[Git][security-tracker-team/security-tracker][master] Merge Linux CVEs from kernel-sec
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Wed Feb 28 13:19:28 GMT 2024
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
4ff8e90b by Salvatore Bonaccorso at 2024-02-28T14:18:55+01:00
Merge Linux CVEs from kernel-sec
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,3 +1,324 @@
+CVE-2021-47053 [crypto: sun8i-ss - Fix memory leak of pad]
+ - linux 5.10.38-1
+ [buster] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/50274b01ac1689b1a3f6bc4b5b3dbf361a55dd3a (5.13-rc1)
+CVE-2021-47052 [crypto: sa2ul - Fix memory leak of rxd]
+ - linux 5.10.38-1
+ [buster] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/854b7737199848a91f6adfa0a03cf6f0c46c86e8 (5.13-rc1)
+CVE-2021-47051 [spi: fsl-lpspi: Fix PM reference leak in lpspi_prepare_xfer_hardware()]
+ - linux 5.10.38-1
+ [buster] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/a03675497970a93fcf25d81d9d92a59c2d7377a7 (5.13-rc1)
+CVE-2021-47050 [memory: renesas-rpc-if: fix possible NULL pointer dereference of resource]
+ - linux 5.10.38-1
+ [buster] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/59e27d7c94aa02da039b000d33c304c179395801 (5.13-rc1)
+CVE-2021-47049 [Drivers: hv: vmbus: Use after free in __vmbus_open()]
+ - linux 5.10.38-1
+ NOTE: https://git.kernel.org/linus/3e9bf43f7f7a46f21ec071cb47be92d0874c48da (5.13-rc1)
+CVE-2021-47048 [spi: spi-zynqmp-gqspi: fix use-after-free in zynqmp_qspi_exec_op]
+ - linux 5.10.38-1
+ [buster] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/a2c5bedb2d55dd27c642c7b9fb6886d7ad7bdb58 (5.13-rc1)
+CVE-2021-47047 [spi: spi-zynqmp-gqspi: return -ENOMEM if dma_map_single fails]
+ - linux 5.10.38-1
+ [buster] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/126bdb606fd2802454e6048caef1be3e25dd121e (5.13-rc1)
+CVE-2021-47046 [drm/amd/display: Fix off by one in hdmi_14_process_transaction()]
+ - linux 5.10.38-1
+ [buster] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/8e6fafd5a22e7a2eb216f5510db7aab54cc545c1 (5.13-rc1)
+CVE-2021-47045 [scsi: lpfc: Fix null pointer dereference in lpfc_prep_els_iocb()]
+ - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/8dd1c125f7f838abad009b64bff5f0a11afe3cb6 (5.13-rc1)
+CVE-2021-47044 [sched/fair: Fix shift-out-of-bounds in load_balance()]
+ - linux 5.10.38-1
+ [buster] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/39a2a6eb5c9b66ea7c8055026303b3aa681b49a5 (5.13-rc1)
+CVE-2021-47043 [media: venus: core: Fix some resource leaks in the error path of 'venus_probe()']
+ - linux 5.10.38-1
+ [buster] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/5a465c5391a856a0c1e9554964d660676c35d1b2 (5.13-rc1)
+CVE-2021-47042 [drm/amd/display: Free local data after use]
+ - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/616cf23b6cf40ad6f03ffbddfa1b6c4eb68d8ae1 (5.13-rc1)
+CVE-2021-47041 [nvmet-tcp: fix incorrect locking in state_change sk callback]
+ - linux 5.10.38-1
+ [buster] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/b5332a9f3f3d884a1b646ce155e664cc558c1722 (5.13-rc1)
+CVE-2021-47040 [io_uring: fix overflows checks in provide buffers]
+ - linux 5.10.38-1
+ [buster] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/38134ada0ceea3e848fe993263c0ff6207fd46e7 (5.13-rc1)
+CVE-2021-47039 [ataflop: potential out of bounds in do_format()]
+ - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/1ffec389a6431782a8a28805830b6fae9bf00af1 (5.13-rc1)
+CVE-2021-47038 [Bluetooth: avoid deadlock between hci_dev->lock and socket lock]
+ - linux 5.10.38-1
+ [buster] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/17486960d79b900c45e0bb8fbcac0262848582ba (5.13-rc1)
+CVE-2021-47037 [ASoC: q6afe-clocks: fix reprobing of the driver]
+ - linux 5.14.6-1
+ [buster] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/96fadf7e8ff49fdb74754801228942b67c3eeebd (5.13-rc4)
