Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits: ecfc3181 by Salvatore Bonaccorso at 2024-05-22T10:59:02+02:00 Merge Linux CVEs from kernel-sec - - - - - 1 changed file: - data/CVE/list Changes: ===================================== data/CVE/list ===================================== @@ -1,3 +1,119 @@ +CVE-2021-47498 [dm rq: don't queue request to blk-mq during DM suspend] + - linux 5.14.16-1 + NOTE: https://git.kernel.org/linus/b4459b11e84092658fa195a2587aff3b9637f0e7 (5.15-rc6) +CVE-2021-47497 [nvmem: Fix shift-out-of-bound (UBSAN) with byte size cells] + - linux 5.14.16-1 + [bullseye] - linux 5.10.84-1 + [buster] - linux 4.19.232-1 + NOTE: https://git.kernel.org/linus/5d388fa01fa6eb310ac023a363a6cb216d9d8fe9 (5.15-rc6) +CVE-2021-47496 [net/tls: Fix flipped sign in tls_err_abort() calls] + - linux 5.15.3-1 + [bullseye] - linux 5.10.84-1 + NOTE: https://git.kernel.org/linus/da353fac65fede6b8b4cfe207f0d9408e3121105 (5.15) +CVE-2021-47495 [usbnet: sanity check for maxpacket] + - linux 5.14.16-1 + [bullseye] - linux 5.10.84-1 + [buster] - linux 4.19.232-1 + NOTE: https://git.kernel.org/linus/397430b50a363d8b7bdda00522123f82df6adc5e (5.15-rc7) +CVE-2021-47494 [cfg80211: fix management registrations locking] + - linux 5.15.3-1 + [bullseye] - linux 5.10.84-1 + [buster] - linux <not-affected> (Vulnerable code not present) + NOTE: https://git.kernel.org/linus/09b1d5dc6ce1c9151777f6c4e128a59457704c97 (5.15) +CVE-2021-47493 [ocfs2: fix race between searching chunks and release journal_head from buffer_head] + - linux 5.15.3-1 + [bullseye] - linux 5.10.84-1 + NOTE: https://git.kernel.org/linus/6f1b228529ae49b0f85ab89bcdb6c365df401558 (5.15) +CVE-2021-47492 [mm, thp: bail out early in collapse_file for writeback page] + - linux 5.15.3-1 + [bullseye] - linux 5.10.84-1 + [buster] - linux <not-affected> (Vulnerable code not present) + NOTE: https://git.kernel.org/linus/74c42e1baacf206338b1dd6b6199ac964512b5bb (5.15) +CVE-2021-47491 [mm: khugepaged: skip huge page collapse for special files] + - linux 5.15.3-1 + [bullseye] - linux 5.10.84-1 + [buster] - linux <not-affected> (Vulnerable code not present) + NOTE: https://git.kernel.org/linus/a4aeaa06d45e90f9b279f0b09de84bd00006e733 (5.15) +CVE-2021-47490 [drm/ttm: fix memleak in ttm_transfered_destroy] + - linux 5.15.3-1 + [bullseye] - linux 5.10.84-1 + NOTE: https://git.kernel.org/linus/0db55f9a1bafbe3dac750ea669de9134922389b5 (5.15) +CVE-2021-47489 [drm/amdgpu: Fix even more out of bound writes from debugfs] + - linux 5.15.3-1 + [buster] - linux <not-affected> (Vulnerable code not present) + NOTE: https://git.kernel.org/linus/3f4e54bd312d3dafb59daf2b97ffa08abebe60f5 (5.15) +CVE-2021-47488 [cgroup: Fix memory leak caused by missing cgroup_bpf_offline] + - linux 5.15.3-1 + [bullseye] - linux 5.10.84-1 + [buster] - linux <not-affected> (Vulnerable code not present) + NOTE: https://git.kernel.org/linus/04f8ef5643bcd8bcde25dfdebef998aea480b2ba (5.15) +CVE-2021-47487 [drm/amdgpu: fix out of bounds write] + - linux 5.15.3-1 + [bullseye] - linux 5.10.84-1 + NOTE: https://git.kernel.org/linus/5afa7898ab7a0ec9c28556a91df714bf3c2f725e (5.15) +CVE-2021-47486 [riscv, bpf: Fix potential NULL dereference] + - linux 5.15.3-1 + [bullseye] - linux 5.10.84-1 + [buster] - linux <not-affected> (Vulnerable code not present) + NOTE: https://git.kernel.org/linus/27de809a3d83a6199664479ebb19712533d6fd9b (5.15) +CVE-2021-47485 [IB/qib: Protect from buffer overflow in struct