7.8
CVE-2023-52818 - drm/amd: Fix UBSAN array-index-out-of-bounds for SMU7
In the Linux kernel, the following vulnerability has been resolved: drm/amd: Fix UBSAN array-index-out-of-bounds for SMU7 For pptable structs that use flexible array sizes, use flexible arrays.
4.4
CVE-2023-52733 - kernel: s390/decompressor: specify __decompress() buf len to avoid overflow
This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.
7.8
CVE-2021-47303 - bpf: Track subprog poke descriptors correctly and fix use-after-free
In the Linux kernel, the following vulnerability has been resolved: bpf: Track subprog poke descriptors correctly and fix use-after-free Subprograms are calling map_poke_track(), but on program release there is no hook to call map_poke_untrack(). However, on program release, the aux memory (and pβ¦
5.5
CVE-2021-47299 - xdp, net: Fix use-after-free in bpf_xdp_link_release
In the Linux kernel, the following vulnerability has been resolved: xdp, net: Fix use-after-free in bpf_xdp_link_release The problem occurs between dev_get_by_index() and dev_xdp_attach_link(). At this point, dev_xdp_uninstall() is called. Then xdp link will not be detached automatically when devβ¦
7.8
CVE-2021-47328 - scsi: iscsi: Fix conn use after free during resets
In the Linux kernel, the following vulnerability has been resolved: scsi: iscsi: Fix conn use after free during resets If we haven't done a unbind target call we can race where iscsi_conn_teardown wakes up the EH thread and then frees the conn while those threads are still accessing the conn ehwaβ¦
5.5
CVE-2021-47279 - usb: misc: brcmstb-usb-pinmap: check return value after calling platform_get_resource()
In the Linux kernel, the following vulnerability has been resolved: usb: misc: brcmstb-usb-pinmap: check return value after calling platform_get_resource() It will cause null-ptr-deref if platform_get_resource() returns NULL, we need check the return value.
6.2
CVE-2021-47224 - net: ll_temac: Make sure to free skb when it is completely used
In the Linux kernel, the following vulnerability has been resolved: net: ll_temac: Make sure to free skb when it is completely used With the skb pointer piggy-backed on the TX BD, we have a simple and efficient way to free the skb buffer when the frame has been transmitted. But in order to avoid β¦
5.5
CVE-2023-52817 - drm/amdgpu: Fix a null pointer access when the smc_rreg pointer is NULL
In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Fix a null pointer access when the smc_rreg pointer is NULL In certain types of chips, such as VEGA20, reading the amdgpu_regs_smc file could result in an abnormal null pointer access when the smc_rreg pointer is NULLβ¦
5.5
CVE-2023-52808 - scsi: hisi_sas: Set debugfs_dir pointer to NULL after removing debugfs
In the Linux kernel, the following vulnerability has been resolved: scsi: hisi_sas: Set debugfs_dir pointer to NULL after removing debugfs If init debugfs failed during device registration due to memory allocation failure, debugfs_remove_recursive() is called, after which debugfs_dir is not set tβ¦
5.5
CVE-2021-47405 - HID: usbhid: free raw_report buffers in usbhid_stop
In the Linux kernel, the following vulnerability has been resolved: HID: usbhid: free raw_report buffers in usbhid_stop Free the unsent raw_report buffers when the device is removed. Fixes a memory leak reported by syzbot at: https://syzkaller.appspot.com/bug?id=7b4fa7cb1a7c2d3342a2a8a6c53371c8cβ¦