Lucene search

K

Linux Kernel Security Vulnerabilities

cve
cve

CVE-2021-47321

In the Linux kernel, the following vulnerability has been resolved: watchdog: Fix possible use-after-free by calling del_timer_sync() This driver's remove path calls del_timer(). However, that function does not wait until the timer handler finishes. This means that the timer handler may still be...

6.6AI Score

0.0004EPSS

2024-05-21 03:15 PM
27
cve
cve

CVE-2021-47323

In the Linux kernel, the following vulnerability has been resolved: watchdog: sc520_wdt: Fix possible use-after-free in wdt_turnoff() This module's remove path calls del_timer(). However, that function does not wait until the timer handler finishes. This means that the timer handler may still be...

6.6AI Score

0.0004EPSS

2024-05-21 03:15 PM
28
cve
cve

CVE-2021-47329

In the Linux kernel, the following vulnerability has been resolved: scsi: megaraid_sas: Fix resource leak in case of probe failure The driver doesn't clean up all the allocated resources properly when scsi_add_host(), megasas_start_aen() function fails during the PCI device probe. Clean up all...

6.7AI Score

0.0004EPSS

2024-05-21 03:15 PM
29
cve
cve

CVE-2021-47320

In the Linux kernel, the following vulnerability has been resolved: nfs: fix acl memory leak of posix_acl_create() When looking into another nfs xfstests report, I found acl and default_acl in nfs3_proc_create() and nfs3_proc_mknod() error paths are possibly leaked. Fix them in...

6.8AI Score

0.0004EPSS

2024-05-21 03:15 PM
29
cve
cve

CVE-2021-47328

In the Linux kernel, the following vulnerability has been resolved: scsi: iscsi: Fix conn use after free during resets If we haven't done a unbind target call we can race where iscsi_conn_teardown wakes up the EH thread and then frees the conn while those threads are still accessing the conn...

6.8AI Score

0.0004EPSS

2024-05-21 03:15 PM
29
cve
cve

CVE-2021-47319

In the Linux kernel, the following vulnerability has been resolved: virtio-blk: Fix memory leak among suspend/resume procedure The vblk->vqs should be freed before we call init_vqs() in...

6.7AI Score

0.0004EPSS

2024-05-21 03:15 PM
27
cve
cve

CVE-2021-47318

In the Linux kernel, the following vulnerability has been resolved: arch_topology: Avoid use-after-free for scale_freq_data Currently topology_scale_freq_tick() (which gets called from scheduler_tick()) may end up using a pointer to "struct scale_freq_data", which was previously cleared by...

6.8AI Score

0.0004EPSS

2024-05-21 03:15 PM
27
cve
cve

CVE-2021-47324

In the Linux kernel, the following vulnerability has been resolved: watchdog: Fix possible use-after-free in wdt_startup() This module's remove path calls del_timer(). However, that function does not wait until the timer handler finishes. This means that the timer handler may still be running...

6.6AI Score

0.0004EPSS

2024-05-21 03:15 PM
27
cve
cve

CVE-2021-47325

In the Linux kernel, the following vulnerability has been resolved: iommu/arm-smmu: Fix arm_smmu_device refcount leak in address translation The reference counting issue happens in several exception handling paths of arm_smmu_iova_to_phys_hard(). When those error scenarios occur, the function...

6.6AI Score

0.0004EPSS

2024-05-21 03:15 PM
28
cve
cve

CVE-2021-47322

In the Linux kernel, the following vulnerability has been resolved: NFSv4: Fix an Oops in pnfs_mark_request_commit() when doing O_DIRECT Fix an Oopsable condition in pnfs_mark_request_commit() when we're putting a set of writes on the commit list to reschedule them after a failed pNFS...

6.6AI Score

0.0004EPSS

2024-05-21 03:15 PM
27
cve
cve

CVE-2021-47330

In the Linux kernel, the following vulnerability has been resolved: tty: serial: 8250: serial_cs: Fix a memory leak in error handling path In the probe function, if the final 'serial_config()' fails, 'info' is leaking. Add a resource handling path to free this...

