_mode", "x_generator": { "engine": "bippy-9e1c9544281a" } } }, "cveMetadata": { "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "assignerShortName": "Linux", "cveId": "CVE-2021-47540", "datePublished": "2024-05-24T15:09:47.256Z", "dateReserved": "2024-05-24T15:02:54.828Z", "dateUpdated": "2024-11-04T12:07:54.561Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2021-47506
Vulnerability from cvelistv5
Published
2024-05-24 15:01
Modified
2024-11-04 12:07
Severity ?
EPSS score ?
Summary
nfsd: fix use-after-free due to delegation race
References
{ "containers": { "adp": [ { "metrics": [ { "other": { "content": { "id": "CVE-2021-47506", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "total" } ], "role": "CISA Coordinator", "timestamp": "2024-05-29T17:04:47.932390Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-06-04T17:13:44.394Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-08-04T05:39:59.751Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/04a8d07f3d58308b92630045560799a3faa3ebce" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/348714018139c39533c55661a0c7c990671396b4" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/33645d3e22720cac1e4548f8fef57bf0649536ee" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/2becaa990b93cbd2928292c0b669d3abb6cf06d4" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/e0759696de6851d7536efddfdd2dfed4c4df1f09" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/eeb0711801f5e19ef654371b627682aed3b11373" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/148c816f10fd11df27ca6a9b3238cdd42fa72cd3" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/548ec0805c399c65ed66c6641be467f717833ab5" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "Linux", "programFiles": [ "fs/nfsd/nfs4state.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "lessThan": "04a8d07f3d58", "status": "affected", "version": "1da177e4c3f4", "versionType": "git" }, { "lessThan": "348714018139", "status": "affected", "version": "1da177e4c3f4", "versionType": "git" }, { "lessThan": "33645d3e2272", "status": "affected", "version": "1da177e4c3f4", "versionType": "git" }, { "lessThan": "2becaa990b93", "status": "affected", "version": "1da177e4c3f4", "versionType": "git" }, { "lessThan": "e0759696de68", "status": "affected", "version": "1da177e4c3f4", "versionType": "git" }, { "lessThan": "eeb0711801f5", "status": "affected", "version": "1da177e4c3f4", "versionType": "git" }, { "lessThan": "148c816f10fd", "status": "affected", "version": "1da177e4c3f4", "versionType": "git" }, { "lessThan": "548ec0805c39", "status": "affected", "version": "1da177e4c3f4", "versionType": "git" } ] }, { "defaultStatus": "affected", "product": "Linux", "programFiles": [ "fs/nfsd/nfs4state.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "lessThanOrEqual": "4.4.*", "status": "unaffected", "version": "4.4.296", "versionType": "semver" }, { "lessThanOrEqual": "4.9.*", "status": "unaffected", "version": "4.9.294", "versionType": "semver" }, { "lessThanOrEqual": "4.14.*", "status": "unaffected", "version": "4.14.259", "versionType": "semver" }, { "lessThanOrEqual": "4.19.*", "status": "unaffected", "version": "4.19.222", "versionType": "semver" }, { "lessThanOrEqual": "5.4.*", "status": "unaffected", "version": "5.4.168", "versionType": "semver" }, { "lessThanOrEqual": "5.10.*", "status": "unaffected", "version": "5.10.85", "versionType": "semver" }, { "lessThanOrEqual": "5.15.*", "status": "unaffected", "version": "5.15.8", "versionType": "semver" }, { "lessThanOrEqual": "*", "status": "unaffected", "version": "5.16", "versionType": "original_commit_for_fix" } ] } ], "descriptions": [ { "lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnfsd: fix use-after-free due to delegation race\n\nA delegation break could arrive as soon as we\u0027ve called vfs_setlease. A\ndelegation break runs a callback which immediately (in\nnfsd4_cb_recall_prepare) adds the delegation to del_recall_lru. If we\nthen exit nfs4_set_delegation without hashing the delegation, it will be\nfreed as soon as the callback is done with it, without ever being\nremoved from del_recall_lru.\n\nSymptoms show up later as use-after-free or list corruption warnings,\nusually in the laundromat thread.\n\nI suspect aba2072f4523 \"nfsd: grant read delegations to clients holding\nwrites\" made this bug easier to hit, but I looked as far back as v3.0\nand it looks to me it already had the same problem. So I\u0027m not sure\nwhere the bug was introduced; it may have been there from the beginning." } ], "providerMetadata": { "dateUpdated": "2024-11-04T12:07:14.801Z", "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux" }, "references": [ { "url": "https://git.kernel.org/stable/c/04a8d07f3d58308b92630045560799a3faa3ebce" }, { "url": "https://git.kernel.org/stable/c/348714018139c39533c55661a0c7c990671396b4" }, { "url": "https://git.kernel.org/stable/c/33645d3e22720cac1e4548f8fef57bf0649536ee" }, { "url": "https://git.kernel.org/stable/c/2becaa990b93cbd2928292c0b669d3abb6cf06d4" }, { "url": "https://git.kernel.org/stable/c/e0759696de6851d7536efddfdd2dfed4c4df1f09" }, { "url": "https://git.kernel.org/stable/c/eeb0711801f5e19ef654371b627682aed3b11373" }, { "url": "https://git.kernel.org/stable/c/148c816f10fd11df27ca6a9b3238cdd42fa72cd3" }, { "url": "https://git.kernel.org/stable/c/548ec0805c399c65ed66c6641be467f717833ab5" } ], "title": "nfsd: fix use-after-free due to delegation race", "x_generator": { "engine": "bippy-9e1c9544281a" } } }, "cveMetadata": { "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "assignerShortName": "Linux", "cveId": "CVE-2021-47506", "datePublished": "2024-05-24T15:01:52.746Z", "dateReserved": "2024-05-22T06:20:56.205Z", "dateUpdated": "2024-11-04T12:07:14.801Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2021-47557
Vulnerability from cvelistv5
Published
2024-05-24 15:09
Modified
2024-11-04 12:08
Severity ?
EPSS score ?
Summary
net/sched: sch_ets: don't peek at classes beyond 'nbands'
References
{ "containers": { "adp": [ { "metrics": [ { "other": { "content": { "id": "CVE-2021-47557", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-05-24T19:15:45.533433Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-06-04T17:14:22.387Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-08-04T05:39:59.828Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/ae2659d2c670252759ee9c823c4e039c0e05a6f2" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/e25bdbc7e951ae5728fee1f4c09485df113d013c" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/de6d25924c2a8c2988c6a385990cafbe742061bf" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "Linux", "programFiles": [ "net/sched/sch_ets.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "lessThan": "ae2659d2c670", "status": "affected", "version": "dcc68b4d8084", "versionType": "git" }, { "lessThan": "e25bdbc7e951", "status": "affected", "version": "dcc68b4d8084", "versionType": "git" }, { "lessThan": "de6d25924c2a", "status": "affected", "version": "dcc68b4d8084", "versionType": "git" } ] }, { "defaultStatus": "affected", "product": "Linux", "programFiles": [ "net/sched/sch_ets.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "status": "affected", "version": "5.6" }, { "lessThan": "5.6", "status": "unaffected", "version": "0", "versionType": "semver" }, { "lessThanOrEqual": "5.10.*", "status": "unaffected", "version": "5.10.83", "versionType": "semver" }, { "lessThanOrEqual": "5.15.*", "status": "unaffected", "version": "5.15.6", "versionType": "semver" }, { "lessThanOrEqual": "*", "status": "unaffected", "version": "5.16", "versionType": "original_commit_for_fix" } ] } ], "descriptions": [ { "lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/sched: sch_ets: don\u0027t peek at classes beyond \u0027nbands\u0027\n\nwhen the number of DRR classes decreases, the round-robin active list can\ncontain elements that have already been freed in ets_qdisc_change(). As a\nconsequence, it\u0027s possible to see a NULL dereference crash, caused by the\nattempt to call cl-\u003eqdisc-\u003eops-\u003epeek(cl-\u003eqdisc) when cl-\u003eqdisc is NULL:\n\n BUG: kernel NULL pointer dereference, address: 0000000000000018\n #PF: supervisor read access in kernel mode\n #PF: error_code(0x0000) - not-present page\n PGD 0 P4D 0\n Oops: 0000 [#1] PREEMPT SMP NOPTI\n CPU: 1 PID: 910 Comm: mausezahn Not tainted 5.16.0-rc1+ #475\n Hardware name: Red Hat KVM, BIOS 1.11.1-4.module+el8.1.0+4066+0f1aadab 04/01/2014\n RIP: 0010:ets_qdisc_dequeue+0x129/0x2c0 [sch_ets]\n Code: c5 01 41 39 ad e4 02 00 00 0f 87 18 ff ff ff 49 8b 85 c0 02 00 00 49 39 c4 0f 84 ba 00 00 00 49 8b ad c0 02 00 00 48 8b 7d 10 \u003c48\u003e 8b 47 18 48 8b 40 38 0f ae e8 ff d0 48 89 c3 48 85 c0 0f 84 9d\n RSP: 0000:ffffbb36c0b5fdd8 EFLAGS: 00010287\n RAX: ffff956678efed30 RBX: 0000000000000000 RCX: 0000000000000000\n RDX: 0000000000000002 RSI: ffffffff9b938dc9 RDI: 0000000000000000\n RBP: ffff956678efed30 R08: e2f3207fe360129c R09: 0000000000000000\n R10: 0000000000000001 R11: 0000000000000001 R12: ffff956678efeac0\n R13: ffff956678efe800 R14: ffff956611545000 R15: ffff95667ac8f100\n FS: 