+CVE-2021-47036 [udp: skip L4 aggregation for UDP tunnel packets]
+ - linux 5.14.6-1
+ [buster] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/18f25dc399901426dff61e676ba603ff52c666f7 (5.13-rc1)
+CVE-2021-47035 [iommu/vt-d: Remove WO permissions on second-level paging entries]
+ - linux 5.10.38-1
+ [buster] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/eea53c5816889ee8b64544fa2e9311a81184ff9c (5.13-rc1)
+CVE-2021-47034 [powerpc/64s: Fix pte update for kernel memory on radix]
+ - linux 5.10.38-1
+ [buster] - linux 4.19.194-1
+ NOTE: https://git.kernel.org/linus/b8b2f37cf632434456182e9002d63cbc4cccc50c (5.13-rc1)
+CVE-2021-47033 [mt76: mt7615: fix tx skb dma unmap]
+ - linux 5.10.38-1
+ [buster] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/ebee7885bb12a8fe2c2f9bac87dbd87a05b645f9 (5.13-rc1)
+CVE-2021-47032 [mt76: mt7915: fix tx skb dma unmap]
+ - linux 5.10.38-1
+ [buster] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/7dcf3c04f0aca746517a77433b33d40868ca4749 (5.13-rc1)
+CVE-2021-47031 [mt76: mt7921: fix memory leak in mt7921_coredump_work]
+ - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/782b3e86ea970e899f8e723db9f64708a15ca30e (5.13-rc1)
+CVE-2021-47030 [mt76: mt7615: fix memory leak in mt7615_coredump_work]
+ - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/49cc85059a2cb656f96ff3693f891e8fe8f669a9 (5.13-rc1)
+CVE-2021-47029 [mt76: connac: fix kernel warning adding monitor interface]
+ - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/c996f0346e40e3b1ac2ebaf0681df898fb157f60 (5.13-rc1)
+CVE-2021-47028 [mt76: mt7915: fix txrate reporting]
+ - linux 5.14.6-1
+ [buster] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/f43b941fd61003659a3f0e039595e5e525917aa8 (5.13-rc1)
+CVE-2021-47027 [mt76: mt7921: fix kernel crash when the firmware fails to download]
+ - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/e230f0c44f011f3270680a506b19b7e84c5e8923 (5.13-rc1)
+CVE-2021-47026 [RDMA/rtrs-clt: destroy sysfs after removing session from active list]
+ - linux 5.10.38-1
+ [buster] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/7f4a8592ff29f19c5a2ca549d0973821319afaad (5.13-rc1)
+CVE-2021-47025 [iommu/mediatek: Always enable the clk on resume]
+ - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/b34ea31fe013569d42b7e8681ef3f717f77c5b72 (5.13-rc1)
+CVE-2021-47024 [vsock/virtio: free queued packets when closing socket]
+ - linux 5.10.38-1
+ NOTE: https://git.kernel.org/linus/8432b8114957235f42e070a16118a7f750de9d39 (5.13-rc1)
+CVE-2021-47023 [net: marvell: prestera: fix port event handling on init]
+ - linux 5.10.38-1
+ [buster] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/333980481b99edb24ebd5d1a53af70a15d9146de (5.13-rc1)
+CVE-2021-47022 [mt76: mt7615: fix memleak when mt7615_unregister_device()]
+ - linux 5.10.38-1
+ [buster] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/8ab31da7b89f71c4c2defcca989fab7b42f87d71 (5.13-rc1)
+CVE-2021-47021 [mt76: mt7915: fix memleak when mt7915_unregister_device()]
+ - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/e9d32af478cfc3744a45245c0b126738af4b3ac4 (5.13-rc1)
+CVE-2021-47019 [mt76: mt7921: fix possible invalid register access]
+ - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/fe3fccde8870764ba3e60610774bd7bc9f8faeff (5.13-rc1)
+CVE-2021-47018 [powerpc/64: Fix the definition of the fixmap area]
+ - linux 5.10.38-1
+ [buster] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/9ccba66d4d2aff9a3909aa77d57ea8b7cc166f3c (5.13-rc1)
+CVE-2021-47017 [ath10k: Fix a use after free in ath10k_htc_send_bundle]
+ - linux 5.10.38-1
+ [buster] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/8392df5d7e0b6a7d21440da1fc259f9938f4dec3 (5.13-rc1)
+CVE-2021-47015 [bnxt_en: Fix RX consumer index logic in the error path.]
