Lucene search

K

Linux Kernel Security Vulnerabilities

cve
cve

CVE-2021-47379

In the Linux kernel, the following vulnerability has been resolved: blk-cgroup: fix UAF by grabbing blkcg lock before destroying blkg pd KASAN reports a use-after-free report when doing fuzz test: [693354.104835] ================================================================== [693354.105094]...

6.7AI Score

0.0004EPSS

2024-05-21 03:15 PM
31
cve
cve

CVE-2021-47376

In the Linux kernel, the following vulnerability has been resolved: bpf: Add oversize check before call kvcalloc() Commit 7661809d493b ("mm: don't allow oversized kvmalloc() calls") add the oversize check. When the allocation is larger than what kmalloc() supports, the following warning triggered:....

6.8AI Score

0.0004EPSS

2024-05-21 03:15 PM
30
cve
cve

CVE-2021-47378

In the Linux kernel, the following vulnerability has been resolved: nvme-rdma: destroy cm id before destroy qp to avoid use after free We should always destroy cm_id before destroy qp to avoid to get cma event after qp was destroyed, which may lead to use after free. In RDMA connection...

6.6AI Score

0.0004EPSS

2024-05-21 03:15 PM
27
cve
cve

CVE-2021-47371

In the Linux kernel, the following vulnerability has been resolved: nexthop: Fix memory leaks in nexthop notification chain listeners syzkaller discovered memory leaks [1] that can be reduced to the following commands: # ip nexthop add id 1 blackhole # devlink dev reload pci/0000:06:00.0 As part...

6.7AI Score

0.0004EPSS

2024-05-21 03:15 PM
28
cve
cve

CVE-2021-47382

In the Linux kernel, the following vulnerability has been resolved: s390/qeth: fix deadlock during failing recovery Commit 0b9902c1fcc5 ("s390/qeth: fix deadlock during recovery") removed taking discipline_mutex inside qeth_do_reset(), fixing potential deadlocks. An error path was missed though,...

6.7AI Score

0.0004EPSS

2024-05-21 03:15 PM
26
cve
cve

CVE-2021-47372

In the Linux kernel, the following vulnerability has been resolved: net: macb: fix use after free on rmmod plat_dev->dev->platform_data is released by platform_device_unregister(), use of pclk and hclk is a use-after-free. Since device unregister won't need a clk device we adjust the function...

6.8AI Score

0.0004EPSS

2024-05-21 03:15 PM
29
cve
cve

CVE-2021-47373

In the Linux kernel, the following vulnerability has been resolved: irqchip/gic-v3-its: Fix potential VPE leak on error In its_vpe_irq_domain_alloc, when its_vpe_init() returns an error, there is an off-by-one in the number of VPEs to be freed. Fix it by simply passing the number of VPEs...

6.6AI Score

0.0004EPSS

2024-05-21 03:15 PM
30
cve
cve

CVE-2021-47380

In the Linux kernel, the following vulnerability has been resolved: HID: amd_sfh: Fix potential NULL pointer dereference devm_add_action_or_reset() can suddenly invoke amd_mp2_pci_remove() at registration that will cause NULL pointer dereference since corresponding data is not initialized yet. The....

6.7AI Score

0.0004EPSS

2024-05-21 03:15 PM
27
cve
cve

CVE-2021-47383

In the Linux kernel, the following vulnerability has been resolved: tty: Fix out-of-bound vmalloc access in imageblit This issue happens when a userspace program does an ioctl FBIOPUT_VSCREENINFO passing the fb_var_screeninfo struct containing only the fields xres, yres, and bits_per_pixel with...

6.6AI Score

0.0004EPSS

2024-05-21 03:15 PM
29
cve
cve

CVE-2021-47362

In the Linux kernel, the following vulnerability has been resolved: drm/amd/pm: Update intermediate power state for SI Update the current state as boot state during dpm initialization. During the subsequent initialization, set_power_state gets called to transition to the final power state....