00007f2aa9120740(0000) GS:ffff95667b800000(0000) knlGS:0000000000000000\n CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n CR2: 0000000000000018 CR3: 000000011070c000 CR4: 0000000000350ee0\n Call Trace:\n \u003cTASK\u003e\n qdisc_peek_dequeued+0x29/0x70 [sch_ets]\n tbf_dequeue+0x22/0x260 [sch_tbf]\n __qdisc_run+0x7f/0x630\n net_tx_action+0x290/0x4c0\n __do_softirq+0xee/0x4f8\n irq_exit_rcu+0xf4/0x130\n sysvec_apic_timer_interrupt+0x52/0xc0\n asm_sysvec_apic_timer_interrupt+0x12/0x20\n RIP: 0033:0x7f2aa7fc9ad4\n Code: b9 ff ff 48 8b 54 24 18 48 83 c4 08 48 89 ee 48 89 df 5b 5d e9 ed fc ff ff 0f 1f 00 66 2e 0f 1f 84 00 00 00 00 00 f3 0f 1e fa \u003c53\u003e 48 83 ec 10 48 8b 05 10 64 33 00 48 8b 00 48 85 c0 0f 85 84 00\n RSP: 002b:00007ffe5d33fab8 EFLAGS: 00000202\n RAX: 0000000000000002 RBX: 0000561f72c31460 RCX: 0000561f72c31720\n RDX: 0000000000000002 RSI: 0000561f72c31722 RDI: 0000561f72c31720\n RBP: 000000000000002a R08: 00007ffe5d33fa40 R09: 0000000000000014\n R10: 0000000000000000 R11: 0000000000000246 R12: 0000561f7187e380\n R13: 0000000000000000 R14: 0000000000000000 R15: 0000561f72c31460\n \u003c/TASK\u003e\n Modules linked in: sch_ets sch_tbf dummy rfkill iTCO_wdt intel_rapl_msr iTCO_vendor_support intel_rapl_common joydev virtio_balloon lpc_ich i2c_i801 i2c_smbus pcspkr ip_tables xfs libcrc32c crct10dif_pclmul crc32_pclmul crc32c_intel ahci libahci ghash_clmulni_intel serio_raw libata virtio_blk virtio_console virtio_net net_failover failover sunrpc dm_mirror dm_region_hash dm_log dm_mod\n CR2: 0000000000000018\n\nEnsuring that \u0027alist\u0027 was never zeroed [1] was not sufficient, we need to\nremove from the active list those elements that are no more SP nor DRR.\n\n[1] https://lore.kernel.org/netdev/60d274838bf09777f0371253416e8af71360bc08.1633609148.git.dcaratti@redhat.com/\n\nv3: fix race between ets_qdisc_change() and ets_qdisc_dequeue() delisting\n DRR classes beyond \u0027nbands\u0027 in ets_qdisc_change() with the qdisc lock\n acquired, thanks to Cong Wang.\n\nv2: when a NULL qdisc is found in the DRR active list, try to dequeue skb\n from the next list item." } ], "providerMetadata": { "dateUpdated": "2024-11-04T12:08:10.995Z", "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux" }, "references": [ { "url": "https://git.kernel.org/stable/c/ae2659d2c670252759ee9c823c4e039c0e05a6f2" }, { "url": "https://git.kernel.org/stable/c/e25bdbc7e951ae5728fee1f4c09485df113d013c" }, { "url": "https://git.kernel.org/stable/c/de6d25924c2a8c2988c6a385990cafbe742061bf" } ], "title": "net/sched: sch_ets: don\u0027t peek at classes beyond \u0027nbands\u0027", "x_generator": { "engine": "bippy-9e1c9544281a" } } }, "cveMetadata": { "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "assignerShortName": "Linux", "cveId": "CVE-2021-47557", "datePublished": "2024-05-24T15:09:58.655Z", "dateReserved": "2024-05-24T15:02:54.834Z", "dateUpdated": "2024-11-04T12:08:10.995Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2021-47554
Vulnerability from cvelistv5
Published
2024-05-24 15:09
Modified
2024-11-04 12:08
Severity ?
EPSS score ?
Summary
vdpa_sim: avoid putting an uninitialized iova_domain
References
{ "containers": { "adp": [ { "metrics": [ { "other": { "content": { "id": "CVE-2021-47554", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-05-24T19:16:03.600031Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-06-04T17:14:31.147Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-08-04T05:39:59.788Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/e4d58ac67e63727aa45a4a26185876f598e8b3dd" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/bb93ce4b150dde79f58e34103cbd1fe829796649" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "Linux", "programFiles": [ "drivers/vdpa/vdpa_sim/vdpa_sim.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "lessThan": "e4d58ac67e63", "status": "affected", "version": "4080fc106750", "versionType": "git" }, { "lessThan": "bb93ce4b150d", "status": "affected", "version": "4080fc106750", "versionType": "git" } ] }, { "defaultStatus": "affected", "product": "Linux", "programFiles": [ "drivers/vdpa/vdpa_sim/vdpa_sim.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "status": "affected", "version": "5.13" }, { "lessThan": "5.13", "status": "unaffected", "version": "0", "versionType": "semver" }, { "lessThanOrEqual": "5.15.*", "status": "unaffected", "version": "5.15.6", "versionType": "semver" }, { "lessThanOrEqual": "*", "status": "unaffected", "version": "5.16", "versionType": "original_commit_for_fix" } ] } ], "descriptions": [ { "lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nvdpa_sim: avoid putting an uninitialized iova_domain\n\nThe system will crash if we put an uninitialized iova_domain, this\ncould happen when an error occurs before initializing the iova_domain\nin vdpasim_create().\n\nBUG: kernel NULL pointer dereference, address: 0000000000000000\n...\nRIP: 0010:__cpuhp_state_remove_instance+0x96/0x1c0\n...\nCall Trace:\n \u003cTASK\u003e\n put_iova_domain+0x29/0x220\n vdpasim_free+0xd1/0x120 [vdpa_sim]\n vdpa_release_dev+0x21/0x40 [vdpa]\n device_release+0x33/0x90\n kobject_release+0x63/0x160\n vdpasim_create+0x127/0x2a0 [vdpa_sim]\n vdpasim_net_dev_add+0x7d/0xfe [vdpa_sim_net]\n vdpa_nl_cmd_dev_add_set_doit+0xe1/0x1a0 [vdpa]\n genl_family_rcv_msg_doit+0x112/0x140\n genl_rcv_msg+0xdf/0x1d0\n ...\n\nSo we must make sure the iova_domain is already initialized before\nput it.\n\nIn addition, we may get the following warning in this case:\nWARNING: ... drivers/iommu/iova.c:344 iova_cache_put+0x58/0x70\n\nSo we must make sure the iova_cache_put() is invoked only if the\niova_cache_get() is already invoked. Let\u0027s fix it together." } ], "providerMetadata": { "dateUpdated": "2024-11-04T12:08:08.665Z", "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux" }, "references": [ { "url": "https://git.kernel.org/stable/c/e4d58ac67e63727aa45a4a26185876f598e8b3dd" }, { "url": "https://git.kernel.org/stable/c/bb93ce4b150dde79f58e34103cbd1fe829796649" } ], "title": "vdpa_sim: avoid putting an uninitialized iova_domain", "x_generator": { "engine": "bippy-9e1c9544281a" } } }, "cveMetadata": { "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "assignerShortName": "Linux", "cveId": "CVE-2021-47554", "datePublished": "2024-05-24T15:09:56.614Z", "dateReserved": "2024-05-24T15:02:54.833Z", "dateUpdated": "2024-11-04T12:08:08.665Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2021-47512
Vulnerability from cvelistv5
Published
2024-05-24 15:09
Modified
2024-11-04 12:07
Severity ?
EPSS score ?
Summary
net/sched: fq_pie: prevent dismantle issue
References
{ "containers": { "adp": [ { "metrics": [ { "other": { "content": { "id": "CVE-2021-47512", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-06-17T17:36:33.443173Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-06-17T17:36:39.800Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-08-04T05:39:59.825Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/2a51edaf5cc563574878b93d7ef3d5955dda7030" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/d86216dfda7c98375f809e26a30bfdaaba21d46e" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/61c2402665f1e10c5742033fce18392e369931d7" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "Linux", "programFiles": [ "net/sched/sch_fq_pie.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "lessThan": "2a51edaf5cc5", "status": "affected", "version": "ec97ecf1ebe4", "versionType": "git" }, { "lessThan": "d86216dfda7c", "status": "affected", "version": "ec97ecf1ebe4", "versionType": "git" }, { "lessThan": "61c2402665f1", "status": "affected", "version": "ec97ecf1ebe4", "versionType": "git" } ] }, { "defaultStatus": "affected", "product": "Linux", "programFiles": [ "net/sched/sch_fq_pie.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "status": "affected", "version": "5.6" }, { "lessThan": "5.6", "status": "unaffected", "version": "0", "versionType": "semver" }, { "lessThanOrEqual": "5.10.*", "status": "unaffected", "version": "5.10.85", "versionType": "semver" }, { "lessThanOrEqual": "5.15.*", "status": "unaffected", "version": "5.15.8", "versionType": "semver" }, { "lessThanOrEqual": "*", "status": "unaffected", "version": "5.16", "versionType": "original_commit_for_fix" } ] } ], "descriptions": [ { "lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/sched: fq_pie: prevent dismantle issue\n\nFor some reason, fq_pie_destroy() did not copy\nworking code from pie_destroy() and other qdiscs,\nthus causing elusive bug.\n\nBefore calling del_timer_sync(\u0026q-\u003eadapt_timer),\nwe need to ensure timer will not rearm itself.