6.6AI Score

0.0004EPSS

2024-05-21 03:15 PM
28
cve
cve

CVE-2021-47327

In the Linux kernel, the following vulnerability has been resolved: iommu/arm-smmu: Fix arm_smmu_device refcount leak when arm_smmu_rpm_get fails arm_smmu_rpm_get() invokes pm_runtime_get_sync(), which increases the refcount of the "smmu" even though the return value is less than 0. The reference.....

6.6AI Score

0.0004EPSS

2024-05-21 03:15 PM
28
cve
cve

CVE-2021-47315

In the Linux kernel, the following vulnerability has been resolved: memory: fsl_ifc: fix leak of IO mapping on probe failure On probe error the driver should unmap the IO memory. Smatch reports: drivers/memory/fsl_ifc.c:298 fsl_ifc_ctrl_probe() warn: 'fsl_ifc_ctrl_dev->gregs' not released on...

6.7AI Score

0.0004EPSS

2024-05-21 03:15 PM
29
cve
cve

CVE-2021-47305

In the Linux kernel, the following vulnerability has been resolved: dma-buf/sync_file: Don't leak fences on merge failure Each add_fence() call does a dma_fence_get() on the relevant fence. In the error path, we weren't calling dma_fence_put() so all those fences got leaked. Also, in the...

6.7AI Score

0.0004EPSS

2024-05-21 03:15 PM
28
cve
cve

CVE-2021-47311

In the Linux kernel, the following vulnerability has been resolved: net: qcom/emac: fix UAF in emac_remove adpt is netdev private data and it cannot be used after free_netdev() call. Using adpt after free_netdev() can cause UAF bug. Fix it by moving free_netdev() at the end of the...

6.7AI Score

0.0004EPSS

2024-05-21 03:15 PM
28
cve
cve

CVE-2021-47307

In the Linux kernel, the following vulnerability has been resolved: cifs: prevent NULL deref in cifs_compose_mount_options() The optional @ref parameter might contain an NULL node_name, so prevent dereferencing it in cifs_compose_mount_options(). Addresses-Coverity: 1476408 ("Explicit null...

6.7AI Score

0.0004EPSS

2024-05-21 03:15 PM
29
cve
cve

CVE-2021-47314

In the Linux kernel, the following vulnerability has been resolved: memory: fsl_ifc: fix leak of private memory on probe failure On probe error the driver should free the memory allocated for private structure. Fix this by using resource-managed...

6.8AI Score

0.0004EPSS

2024-05-21 03:15 PM
28
cve
cve

CVE-2021-47316

In the Linux kernel, the following vulnerability has been resolved: nfsd: fix NULL dereference in nfs3svc_encode_getaclres In error cases the dentry may be NULL. Before 20798dfe249a, the encoder also checked dentry and d_really_is_positive(dentry), but that looks like overkill to me--zero status...

6.5AI Score

0.0004EPSS

2024-05-21 03:15 PM
28
cve
cve

CVE-2021-47304

In the Linux kernel, the following vulnerability has been resolved: tcp: fix tcp_init_transfer() to not reset icsk_ca_initialized This commit fixes a bug (found by syzkaller) that could cause spurious double-initializations for congestion control modules, which could cause memory leaks or other...

6.7AI Score

0.0004EPSS

2024-05-21 03:15 PM
28
cve
cve

CVE-2021-47306

In the Linux kernel, the following vulnerability has been resolved: net: fddi: fix UAF in fza_probe fp is netdev private data and it cannot be used after free_netdev() call. Using fp after free_netdev() can cause UAF bug. Fix it by moving free_netdev() after error message. TURBOchannel...