+ - linux 5.10.38-1
+ NOTE: https://git.kernel.org/linus/bbd6f0a948139970f4a615dff189d9a503681a39 (5.13-rc1)
+CVE-2021-47014 [net/sched: act_ct: fix wild memory access when clearing fragments]
+ - linux 5.14.6-1
+ [buster] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/f77bd544a6bbe69aa50d9ed09f13494cf36ff806 (5.13-rc1)
+CVE-2021-47013 [net:emac/emac-mac: Fix a use after free in emac_mac_tx_buf_send]
+ - linux 5.10.38-1
+ [buster] - linux 4.19.194-1
+ NOTE: https://git.kernel.org/linus/6d72e7c767acbbdd44ebc7d89c6690b405b32b57 (5.13-rc1)
+CVE-2021-47012 [RDMA/siw: Fix a use after free in siw_alloc_mr]
+ - linux 5.10.38-1
+ [buster] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/3093ee182f01689b89e9f8797b321603e5de4f63 (5.13-rc1)
+CVE-2021-47011 [mm: memcontrol: slab: fix obtain a reference to a freeing memcg]
+ - linux 5.10.38-1
+ [buster] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/9f38f03ae8d5f57371b71aa6b4275765b65454fd (5.13-rc1)
+CVE-2021-47010 [net: Only allow init netns to set default tcp cong to a restricted algo]
+ - linux 5.10.38-1
+ [buster] - linux 4.19.194-1
+ NOTE: https://git.kernel.org/linus/8d432592f30fcc34ef5a10aac4887b4897884493 (5.13-rc1)
+CVE-2021-47009 [KEYS: trusted: Fix memory leak on object td]
+ - linux 5.10.38-1
+ [buster] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/83a775d5f9bfda95b1c295f95a3a041a40c7f321 (5.13-rc2)
+CVE-2021-47008 [KVM: SVM: Make sure GHCB is mapped before updating]
+ - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/a3ba26ecfb569f4aa3f867e80c02aa65f20aadad (5.13-rc1)
+CVE-2021-47007 [f2fs: fix panic during f2fs_resize_fs()]
+ - linux 5.10.38-1
+ [buster] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/3ab0598e6d860ef49d029943ba80f627c15c15d6 (5.13-rc1)
+CVE-2021-47006 [ARM: 9064/1: hw_breakpoint: Do not directly check the event's overflow_handler hook]
+ - linux 5.10.38-1
+ [buster] - linux 4.19.194-1
+ NOTE: https://git.kernel.org/linus/a506bd5756290821a4314f502b4bafc2afcf5260 (5.13-rc1)
+CVE-2021-47005 [PCI: endpoint: Fix NULL pointer dereference for ->get_features()]
+ - linux 5.10.38-1
+ [buster] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/6613bc2301ba291a1c5a90e1dc24cf3edf223c03 (5.13-rc1)
+CVE-2021-47004 [f2fs: fix to avoid touching checkpointed data in get_victim()]
+ - linux 5.10.38-1
+ [buster] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/61461fc921b756ae16e64243f72af2bfc2e620db (5.13-rc1)
+CVE-2021-47003 [dmaengine: idxd: Fix potential null dereference on pointer status]
+ - linux 5.10.38-1
+ [buster] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/28ac8e03c43dfc6a703aa420d18222540b801120 (5.13-rc1)
+CVE-2021-47002 [SUNRPC: Fix null pointer dereference in svc_rqst_free()]
+ - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/b9f83ffaa0c096b4c832a43964fe6bff3acffe10 (5.13-rc1)
+CVE-2021-47001 [xprtrdma: Fix cwnd update ordering]
+ - linux 5.10.38-1
+ [buster] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/35d8b10a25884050bb3b0149b62c3818ec59f77c (5.13-rc1)
+CVE-2021-47000 [ceph: fix inode leak on getattr error in __fh_to_dentry]
+ - linux 5.10.38-1
+ [buster] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/1775c7ddacfcea29051c67409087578f8f4d751b (5.13-rc1)
+CVE-2021-46999 [sctp: do asoc update earlier in sctp_sf_do_dupcook_a]
+ - linux 5.10.38-1
+ [buster] - linux 4.19.194-1
+ NOTE: https://git.kernel.org/linus/35b4f24415c854cd718ccdf38dbea6297f010aae (5.13-rc1)
+CVE-2021-46998 [ethernet:enic: Fix a use after free bug in enic_hard_start_xmit]
+ - linux 5.10.38-1
+ [buster] - linux 4.19.194-1