\n\nrcu: INFO: rcu_preempt self-detected stall on CPU\nrcu: 0-....: (4416 ticks this GP) idle=60d/1/0x4000000000000000 softirq=10433/10434 fqs=2579\n (t=10501 jiffies g=13085 q=3989)\nNMI backtrace for cpu 0\nCPU: 0 PID: 13 Comm: ksoftirqd/0 Not tainted 5.16.0-rc4-syzkaller #0\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011\nCall Trace:\n \u003cIRQ\u003e\n __dump_stack lib/dump_stack.c:88 [inline]\n dump_stack_lvl+0xcd/0x134 lib/dump_stack.c:106\n nmi_cpu_backtrace.cold+0x47/0x144 lib/nmi_backtrace.c:111\n nmi_trigger_cpumask_backtrace+0x1b3/0x230 lib/nmi_backtrace.c:62\n trigger_single_cpu_backtrace include/linux/nmi.h:164 [inline]\n rcu_dump_cpu_stacks+0x25e/0x3f0 kernel/rcu/tree_stall.h:343\n print_cpu_stall kernel/rcu/tree_stall.h:627 [inline]\n check_cpu_stall kernel/rcu/tree_stall.h:711 [inline]\n rcu_pending kernel/rcu/tree.c:3878 [inline]\n rcu_sched_clock_irq.cold+0x9d/0x746 kernel/rcu/tree.c:2597\n update_process_times+0x16d/0x200 kernel/time/timer.c:1785\n tick_sched_handle+0x9b/0x180 kernel/time/tick-sched.c:226\n tick_sched_timer+0x1b0/0x2d0 kernel/time/tick-sched.c:1428\n __run_hrtimer kernel/time/hrtimer.c:1685 [inline]\n __hrtimer_run_queues+0x1c0/0xe50 kernel/time/hrtimer.c:1749\n hrtimer_interrupt+0x31c/0x790 kernel/time/hrtimer.c:1811\n local_apic_timer_interrupt arch/x86/kernel/apic/apic.c:1086 [inline]\n __sysvec_apic_timer_interrupt+0x146/0x530 arch/x86/kernel/apic/apic.c:1103\n sysvec_apic_timer_interrupt+0x8e/0xc0 arch/x86/kernel/apic/apic.c:1097\n \u003c/IRQ\u003e\n \u003cTASK\u003e\n asm_sysvec_apic_timer_interrupt+0x12/0x20 arch/x86/include/asm/idtentry.h:638\nRIP: 0010:write_comp_data kernel/kcov.c:221 [inline]\nRIP: 0010:__sanitizer_cov_trace_const_cmp1+0x1d/0x80 kernel/kcov.c:273\nCode: 54 c8 20 48 89 10 c3 66 0f 1f 44 00 00 53 41 89 fb 41 89 f1 bf 03 00 00 00 65 48 8b 0c 25 40 70 02 00 48 89 ce 4c 8b 54 24 08 \u003ce8\u003e 4e f7 ff ff 84 c0 74 51 48 8b 81 88 15 00 00 44 8b 81 84 15 00\nRSP: 0018:ffffc90000d27b28 EFLAGS: 00000246\nRAX: 0000000000000000 RBX: ffff888064bf1bf0 RCX: ffff888011928000\nRDX: ffff888011928000 RSI: ffff888011928000 RDI: 0000000000000003\nRBP: ffff888064bf1c28 R08: 0000000000000000 R09: 0000000000000000\nR10: ffffffff875d8295 R11: 0000000000000000 R12: 0000000000000000\nR13: ffff8880783dd300 R14: 0000000000000000 R15: 0000000000000000\n pie_calculate_probability+0x405/0x7c0 net/sched/sch_pie.c:418\n fq_pie_timer+0x170/0x2a0 net/sched/sch_fq_pie.c:383\n call_timer_fn+0x1a5/0x6b0 kernel/time/timer.c:1421\n expire_timers kernel/time/timer.c:1466 [inline]\n __run_timers.part.0+0x675/0xa20 kernel/time/timer.c:1734\n __run_timers kernel/time/timer.c:1715 [inline]\n run_timer_softirq+0xb3/0x1d0 kernel/time/timer.c:1747\n __do_softirq+0x29b/0x9c2 kernel/softirq.c:558\n run_ksoftirqd kernel/softirq.c:921 [inline]\n run_ksoftirqd+0x2d/0x60 kernel/softirq.c:913\n smpboot_thread_fn+0x645/0x9c0 kernel/smpboot.c:164\n kthread+0x405/0x4f0 kernel/kthread.c:327\n ret_from_fork+0x1f/0x30 arch/x86/entry/entry_64.S:295\n \u003c/TASK\u003e" } ], "providerMetadata": { "dateUpdated": "2024-11-04T12:07:21.814Z", "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux" }, "references": [ { "url": "https://git.kernel.org/stable/c/2a51edaf5cc563574878b93d7ef3d5955dda7030" }, { "url": "https://git.kernel.org/stable/c/d86216dfda7c98375f809e26a30bfdaaba21d46e" }, { "url": "https://git.kernel.org/stable/c/61c2402665f1e10c5742033fce18392e369931d7" } ], "title": "net/sched: fq_pie: prevent dismantle issue", "x_generator": { "engine": "bippy-9e1c9544281a" } } }, "cveMetadata": { "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "assignerShortName": "Linux", "cveId": "CVE-2021-47512", "datePublished": "2024-05-24T15:09:27.356Z", "dateReserved": "2024-05-24T15:02:54.824Z", "dateUpdated": "2024-11-04T12:07:21.814Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2021-47499
Vulnerability from cvelistv5
Published
2024-05-24 15:01
Modified
2024-11-04 12:07
Severity ?
EPSS score ?
Summary
iio: accel: kxcjk-1013: Fix possible memory leak in probe and remove
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-04T05:39:59.597Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/8c1d43f3a3fc7184c42d7398bdf59a2a2903e4fc" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/60a55b9d91ba99eb8cf015bc46dc2de05e168a15" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/3899700ddacbf7aaafadf44464fff3ff0d4e3307" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/a3730f74159ad00a28960c0efe2a931fe6fe6b45" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/8c163a14277115ca962103910ab4cce55e862ffb" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/ee86d0bad80bdcd11a87e188a596727f41b62320" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/14508fe13b1c578b3d2ba574f1d48b351975860c" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/70c9774e180d151abaab358108e3510a8e615215" } ], "title": "CVE Program Container" }, { "metrics": [ { "other": { "content": { "id": "CVE-2021-47499", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-09-10T15:35:49.142206Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-09-11T17:33:23.165Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "Linux", "programFiles": [ "drivers/iio/accel/kxcjk-1013.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "lessThan": "8c1d43f3a3fc", "status": "affected", "version": "a25691c1f967", "versionType": "git" }, { "lessThan": "60a55b9d91ba", "status": "affected", "version": "a25691c1f967", "versionType": "git" }, { "lessThan": "3899700ddacb", "status": "affected", "version": "a25691c1f967", "versionType": "git" }, { "lessThan": "a3730f74159a", "status": "affected", "version": "a25691c1f967", "versionType": "git" }, { "lessThan": "8c163a142771", "status": "affected", "version": "a25691c1f967", "versionType": "git" }, { "lessThan": "ee86d0bad80b", "status": "affected", "version": "a25691c1f967", "versionType": "git" }, { "lessThan": "14508fe13b1c", "status": "affected", "version": "a25691c1f967", "versionType": "git" }, { "lessThan": "70c9774e180d", "status": "affected", "version": "a25691c1f967", "versionType": "git" } ] }, { "defaultStatus": "affected", "product": "Linux", "programFiles": [ "drivers/iio/accel/kxcjk-1013.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "status": "affected", "version": "4.2" }, { "lessThan": "4.2", "status": "unaffected", "version": "0", "versionType": "semver" }, { "lessThanOrEqual": "4.4.*", "status": "unaffected", "version": "4.4.295", "versionType": "semver" }, { "lessThanOrEqual": "4.9.*", "status": "unaffected", "version": "4.9.293", "versionType": "semver" }, { "lessThanOrEqual": "4.14.*", "status": "unaffected", "version": "4.14.258", "versionType": "semver" }, { "lessThanOrEqual": "4.19.*", "status": "unaffected", "version": "4.19.221", "versionType": "semver" }, { "lessThanOrEqual": "5.4.*", "status": "unaffected", "version": "5.4.165", "versionType": "semver" }, { "lessThanOrEqual": "5.10.*", "status": "unaffected", "version": "5.10.85", "versionType": "semver" }, { "lessThanOrEqual": "5.15.*", "status": "unaffected", "version": "5.15.8", "versionType": "semver" }, { "lessThanOrEqual": "*", "status": "unaffected", "version": "5.16", "versionType": "original_commit_for_fix" } ] } ], "descriptions": [ { "lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\niio: accel: kxcjk-1013: Fix possible memory leak in probe and remove\n\nWhen ACPI type is ACPI_SMO8500, the data-\u003edready_trig will not be set, the\nmemory allocated by iio_triggered_buffer_setup() will not be freed, and cause\nmemory leak as follows:\n\nunreferenced object 0xffff888009551400 (size 512):\n comm \"i2c-SMO8500-125\", pid 911, jiffies 4294911787 (age 83.852s)\n hex dump (first 32 bytes):\n 02 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................\n 00 00 00 00 00 00 00 00 20 e2 e5 c0 ff ff ff ff ........ .......\n backtrace:\n [\u003c0000000041ce75ee\u003e] kmem_cache_alloc_trace+0x16d/0x360\n [\u003c000000000aeb17b0\u003e] iio_kfifo_allocate+0x41/0x130 [kfifo_buf]\n [\u003c000000004b40c1f5\u003e] iio_triggered_buffer_setup_ext+0x2c/0x210 [industrialio_triggered_buffer]\n [\u003c000000004375b15f\u003e] kxcjk1013_probe+0x10c3/0x1d81 [kxcjk_1013]\n\nFix it by remove data-\u003edready_trig condition in probe and remove." } ], "providerMetadata": { "dateUpdated": "2024-11-04T12:07:06.649Z", "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux" }, "references": [ { "url": "https://git.kernel.org/stable/c/8c1d43f3a3fc7184c42d7398bdf59a2a2903e4fc" }, { "url": "https://git.kernel.org/stable/c/60a55b9d91ba99eb8cf015bc46dc2de05e168a15" }, { "url": "https://git.kernel.org/stable/c/3899700ddacbf7aaafadf44464fff3ff0d4e3307" }, { "url": "https://git.kernel.org/stable/c/a3730f74159ad00a28960c0efe2a931fe6fe6b45" }, { "url": "https://git.kernel.org/stable/c/8c163a14277115ca962103910ab4cce55e862ffb" }, { "url": "https://git.kernel.org/stable/c/ee86d0bad80bdcd11a87e188a596727f41b62320" }, { "url": "https://git.kernel.org/stable/c/14508fe13b1c578b3d2ba574f1d48b351975860c" }, { "url": "https://git.kernel.org/stable/c/70c9774e180d151abaab358108e3510a8e615215" } ], "title": "iio: accel: kxcjk-1013: Fix possible memory leak in probe and remove", "x_generator": { "engine": "bippy-9e1c9544281a" } } }, "cveMetadata": { "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "assignerShortName": "Linux", "cveId": "CVE-2021-47499", "datePublished": "2024-05-24T15:01:42.684Z", "dateReserved": "2024-05-22T06:20:56.204Z", "dateUpdated": "2024-11-04T12:07:06.649Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2021-47543
Vulnerability from cvelistv5
This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.