6.7AI Score

0.0004EPSS

2024-05-21 03:15 PM
29
cve
cve

CVE-2021-47312

In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: Fix dereference of null pointer flow In the case where chain->flags & NFT_CHAIN_HW_OFFLOAD is false then nft_flow_rule_create is not called and flow is NULL. The subsequent error handling execution via labe...

6.8AI Score

0.0004EPSS

2024-05-21 03:15 PM
28
cve
cve

CVE-2021-47308

In the Linux kernel, the following vulnerability has been resolved: scsi: libfc: Fix array index out of bound exception Fix array index out of bound exception in...

6.7AI Score

0.0004EPSS

2024-05-21 03:15 PM
27
cve
cve

CVE-2021-47310

In the Linux kernel, the following vulnerability has been resolved: net: ti: fix UAF in tlan_remove_one priv is netdev private data and it cannot be used after free_netdev() call. Using priv after free_netdev() can cause UAF bug. Fix it by moving free_netdev() at the end of the...

6.7AI Score

0.0004EPSS

2024-05-21 03:15 PM
27
cve
cve

CVE-2021-47313

In the Linux kernel, the following vulnerability has been resolved: cpufreq: CPPC: Fix potential memleak in cppc_cpufreq_cpu_init It's a classic example of memleak, we allocate something, we fail and never free the resources. Make sure we free all resources on policy ->init()...

6.7AI Score

0.0004EPSS

2024-05-21 03:15 PM
27
cve
cve

CVE-2021-47303

In the Linux kernel, the following vulnerability has been resolved: bpf: Track subprog poke descriptors correctly and fix use-after-free Subprograms are calling map_poke_track(), but on program release there is no hook to call map_poke_untrack(). However, on program release, the aux memory (and...

6.5AI Score

0.0004EPSS

2024-05-21 03:15 PM
28
cve
cve

CVE-2021-47309

In the Linux kernel, the following vulnerability has been resolved: net: validate lwtstate->data before returning from skb_tunnel_info() skb_tunnel_info() returns pointer of lwtstate->data as ip_tunnel_info type without validation. lwtstate->data can have various types such as mpls_iptunne...

6.7AI Score

0.0004EPSS

2024-05-21 03:15 PM
28
cve
cve

CVE-2021-47293

In the Linux kernel, the following vulnerability has been resolved: net/sched: act_skbmod: Skip non-Ethernet packets Currently tcf_skbmod_act() assumes that packets use Ethernet as their L2 protocol, which is not always the case. As an example, for CAN devices: $ ip link add dev vcan0 type vcan $.....

6.8AI Score

0.0004EPSS

2024-05-21 03:15 PM
28
cve
cve

CVE-2021-47300

In the Linux kernel, the following vulnerability has been resolved: bpf: Fix tail_call_reachable rejection for interpreter when jit failed During testing of f263a81451c1 ("bpf: Track subprog poke descriptors correctly and fix use-after-free") under various failure conditions, for example, when...

6.5AI Score

0.0004EPSS

2024-05-21 03:15 PM
29
cve
cve

CVE-2021-47301

In the Linux kernel, the following vulnerability has been resolved: igb: Fix use-after-free error during reset Cleans the next descriptor to watch (next_to_watch) when cleaning the TX ring. Failure to do so can cause invalid memory accesses. If igb_poll() runs while the controller is reset this...

6.9AI Score

0.0004EPSS

2024-05-21 03:15 PM
28
cve
cve

CVE-2021-47295

In the Linux kernel, the following vulnerability has been resolved: net: sched: fix memory leak in tcindex_partial_destroy_work Syzbot reported memory leak in tcindex_set_parms(). The problem was in non-freed perfect hash in tcindex_partial_destroy_work(). In tcindex_set_parms() new tcindex_data...

6.7AI Score

0.0004EPSS

2024-05-21 03:15 PM
27
cve
cve

CVE-2021-47297

In the Linux kernel, the following vulnerability has been resolved: net: fix uninit-value in caif_seqpkt_sendmsg When nr_segs equal to zero in iovec_from_user, the object msg->msg_iter.iov is uninit stack memory in caif_seqpkt_sendmsg which is defined in ___sys_sendmsg. So we cann't just judge.....