6.7AI Score

0.0004EPSS

2024-05-21 03:15 PM
32
cve
cve

CVE-2021-47367

In the Linux kernel, the following vulnerability has been resolved: virtio-net: fix pages leaking when building skb in big mode We try to use build_skb() if we had sufficient tailroom. But we forget to release the unused pages chained via private in big mode which will leak pages. Fixing this by...

6.6AI Score

0.0004EPSS

2024-05-21 03:15 PM
27
cve
cve

CVE-2021-47364

In the Linux kernel, the following vulnerability has been resolved: comedi: Fix memory leak in compat_insnlist() compat_insnlist() handles the 32-bit version of the COMEDI_INSNLIST ioctl (whenwhen CONFIG_COMPAT is enabled). It allocates memory to temporarily hold an array of struct comedi_insn...

6.5AI Score

0.0004EPSS

2024-05-21 03:15 PM
27
cve
cve

CVE-2021-47365

In the Linux kernel, the following vulnerability has been resolved: afs: Fix page leak There's a loop in afs_extend_writeback() that adds extra pages to a write we want to make to improve the efficiency of the writeback by making it larger. This loop stops, however, if we hit a page we can't...

6.8AI Score

0.0004EPSS

2024-05-21 03:15 PM
28
cve
cve

CVE-2021-47359

In the Linux kernel, the following vulnerability has been resolved: cifs: Fix soft lockup during fsstress Below traces are observed during fsstress and system got hung. [ 130.698396] watchdog: BUG: soft lockup - CPU#6 stuck for...

6.8AI Score

0.0004EPSS

2024-05-21 03:15 PM
27
cve
cve

CVE-2021-47360

In the Linux kernel, the following vulnerability has been resolved: binder: make sure fd closes complete During BC_FREE_BUFFER processing, the BINDER_TYPE_FDA object cleanup may close 1 or more fds. The close operations are completed using the task work mechanism -- which means the thread needs to....

6.7AI Score

0.0004EPSS

2024-05-21 03:15 PM
26
cve
cve

CVE-2021-47361

In the Linux kernel, the following vulnerability has been resolved: mcb: fix error handling in mcb_alloc_bus() There are two bugs: 1) If ida_simple_get() fails then this code calls put_device(carrier) but we haven't yet called get_device(carrier) and probably that leads to a use after free....

6.8AI Score

0.0004EPSS

2024-05-21 03:15 PM
26
cve
cve

CVE-2021-47366

In the Linux kernel, the following vulnerability has been resolved: afs: Fix corruption in reads at fpos 2G-4G from an OpenAFS server AFS-3 has two data fetch RPC variants, FS.FetchData and FS.FetchData64, and Linux's afs client switches between them when talking to a non-YFS server if the read...

6.7AI Score

0.0004EPSS

2024-05-21 03:15 PM
28
cve
cve

CVE-2021-47357

In the Linux kernel, the following vulnerability has been resolved: atm: iphase: fix possible use-after-free in ia_module_exit() This module's remove path calls del_timer(). However, that function does not wait until the timer handler finishes. This means that the timer handler may still be...

6.6AI Score

0.0004EPSS

2024-05-21 03:15 PM
28
cve
cve

CVE-2021-47358

In the Linux kernel, the following vulnerability has been resolved: staging: greybus: uart: fix tty use after free User space can hold a tty open indefinitely and tty drivers must not release the underlying structures until the last user is gone. Switch to using the tty-port reference counter to...

6.8AI Score

0.0004EPSS

2024-05-21 03:15 PM
29
cve
cve

CVE-2021-47363

In the Linux kernel, the following vulnerability has been resolved: nexthop: Fix division by zero while replacing a resilient group The resilient nexthop group torture tests in fib_nexthop.sh exposed a possible division by zero while replacing a resilient group [1]. The division by zero occurs...