Show details on NVD website{ "containers": { "cna": { "providerMetadata": { "dateUpdated": "2024-06-13T13:59:28.276Z", "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux" }, "rejectedReasons": [ { "lang": "en", "value": "This CVE ID has been rejected or withdrawn by its CVE Numbering Authority." } ] } }, "cveMetadata": { "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "assignerShortName": "Linux", "cveId": "CVE-2021-47543", "datePublished": "2024-05-24T15:09:49.228Z", "dateRejected": "2024-06-13T13:59:28.276Z", "dateReserved": "2024-05-24T15:02:54.829Z", "dateUpdated": "2024-06-13T13:59:28.276Z", "state": "REJECTED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2021-47505
Vulnerability from cvelistv5
Published
2024-05-24 15:01
Modified
2024-11-04 12:07
Severity ?
EPSS score ?
Summary
aio: fix use-after-free due to missing POLLFREE handling
References
{ "containers": { "adp": [ { "metrics": [ { "other": { "content": { "id": "CVE-2021-47505", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-06-14T18:37:27.922309Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-07-30T15:15:43.456Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-08-04T05:39:59.807Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/321fba81ec034f88aea4898993c1bf15605c023f" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/4105e6a128e8a98455dfc9e6dbb2ab0c33c4497f" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/47ffefd88abfffe8a040bcc1dd0554d4ea6f7689" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/60d311f9e6381d779d7d53371f87285698ecee24" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/50252e4b5e989ce64555c7aef7516bdefc2fea72" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "Linux", "programFiles": [ "fs/aio.c", "include/uapi/asm-generic/poll.h" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "lessThan": "321fba81ec03", "status": "affected", "version": "2c14fa838cbe", "versionType": "git" }, { "lessThan": "4105e6a128e8", "status": "affected", "version": "2c14fa838cbe", "versionType": "git" }, { "lessThan": "47ffefd88abf", "status": "affected", "version": "2c14fa838cbe", "versionType": "git" }, { "lessThan": "60d311f9e638", "status": "affected", "version": "2c14fa838cbe", "versionType": "git" }, { "lessThan": "50252e4b5e98", "status": "affected", "version": "2c14fa838cbe", "versionType": "git" } ] }, { "defaultStatus": "affected", "product": "Linux", "programFiles": [ "fs/aio.c", "include/uapi/asm-generic/poll.h" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "status": "affected", "version": "4.18" }, { "lessThan": "4.18", "status": "unaffected", "version": "0", "versionType": "semver" }, { "lessThanOrEqual": "4.19.*", "status": "unaffected", "version": "4.19.221", "versionType": "semver" }, { "lessThanOrEqual": "5.4.*", "status": "unaffected", "version": "5.4.165", "versionType": "semver" }, { "lessThanOrEqual": "5.10.*", "status": "unaffected", "version": "5.10.85", "versionType": "semver" }, { "lessThanOrEqual": "5.15.*", "status": "unaffected", "version": "5.15.8", "versionType": "semver" }, { "lessThanOrEqual": "*", "status": "unaffected", "version": "5.16", "versionType": "original_commit_for_fix" } ] } ], "descriptions": [ { "lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\naio: fix use-after-free due to missing POLLFREE handling\n\nsignalfd_poll() and binder_poll() are special in that they use a\nwaitqueue whose lifetime is the current task, rather than the struct\nfile as is normally the case. This is okay for blocking polls, since a\nblocking poll occurs within one task; however, non-blocking polls\nrequire another solution. This solution is for the queue to be cleared\nbefore it is freed, by sending a POLLFREE notification to all waiters.\n\nUnfortunately, only eventpoll handles POLLFREE. A second type of\nnon-blocking poll, aio poll, was added in kernel v4.18, and it doesn\u0027t\nhandle POLLFREE. This allows a use-after-free to occur if a signalfd or\nbinder fd is polled with aio poll, and the waitqueue gets freed.\n\nFix this by making aio poll handle POLLFREE.\n\nA patch by Ramji Jiyani \u003cramjiyani@google.com\u003e\n(https://lore.kernel.org/r/20211027011834.2497484-1-ramjiyani@google.com)\ntried to do this by making aio_poll_wake() always complete the request\ninline if POLLFREE is seen. However, that solution had two bugs.\nFirst, it introduced a deadlock, as it unconditionally locked the aio\ncontext while holding the waitqueue lock, which inverts the normal\nlocking order. Second, it didn\u0027t consider that POLLFREE notifications\nare missed while the request has been temporarily de-queued.\n\nThe second problem was solved by my previous patch. This patch then\nproperly fixes the use-after-free by handling POLLFREE in a\ndeadlock-free way. It does this by taking advantage of the fact that\nfreeing of the waitqueue is RCU-delayed, similar to what eventpoll does." } ], "providerMetadata": { "dateUpdated": "2024-11-04T12:07:13.673Z", "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux" }, "references": [ { "url": "https://git.kernel.org/stable/c/321fba81ec034f88aea4898993c1bf15605c023f" }, { "url": "https://git.kernel.org/stable/c/4105e6a128e8a98455dfc9e6dbb2ab0c33c4497f" }, { "url": "https://git.kernel.org/stable/c/47ffefd88abfffe8a040bcc1dd0554d4ea6f7689" }, { "url": "https://git.kernel.org/stable/c/60d311f9e6381d779d7d53371f87285698ecee24" }, { "url": "https://git.kernel.org/stable/c/50252e4b5e989ce64555c7aef7516bdefc2fea72" } ], "title": "aio: fix use-after-free due to missing POLLFREE handling", "x_generator": { "engine": "bippy-9e1c9544281a" } } }, "cveMetadata": { "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "assignerShortName": "Linux", "cveId": "CVE-2021-47505", "datePublished": "2024-05-24T15:01:52.088Z", "dateReserved": "2024-05-22T06:20:56.205Z", "dateUpdated": "2024-11-04T12:07:13.673Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2021-47503
Vulnerability from cvelistv5
Published
2024-05-24 15:01
Modified
2024-11-04 12:07
Severity ?
EPSS score ?
Summary
scsi: pm80xx: Do not call scsi_remove_host() in pm8001_alloc()
References
{ "containers": { "adp": [ { "affected": [ { "cpes": [ "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "linux_kernel", "vendor": "linux", "versions": [ { "lessThan": "1e434d2687e8 ", "status": "affected", "version": "05c6c029a44d", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "linux_kernel", "vendor": "linux", "versions": [ { "lessThan": "f8dccc1bdea7 ", "status": "affected", "version": "05c6c029a44d", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "linux_kernel", "vendor": "linux", "versions": [ { "lessThan": "653926205741 ", "status": "affected", "version": "f8dccc1bdea7 ", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "linux_kernel", "vendor": "linux", "versions": [ { "lessThan": "5.10", "status": "unaffected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "linux_kernel", "vendor": "linux", "versions": [ { "lessThan": "5.11", "status": "unaffected", "version": "5.10.85", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "linux_kernel", "vendor": "linux", "versions": [ { "lessThanOrEqual": "5.16", "status": "unaffected", "version": "5.15.8", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "linux_kernel", "vendor": "linux", "versions": [ { "status": "unaffected", "version": "5.16" } ] }, { "cpes": [ "cpe:2.3:o:linux:linux_kernel:5.10:-:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "linux_kernel", "vendor": "linux", "versions": [ { "status": "affected", "version": "5.10" } ] } ], "metrics": [ { "cvssV3_1": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 6.2, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" } }, { "other": { "content": { "id": "CVE-2021-47503", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-05-28T15:53:11.089005Z", "version": "2.0.3" }, "type": "ssvc" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-476", "description": "CWE-476 NULL Pointer Dereference", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-06-06T19:58:15.985Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-08-04T05:39:59.785Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/1e434d2687e8bc0b3cdc9dd093c0e9047c0b4add" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/f8dccc1bdea7e21b5ec06c957aef8831c772661c" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/653926205741add87a6cf452e21950eebc6ac10b" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "Linux", "programFiles": [ "drivers/scsi/pm8001/pm8001_init.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "lessThan": "1e434d2687e8", "status": "affected", "version": "05c6c029a44d", "versionType": "git" }, { "lessThan": "f8dccc1bdea7", "status": "affected", "version": "05c6c029a44d", "versionType": "git" }, { "lessThan": "653926205741", "status": "affected", "version": "05c6c029a44d", "versionType": "git" } ] }, { "defaultStatus": "affected", "product": "Linux", "programFiles": [ "drivers/scsi/pm8001/pm8001_init.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "status": "affected", "version": "5.10" }, { "lessThan": "5.10", "status": "unaffected", "version": "0", "versionType": "semver" }, { "lessThanOrEqual": "5.10.*", "status": "unaffected", "version": "5.10.85", "versionType": "semver" }, { "lessThanOrEqual": "5.15.*", "status": "unaffected", "version": "5.15.8", "versionType": "semver" }, { "lessThanOrEqual": "*", "status": "unaffected", "version": "5.16", "versionType": "original_commit_for_fix" } ] } ], "descriptions": [ { "lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: pm80xx: Do not call scsi_remove_host() in pm8001_alloc()\n\nCalling scsi_remove_host() before scsi_add_host() results in a crash:\n\n BUG: kernel NULL pointer dereference, address: 0000000000000108\n RIP: 0010:device_del+0x63/0x440\n Call Trace:\n device_unregister+0x17/0x60\n scsi_remove_host+0xee/0x2a0\n pm8001_pci_probe+0x6ef/0x1b90 [pm80xx]\n local_pci_probe+0x3f/0x90\n\nWe cannot call scsi_remove_host() in pm8001_alloc() because scsi_add_host()\nhas not been called yet at that point in time.\n\nFunction call tree:\n\n pm8001_pci_probe()\n |\n `- pm8001_pci_alloc()\n | |\n | `- pm8001_alloc()\n | |\n | `- scsi_remove_host()\n |\n `- scsi_add_host()" } ], "providerMetadata": { "dateUpdated": "2024-11-04T12:07:11.264Z", "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux" }, "references": [ { "url": "https://git.kernel.org/stable/c/1e434d2687e8bc0b3cdc9dd093c0e9047c0b4add" }, { "url": "https://git.kernel.org/stable/c/f8dccc1bdea7e21b5ec06c957aef8831c772661c" }, { "url": "https://git.kernel.org/stable/c/653926205741add87a6cf452e21950eebc6ac10b" } ], "title": "scsi: pm80xx: Do not call scsi_remove_host() in pm8001_alloc()", "x_generator": { "engine": "bippy-9e1c9544281a" } } }, "cveMetadata": { "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "assignerShortName": "Linux", "cveId": "CVE-2021-47503", "datePublished": "2024-05-24T15:01:50.358Z", "dateReserved": "2024-05-22T06:20:56.205Z", "dateUpdated": "2024-11-04T12:07:11.264Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2021-47521
Vulnerability from cvelistv5
Published
2024-05-24 15:09
Modified
2024-11-04 12:07
Severity ?
