54 matches found
CVE-2021-3491
The iouring subsystem in the Linux kernel allowed the MAXRWCOUNT limit to be bypassed in the PROVIDEBUFFERS operation, which led to negative values being usedin memrw when reading /proc//mem. This could be used to create a heap overflow leading to arbitrary code execution in the kernel. It was...
UVI-2021-1000261 ASoC: q6afe-clocks: fix reprobing of the driver
ASoC: q6afe-clocks: fix reprobing of the driver This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.12.4 by commit...
UVI-2021-1000254 mt76: mt7915: fix tx skb dma unmap
mt76: mt7915: fix tx skb dma unmap This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.12.4 by commit e2cdc9cb33c5963efe1a7c022753386f9463d1b7, i...
UVI-2021-1000262 powerpc: Fix HAVE_HARDLOCKUP_DETECTOR_ARCH build configuration
powerpc: Fix HAVEHARDLOCKUPDETECTORARCH build configuration This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.12.4 by commit...
GSD-2021-1000237 mt76: mt7915: fix memleak when mt7915_unregister_device()
mt76: mt7915: fix memleak when mt7915unregisterdevice This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.12.4 by commit...
GSD-2021-1000241 i2c: xiic: fix reference leak when pm_runtime_get_sync fails
i2c: xiic: fix reference leak when pmruntimegetsync fails This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.12.4 by commit...
GSD-2021-1000228 net/sched: act_ct: fix wild memory access when clearing fragments
net/sched: actct: fix wild memory access when clearing fragments This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.12.4 by commit...
GSD-2021-1000275 drm/amd/display: Fix off by one in hdmi_14_process_transaction()
drm/amd/display: Fix off by one in hdmi14processtransaction This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.12.4 by commit...
GSD-2021-1000257 powerpc/64s: Fix pte update for kernel memory on radix
powerpc/64s: Fix pte update for kernel memory on radix This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.12.4 by commit...
GSD-2021-1000270 drm/amd/display: Free local data after use
drm/amd/display: Free local data after use This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.12.4 by commit...
GSD-2021-1000290 mtd: require write permissions for locking and badblock ioctls
mtd: require write permissions for locking and badblock ioctls This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.12.4 by commit...
GSD-2021-1000265 io_uring: fix overflows checks in provide buffers
iouring: fix overflows checks in provide buffers This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.12.4 by commit...
UVI-2021-1000242 i2c: stm32f7: fix reference leak when pm_runtime_get_sync fails
i2c: stm32f7: fix reference leak when pmruntimegetsync fails This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.12.4 by commit...
UVI-2021-1000273 sched/fair: Fix shift-out-of-bounds in load_balance()
sched/fair: Fix shift-out-of-bounds in loadbalance This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.12.4 by commit...
UVI-2021-1000231 ath10k: Fix a use after free in ath10k_htc_send_bundle
ath10k: Fix a use after free in ath10khtcsendbundle This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.12.4 by commit...
UVI-2021-1000228 net/sched: act_ct: fix wild memory access when clearing fragments
net/sched: actct: fix wild memory access when clearing fragments This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.12.4 by commit...
UVI-2021-1000309 net/nfc: fix use-after-free llcp_sock_bind/connect
net/nfc: fix use-after-free llcpsockbind/connect This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.12.4 by commit...
UVI-2021-1000272 media: venus: core: Fix some resource leaks in the error path of 'venus_probe()'
media: venus: core: Fix some resource leaks in the error path of 'venusprobe' This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.12.4 by commit...
UVI-2021-1000240 vsock/virtio: free queued packets when closing socket
vsock/virtio: free queued packets when closing socket This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.12.4 by commit...
GSD-2021-1000288 soundwire: stream: fix memory leak in stream config error path
soundwire: stream: fix memory leak in stream config error path This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.12.4 by commit...