Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits: 4496ffc1 by Salvatore Bonaccorso at 2024-03-04T20:48:22+01:00 Merge Linux CVEs from kernel-sec - - - - - 1 changed file: - data/CVE/list Changes: ===================================== data/CVE/list ===================================== @@ -1,3 +1,133 @@ +CVE-2021-47108 [drm/mediatek: hdmi: Perform NULL pointer check for mtk_hdmi_conf] + - linux 5.15.15-1 + [bullseye] - linux <not-affected> (Vulnerable code not present) + [buster] - linux <not-affected> (Vulnerable code not present) + NOTE: https://git.kernel.org/linus/3b8e19a0aa3933a785be9f1541afd8d398c4ec69 (5.16-rc7) +CVE-2021-47107 [NFSD: Fix READDIR buffer overflow] + - linux 5.15.15-1 + [bullseye] - linux <not-affected> (Vulnerable code not present) + [buster] - linux <not-affected> (Vulnerable code not present) + NOTE: https://git.kernel.org/linus/53b1119a6e5028b125f431a0116ba73510d82a72 (5.16-rc7) +CVE-2021-47106 [netfilter: nf_tables: fix use-after-free in nft_set_catchall_destroy()] + - linux 5.15.15-1 + [bullseye] - linux <not-affected> (Vulnerable code not present) + [buster] - linux <not-affected> (Vulnerable code not present) + NOTE: https://git.kernel.org/linus/0f7d9b31ce7abdbb29bf018131ac920c9f698518 (5.16-rc7) +CVE-2021-47105 [ice: xsk: return xsk buffers back to pool when cleaning the ring] + - linux 5.15.15-1 + [buster] - linux <not-affected> (Vulnerable code not present) + NOTE: https://git.kernel.org/linus/afe8a3ba85ec2a6b6849367e25c06a2f8e0ddd05 (5.16-rc7) +CVE-2021-47104 [IB/qib: Fix memory leak in qib_user_sdma_queue_pkts()] + - linux 5.15.15-1 + [bullseye] - linux 5.10.92-1 + [buster] - linux 4.19.232-1 + NOTE: https://git.kernel.org/linus/bee90911e0138c76ee67458ac0d58b38a3190f65 (5.16-rc7) +CVE-2021-47103 [inet: fully convert sk->sk_rx_dst to RCU rules] + - linux 5.15.15-1 + [bullseye] - linux 5.10.158-1 + [buster] - linux 4.19.269-1 + NOTE: https://git.kernel.org/linus/8f905c0e7354ef261360fb7535ea079b1082c105 (5.16-rc7) +CVE-2021-47102 [net: marvell: prestera: fix incorrect structure access] + - linux 5.15.15-1 + [bullseye] - linux <not-affected> (Vulnerable code not present) + [buster] - linux <not-affected> (Vulnerable code not present) + NOTE: https://git.kernel.org/linus/2efc2256febf214e7b2bdaa21fe6c3c3146acdcb (5.16-rc7) +CVE-2021-47101 [asix: fix uninit-value in asix_mdio_read()] + - linux 5.15.15-1 + NOTE: https://git.kernel.org/linus/8035b1a2a37a29d8c717ef84fca8fe7278bc9f03 (5.16-rc7) +CVE-2021-47100 [ipmi: Fix UAF when uninstall ipmi_si and ipmi_msghandler module] + - linux 5.15.15-1 + [bullseye] - linux 5.10.92-1 + [buster] - linux 4.19.232-1 + NOTE: https://git.kernel.org/linus/ffb76a86f8096a8206be03b14adda6092e18e275 (5.16-rc7) +CVE-2021-47099 [veth: ensure skb entering GRO are not cloned.] + - linux 5.15.15-1 + [bullseye] - linux <not-affected> (Vulnerable code not present) + [buster] - linux <not-affected> (Vulnerable code not present) + NOTE: https://git.kernel.org/linus/9695b7de5b4760ed22132aca919570c0190cb0ce (5.16-rc7) +CVE-2021-47098 [hwmon: (lm90) Prevent integer overflow/underflow in hysteresis calculations] + - linux 5.15.15-1 + [bullseye] - linux <not-affected> (Vulnerable code not present) + [buster] - linux <not-affected> (Vulnerable code not present) + NOTE: https://git.kernel.org/linus/55840b9eae5367b5d5b29619dc2fb7e4596dba46 (5.16-rc7) +CVE-2021-47097 [Input: elantech - fix stack out of bound access in elantech_change_report_id()] + - linux 5.15.15-1 + [bullseye] - linux 5.10.92-1 + [buster] - linux <not-affected> (Vulnerable code not present) + NOTE: https://git.kernel.org/linus/1d72d9f960ccf1052a0630a68c3d358791dbdaaa (5.16-rc7) +CVE-2021-47096 [ALSA: rawmidi - fix the uninitalized user_pversion] + - linux 5.15.15-1 + [bullseye] - linux <not-affected> (Vulnerable code not present) + [buster] - linux <not-affected> (Vulnerable code not present) + NOTE: https://git.kernel.org/linus/39a8fc4971a00d22536aeb7d446ee4a97810611b (5.16-rc7) +CVE-2021-47095 [ipmi: ssif: initialize ssif_info->client early] + - linux 5.15.15-1 + [bullseye] - linux 5.10.92-1 + [buster] - linux <not-affected> (Vulnerable code not present) + NOTE: https://git.kernel.org/linus/34f35f8f14bc406efc06ee4ff73202c6fd245d15 (5.16-rc7) +CVE-2021-47094 [KVM: x86/mmu: Don't advance iterator after restart due to yielding] + - linux 5.15.15-1 + [buster] - linux <not-affected> (Vulnerable code not present) + NOTE: https://git.kernel.org/linus/3a0f64de479cae75effb630a2e0a237ca0d0623c (5.16-rc7) +CVE-2021-47093 [platform/x86: intel_pmc_core: fix memleak on registration failure] + - linux 5.15.15-1 + [bullseye] - linux 5.10.92-1 + [buster] - linux <not-affected> (Vulnerable code not present) + NOTE: https://git.kernel.org/linus/26a8b09437804fabfb1db080d676b96c0de68e7c (5.16-rc7) +CVE-2021-47092 [KVM: VMX: Always clear vmx->fail on emulation_required] + - linux 5.15.15-1 + [bullseye] - linux <not-affected> (Vulnerable code not present) + [buster] - linux <not-affected> (Vulnerable code not present) + NOTE: https://git.kernel.org/linus/a80dfc025924024d2c61a4c1b8ef62b2fce76a04 (5.16-rc7) +CVE-2021-47091 [mac80211: fix locking in ieee80211_start_ap error path] + - linux 5.15.15-1 + [bullseye] - linux 5.10.92-1 + [buster] - linux <not-affected> (Vulnerable code not present) + NOTE: https://git.kernel.org/linus/87a270625a89fc841f1a7e21aae6176543d8385c (5.16-rc7) +CVE-2021-47090 [mm/hwpoison: clear MF_COUNT_INCREASED before retrying get_any_page()] + - linux 5.15.15-1 + [bullseye] - linux 5.10.92-1 + [buster] - linux <not-affected> (Vulnerable code not present) + NOTE: https://git.kernel.org/linus/2a57d83c78f889bf3f54eede908d0643c40d5418 (5.16-rc7) +CVE-2021-47089 [kfence: fix memory leak when cat kfence objects] + - linux 5.15.15-1 + [bullseye] - linux <not-affected> (Vulnerable code not present) + [buster] - linux <not-affected> (Vulnerable code not present) + NOTE: https://git.kernel.org/linus/0129ab1f268b6cf88825eae819b9b84aa0a85634 (5.16-rc7) +CVE-2021-47088 [mm/damon/dbgfs: protect targets destructions with kdamond_lock] + - linux 5.15.15-1 + [bullseye] - linux <not-affected> (Vulnerable code not present) + [buster] - linux <not-affected> (Vulnerable code not present) + NOTE: https://git.kernel.org/linus/34796417964b8d0aef45a99cf6c2d20cebe33733 (5.16-rc7) +CVE-2021-47087 [tee: optee: Fix incorrect page free bug] + - linux 5.15.15-1 + [bullseye] - linux 5.10.92-1 + [buster] - linux <not-affected> (Vulnerable code not present) + NOTE: https://git.kernel.org/linus/18549bf4b21c739a9def39f27dcac53e27286ab5 (5.16-rc7) +CVE-2021-47086 [phonet/pep: refuse to enable an unbound pipe] + - linux 5.15.15-1 + [bullseye] - linux 5.10.92-1 + [buster] - linux 4.19.232-1 + NOTE: https://git.kernel.org/linus/75a2f31520095600f650597c0ac41f48b5ba0068 (5.16-rc7) +CVE-2021-47085 [hamradio: improve the incomplete fix to avoid NPD] + - linux 5.15.15-1 + [bullseye] - linux 5.10.92-1 + [buster] - linux 4.19.232-1 + NOTE: https://git.kernel.org/linus/b2f37aead1b82a770c48b5d583f35ec22aabb61e (5.16-rc7) +CVE-2021-47084 [hamradio: defer ax25 kfree after unregister_netdev] + - linux 5.15.15-1 + [bullseye] - linux 5.10.92-1 + [buster] - linux 4.19.232-1 + NOTE: https://git.kernel.org/linus/3e0588c291d6ce225f2b891753ca41d45ba42469 (5.16-rc1) +CVE-2021-47083 [pinctrl: mediatek: fix global-out-of-bounds issue] + - linux 5.15.15-1 + [bullseye] - linux 5.10.92-1 + NOTE: https://git.kernel.org/linus/2d5446da5acecf9c67db1c9d55ae2c3e5de01f8d (5.16-rc7) +CVE-2021-47082 [tun: avoid double free in tun_free_netdev] + - linux 5.15.15-1 + [bullseye] - linux 5.10.136-1 + [buster] - linux 4.19.282-1 + NOTE: https://git.kernel.org/linus/158b515f703e75e7d68289bf4d98c664e1d632df (5.16-rc7) CVE-2024-2156 (A vulnerability was found in SourceCodester Best POS Management System ...) NOT-FOR-US: SourceCodester Best POS Management System CVE-2024-2155 (A vulnerability was found in SourceCodester Best POS Management System ...) View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/4496ffc1be9794f109b9bf9c5996bd0ae9f67909 -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/4496ffc1be9794f109b9bf9c5996bd0ae9f67909 You're receiving this email because of your account on salsa.debian.org.
_______________________________________________ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