6.3AI Score

0.0004EPSS

2024-05-21 03:15 PM
27
cve
cve

CVE-2021-47368

In the Linux kernel, the following vulnerability has been resolved: enetc: Fix illegal access when reading affinity_hint irq_set_affinity_hit() stores a reference to the cpumask_t parameter in the irq descriptor, and that reference can be accessed later from irq_affinity_hint_proc_show(). Since...

6.5AI Score

0.0004EPSS

2024-05-21 03:15 PM
31
cve
cve

CVE-2021-47369

In the Linux kernel, the following vulnerability has been resolved: s390/qeth: fix NULL deref in qeth_clear_working_pool_list() When qeth_set_online() calls qeth_clear_working_pool_list() to roll back after an error exit from qeth_hardsetup_card(), we are at risk of accessing card->qdio.in_q...

6.9AI Score

0.0004EPSS

2024-05-21 03:15 PM
29
cve
cve

CVE-2021-47370

In the Linux kernel, the following vulnerability has been resolved: mptcp: ensure tx skbs always have the MPTCP ext Due to signed/unsigned comparison, the expression: info->size_goal - skb->len > 0 evaluates to true when the size goal is smaller than the skb size. That results in lack of t...

6.9AI Score

0.0004EPSS

2024-05-21 03:15 PM
31
cve
cve

CVE-2021-47346

In the Linux kernel, the following vulnerability has been resolved: coresight: tmc-etf: Fix global-out-of-bounds in tmc_update_etf_buffer() commit 6f755e85c332 ("coresight: Add helper for inserting synchronization packets") removed trailing '\0' from barrier_pkt array and updated the call sites...

6.6AI Score

0.0004EPSS

2024-05-21 03:15 PM
31
cve
cve

CVE-2021-47345

In the Linux kernel, the following vulnerability has been resolved: RDMA/cma: Fix rdma_resolve_route() memory leak Fix a memory leak when "mda_resolve_route() is called more than once on the same "rdma_cm_id". This is possible if cma_query_handler() triggers the RDMA_CM_EVENT_ROUTE_ERROR flow...

6.6AI Score

0.0004EPSS

2024-05-21 03:15 PM
27
cve
cve

CVE-2021-47352

In the Linux kernel, the following vulnerability has been resolved: virtio-net: Add validation for used length This adds validation for used length (might come from an untrusted device) to avoid data corruption or...

6.7AI Score

0.0004EPSS

2024-05-21 03:15 PM
27
cve
cve

CVE-2021-47354

In the Linux kernel, the following vulnerability has been resolved: drm/sched: Avoid data corruptions Wait for all dependencies of a job to complete before killing it to avoid data...

6.7AI Score

0.0004EPSS

2024-05-21 03:15 PM
28
cve
cve

CVE-2021-47355

In the Linux kernel, the following vulnerability has been resolved: atm: nicstar: Fix possible use-after-free in nicstar_cleanup() This module's remove path calls del_timer(). However, that function does not wait until the timer handler finishes. This means that the timer handler may still be...

6.6AI Score

0.0004EPSS

2024-05-21 03:15 PM
28
cve
cve

CVE-2021-47347

In the Linux kernel, the following vulnerability has been resolved: wl1251: Fix possible buffer overflow in wl1251_cmd_scan Function wl1251_cmd_scan calls memcpy without checking the length. Harden by checking the length is within the maximum allowed...

7.2AI Score

0.0004EPSS

2024-05-21 03:15 PM
29
cve
cve

CVE-2021-47348

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Avoid HDCP over-read and corruption Instead of reading the desired 5 bytes of the actual target field, the code was reading 8. This could result in a corrupted value if the trailing 3 bytes were non-zero, so...

6.8AI Score

0.0004EPSS

2024-05-21 03:15 PM
28
cve
cve

CVE-2021-47351

In the Linux kernel, the following vulnerability has been resolved: ubifs: Fix races between xattr_{set|get} and listxattr operations UBIFS may occur some problems with concurrent xattr_{set|get} and listxattr operations, such as assertion failure, memory corruption, stale xattr value[1]. Fix it...