6.6AI Score

0.0004EPSS

2024-05-21 03:15 PM
28
cve
cve

CVE-2021-47299

In the Linux kernel, the following vulnerability has been resolved: xdp, net: Fix use-after-free in bpf_xdp_link_release The problem occurs between dev_get_by_index() and dev_xdp_attach_link(). At this point, dev_xdp_uninstall() is called. Then xdp link will not be detached automatically when dev.....

6.6AI Score

0.0004EPSS

2024-05-21 03:15 PM
29
cve
cve

CVE-2021-47290

In the Linux kernel, the following vulnerability has been resolved: scsi: target: Fix NULL dereference on XCOPY completion CPU affinity control added with commit 39ae3edda325 ("scsi: target: core: Make completion affinity configurable") makes target_complete_cmd() queue work on a CPU based on...

6.5AI Score

0.0004EPSS

2024-05-21 03:15 PM
28
cve
cve

CVE-2021-47292

In the Linux kernel, the following vulnerability has been resolved: io_uring: fix memleak in io_init_wq_offload() I got memory leak report when doing fuzz test: BUG: memory leak unreferenced object 0xffff888107310a80 (size 96): comm "syz-executor.6", pid 4610, jiffies 4295140240 (age 20.135s) hex.....

6.6AI Score

0.0004EPSS

2024-05-21 03:15 PM
27
cve
cve

CVE-2021-47291

In the Linux kernel, the following vulnerability has been resolved: ipv6: fix another slab-out-of-bounds in fib6_nh_flush_exceptions While running the self-tests on a KASAN enabled kernel, I observed a slab-out-of-bounds splat very similar to the one reported in commit 821bbf79fe46 ("ipv6: Fix...

6.7AI Score

0.0004EPSS

2024-05-21 03:15 PM
29
cve
cve

CVE-2021-47294

In the Linux kernel, the following vulnerability has been resolved: netrom: Decrease sock refcount when sock timers expire Commit 63346650c1a9 ("netrom: switch to sock timer API") switched to use sock timer API. It replaces mod_timer() by sk_reset_timer(), and del_timer() by sk_stop_timer()....

6.7AI Score

0.0004EPSS

2024-05-21 03:15 PM
28
cve
cve

CVE-2021-47296

In the Linux kernel, the following vulnerability has been resolved: KVM: PPC: Fix kvm_arch_vcpu_ioctl vcpu_load leak vcpu_put is not called if the user copy fails. This can result in preempt notifier corruption and crashes, among other...

6.9AI Score

0.0004EPSS

2024-05-21 03:15 PM
28
cve
cve

CVE-2021-47302

In the Linux kernel, the following vulnerability has been resolved: igc: Fix use-after-free error during reset Cleans the next descriptor to watch (next_to_watch) when cleaning the TX ring. Failure to do so can cause invalid memory accesses. If igc_poll() runs while the controller is being reset...

6.7AI Score

0.0004EPSS

2024-05-21 03:15 PM
32
cve
cve

CVE-2021-47298

In the Linux kernel, the following vulnerability has been resolved: bpf, sockmap: Fix potential memory leak on unlikely error case If skb_linearize is needed and fails we could leak a msg on the error handling. To fix ensure we kfree the msg block before returning error. Found during code...

6.9AI Score

0.0004EPSS

2024-05-21 03:15 PM
27
cve
cve

CVE-2021-47279

In the Linux kernel, the following vulnerability has been resolved: usb: misc: brcmstb-usb-pinmap: check return value after calling platform_get_resource() It will cause null-ptr-deref if platform_get_resource() returns NULL, we need check the return...