EPSS score ?
Summary
can: sja1000: fix use after free in ems_pcmcia_add_card()
References
{ "containers": { "adp": [ { "metrics": [ { "other": { "content": { "id": "CVE-2021-47521", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "total" } ], "role": "CISA Coordinator", "timestamp": "2024-05-29T16:55:46.664460Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-06-04T17:14:06.426Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-08-04T05:39:59.801Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/cbd86110546f7f730a1f5d7de56c944a336c15c4" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/1dd5b819f7e406dc15bbc7670596ff25261aaa2a" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/c8718026ba287168ff9ad0ccc4f9a413062cba36" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/ccf070183e4655824936c0f96c4a2bcca93419aa" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/1a295fea90e1acbe80c6d4940f5ff856edcd6bec" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/923f4dc5df679f678e121c20bf2fd70f7bf3e288" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/474f9a8534f5f89841240a7e978bafd6e1e039ce" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/3ec6ca6b1a8e64389f0212b5a1b0f6fed1909e45" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "Linux", "programFiles": [ "drivers/net/can/sja1000/ems_pcmcia.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "lessThan": "cbd86110546f", "status": "affected", "version": "fd734c6f25ae", "versionType": "git" }, { "lessThan": "1dd5b819f7e4", "status": "affected", "version": "fd734c6f25ae", "versionType": "git" }, { "lessThan": "c8718026ba28", "status": "affected", "version": "fd734c6f25ae", "versionType": "git" }, { "lessThan": "ccf070183e46", "status": "affected", "version": "fd734c6f25ae", "versionType": "git" }, { "lessThan": "1a295fea90e1", "status": "affected", "version": "fd734c6f25ae", "versionType": "git" }, { "lessThan": "923f4dc5df67", "status": "affected", "version": "fd734c6f25ae", "versionType": "git" }, { "lessThan": "474f9a8534f5", "status": "affected", "version": "fd734c6f25ae", "versionType": "git" }, { "lessThan": "3ec6ca6b1a8e", "status": "affected", "version": "fd734c6f25ae", "versionType": "git" } ] }, { "defaultStatus": "affected", "product": "Linux", "programFiles": [ "drivers/net/can/sja1000/ems_pcmcia.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "status": "affected", "version": "3.2" }, { "lessThan": "3.2", "status": "unaffected", "version": "0", "versionType": "semver" }, { "lessThanOrEqual": "4.4.*", "status": "unaffected", "version": "4.4.295", "versionType": "semver" }, { "lessThanOrEqual": "4.9.*", "status": "unaffected", "version": "4.9.293", "versionType": "semver" }, { "lessThanOrEqual": "4.14.*", "status": "unaffected", "version": "4.14.258", "versionType": "semver" }, { "lessThanOrEqual": "4.19.*", "status": "unaffected", "version": "4.19.221", "versionType": "semver" }, { "lessThanOrEqual": "5.4.*", "status": "unaffected", "version": "5.4.165", "versionType": "semver" }, { "lessThanOrEqual": "5.10.*", "status": "unaffected", "version": "5.10.85", "versionType": "semver" }, { "lessThanOrEqual": "5.15.*", "status": "unaffected", "version": "5.15.8", "versionType": "semver" }, { "lessThanOrEqual": "*", "status": "unaffected", "version": "5.16", "versionType": "original_commit_for_fix" } ] } ], "descriptions": [ { "lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ncan: sja1000: fix use after free in ems_pcmcia_add_card()\n\nIf the last channel is not available then \"dev\" is freed. Fortunately,\nwe can just use \"pdev-\u003eirq\" instead.\n\nAlso we should check if at least one channel was set up." } ], "providerMetadata": { "dateUpdated": "2024-11-04T12:07:32.380Z", "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux" }, "references": [ { "url": "https://git.kernel.org/stable/c/cbd86110546f7f730a1f5d7de56c944a336c15c4" }, { "url": "https://git.kernel.org/stable/c/1dd5b819f7e406dc15bbc7670596ff25261aaa2a" }, { "url": "https://git.kernel.org/stable/c/c8718026ba287168ff9ad0ccc4f9a413062cba36" }, { "url": "https://git.kernel.org/stable/c/ccf070183e4655824936c0f96c4a2bcca93419aa" }, { "url": "https://git.kernel.org/stable/c/1a295fea90e1acbe80c6d4940f5ff856edcd6bec" }, { "url": "https://git.kernel.org/stable/c/923f4dc5df679f678e121c20bf2fd70f7bf3e288" }, { "url": "https://git.kernel.org/stable/c/474f9a8534f5f89841240a7e978bafd6e1e039ce" }, { "url": "https://git.kernel.org/stable/c/3ec6ca6b1a8e64389f0212b5a1b0f6fed1909e45" } ], "title": "can: sja1000: fix use after free in ems_pcmcia_add_card()", "x_generator": { "engine": "bippy-9e1c9544281a" } } }, "cveMetadata": { "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "assignerShortName": "Linux", "cveId": "CVE-2021-47521", "datePublished": "2024-05-24T15:09:34.457Z", "dateReserved": "2024-05-24T15:02:54.825Z", "dateUpdated": "2024-11-04T12:07:32.380Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2021-47528
Vulnerability from cvelistv5
Published
2024-05-24 15:09
Modified
2024-11-04 12:07
Severity ?
EPSS score ?
Summary
usb: cdnsp: Fix a NULL pointer dereference in cdnsp_endpoint_init()
References
{ "containers": { "adp": [ { "metrics": [ { "other": { "content": { "id": "CVE-2021-47528", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-06-17T17:34:41.402238Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-06-17T17:35:07.576Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-08-04T05:39:59.764Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/7d94bc8e335cb33918e52efdbe192c36707bfa24" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/37307f7020ab38dde0892a578249bf63d00bca64" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "Linux", "programFiles": [ "drivers/usb/cdns3/cdnsp-mem.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "lessThan": "7d94bc8e335c", "status": "affected", "version": "3d82904559f4", "versionType": "git" }, { "lessThan": "37307f7020ab", "status": "affected", "version": "3d82904559f4", "versionType": "git" } ] }, { "defaultStatus": "affected", "product": "Linux", "programFiles": [ "drivers/usb/cdns3/cdnsp-mem.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "status": "affected", "version": "5.12" }, { "lessThan": "5.12", "status": "unaffected", "version": "0", "versionType": "semver" }, { "lessThanOrEqual": "5.15.*", "status": "unaffected", "version": "5.15.7", "versionType": "semver" }, { "lessThanOrEqual": "*", "status": "unaffected", "version": "5.16", "versionType": "original_commit_for_fix" } ] } ], "descriptions": [ { "lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nusb: cdnsp: Fix a NULL pointer dereference in cdnsp_endpoint_init()\n\nIn cdnsp_endpoint_init(), cdnsp_ring_alloc() is assigned to pep-\u003ering\nand there is a dereference of it in cdnsp_endpoint_init(), which could\nlead to a NULL pointer dereference on failure of cdnsp_ring_alloc().\n\nFix this bug by adding a check of pep-\u003ering.\n\nThis bug was found by a static analyzer. The analysis employs\ndifferential checking to identify inconsistent security operations\n(e.g., checks or kfrees) between two code paths and confirms that the\ninconsistent operations are not recovered in the current function or\nthe callers, so they constitute bugs.\n\nNote that, as a bug found by static analysis, it can be a false\npositive or hard to trigger. Multiple researchers have cross-reviewed\nthe bug.\n\nBuilds with CONFIG_USB_CDNSP_GADGET=y show no new warnings,\nand our static analyzer no longer warns about this code." } ], "providerMetadata": { "dateUpdated": "2024-11-04T12:07:40.492Z", "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux" }, "references": [ { "url": "https://git.kernel.org/stable/c/7d94bc8e335cb33918e52efdbe192c36707bfa24" }, { "url": "https://git.kernel.org/stable/c/37307f7020ab38dde0892a578249bf63d00bca64" } ], "title": "usb: cdnsp: Fix a NULL pointer dereference in cdnsp_endpoint_init()", "x_generator": { "engine": "bippy-9e1c9544281a" } } }, "cveMetadata": { "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "assignerShortName": "Linux", "cveId": "CVE-2021-47528", "datePublished": "2024-05-24T15:09:39.357Z", "dateReserved": "2024-05-24T15:02:54.825Z", "dateUpdated": "2024-11-04T12:07:40.492Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2021-47570
Vulnerability from cvelistv5
Published
2024-05-24 15:12
Modified
2024-11-04 12:08
Severity ?
EPSS score ?
Summary
staging: r8188eu: fix a memory leak in rtw_wx_read32()
References
{ "containers": { "adp": [ { "metrics": [ { "other": { "content": { "id": "CVE-2021-47570", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-06-12T19:36:08.708849Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-06-12T19:36:18.413Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-08-04T05:39:59.794Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/c8d3775745adacf9784a7a80a82d047051752573" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/be4ea8f383551b9dae11b8dfff1f38b3b5436e9a" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "Linux", "programFiles": [ "drivers/staging/r8188eu/os_dep/ioctl_linux.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "lessThan": "c8d3775745ad", "status": "affected", "version": "2b42bd58b321", "versionType": "git" }, { "lessThan": "be4ea8f38355", "status": "affected", "version": "2b42bd58b321", "versionType": "git" } ] }, { "defaultStatus": "affected", "product": "Linux", "programFiles": [ "drivers/staging/r8188eu/os_dep/ioctl_linux.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "status": "affected", "version": "5.15" }, { "lessThan": "5.15", "status": "unaffected", "version": "0", "versionType": "semver" }, { "lessThanOrEqual": "5.15.*", "status": "unaffected", "version": "5.15.6", "versionType": "semver" }, { "lessThanOrEqual": "*", "status": "unaffected", "version": "5.16", "versionType": "original_commit_for_fix" } ] } ], "descriptions": [ { "lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nstaging: r8188eu: fix a memory leak in rtw_wx_read32()\n\nFree \"ptmp\" before returning -EINVAL." } ], "providerMetadata": { "dateUpdated": "2024-11-04T12:08:26.107Z", "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux" }, "references": [ { "url": "https://git.kernel.org/stable/c/c8d3775745adacf9784a7a80a82d047051752573" }, { "url": "https://git.kernel.org/stable/c/be4ea8f383551b9dae11b8dfff1f38b3b5436e9a" } ], "title": "staging: r8188eu: fix a memory leak in rtw_wx_read32()", "x_generator": { "engine": "bippy-9e1c9544281a" } } }, "cveMetadata": { "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "assignerShortName": "Linux", "cveId": "CVE-2021-47570", "datePublished": "2024-05-24T15:12:56.032Z", "dateReserved": "2024-05-24T15:11:00.729Z", "dateUpdated": "2024-11-04T12:08:26.107Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2021-47555
Vulnerability from cvelistv5
Published
2024-05-24 15:09
Modified
2024-11-04 20:18
Severity ?
