VYPR

Vendor CVEs

Linux

All CVEs

15,999 total · sorted by risk
  • CVE-2021-47172MedMar 25, 2024
    risk 0.36cvss 5.5epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: iio: adc: ad7124: Fix potential overflow due to non sequential channel numbers Channel numbering must start at 0 and then not have any holes, or it is possible to overflow the available storage. Note this bug…

  • CVE-2021-47171MedMar 25, 2024
    risk 0.36cvss 5.5epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: net: usb: fix memory leak in smsc75xx_bind Syzbot reported memory leak in smsc75xx_bind(). The problem was is non-freed memory in case of errors after memory allocation. backtrace: []…

  • CVE-2021-47170MedMar 25, 2024
    risk 0.36cvss 5.5epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: USB: usbfs: Don't WARN about excessively large memory allocations Syzbot found that the kernel generates a WARNing if the user tries to submit a bulk transfer through usbfs with a buffer that is way too large.…

  • CVE-2021-47169MedMar 25, 2024
    risk 0.36cvss 5.5epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: serial: rp2: use 'request_firmware' instead of 'request_firmware_nowait' In 'rp2_probe', the driver registers 'rp2_uart_interrupt' then calls 'rp2_fw_cb' through 'request_firmware_nowait'. In 'rp2_fw_cb', if…

  • CVE-2021-47168MedMar 25, 2024
    risk 0.36cvss 5.5epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: NFS: fix an incorrect limit in filelayout_decode_layout() The "sizeof(struct nfs_fh)" is two bytes too large and could lead to memory corruption. It should be NFS_MAXFHSIZE because that's the size of the…

  • CVE-2021-47167MedMar 25, 2024
    risk 0.36cvss 5.5epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: NFS: Fix an Oopsable condition in __nfs_pageio_add_request() Ensure that nfs_pageio_error_cleanup() resets the mirror array contents, so that the structure reflects the fact that it is now empty. Also change…

  • CVE-2021-47166MedMar 25, 2024
    risk 0.36cvss 5.5epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: NFS: Don't corrupt the value of pg_bytes_written in nfs_do_recoalesce() The value of mirror->pg_bytes_written should only be updated after a successful attempt to flush out the requests on the list.

  • CVE-2021-47165MedMar 25, 2024
    risk 0.36cvss 5.5epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: drm/meson: fix shutdown crash when component not probed When main component is not probed, by example when the dw-hdmi module is not loaded yet or in probe defer, the following crash appears on shutdown: …

  • CVE-2021-47164MedMar 25, 2024
    risk 0.36cvss 5.5epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: Fix null deref accessing lag dev It could be the lag dev is null so stop processing the event. In bond_enslave() the active/backup slave being set before setting the upper dev so first event is…

  • CVE-2021-47163MedMar 25, 2024
    risk 0.36cvss 5.5epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: tipc: wait and exit until all work queues are done On some host, a crash could be triggered simply by repeating these commands several times: # modprobe tipc # tipc bearer enable media udp name UDP1…

  • CVE-2021-47162MedMar 25, 2024
    risk 0.36cvss 5.5epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: tipc: skb_linearize the head skb when reassembling msgs It's not a good idea to append the frag skb to a skb's frag_list if the frag_list already has skbs from elsewhere, such as this skb was created by…

  • CVE-2021-47161MedMar 25, 2024
    risk 0.36cvss 5.5epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: spi: spi-fsl-dspi: Fix a resource leak in an error handling path 'dspi_request_dma()' should be undone by a 'dspi_release_dma()' call in the error handling path of the probe function, as already done in the…

  • CVE-2021-47159MedMar 25, 2024
    risk 0.36cvss 5.5epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: net: dsa: fix a crash if ->get_sset_count() fails If ds->ops->get_sset_count() fails then it "count" is a negative error code such as -EOPNOTSUPP. Because "i" is an unsigned int, the negative error code is…

  • CVE-2021-47158MedMar 25, 2024
    risk 0.36cvss 5.5epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: net: dsa: sja1105: add error handling in sja1105_setup() If any of sja1105_static_config_load(), sja1105_clocking_setup() or sja1105_devlink_setup() fails, we can't just return in the middle of sja1105_setup()…

  • CVE-2021-47152MedMar 25, 2024
    risk 0.36cvss 5.5epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: mptcp: fix data stream corruption Maxim reported several issues when forcing a TCP transparent proxy to use the MPTCP protocol for the inbound connections. He also provided a clean reproducer. The problem…

  • CVE-2021-47151MedMar 25, 2024
    risk 0.36cvss 5.5epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: interconnect: qcom: bcm-voter: add a missing of_node_put() Add a missing of_node_put() in of_bcm_voter_get() to avoid the reference leak.