6.7AI Score

0.0004EPSS

2024-05-21 03:15 PM
28
cve
cve

CVE-2021-47283

In the Linux kernel, the following vulnerability has been resolved: net:sfc: fix non-freed irq in legacy irq mode SFC driver can be configured via modparam to work using MSI-X, MSI or legacy IRQ interrupts. In the last one, the interrupt was not properly released on module remove. It was not freed....

6.7AI Score

0.0004EPSS

2024-05-21 03:15 PM
28
cve
cve

CVE-2021-47284

In the Linux kernel, the following vulnerability has been resolved: isdn: mISDN: netjet: Fix crash in nj_probe: 'nj_setup' in netjet.c might fail with -EIO and in this case 'card->irq' is initialized and is bigger than zero. A subsequent call to 'nj_release' will free the irq that has not been.....

6.4AI Score

0.0004EPSS

2024-05-21 03:15 PM
28
cve
cve

CVE-2021-47286

In the Linux kernel, the following vulnerability has been resolved: bus: mhi: core: Validate channel ID when processing command completions MHI reads the channel ID from the event ring element sent by the device which can be any value between 0 and 255. In order to prevent any out of bound...

6.8AI Score

0.0004EPSS

2024-05-21 03:15 PM
29
cve
cve

CVE-2021-47278

In the Linux kernel, the following vulnerability has been resolved: bus: mhi: pci_generic: Fix possible use-after-free in mhi_pci_remove() This driver's remove path calls del_timer(). However, that function does not wait until the timer handler finishes. This means that the timer handler may still....

6.6AI Score

0.0004EPSS

2024-05-21 03:15 PM
27
cve
cve

CVE-2021-47280

In the Linux kernel, the following vulnerability has been resolved: drm: Fix use-after-free read in drm_getunique() There is a time-of-check-to-time-of-use error in drm_getunique() due to retrieving file_priv->master prior to locking the device's master mutex. An example can be seen in the crash...

6.5AI Score

0.0004EPSS

2024-05-21 03:15 PM
29
cve
cve

CVE-2021-47282

In the Linux kernel, the following vulnerability has been resolved: spi: bcm2835: Fix out-of-bounds access with more than 4 slaves Commit 571e31fa60b3 ("spi: bcm2835: Cache CS register value for ->prepare_message()") limited the number of slaves to 3 at compile-time. The limitation was...

6.8AI Score

0.0004EPSS

2024-05-21 03:15 PM
28
cve
cve

CVE-2021-47277

In the Linux kernel, the following vulnerability has been resolved: kvm: avoid speculation-based attacks from out-of-range memslot accesses KVM's mechanism for accessing guest memory translates a guest physical address (gpa) to a host virtual address using the right-shifted gpa (also known as gfn)....

6.3AI Score

0.0004EPSS

2024-05-21 03:15 PM
28
cve
cve

CVE-2021-47285

In the Linux kernel, the following vulnerability has been resolved: net/nfc/rawsock.c: fix a permission check bug The function rawsock_create() calls a privileged function sk_alloc(), which requires a ns-aware check to check net->user_ns, i.e., ns_capable(). However, the original code checks the...

6.8AI Score

0.0004EPSS

2024-05-21 03:15 PM
30
cve
cve

CVE-2021-47287

In the Linux kernel, the following vulnerability has been resolved: driver core: auxiliary bus: Fix memory leak when driver_register() fail If driver_register() returns with error we need to free the memory allocated for auxdrv->driver.name before returning from...

6.7AI Score

0.0004EPSS

2024-05-21 03:15 PM
28
cve
cve

CVE-2021-47289

In the Linux kernel, the following vulnerability has been resolved: ACPI: fix NULL pointer dereference Commit 71f642833284 ("ACPI: utils: Fix reference counting in for_each_acpi_dev_match()") started doing "acpi_dev_put()" on a pointer that was possibly NULL. That fails miserably, because that...

6.7AI Score

0.0004EPSS

2024-05-21 03:15 PM
28
Total number of security vulnerabilities8362