qib_user_sdma_pkt fields] + - linux 5.15.3-1 + [bullseye] - linux 5.10.84-1 + [buster] - linux 4.19.232-1 + NOTE: https://git.kernel.org/linus/d39bf40e55e666b5905fdbd46a0dced030ce87be (5.15) +CVE-2021-47484 [octeontx2-af: Fix possible null pointer dereference.] + - linux 5.15.3-1 + [buster] - linux <not-affected> (Vulnerable code not present) + NOTE: https://git.kernel.org/linus/c2d4c543f74c90f883e8ec62a31973ae8807d354 (5.15) +CVE-2021-47483 [regmap: Fix possible double-free in regcache_rbtree_exit()] + - linux 5.15.3-1 + [bullseye] - linux 5.10.84-1 + [buster] - linux 4.19.232-1 + NOTE: https://git.kernel.org/linus/55e6d8037805b3400096d621091dfbf713f97e83 (5.15) +CVE-2021-47482 [net: batman-adv: fix error handling] + - linux 5.15.3-1 + [bullseye] - linux 5.10.84-1 + [buster] - linux 4.19.232-1 + NOTE: https://git.kernel.org/linus/6f68cd634856f8ca93bafd623ba5357e0f648c68 (5.15) +CVE-2021-47481 [RDMA/mlx5: Initialize the ODP xarray when creating an ODP MR] + - linux 5.15.3-1 + [bullseye] - linux <not-affected> (Vulnerable code not present) + [buster] - linux <not-affected> (Vulnerable code not present) + NOTE: https://git.kernel.org/linus/5508546631a0f555d7088203dec2614e41b5106e (5.15) +CVE-2021-47480 [scsi: core: Put LLD module refcnt after SCSI device is released] + - linux 5.15.3-1 + [bullseye] - linux 5.10.84-1 + [buster] - linux 4.19.232-1 + NOTE: https://git.kernel.org/linus/f2b85040acec9a928b4eb1b57a989324e8e38d3f (5.15-rc7) +CVE-2021-47479 [staging: rtl8712: fix use-after-free in rtl8712_dl_fw] + - linux 5.15.3-1 + [bullseye] - linux 5.10.84-1 + NOTE: https://git.kernel.org/linus/c052cc1a069c3e575619cf64ec427eb41176ca70 (5.16-rc1) +CVE-2021-47478 [isofs: Fix out of bound access for corrupted isofs image] + - linux 5.15.3-1 + [bullseye] - linux 5.10.84-1 + [buster] - linux 4.19.232-1 + NOTE: https://git.kernel.org/linus/e96a1866b40570b5950cda8602c2819189c62a48 (5.16-rc1) +CVE-2021-47477 [comedi: dt9812: fix DMA buffers on stack] + - linux 5.15.3-1 + [bullseye] - linux 5.10.84-1 + [buster] - linux 4.19.232-1 + NOTE: https://git.kernel.org/linus/536de747bc48262225889a533db6650731ab25d3 (5.16-rc1) +CVE-2021-47476 [comedi: ni_usb6501: fix NULL-deref in command paths] + - linux 5.15.3-1 + [bullseye] - linux 5.10.84-1 + [buster] - linux 4.19.232-1 + NOTE: https://git.kernel.org/linus/907767da8f3a925b060c740e0b5c92ea7dbec440 (5.16-rc1) +CVE-2021-47475 [comedi: vmk80xx: fix transfer-buffer overflows] + - linux 5.15.3-1 + [bullseye] - linux 5.10.84-1 + [buster] - linux 4.19.232-1 + NOTE: https://git.kernel.org/linus/a23461c47482fc232ffc9b819539d1f837adf2b1 (5.16-rc1) +CVE-2021-47474 [comedi: vmk80xx: fix bulk-buffer overflow] + - linux 5.15.3-1 + [bullseye] - linux 5.10.84-1 + [buster] - linux 4.19.232-1 + NOTE: https://git.kernel.org/linus/78cdfd62bd54af615fba9e3ca1ba35de39d3871d (5.16-rc1) CVE-2024-5190 REJECTED CVE-2024-5147 (The WPZOOM Addons for Elementor (Templates, Widgets) plugin for WordPr ...) View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/ecfc3181e7118075e59dddca19ecbf258545b612 -- This project does not include diff previews in email notifications. View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/ecfc3181e7118075e59dddca19ecbf258545b612 You're receiving this email because of your account on salsa.debian.org.
_______________________________________________ debian-security-tracker-commits mailing list [email protected] https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