  • CVE-2021-47150MedMar 25, 2024
    risk 0.36cvss 5.5epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: net: fec: fix the potential memory leak in fec_enet_init() If the memory allocated for cbd_base is failed, it should free the memory allocated for the queues, otherwise it causes memory leak. And if the…

  • CVE-2021-47149MedMar 25, 2024
    risk 0.36cvss 5.5epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: net: fujitsu: fix potential null-ptr-deref In fmvj18x_get_hwinfo(), if ioremap fails there will be NULL pointer deref. To fix this, check the return value of ioremap and return -1 to the caller in case of…

  • CVE-2021-47146MedMar 25, 2024
    risk 0.36cvss 5.5epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: mld: fix panic in mld_newpack() mld_newpack() doesn't allow to allocate high order page, only order-0 allocation is allowed. If headroom size is too large, a kernel panic could occur in skb_put(). Test…

  • CVE-2021-47145MedMar 25, 2024
    risk 0.36cvss 5.5epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: btrfs: do not BUG_ON in link_to_fixup_dir While doing error injection testing I got the following panic kernel BUG at fs/btrfs/tree-log.c:1862! invalid opcode: 0000 [#1] SMP NOPTI CPU: 1 PID: 7836 Comm:…

  • CVE-2021-47143MedMar 25, 2024
    risk 0.36cvss 5.5epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: net/smc: remove device from smcd_dev_list after failed device_add() If the device_add() for a smcd_dev fails, there's no cleanup step that rolls back the earlier list_add(). The device subsequently gets freed,…

  • CVE-2021-47142MedMar 25, 2024
    risk 0.36cvss 5.5epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Fix a use-after-free looks like we forget to set ttm->sg to NULL. Hit panic below [ 1235.844104] general protection fault, probably for non-canonical address 0x6b6b6b6b6b6b7b4b: 0000 [#1] SMP…

  • CVE-2021-47141MedMar 25, 2024
    risk 0.36cvss 5.5epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: gve: Add NULL pointer checks when freeing irqs. When freeing notification blocks, we index priv->msix_vectors. If we failed to allocate priv->msix_vectors (see abort_with_msix_vectors) this could lead to a…

  • CVE-2021-47139MedMar 25, 2024
    risk 0.36cvss 5.5epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: net: hns3: put off calling register_netdev() until client initialize complete Currently, the netdevice is registered before client initializing complete. So there is a timewindow between netdevice available…

  • CVE-2021-47136MedMar 25, 2024
    risk 0.36cvss 5.5epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: net: zero-initialize tc skb extension on allocation Function skb_ext_add() doesn't initialize created skb extension with any value and leaves it up to the user. However, since extension of type TC_SKB_EXT…

  • CVE-2024-26643MedMar 21, 2024
    risk 0.36cvss 5.5epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: mark set as dead when unbinding anonymous set with timeout While the rhashtable set gc runs asynchronously, a race allows it to collect elements from anonymous sets with timeouts while it…

  • CVE-2024-26642MedMar 21, 2024
    risk 0.36cvss 5.5epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: disallow anonymous set with timeout flag Anonymous sets are never used with timeout from userspace, reject this. Exception to this rule is NFT_SET_EVAL to ensure legacy meters still work.

  • CVE-2024-26641MedMar 18, 2024
    risk 0.36cvss 5.5epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: ip6_tunnel: make sure to pull inner header in __ip6_tnl_rcv() syzbot found __ip6_tnl_rcv() could access unitiliazed data [1]. Call pskb_inet_may_pull() to fix this, and initialize ipv6h variable after this…

  • CVE-2024-26640MedMar 18, 2024
    risk 0.36cvss 5.5epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: tcp: add sanity checks to rx zerocopy TCP rx zerocopy intent is to map pages initially allocated from NIC drivers, not pages owned by a fs. This patch adds to can_map_frag() these additional checks: - Page…

  • CVE-2024-26637MedMar 18, 2024
    risk 0.36cvss 5.5epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: wifi: ath11k: rely on mac80211 debugfs handling for vif mac80211 started to delete debugfs entries in certain cases, causing a ath11k to crash when it tried to delete the entries later. Fix this by relying on…

  • CVE-2024-26636MedMar 18, 2024
    risk 0.36cvss 5.5epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: llc: make llc_ui_sendmsg() more robust against bonding changes syzbot was able to trick llc_ui_sendmsg(), allocating an skb with no headroom, but subsequently trying to push 14 bytes of Ethernet header [1] …

  • CVE-2024-26635MedMar 18, 2024
    risk 0.36cvss 5.5epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: llc: Drop support for ETH_P_TR_802_2. syzbot reported an uninit-value bug below. [0] llc supports ETH_P_802_2 (0x0004) and used to support ETH_P_TR_802_2 (0x0011), and syzbot abused the latter to trigger the…

  • CVE-2024-26634MedMar 18, 2024
    risk 0.36cvss 5.5epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: net: fix removing a namespace with conflicting altnames Mark reports a BUG() when a net namespace is removed. kernel BUG at net/core/dev.c:11520! Physical interfaces moved outside of init_net get…

  • CVE-2024-26633MedMar 18, 2024
    risk 0.36cvss 5.5epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: ip6_tunnel: fix NEXTHDR_FRAGMENT handling in ip6_tnl_parse_tlv_enc_lim() syzbot pointed out [1] that NEXTHDR_FRAGMENT handling is broken. Reading frag_off can only be done if we pulled enough bytes to…