EPSS score ?
Summary
net: vlan: fix underflow for the real_dev refcnt
References
{ "containers": { "adp": [ { "metrics": [ { "cvssV3_1": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "LOW", "baseScore": 4.4, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L", "version": "3.1" } }, { "other": { "content": { "id": "CVE-2021-47555", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-05-29T16:50:13.639283Z", "version": "2.0.3" }, "type": "ssvc" } } ], "problemTypes": [ { "descriptions": [ { "description": "CWE-noinfo Not enough information", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-11-04T20:18:51.592Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-08-04T05:39:59.857Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/5e44178864b38dd70b877985abd7d86fdb95f27d" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/6e800ee43218a56acc93676bbb3d93b74779e555" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/f7fc72a508cf115c273a7a29350069def1041890" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/01d9cc2dea3fde3bad6d27f464eff463496e2b00" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "Linux", "programFiles": [ "net/8021q/vlan.c", "net/8021q/vlan_dev.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "lessThan": "5e44178864b3", "status": "affected", "version": "700602b662d7", "versionType": "git" }, { "lessThan": "6e800ee43218", "status": "affected", "version": "e04a7a84bb77", "versionType": "git" }, { "lessThan": "f7fc72a508cf", "status": "affected", "version": "21032425c36f", "versionType": "git" }, { "lessThan": "01d9cc2dea3f", "status": "affected", "version": "563bcbae3ba2", "versionType": "git" } ] }, { "defaultStatus": "unaffected", "product": "Linux", "programFiles": [ "net/8021q/vlan.c", "net/8021q/vlan_dev.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "lessThan": "5.4.163", "status": "affected", "version": "5.4.160", "versionType": "semver" }, { "lessThan": "5.10.83", "status": "affected", "version": "5.10.80", "versionType": "semver" }, { "lessThan": "5.15.6", "status": "affected", "version": "5.15.3", "versionType": "semver" } ] } ], "descriptions": [ { "lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: vlan: fix underflow for the real_dev refcnt\n\nInject error before dev_hold(real_dev) in register_vlan_dev(),\nand execute the following testcase:\n\nip link add dev dummy1 type dummy\nip link add name dummy1.100 link dummy1 type vlan id 100\nip link del dev dummy1\n\nWhen the dummy netdevice is removed, we will get a WARNING as following:\n\n=======================================================================\nrefcount_t: decrement hit 0; leaking memory.\nWARNING: CPU: 2 PID: 0 at lib/refcount.c:31 refcount_warn_saturate+0xbf/0x1e0\n\nand an endless loop of:\n\n=======================================================================\nunregister_netdevice: waiting for dummy1 to become free. Usage count = -1073741824\n\nThat is because dev_put(real_dev) in vlan_dev_free() be called without\ndev_hold(real_dev) in register_vlan_dev(). It makes the refcnt of real_dev\nunderflow.\n\nMove the dev_hold(real_dev) to vlan_dev_init() which is the call-back of\nndo_init(). That makes dev_hold() and dev_put() for vlan\u0027s real_dev\nsymmetrical." } ], "providerMetadata": { "dateUpdated": "2024-11-04T11:43:32.799Z", "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux" }, "references": [ { "url": "https://git.kernel.org/stable/c/5e44178864b38dd70b877985abd7d86fdb95f27d" }, { "url": "https://git.kernel.org/stable/c/6e800ee43218a56acc93676bbb3d93b74779e555" }, { "url": "https://git.kernel.org/stable/c/f7fc72a508cf115c273a7a29350069def1041890" }, { "url": "https://git.kernel.org/stable/c/01d9cc2dea3fde3bad6d27f464eff463496e2b00" } ], "title": "net: vlan: fix underflow for the real_dev refcnt", "x_generator": { "engine": "bippy-c8e10e5f6187" } } }, "cveMetadata": { "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "assignerShortName": "Linux", "cveId": "CVE-2021-47555", "datePublished": "2024-05-24T15:09:57.302Z", "dateReserved": "2024-05-24T15:02:54.833Z", "dateUpdated": "2024-11-04T20:18:51.592Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2021-47562
Vulnerability from cvelistv5
Published
2024-05-24 15:12
Modified
2024-11-04 12:08
Severity ?
EPSS score ?
Summary
ice: fix vsi->txq_map sizing
References
{ "containers": { "adp": [ { "metrics": [ { "other": { "content": { "id": "CVE-2021-47562", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-05-24T17:03:56.784042Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-06-04T17:14:36.415Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-08-04T05:39:59.826Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/1eb5395add786613c7c5579d3947aa0b8f0ec241" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/992ba40a67638dfe2772b84dfc8168dc328d5c4c" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/792b2086584f25d84081a526beee80d103c2a913" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "Linux", "programFiles": [ "drivers/net/ethernet/intel/ice/ice_lib.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "lessThan": "1eb5395add78", "status": "affected", "version": "efc2214b6047", "versionType": "git" }, { "lessThan": "992ba40a6763", "status": "affected", "version": "efc2214b6047", "versionType": "git" }, { "lessThan": "792b2086584f", "status": "affected", "version": "efc2214b6047", "versionType": "git" } ] }, { "defaultStatus": "affected", "product": "Linux", "programFiles": [ "drivers/net/ethernet/intel/ice/ice_lib.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "status": "affected", "version": "5.5" }, { "lessThan": "5.5", "status": "unaffected", "version": "0", "versionType": "semver" }, { "lessThanOrEqual": "5.10.*", "status": "unaffected", "version": "5.10.83", "versionType": "semver" }, { "lessThanOrEqual": "5.15.*", "status": "unaffected", "version": "5.15.6", "versionType": "semver" }, { "lessThanOrEqual": "*", "status": "unaffected", "version": "5.16", "versionType": "original_commit_for_fix" } ] } ], "descriptions": [ { "lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nice: fix vsi-\u003etxq_map sizing\n\nThe approach of having XDP queue per CPU regardless of user\u0027s setting\nexposed a hidden bug that could occur in case when Rx queue count differ\nfrom Tx queue count. Currently vsi-\u003etxq_map\u0027s size is equal to the\ndoubled vsi-\u003ealloc_txq, which is not correct due to the fact that XDP\nrings were previously based on the Rx queue count. Below splat can be\nseen when ethtool -L is used and XDP rings are configured:\n\n[ 682.875339] BUG: kernel NULL pointer dereference, address: 000000000000000f\n[ 682.883403] #PF: supervisor read access in kernel mode\n[ 682.889345] #PF: error_code(0x0000) - not-present page\n[ 682.895289] PGD 0 P4D 0\n[ 682.898218] Oops: 0000 [#1] PREEMPT SMP PTI\n[ 682.903055] CPU: 42 PID: 2878 Comm: ethtool Tainted: G OE 5.15.0-rc5+ #1\n[ 682.912214] Hardware name: Intel Corp. GRANTLEY/GRANTLEY, BIOS GRRFCRB1.86B.0276.D07.1605190235 05/19/2016\n[ 682.923380] RIP: 0010:devres_remove+0x44/0x130\n[ 682.928527] Code: 49 89 f4 55 48 89 fd 4c 89 ff 53 48 83 ec 10 e8 92 b9 49 00 48 8b 9d a8 02 00 00 48 8d 8d a0 02 00 00 49 89 c2 48 39 cb 74 0f \u003c4c\u003e 3b 63 10 74 25 48 8b 5b 08 48 39 cb 75 f1 4c 89 ff 4c 89 d6 e8\n[ 682.950237] RSP: 0018:ffffc90006a679f0 EFLAGS: 00010002\n[ 682.956285] RAX: 0000000000000286 RBX: ffffffffffffffff RCX: ffff88908343a370\n[ 682.964538] RDX: 0000000000000001 RSI: ffffffff81690d60 RDI: 0000000000000000\n[ 682.972789] RBP: ffff88908343a0d0 R08: 0000000000000000 R09: 0000000000000000\n[ 682.981040] R10: 0000000000000286 R11: 3fffffffffffffff R12: ffffffff81690d60\n[ 682.989282] R13: ffffffff81690a00 R14: ffff8890819807a8 R15: ffff88908343a36c\n[ 682.997535] FS: 00007f08c7bfa740(0000) GS:ffff88a03fd00000(0000) knlGS:0000000000000000\n[ 683.006910] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n[ 683.013557] CR2: 000000000000000f CR3: 0000001080a66003 CR4: 00000000003706e0\n[ 683.021819] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\n[ 683.030075] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\n[ 683.038336] Call Trace:\n[ 683.041167] devm_kfree+0x33/0x50\n[ 683.045004] ice_vsi_free_arrays+0x5e/0xc0 [ice]\n[ 683.050380] ice_vsi_rebuild+0x4c8/0x750 [ice]\n[ 683.055543] ice_vsi_recfg_qs+0x9a/0x110 [ice]\n[ 683.060697] ice_set_channels+0x14f/0x290 [ice]\n[ 683.065962] ethnl_set_channels+0x333/0x3f0\n[ 683.070807] genl_family_rcv_msg_doit+0xea/0x150\n[ 683.076152] genl_rcv_msg+0xde/0x1d0\n[ 683.080289] ? channels_prepare_data+0x60/0x60\n[ 683.085432] ? genl_get_cmd+0xd0/0xd0\n[ 683.089667] netlink_rcv_skb+0x50/0xf0\n[ 683.094006] genl_rcv+0x24/0x40\n[ 683.097638] netlink_unicast+0x239/0x340\n[ 683.102177] netlink_sendmsg+0x22e/0x470\n[ 683.106717] sock_sendmsg+0x5e/0x60\n[ 683.110756] __sys_sendto+0xee/0x150\n[ 683.114894] ? handle_mm_fault+0xd0/0x2a0\n[ 683.119535] ? do_user_addr_fault+0x1f3/0x690\n[ 683.134173] __x64_sys_sendto+0x25/0x30\n[ 683.148231] do_syscall_64+0x3b/0xc0\n[ 683.161992] entry_SYSCALL_64_after_hwframe+0x44/0xae\n\nFix this by taking into account the value that num_possible_cpus()\nyields in addition to vsi-\u003ealloc_txq instead of doubling the latter." } ], "providerMetadata": { "dateUpdated": "2024-11-04T12:08:16.778Z", "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux" }, "references": [ { "url": "https://git.kernel.org/stable/c/1eb5395add786613c7c5579d3947aa0b8f0ec241" }, { "url": "https://git.kernel.org/stable/c/992ba40a67638dfe2772b84dfc8168dc328d5c4c" }, { "url": "https://git.kernel.org/stable/c/792b2086584f25d84081a526beee80d103c2a913" } ], "title": "ice: fix vsi-\u003etxq_map sizing", "x_generator": { "engine": "bippy-9e1c9544281a" } } }, "cveMetadata": { "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "assignerShortName": "Linux", "cveId": "CVE-2021-47562", "datePublished": "2024-05-24T15:12:50.733Z", "dateReserved": "2024-05-24T15:11:00.728Z", "dateUpdated": "2024-11-04T12:08:16.778Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2021-47537
Vulnerability from cvelistv5
Published
2024-05-24 15:09
Modified
2024-11-04 12:07
Severity ?