6.6AI Score

0.0004EPSS

2024-05-21 03:15 PM
27
cve
cve

CVE-2021-47344

In the Linux kernel, the following vulnerability has been resolved: media: zr364xx: fix memory leak in zr364xx_start_readpipe syzbot reported memory leak in zr364xx driver. The problem was in non-freed urb in case of usb_submit_urb() fail. backtrace: [] kmalloc include/linux/slab.h:561...

6.7AI Score

0.0004EPSS

2024-05-21 03:15 PM
29
cve
cve

CVE-2021-47349

In the Linux kernel, the following vulnerability has been resolved: mwifiex: bring down link before deleting interface We can deadlock when rmmod'ing the driver or going through firmware reset, because the cfg80211_unregister_wdev() has to bring down the link for us, ... which then grab the same...

6.7AI Score

0.0004EPSS

2024-05-21 03:15 PM
29
cve
cve

CVE-2021-47350

In the Linux kernel, the following vulnerability has been resolved: powerpc/mm: Fix lockup on kernel exec fault The powerpc kernel is not prepared to handle exec faults from kernel. Especially, the function is_exec_fault() will return 'false' when an exec fault is taken by kernel, because the...

6.6AI Score

0.0004EPSS

2024-05-21 03:15 PM
30
cve
cve

CVE-2021-47353

In the Linux kernel, the following vulnerability has been resolved: udf: Fix NULL pointer dereference in udf_symlink function In function udf_symlink, epos.bh is assigned with the value returned by udf_tgetblk. The function udf_tgetblk is defined in udf/misc.c and returns the value of sb_getblk...

6.6AI Score

0.0004EPSS

2024-05-21 03:15 PM
28
cve
cve

CVE-2021-47356

In the Linux kernel, the following vulnerability has been resolved: mISDN: fix possible use-after-free in HFC_cleanup() This module's remove path calls del_timer(). However, that function does not wait until the timer handler finishes. This means that the timer handler may still be running after...

6.6AI Score

0.0004EPSS

2024-05-21 03:15 PM
28
cve
cve

CVE-2021-47336

In the Linux kernel, the following vulnerability has been resolved: smackfs: restrict bytes count in smk_set_cipso() Oops, I failed to update subject line. From 07571157c91b98ce1a4aa70967531e64b78e8346 Mon Sep 17 00:00:00 2001 Date: Mon, 12 Apr 2021 22:25:06 +0900 Subject: [PATCH] smackfs:...

6.7AI Score

0.0004EPSS

2024-05-21 03:15 PM
27
cve
cve

CVE-2021-47339

In the Linux kernel, the following vulnerability has been resolved: media: v4l2-core: explicitly clear ioctl input data As seen from a recent syzbot bug report, mistakes in the compat ioctl implementation can lead to uninitialized kernel stack data getting used as input for driver ioctl handlers......

6.5AI Score

0.0004EPSS

2024-05-21 03:15 PM
29
cve
cve

CVE-2021-47332

In the Linux kernel, the following vulnerability has been resolved: ALSA: usx2y: Don't call free_pages_exact() with NULL address Unlike some other functions, we can't pass NULL pointer to free_pages_exact(). Add a proper NULL check for avoiding possible...

6.8AI Score

0.0004EPSS

2024-05-21 03:15 PM
27
cve
cve

CVE-2021-47333

In the Linux kernel, the following vulnerability has been resolved: misc: alcor_pci: fix null-ptr-deref when there is no PCI bridge There is an issue with the ASPM(optional) capability checking function. A device might be attached to root complex directly, in this case, bus->self(bridge) will be...

6.5AI Score

0.0004EPSS

2024-05-21 03:15 PM
29
cve
cve

CVE-2021-47341

In the Linux kernel, the following vulnerability has been resolved: KVM: mmio: Fix use-after-free Read in kvm_vm_ioctl_unregister_coalesced_mmio BUG: KASAN: use-after-free in kvm_vm_ioctl_unregister_coalesced_mmio+0x7c/0x1ec arch/arm64/kvm/../../../virt/kvm/coalesced_mmio.c:183 Read of size 8 at...