  • CVE-2024-26632MedMar 18, 2024
    risk 0.36cvss 5.5epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: block: Fix iterating over an empty bio with bio_for_each_folio_all If the bio contains no data, bio_first_folio() calls page_folio() on a NULL pointer and oopses. Move the test that we've reached the end of…

  • CVE-2023-52619MedMar 18, 2024
    risk 0.36cvss 5.5epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: pstore/ram: Fix crash when setting number of cpus to an odd number When the number of cpu cores is adjusted to 7 or other odd numbers, the zone size will become an odd number. The address of the zone will…

  • CVE-2023-52616MedMar 18, 2024
    risk 0.36cvss 5.5epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: crypto: lib/mpi - Fix unexpected pointer access in mpi_ec_init When the mpi_ec_ctx structure is initialized, some fields are not cleared, causing a crash when referencing the field when the structure was…

  • CVE-2023-52615MedMar 18, 2024
    risk 0.36cvss 5.5epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: hwrng: core - Fix page fault dead lock on mmap-ed hwrng There is a dead-lock in the hwrng device read path. This triggers when the user reads from /dev/hwrng into memory also mmap-ed from /dev/hwrng. The…

  • CVE-2023-52613MedMar 18, 2024
    risk 0.36cvss 5.5epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: drivers/thermal/loongson2_thermal: Fix incorrect PTR_ERR() judgment PTR_ERR() returns -ENODEV when thermal-zones are undefined, and we need -ENODEV as the right value for comparison. Otherwise, tz->type is…

  • CVE-2023-52611MedMar 18, 2024
    risk 0.36cvss 5.5epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: wifi: rtw88: sdio: Honor the host max_req_size in the RX path Lukas reports skb_over_panic errors on his Banana Pi BPI-CM4 which comes with an Amlogic A311D (G12B) SoC and a RTL8822CS SDIO wifi/Bluetooth combo…

  • CVE-2023-52610MedMar 18, 2024
    risk 0.36cvss 5.5epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: net/sched: act_ct: fix skb leak and crash on ooo frags act_ct adds skb->users before defragmentation. If frags arrive in order, the last frag's reference is reset in: inet_frag_reasm_prepare skb_morph …

  • CVE-2021-47134MedMar 15, 2024
    risk 0.36cvss 5.5epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: efi/fdt: fix panic when no valid fdt found setup_arch() would invoke efi_init()->efi_get_fdt_params(). If no valid fdt found then initial_boot_params will be null. So we should stop further fdt processing…

  • CVE-2021-47133MedMar 15, 2024
    risk 0.36cvss 5.5epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: HID: amd_sfh: Fix memory leak in amd_sfh_work Kmemleak tool detected a memory leak in the amd_sfh driver. ==================== unreferenced object 0xffff88810228ada0 (size 32): comm "insmod", pid 3968,…

  • CVE-2021-47128MedMar 15, 2024
    risk 0.36cvss 5.5epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: bpf, lockdown, audit: Fix buggy SELinux lockdown permission checks Commit 59438b46471a ("security,lockdown,selinux: implement SELinux lockdown") added an implementation of the locked_down LSM hook to SELinux,…

  • CVE-2021-47127MedMar 15, 2024
    risk 0.36cvss 5.5epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: ice: track AF_XDP ZC enabled queues in bitmap Commit c7a219048e45 ("ice: Remove xsk_buff_pool from VSI structure") silently introduced a regression and broke the Tx side of AF_XDP in copy mode. xsk_pool on…

  • CVE-2021-47126MedMar 15, 2024
    risk 0.36cvss 5.5epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: ipv6: Fix KASAN: slab-out-of-bounds Read in fib6_nh_flush_exceptions Reported by syzbot: HEAD commit: 90c911ad Merge tag 'fixes' of git://git.kernel.org/pub/scm.. git tree: …

  • CVE-2021-47125MedMar 15, 2024
    risk 0.36cvss 5.5epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: sch_htb: fix refcount leak in htb_parent_to_leaf_offload The commit ae81feb7338c ("sch_htb: fix null pointer dereference on a null new_q") fixes a NULL pointer dereference bug, but it is not correct. Because…

  • CVE-2021-47124MedMar 15, 2024
    risk 0.36cvss 5.5epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: io_uring: fix link timeout refs WARNING: CPU: 0 PID: 10242 at lib/refcount.c:28 refcount_warn_saturate+0x15b/0x1a0 lib/refcount.c:28 RIP: 0010:refcount_warn_saturate+0x15b/0x1a0 lib/refcount.c:28 Call Trace: …

  • CVE-2021-47122MedMar 15, 2024
    risk 0.36cvss 5.5epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: net: caif: fix memory leak in caif_device_notify In case of caif_enroll_dev() fail, allocated link_support won't be assigned to the corresponding structure. So simply free allocated pointer in case of error

  • CVE-2021-47121MedMar 15, 2024
    risk 0.36cvss 5.5epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: net: caif: fix memory leak in cfusbl_device_notify In case of caif_enroll_dev() fail, allocated link_support won't be assigned to the corresponding structure. So simply free allocated pointer in case of error.

Page 189 of 320