7.8
CVE-2021-47204 - net: dpaa2-eth: fix use-after-free in dpaa2_eth_remove
In the Linux kernel, the following vulnerability has been resolved: net: dpaa2-eth: fix use-after-free in dpaa2_eth_remove Access to netdev after free_netdev() will cause use-after-free bug. Move debug log before free_netdev() call to avoid it.
7.1
CVE-2021-47191 - scsi: scsi_debug: Fix out-of-bound read in resp_readcap16()
In the Linux kernel, the following vulnerability has been resolved: scsi: scsi_debug: Fix out-of-bound read in resp_readcap16() The following warning was observed running syzkaller: [ 3813.830724] sg_write: data in/out 65466/242 bytes for SCSI command 0x9e-- guessing data in; [ 3813.830724] pโฆ
4.4
CVE-2021-47185 - tty: tty_buffer: Fix the softlockup issue in flush_to_ldisc
In the Linux kernel, the following vulnerability has been resolved: tty: tty_buffer: Fix the softlockup issue in flush_to_ldisc When running ltp testcase(ltp/testcases/kernel/pty/pty04.c) with arm64, there is a soft lockup, which look like this one: Workqueue: events_unbound flush_to_ldisc Cโฆ
5.5
CVE-2021-47182 - scsi: core: Fix scsi_mode_sense() buffer length handling
In the Linux kernel, the following vulnerability has been resolved: scsi: core: Fix scsi_mode_sense() buffer length handling Several problems exist with scsi_mode_sense() buffer length handling: 1) The allocation length field of the MODE SENSE(10) command is 16-bits, occupying bytes 7 and 8โฆ
5.3
CVE-2021-47192 - scsi: core: sysfs: Fix hang when device state is set via sysfs
In the Linux kernel, the following vulnerability has been resolved: scsi: core: sysfs: Fix hang when device state is set via sysfs This fixes a regression added with: commit f0f82e2476f6 ("scsi: core: Fix capacity set to zero after offlinining device") The problem is that after iSCSI recovery, โฆ
6.1
CVE-2021-47213 - kernel: NFSD: Fix exposure in nfsd4_decode_bitmap()
This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.
5.5
CVE-2021-47203 - scsi: lpfc: Fix list_add() corruption in lpfc_drain_txq()
In the Linux kernel, the following vulnerability has been resolved: scsi: lpfc: Fix list_add() corruption in lpfc_drain_txq() When parsing the txq list in lpfc_drain_txq(), the driver attempts to pass the requests to the adapter. If such an attempt fails, a local "fail_msg" string is set and a loโฆ
5.5
CVE-2021-47197 - net/mlx5e: nullify cq->dbg pointer in mlx5_debug_cq_remove()
In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: nullify cq->dbg pointer in mlx5_debug_cq_remove() Prior to this patch in case mlx5_core_destroy_cq() failed it proceeds to rest of destroy operations. mlx5_core_destroy_cq() could be called again by user and cause addiโฆ
8.8
CVE-2024-26362 -
HTML injection vulnerability in Enpass Password Manager Desktop Client 6.9.2 for Windows and Linux allows attackers to run arbitrary HTML code via creation of crafted note.
6.5
CVE-2024-29502 -
An issue in Secure Lockdown Multi Application Edition v2.00.219 allows attackers to read arbitrary files via using UNC paths.