Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits: 6170a53b by Salvatore Bonaccorso at 2024-03-01T22:46:55+01:00 Merge Linux CVEs from kernel-sec - - - - - 1 changed file: - data/CVE/list Changes: ===================================== data/CVE/list ===================================== @@ -1,3 +1,49 @@ +CVE-2021-47081 [habanalabs/gaudi: Fix a potential use after free in gaudi_memset_device_memory] + - linux <not-affected> (Vulnerable code not present) + NOTE: https://git.kernel.org/linus/115726c5d312b462c9d9931ea42becdfa838a076 (5.13-rc3) +CVE-2021-47080 [RDMA/core: Prevent divide-by-zero error triggered by the user] + - linux 5.10.40-1 + [buster] - linux <not-affected> (Vulnerable code not present) + NOTE: https://git.kernel.org/linus/54d87913f147a983589923c7f651f97de9af5be1 (5.13-rc3) +CVE-2021-47079 [platform/x86: ideapad-laptop: fix a NULL pointer dereference] + - linux <not-affected> (Vulnerable code not present) + NOTE: https://git.kernel.org/linus/ff67dbd554b2aaa22be933eced32610ff90209dd (5.13-rc3) +CVE-2021-47078 [RDMA/rxe: Clear all QP fields if creation failed] + - linux 5.10.40-1 + [buster] - linux 4.19.194-1 + NOTE: https://git.kernel.org/linus/67f29896fdc83298eed5a6576ff8f9873f709228 (5.13-rc3) +CVE-2021-47077 [scsi: qedf: Add pointer checks in qedf_update_link_speed()] + - linux 5.10.40-1 + NOTE: https://git.kernel.org/linus/73578af92a0fae6609b955fcc9113e50e413c80f (5.13-rc3) +CVE-2021-47076 [RDMA/rxe: Return CQE error if invalid lkey was supplied] + - linux 5.14.6-1 + NOTE: https://git.kernel.org/linus/dc07628bd2bbc1da768e265192c28ebd301f509d (5.13-rc3) +CVE-2021-47075 [nvmet: fix memory leak in nvmet_alloc_ctrl()] + - linux 5.10.40-1 + [buster] - linux <not-affected> (Vulnerable code not present) + NOTE: https://git.kernel.org/linus/fec356a61aa3d3a66416b4321f1279e09e0f256f (5.13-rc3) +CVE-2021-47074 [nvme-loop: fix memory leak in nvme_loop_create_ctrl()] + - linux 5.10.40-1 + NOTE: https://git.kernel.org/linus/03504e3b54cc8118cc26c064e60a0b00c2308708 (5.13-rc3) +CVE-2021-47073 [platform/x86: dell-smbios-wmi: Fix oops on rmmod dell_smbios] + - linux 5.10.40-1 + [buster] - linux 4.19.194-1 + NOTE: https://git.kernel.org/linus/3a53587423d25c87af4b4126a806a0575104b45e (5.13-rc3) +CVE-2021-47072 [btrfs: fix removed dentries still existing after log is synced] + - linux <not-affected> (Vulnerable code not present) + NOTE: https://git.kernel.org/linus/54a40fc3a1da21b52dbf19f72fdc27a2ec740760 (5.13-rc3) +CVE-2021-47071 [uio_hv_generic: Fix a memory leak in error handling paths] + - linux 5.10.40-1 + [buster] - linux <not-affected> (Vulnerable code not present) + NOTE: https://git.kernel.org/linus/3ee098f96b8b6c1a98f7f97915f8873164e6af9d (5.13-rc3) +CVE-2021-47070 [uio_hv_generic: Fix another memory leak in error handling paths] + - linux 5.14.6-1 + [buster] - linux <not-affected> (Vulnerable code not present) + NOTE: https://git.kernel.org/linus/0b0226be3a52dadd965644bc52a807961c2c26df (5.13-rc3) +CVE-2021-47069 [ipc/mqueue, msg, sem: avoid relying on a stack reference past its expiry] + - linux 5.10.40-1 + [buster] - linux <not-affected> (Vulnerable code not present) + NOTE: https://git.kernel.org/linus/a11ddb37bf367e6b5239b95ca759e5389bb46048 (5.13-rc3) CVE-2024-2078 (A Cross-Site Scripting (XSS) vulnerability has been found in HelpDeskZ ...) NOT-FOR-US: HelpDeskZ CVE-2024-2077 (A vulnerability classified as critical has been found in SourceCodeste ...) View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/6170a53b90ba3d1dccf0556a7f394b948e6262bf -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/6170a53b90ba3d1dccf0556a7f394b948e6262bf You're receiving this email because of your account on salsa.debian.org.
_______________________________________________ debian-security-tracker-commits mailing list [email protected] https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