+ NOTE: https://git.kernel.org/linus/643001b47adc844ae33510c4bb93c236667008a3 (5.13-rc1)
+CVE-2021-46997 [arm64: entry: always set GIC_PRIO_PSR_I_SET during entry]
+ - linux 5.10.38-1
+ [buster] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/4d6a38da8e79e94cbd1344aa90876f0f805db705 (5.13-rc1)
+CVE-2021-46996 [netfilter: nftables: Fix a memleak from userdata error path in new objects]
+ - linux 5.10.38-1
+ [buster] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/85dfd816fabfc16e71786eda0a33a7046688b5b0 (5.13-rc1)
+CVE-2021-46995 [can: mcp251xfd: mcp251xfd_probe(): fix an error pointer dereference in probe]
+ - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/4cc7faa406975b460aa674606291dea197c1210c (5.13-rc1)
+CVE-2021-46994 [can: mcp251x: fix resume from sleep before interface was brought up]
+ - linux 5.10.38-1
+ [buster] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/03c427147b2d3e503af258711af4fc792b89b0af (5.13-rc1)
+CVE-2021-46993 [sched: Fix out-of-bound access in uclamp]
+ - linux 5.10.38-1
+ [buster] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/6d2f8909a5fabb73fe2a63918117943986c39b6c (5.13-rc1)
+CVE-2021-46992 [netfilter: nftables: avoid overflows in nft_hash_buckets()]
+ - linux 5.10.38-1
+ [buster] - linux 4.19.194-1
+ NOTE: https://git.kernel.org/linus/a54754ec9891830ba548e2010c889e3c8146e449 (5.13-rc1)
+CVE-2021-46991 [i40e: Fix use-after-free in i40e_client_subtask()]
+ - linux 5.10.38-1
+ [buster] - linux 4.19.194-1
+ NOTE: https://git.kernel.org/linus/38318f23a7ef86a8b1862e5e8078c4de121960c3 (5.13-rc1)
+CVE-2021-46990 [powerpc/64s: Fix crashes when toggling entry flush barrier]
+ - linux 5.10.38-1
+ [buster] - linux 4.19.194-1
+ NOTE: https://git.kernel.org/linus/aec86b052df6541cc97c5fca44e5934cbea4963b (5.13-rc2)
+CVE-2021-46989 [hfsplus: prevent corruption in shrinking truncate]
+ - linux 5.10.38-1
+ [buster] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/c3187cf32216313fb316084efac4dab3a8459b1d (5.13-rc2)
+CVE-2021-46988 [userfaultfd: release page in error path to avoid BUG_ON]
+ - linux 5.10.38-1
+ [buster] - linux 4.19.194-1
+ NOTE: https://git.kernel.org/linus/7ed9d238c7dbb1fdb63ad96a6184985151b0171c (5.13-rc2)
+CVE-2021-46987 [btrfs: fix deadlock when cloning inline extents and using qgroups]
+ - linux 5.14.6-1
+ [buster] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/f9baa501b4fd6962257853d46ddffbc21f27e344 (5.13-rc2)
+CVE-2021-46986 [usb: dwc3: gadget: Free gadget structure only after freeing endpoints]
+ - linux 5.10.38-1
+ [buster] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/bb9c74a5bd1462499fe5ccb1e3c5ac40dcfa9139 (5.13-rc2)
+CVE-2021-46985 [ACPI: scan: Fix a memory leak in an error handling path]
+ - linux 5.10.38-1
+ [buster] - linux 4.19.194-1
+ NOTE: https://git.kernel.org/linus/0c8bd174f0fc131bc9dfab35cd8784f59045da87 (5.13-rc2)
+CVE-2021-46984 [kyber: fix out of bounds access when preempted]
+ - linux 5.10.38-1
+ NOTE: https://git.kernel.org/linus/efed9a3337e341bd0989161b97453b52567bc59d (5.13-rc2)
+CVE-2021-46983 [nvmet-rdma: Fix NULL deref when SEND is completed with error]
+ - linux 5.10.38-1
+ [buster] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/8cc365f9559b86802afc0208389f5c8d46b4ad61 (5.13-rc2)
+CVE-2021-46982 [f2fs: compress: fix race condition of overwrite vs truncate]
+ - linux 5.10.38-1
+ [buster] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/a949dc5f2c5cfe0c910b664650f45371254c0744 (5.13-rc2)
+CVE-2021-46981 [nbd: Fix NULL pointer in flush_workqueue]
+ - linux 5.10.38-1
