2 matches found
CVE-2021-46959
CVE-2021-46959 is a Linux kernel SPI subsystem use-after-free issue (devm_spi_alloc_{master,slave}) caused by relying on the devres list during spi_unregister_controller. The root cause is that devres_find() runs after the devres list has been torn down, leading to underflow of reference counters...
CVE-2023-53433
CVE-2023-53433 affects the Linux kernel’s VLAN handling. The issue arises from the change to add a new helper, vlan_get_protocol_and_depth(), to fix callers that relied on skb->head for MAC header data. Before the fix, code paths used pskb_may_pull() instead of skb_header_pointer() in __vlan_g...