EPSS score ?
Summary
octeontx2-af: Fix a memleak bug in rvu_mbox_init()
References
{ "containers": { "adp": [ { "metrics": [ { "other": { "content": { "id": "CVE-2021-47537", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-05-24T19:16:42.747816Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-06-04T17:14:05.942Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-08-04T05:39:59.663Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/1c0ddef45b7e3dbe3ed073695d20faa572b7056a" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/e07a097b4986afb8f925d0bb32612e1d3e88ce15" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "Linux", "programFiles": [ "drivers/net/ethernet/marvell/octeontx2/af/rvu.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "lessThan": "1c0ddef45b7e", "status": "affected", "version": "98c561116360", "versionType": "git" }, { "lessThan": "e07a097b4986", "status": "affected", "version": "98c561116360", "versionType": "git" } ] }, { "defaultStatus": "affected", "product": "Linux", "programFiles": [ "drivers/net/ethernet/marvell/octeontx2/af/rvu.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "status": "affected", "version": "5.12" }, { "lessThan": "5.12", "status": "unaffected", "version": "0", "versionType": "semver" }, { "lessThanOrEqual": "5.15.*", "status": "unaffected", "version": "5.15.7", "versionType": "semver" }, { "lessThanOrEqual": "*", "status": "unaffected", "version": "5.16", "versionType": "original_commit_for_fix" } ] } ], "descriptions": [ { "lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nocteontx2-af: Fix a memleak bug in rvu_mbox_init()\n\nIn rvu_mbox_init(), mbox_regions is not freed or passed out\nunder the switch-default region, which could lead to a memory leak.\n\nFix this bug by changing \u0027return err\u0027 to \u0027goto free_regions\u0027.\n\nThis bug was found by a static analyzer. The analysis employs\ndifferential checking to identify inconsistent security operations\n(e.g., checks or kfrees) between two code paths and confirms that the\ninconsistent operations are not recovered in the current function or\nthe callers, so they constitute bugs.\n\nNote that, as a bug found by static analysis, it can be a false\npositive or hard to trigger. Multiple researchers have cross-reviewed\nthe bug.\n\nBuilds with CONFIG_OCTEONTX2_AF=y show no new warnings,\nand our static analyzer no longer warns about this code." } ], "providerMetadata": { "dateUpdated": "2024-11-04T12:07:50.962Z", "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux" }, "references": [ { "url": "https://git.kernel.org/stable/c/1c0ddef45b7e3dbe3ed073695d20faa572b7056a" }, { "url": "https://git.kernel.org/stable/c/e07a097b4986afb8f925d0bb32612e1d3e88ce15" } ], "title": "octeontx2-af: Fix a memleak bug in rvu_mbox_init()", "x_generator": { "engine": "bippy-9e1c9544281a" } } }, "cveMetadata": { "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "assignerShortName": "Linux", "cveId": "CVE-2021-47537", "datePublished": "2024-05-24T15:09:45.298Z", "dateReserved": "2024-05-24T15:02:54.827Z", "dateUpdated": "2024-11-04T12:07:50.962Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2021-47508
Vulnerability from cvelistv5
Published
2024-05-24 15:01
Modified
2024-11-04 12:07
Severity ?
EPSS score ?
Summary
btrfs: free exchange changeset on failures
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-04T05:39:59.770Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/ca06c5cb1b6dbfe67655b33c02fc394d65824519" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/da5e817d9d75422eaaa05490d0b9a5e328fc1a51" } ], "title": "CVE Program Container" }, { "metrics": [ { "other": { "content": { "id": "CVE-2021-47508", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-09-10T15:35:39.656794Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-09-11T17:33:22.299Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "Linux", "programFiles": [ "fs/btrfs/delalloc-space.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "lessThan": "ca06c5cb1b6d", "status": "affected", "version": "1da177e4c3f4", "versionType": "git" }, { "lessThan": "da5e817d9d75", "status": "affected", "version": "1da177e4c3f4", "versionType": "git" } ] }, { "defaultStatus": "affected", "product": "Linux", "programFiles": [ "fs/btrfs/delalloc-space.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "lessThanOrEqual": "5.15.*", "status": "unaffected", "version": "5.15.8", "versionType": "semver" }, { "lessThanOrEqual": "*", "status": "unaffected", "version": "5.16", "versionType": "original_commit_for_fix" } ] } ], "descriptions": [ { "lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nbtrfs: free exchange changeset on failures\n\nFstests runs on my VMs have show several kmemleak reports like the following.\n\n unreferenced object 0xffff88811ae59080 (size 64):\n comm \"xfs_io\", pid 12124, jiffies 4294987392 (age 6.368s)\n hex dump (first 32 bytes):\n 00 c0 1c 00 00 00 00 00 ff cf 1c 00 00 00 00 00 ................\n 90 97 e5 1a 81 88 ff ff 90 97 e5 1a 81 88 ff ff ................\n backtrace:\n [\u003c00000000ac0176d2\u003e] ulist_add_merge+0x60/0x150 [btrfs]\n [\u003c0000000076e9f312\u003e] set_state_bits+0x86/0xc0 [btrfs]\n [\u003c0000000014fe73d6\u003e] set_extent_bit+0x270/0x690 [btrfs]\n [\u003c000000004f675208\u003e] set_record_extent_bits+0x19/0x20 [btrfs]\n [\u003c00000000b96137b1\u003e] qgroup_reserve_data+0x274/0x310 [btrfs]\n [\u003c0000000057e9dcbb\u003e] btrfs_check_data_free_space+0x5c/0xa0 [btrfs]\n [\u003c0000000019c4511d\u003e] btrfs_delalloc_reserve_space+0x1b/0xa0 [btrfs]\n [\u003c000000006d37e007\u003e] btrfs_dio_iomap_begin+0x415/0x970 [btrfs]\n [\u003c00000000fb8a74b8\u003e] iomap_iter+0x161/0x1e0\n [\u003c0000000071dff6ff\u003e] __iomap_dio_rw+0x1df/0x700\n [\u003c000000002567ba53\u003e] iomap_dio_rw+0x5/0x20\n [\u003c0000000072e555f8\u003e] btrfs_file_write_iter+0x290/0x530 [btrfs]\n [\u003c000000005eb3d845\u003e] new_sync_write+0x106/0x180\n [\u003c000000003fb505bf\u003e] vfs_write+0x24d/0x2f0\n [\u003c000000009bb57d37\u003e] __x64_sys_pwrite64+0x69/0xa0\n [\u003c000000003eba3fdf\u003e] do_syscall_64+0x43/0x90\n\nIn case brtfs_qgroup_reserve_data() or btrfs_delalloc_reserve_metadata()\nfail the allocated extent_changeset will not be freed.\n\nSo in btrfs_check_data_free_space() and btrfs_delalloc_reserve_space()\nfree the allocated extent_changeset to get rid of the allocated memory.\n\nThe issue currently only happens in the direct IO write path, but only\nafter 65b3c08606e5 (\"btrfs: fix ENOSPC failure when attempting direct IO\nwrite into NOCOW range\"), and also at defrag_one_locked_target(). Every\nother place is always calling extent_changeset_free() even if its call\nto btrfs_delalloc_reserve_space() or btrfs_check_data_free_space() has\nfailed." } ], "providerMetadata": { "dateUpdated": "2024-11-04T12:07:17.141Z", "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux" }, "references": [ { "url": "https://git.kernel.org/stable/c/ca06c5cb1b6dbfe67655b33c02fc394d65824519" }, { "url": "https://git.kernel.org/stable/c/da5e817d9d75422eaaa05490d0b9a5e328fc1a51" } ], "title": "btrfs: free exchange changeset on failures", "x_generator": { "engine": "bippy-9e1c9544281a" } } }, "cveMetadata": { "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "assignerShortName": "Linux", "cveId": "CVE-2021-47508", "datePublished": "2024-05-24T15:01:54.048Z", "dateReserved": "2024-05-22T06:20:56.206Z", "dateUpdated": "2024-11-04T12:07:17.141Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2021-47552
Vulnerability from cvelistv5
Published
2024-05-24 15:09
Modified
2024-11-04 12:08
Severity ?
EPSS score ?
