7.8
CVE-2021-47357 - atm: iphase: fix possible use-after-free in ia_module_exit()
In the Linux kernel, the following vulnerability has been resolved: atm: iphase: fix possible use-after-free in ia_module_exit() This module's remove path calls del_timer(). However, that function does not wait until the timer handler finishes. This means that the timer handler may still be runniβ¦
7.7
CVE-2021-47356 - mISDN: fix possible use-after-free in HFC_cleanup()
In the Linux kernel, the following vulnerability has been resolved: mISDN: fix possible use-after-free in HFC_cleanup() This module's remove path calls del_timer(). However, that function does not wait until the timer handler finishes. This means that the timer handler may still be running after β¦
7.8
CVE-2021-47355 - atm: nicstar: Fix possible use-after-free in nicstar_cleanup()
In the Linux kernel, the following vulnerability has been resolved: atm: nicstar: Fix possible use-after-free in nicstar_cleanup() This module's remove path calls del_timer(). However, that function does not wait until the timer handler finishes. This means that the timer handler may still be runβ¦
7.8
CVE-2021-47352 - virtio-net: Add validation for used length
In the Linux kernel, the following vulnerability has been resolved: virtio-net: Add validation for used length This adds validation for used length (might come from an untrusted device) to avoid data corruption or loss.
5.5
CVE-2021-47325 - iommu/arm-smmu: Fix arm_smmu_device refcount leak in address translation
In the Linux kernel, the following vulnerability has been resolved: iommu/arm-smmu: Fix arm_smmu_device refcount leak in address translation The reference counting issue happens in several exception handling paths of arm_smmu_iova_to_phys_hard(). When those error scenarios occur, the function forβ¦
7.8
CVE-2021-47321 - watchdog: Fix possible use-after-free by calling del_timer_sync()
In the Linux kernel, the following vulnerability has been resolved: watchdog: Fix possible use-after-free by calling del_timer_sync() This driver's remove path calls del_timer(). However, that function does not wait until the timer handler finishes. This means that the timer handler may still be β¦
7.0
CVE-2021-47281 - ALSA: seq: Fix race of snd_seq_timer_open()
In the Linux kernel, the following vulnerability has been resolved: ALSA: seq: Fix race of snd_seq_timer_open() The timer instance per queue is exclusive, and snd_seq_timer_open() should have managed the concurrent accesses. It looks as if it's checking the already existing timer instance at theβ¦
5.5
CVE-2021-47258 - scsi: core: Fix error handling of scsi_host_alloc()
In the Linux kernel, the following vulnerability has been resolved: scsi: core: Fix error handling of scsi_host_alloc() After device is initialized via device_initialize(), or its name is set via dev_set_name(), the device has to be freed via put_device(). Otherwise device name will be leaked beβ¦
5.5
CVE-2021-47330 - tty: serial: 8250: serial_cs: Fix a memory leak in error handling path
In the Linux kernel, the following vulnerability has been resolved: tty: serial: 8250: serial_cs: Fix a memory leak in error handling path In the probe function, if the final 'serial_config()' fails, 'info' is leaking. Add a resource handling path to free this memory.
7.8
CVE-2023-52854 - padata: Fix refcnt handling in padata_free_shell()
In the Linux kernel, the following vulnerability has been resolved: padata: Fix refcnt handling in padata_free_shell() In a high-load arm64 environment, the pcrypt_aead01 test in LTP can lead to system UAF (Use-After-Free) issues. Due to the lengthy analysis of the pcrypt_aead01 function call, I'β¦