+ NOTE: https://git.kernel.org/linus/79ebe9110fa458d58f1fceb078e2068d7ad37390 (5.13-rc2)
+CVE-2021-46980 [usb: typec: ucsi: Retrieve all the PDOs instead of just the first 4]
+ - linux 5.10.38-1
+ [buster] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/1f4642b72be79757f050924a9b9673b6a02034bc (5.13-rc2)
+CVE-2021-46979 [iio: core: fix ioctl handlers removal]
+ - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/901f84de0e16bde10a72d7eb2f2eb73fcde8fa1a (5.13-rc2)
+CVE-2021-46978 [KVM: nVMX: Always make an attempt to map eVMCS after migration]
+ - linux 5.10.38-1
+ [buster] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/f5c7e8425f18fdb9bdb7d13340651d7876890329 (5.13-rc2)
+CVE-2021-46977 [KVM: VMX: Disable preemption when probing user return MSRs]
+ - linux 5.10.38-1
+ [buster] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/5104d7ffcf24749939bea7fdb5378d186473f890 (5.13-rc2)
+CVE-2021-46976 [drm/i915: Fix crash in auto_retire]
+ - linux 5.10.38-1
+ [buster] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/402be8a101190969fc7ff122d07e262df86e132b (5.13-rc2)
+CVE-2020-36787 [media: aspeed: fix clock handling logic]
+ - linux 5.10.38-1
+ [buster] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/3536169f8531c2c5b153921dc7d1ac9fd570cda7 (5.13-rc1)
+CVE-2020-36786 [media: [next] staging: media: atomisp: fix memory leak of object flash]
+ - linux 5.10.38-1
+ [buster] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/6045b01dd0e3cd3759eafe7f290ed04c957500b1 (5.13-rc1)
+CVE-2020-36785 [media: atomisp: Fix use after free in atomisp_alloc_css_stat_bufs()]
+ - linux 5.10.38-1
+ [buster] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/ba11bbf303fafb33989e95473e409f6ab412b18d (5.13-rc1)
+CVE-2020-36784 [i2c: cadence: fix reference leak when pm_runtime_get_sync fails]
+ - linux 5.10.38-1
+ NOTE: https://git.kernel.org/linus/23ceb8462dc6f4b4decdb5536a7e5fc477cdf0b6 (5.13-rc1)
+CVE-2020-36783 [i2c: img-scb: fix reference leak when pm_runtime_get_sync fails]
+ - linux 5.10.38-1
+ NOTE: https://git.kernel.org/linus/223125e37af8a641ea4a09747a6a52172fc4b903 (5.13-rc1)
+CVE-2020-36782 [i2c: imx-lpi2c: fix reference leak when pm_runtime_get_sync fails]
+ - linux 5.10.38-1
+ NOTE: https://git.kernel.org/linus/278e5bbdb9a94fa063c0f9bcde2479d0b8042462 (5.13-rc1)
+CVE-2020-36781 [i2c: imx: fix reference leak when pm_runtime_get_sync fails]
+ - linux 5.10.38-1
+ [buster] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/47ff617217ca6a13194fcb35c6c3a0c57c080693 (5.13-rc1)
+CVE-2020-36780 [i2c: sprd: fix reference leak when pm_runtime_get_sync fails]
+ - linux 5.10.38-1
+ NOTE: https://git.kernel.org/linus/3a4f326463117cee3adcb72999ca34a9aaafda93 (5.13-rc1)
+CVE-2020-36779 [i2c: stm32f7: fix reference leak when pm_runtime_get_sync fails]
+ - linux 5.10.38-1
+ [buster] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/2c662660ce2bd3b09dae21a9a9ac9395e1e6c00b (5.13-rc1)
+CVE-2020-36778 [i2c: xiic: fix reference leak when pm_runtime_get_sync fails]
+ - linux 5.10.38-1
+ [buster] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/a85c5c7a3aa8041777ff691400b4046e56149fd3 (5.13-rc1)
CVE-2023-51786
- lustre <removed>
NOTE: http://lists.lustre.org/pipermail/lustre-announce-lustre.org/2024/000270.html
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/4ff8e90b861ad262aca089501e4bac4f812e933b
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/4ff8e90b861ad262aca089501e4bac4f812e933b
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20240228/a0b6ba53/attachment-0001.htm>
More information about the debian-security-tracker-commits
mailing list