Summary
blk-mq: cancel blk-mq dispatch work in both blk_cleanup_queue and disk_release()
References
{ "containers": { "adp": [ { "metrics": [ { "other": { "content": { "id": "CVE-2021-47552", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-06-10T18:51:40.130772Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-06-10T18:51:50.154Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-08-04T05:39:59.804Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/e03513f58919d9e2bc6df765ca2c9da863d03d90" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/2a19b28f7929866e1cec92a3619f4de9f2d20005" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "Linux", "programFiles": [ "block/blk-core.c", "block/blk-mq.c", "block/blk-mq.h", "block/blk-sysfs.c", "block/genhd.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "lessThan": "e03513f58919", "status": "affected", "version": "1da177e4c3f4", "versionType": "git" }, { "lessThan": "2a19b28f7929", "status": "affected", "version": "1da177e4c3f4", "versionType": "git" } ] }, { "defaultStatus": "affected", "product": "Linux", "programFiles": [ "block/blk-core.c", "block/blk-mq.c", "block/blk-mq.h", "block/blk-sysfs.c", "block/genhd.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "lessThanOrEqual": "5.15.*", "status": "unaffected", "version": "5.15.6", "versionType": "semver" }, { "lessThanOrEqual": "*", "status": "unaffected", "version": "5.16", "versionType": "original_commit_for_fix" } ] } ], "descriptions": [ { "lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nblk-mq: cancel blk-mq dispatch work in both blk_cleanup_queue and disk_release()\n\nFor avoiding to slow down queue destroy, we don\u0027t call\nblk_mq_quiesce_queue() in blk_cleanup_queue(), instead of delaying to\ncancel dispatch work in blk_release_queue().\n\nHowever, this way has caused kernel oops[1], reported by Changhui. The log\nshows that scsi_device can be freed before running blk_release_queue(),\nwhich is expected too since scsi_device is released after the scsi disk\nis closed and the scsi_device is removed.\n\nFixes the issue by canceling blk-mq dispatch work in both blk_cleanup_queue()\nand disk_release():\n\n1) when disk_release() is run, the disk has been closed, and any sync\ndispatch activities have been done, so canceling dispatch work is enough to\nquiesce filesystem I/O dispatch activity.\n\n2) in blk_cleanup_queue(), we only focus on passthrough request, and\npassthrough request is always explicitly allocated \u0026 freed by\nits caller, so once queue is frozen, all sync dispatch activity\nfor passthrough request has been done, then it is enough to just cancel\ndispatch work for avoiding any dispatch activity.\n\n[1] kernel panic log\n[12622.769416] BUG: kernel NULL pointer dereference, address: 0000000000000300\n[12622.777186] #PF: supervisor read access in kernel mode\n[12622.782918] #PF: error_code(0x0000) - not-present page\n[12622.788649] PGD 0 P4D 0\n[12622.791474] Oops: 0000 [#1] PREEMPT SMP PTI\n[12622.796138] CPU: 10 PID: 744 Comm: kworker/10:1H Kdump: loaded Not tainted 5.15.0+ #1\n[12622.804877] Hardware name: Dell Inc. PowerEdge R730/0H21J3, BIOS 1.5.4 10/002/2015\n[12622.813321] Workqueue: kblockd blk_mq_run_work_fn\n[12622.818572] RIP: 0010:sbitmap_get+0x75/0x190\n[12622.823336] Code: 85 80 00 00 00 41 8b 57 08 85 d2 0f 84 b1 00 00 00 45 31 e4 48 63 cd 48 8d 1c 49 48 c1 e3 06 49 03 5f 10 4c 8d 6b 40 83 f0 01 \u003c48\u003e 8b 33 44 89 f2 4c 89 ef 0f b6 c8 e8 fa f3 ff ff 83 f8 ff 75 58\n[12622.844290] RSP: 0018:ffffb00a446dbd40 EFLAGS: 00010202\n[12622.850120] RAX: 0000000000000001 RBX: 0000000000000300 RCX: 0000000000000004\n[12622.858082] RDX: 0000000000000006 RSI: 0000000000000082 RDI: ffffa0b7a2dfe030\n[12622.866042] RBP: 0000000000000004 R08: 0000000000000001 R09: ffffa0b742721334\n[12622.874003] R10: 0000000000000008 R11: 0000000000000008 R12: 0000000000000000\n[12622.881964] R13: 0000000000000340 R14: 0000000000000000 R15: ffffa0b7a2dfe030\n[12622.889926] FS: 0000000000000000(0000) GS:ffffa0baafb40000(0000) knlGS:0000000000000000\n[12622.898956] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n[12622.905367] CR2: 0000000000000300 CR3: 0000000641210001 CR4: 00000000001706e0\n[12622.913328] Call Trace:\n[12622.916055] \u003cTASK\u003e\n[12622.918394] scsi_mq_get_budget+0x1a/0x110\n[12622.922969] __blk_mq_do_dispatch_sched+0x1d4/0x320\n[12622.928404] ? pick_next_task_fair+0x39/0x390\n[12622.933268] __blk_mq_sched_dispatch_requests+0xf4/0x140\n[12622.939194] blk_mq_sched_dispatch_requests+0x30/0x60\n[12622.944829] __blk_mq_run_hw_queue+0x30/0xa0\n[12622.949593] process_one_work+0x1e8/0x3c0\n[12622.954059] worker_thread+0x50/0x3b0\n[12622.958144] ? rescuer_thread+0x370/0x370\n[12622.962616] kthread+0x158/0x180\n[12622.966218] ? set_kthread_struct+0x40/0x40\n[12622.970884] ret_from_fork+0x22/0x30\n[12622.974875] \u003c/TASK\u003e\n[12622.977309] Modules linked in: scsi_debug rpcsec_gss_krb5 auth_rpcgss nfsv4 dns_resolver nfs lockd grace fscache netfs sunrpc dm_multipath intel_rapl_msr intel_rapl_common dell_wmi_descriptor sb_edac rfkill video x86_pkg_temp_thermal intel_powerclamp dcdbas coretemp kvm_intel kvm mgag200 irqbypass i2c_algo_bit rapl drm_kms_helper ipmi_ssif intel_cstate intel_uncore syscopyarea sysfillrect sysimgblt fb_sys_fops pcspkr cec mei_me lpc_ich mei ipmi_si ipmi_devintf ipmi_msghandler acpi_power_meter drm fuse xfs libcrc32c sr_mod cdrom sd_mod t10_pi sg ixgbe ahci libahci crct10dif_pclmul crc32_pclmul crc32c_intel libata megaraid_sas ghash_clmulni_intel tg3 wdat_w\n---truncated---" } ], "providerMetadata": { "dateUpdated": "2024-11-04T12:08:06.272Z", "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux" }, "references": [ { "url": "https://git.kernel.org/stable/c/e03513f58919d9e2bc6df765ca2c9da863d03d90" }, { "url": "https://git.kernel.org/stable/c/2a19b28f7929866e1cec92a3619f4de9f2d20005" } ], "title": "blk-mq: cancel blk-mq dispatch work in both blk_cleanup_queue and disk_release()", "x_generator": { "engine": "bippy-9e1c9544281a" } } }, "cveMetadata": { "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "assignerShortName": "Linux", "cveId": "CVE-2021-47552", "datePublished": "2024-05-24T15:09:55.295Z", "dateReserved": "2024-05-24T15:02:54.832Z", "dateUpdated": "2024-11-04T12:08:06.272Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2021-47567
Vulnerability from cvelistv5
Published
2024-05-24 15:12
Modified
2024-11-04 12:08
Severity ?
EPSS score ?
Summary
powerpc/32: Fix hardlockup on vmap stack overflow
References
{ "containers": { "adp": [ { "metrics": [ { "other": { "content": { "id": "CVE-2021-47567", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-06-17T17:34:28.307539Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-06-17T17:34:41.747Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-08-04T05:39:59.830Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/dfe906da9a1abebdebe8b15bb3e66a2578f6c4c7" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/c4e3ff8b8b1d54f0c755670174c453b06e17114b" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/5bb60ea611db1e04814426ed4bd1c95d1487678e" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "Linux", "programFiles": [ "arch/powerpc/kernel/head_32.h" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "lessThan": "dfe906da9a1a", "status": "affected", "version": "c118c7303ad5", "versionType": "git" }, { "lessThan": "c4e3ff8b8b1d", "status": "affected", "version": "c118c7303ad5", "versionType": "git" }, { "lessThan": "5bb60ea611db", "status": "affected", "version": "c118c7303ad5", "versionType": "git" } ] }, { "defaultStatus": "affected", "product": "Linux", "programFiles": [ "arch/powerpc/kernel/head_32.h" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "status": "affected", "version": "5.10" }, { "lessThan": "5.10", "status": "unaffected", "version": "0", "versionType": "semver" }, { "lessThanOrEqual": "5.10.*", "status": "unaffected", "version": "5.10.83", "versionType": "semver" }, { "lessThanOrEqual": "5.15.*", "status": "unaffected", "version": "5.15.6", "versionType": "semver" }, { "lessThanOrEqual": "*", "status": "unaffected", "version": "5.16", "versionType": "original_commit_for_fix" } ] } ], "descriptions": [ { "lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\npowerpc/32: Fix hardlockup on vmap stack overflow\n\nSince the commit c118c7303ad5 (\"powerpc/32: Fix vmap stack - Do not\nactivate MMU before reading task struct\") a vmap stack overflow\nresults in a hard lockup. This is because emergency_ctx is still\naddressed with its virtual address allthough data MMU is not active\nanymore at that time.\n\nFix it by using a physical address instead." } ], "providerMetadata": { "dateUpdated": "2024-11-04T12:08:22.660Z", "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux" }, "references": [ { "url": "https://git.kernel.org/stable/c/dfe906da9a1abebdebe8b15bb3e66a2578f6c4c7" }, { "url": "https://git.kernel.org/stable/c/c4e3ff8b8b1d54f0c755670174c453b06e17114b" }, { "url": "https://git.kernel.org/stable/c/5bb60ea611db1e04814426ed4bd1c95d1487678e" } ], "title": "powerpc/32: Fix hardlockup on vmap stack overflow", "x_generator": { "engine": "bippy-9e1c9544281a" } } }, "cveMetadata": { "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "assignerShortName": "Linux", "cveId": "CVE-2021-47567", "datePublished": "2024-05-24T15:12:54.081Z", "dateReserved": "2024-05-24T15:11:00.728Z", "dateUpdated": "2024-11-04T12:08:22.660Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
Loading...
Loading...
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.