6.8AI Score

0.0004EPSS

2024-05-21 03:15 PM
27
cve
cve

CVE-2021-47342

In the Linux kernel, the following vulnerability has been resolved: ext4: fix possible UAF when remounting r/o a mmp-protected file system After commit 618f003199c6 ("ext4: fix memory leak in ext4_fill_super"), after the file system is remounted read-only, there is a race where the kmmpd thread...

6.6AI Score

0.0004EPSS

2024-05-21 03:15 PM
29
cve
cve

CVE-2021-47331

In the Linux kernel, the following vulnerability has been resolved: usb: common: usb-conn-gpio: fix NULL pointer dereference of charger When power on system with OTG cable, IDDIG's interrupt arises before the charger registration, it will cause a NULL pointer dereference, fix the issue by...

6.7AI Score

0.0004EPSS

2024-05-21 03:15 PM
28
cve
cve

CVE-2021-47343

In the Linux kernel, the following vulnerability has been resolved: dm btree remove: assign new_root only when removal succeeds remove_raw() in dm_btree_remove() may fail due to IO read error (e.g. read the content of origin block fails during shadowing), and the value of shadow_spine::root is...

6.4AI Score

0.0004EPSS

2024-05-21 03:15 PM
28
cve
cve

CVE-2021-47334

In the Linux kernel, the following vulnerability has been resolved: misc/libmasm/module: Fix two use after free in ibmasm_init_one In ibmasm_init_one, it calls ibmasm_init_remote_input_dev(). Inside ibmasm_init_remote_input_dev, mouse_dev and keybd_dev are allocated by input_allocate_device(), and....

6.9AI Score

0.0004EPSS

2024-05-21 03:15 PM
26
cve
cve

CVE-2021-47337

In the Linux kernel, the following vulnerability has been resolved: scsi: core: Fix bad pointer dereference when ehandler kthread is invalid Commit 66a834d09293 ("scsi: core: Fix error handling of scsi_host_alloc()") changed the allocation logic to call put_device() to perform host cleanup with...

6.7AI Score

0.0004EPSS

2024-05-21 03:15 PM
28
cve
cve

CVE-2021-47340

In the Linux kernel, the following vulnerability has been resolved: jfs: fix GPF in diFree Avoid passing inode with JFS_SBI(inode->i_sb)->ipimap == NULL to diFree()[1]. GFP will appear: struct inode *ipimap = JFS_SBI(ip->i_sb)->ipimap; struct inomap *imap = JFS_IP(ipimap)->i_imap; JF...

6.7AI Score

0.0004EPSS

2024-05-21 03:15 PM
29
cve
cve

CVE-2021-47338

In the Linux kernel, the following vulnerability has been resolved: fbmem: Do not delete the mode that is still in use The execution of fb_delete_videomode() is not based on the result of the previous fbcon_mode_deleted(). As a result, the mode is directly deleted, regardless of whether it is...

6.6AI Score

0.0004EPSS

2024-05-21 03:15 PM
28
cve
cve

CVE-2021-47335

In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to avoid racing on fsync_entry_slab by multi filesystem instances As syzbot reported, there is an use-after-free issue during f2fs recovery: Use-after-free write at 0xffff88823bc16040 (in kfence-#10): ...

6.7AI Score

0.0004EPSS

2024-05-21 03:15 PM
28
cve
cve

CVE-2021-47317

In the Linux kernel, the following vulnerability has been resolved: powerpc/bpf: Fix detecting BPF atomic instructions Commit 91c960b0056672 ("bpf: Rename BPF_XADD and prepare to encode other atomics in .imm") converted BPF_XADD to BPF_ATOMIC and added a way to distinguish instructions based on...

6.7AI Score

0.0004EPSS

2024-05-21 03:15 PM
28
Total number of security vulnerabilities8362