[Git][security-tracker-team/security-tracker][master] Merge Linux CVEs from kernel-sec

Salvatore Bonaccorso (@carnil) carnil at debian.org
Thu Feb 29 23:07:02 GMT 2024 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
cc6af110 by Salvatore Bonaccorso at 2024-03-01T00:06:46+01:00
Merge Linux CVEs from kernel-sec

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,3 +1,59 @@
+CVE-2021-47068 [net/nfc: fix use-after-free llcp_sock_bind/connect]
+	- linux 5.10.38-1
+	[buster] - linux 4.19.194-1
+	NOTE: https://git.kernel.org/linus/c61760e6940dd4039a7f5e84a6afc9cdbf4d82b6 (5.13-rc1)
+CVE-2021-47067 [soc/tegra: regulators: Fix locking up when voltage-spread is out of range]
+	- linux 5.10.38-1
+	[buster] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/ef85bb582c41524e9e68dfdbde48e519dac4ab3d (5.13-rc1)
+CVE-2021-47066 [async_xor: increase src_offs when dropping destination page]
+	- linux 5.10.38-1
+	[buster] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/ceaf2966ab082bbc4d26516f97b3ca8a676e2af8 (5.13-rc1)
+CVE-2021-47065 [rtw88: Fix array overrun in rtw_get_tx_power_params()]
+	- linux 5.10.38-1
+	[buster] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/2ff25985ea9ccc6c9af2c77b0b49045adcc62e0e (5.13-rc1)
+CVE-2021-47064 [mt76: fix potential DMA mapping leak]
+	- linux 5.10.38-1
+	[buster] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/b4403cee6400c5f679e9c4a82b91d61aa961eccf (5.13-rc1)
+CVE-2021-47063 [drm: bridge/panel: Cleanup connector on bridge detach]
+	- linux 5.10.38-1
+	NOTE: https://git.kernel.org/linus/4d906839d321c2efbf3fed4bc31ffd9ff55b75c0 (5.13-rc1)
+CVE-2021-47062 [KVM: SVM: Use online_vcpus, not created_vcpus, to iterate over vCPUs]
+	- linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/c36b16d29f3af5f32fc1b2a3401bf48f71cabee1 (5.13-rc1)
+CVE-2021-47061 [KVM: Destroy I/O bus devices on unregister failure _after_ sync'ing SRCU]
+	- linux 5.10.38-1
+	NOTE: https://git.kernel.org/linus/2ee3757424be7c1cd1d0bbfa6db29a7edd82a250 (5.13-rc1)
+CVE-2021-47060 [KVM: Stop looking for coalesced MMIO zones if the bus is destroyed]
+	- linux 5.10.38-1
+	NOTE: https://git.kernel.org/linus/5d3c4c79384af06e3c8e25b7770b6247496b4417 (5.13-rc1)
+CVE-2021-47059 [crypto: sun8i-ss - fix result memory leak on error path]
+	- linux 5.10.38-1
+	[buster] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/1dbc6a1e25be8575d6c4114d1d2b841a796507f7 (5.13-rc1)
+CVE-2021-47058 [regmap: set debugfs_name to NULL after it is freed]
+	- linux 5.10.38-1
+	[buster] - linux 4.19.194-1
+	NOTE: https://git.kernel.org/linus/e41a962f82e7afb5b1ee644f48ad0b3aee656268 (5.13-rc1)
+CVE-2021-47057 [crypto: sun8i-ss - Fix memory leak of object d when dma_iv fails to map]
+	- linux 5.10.38-1
+	[buster] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/98b5ef3e97b16eaeeedb936f8bda3594ff84a70e (5.13-rc1)
+CVE-2021-47056 [crypto: qat - ADF_STATUS_PF_RUNNING should be set after adf_dev_init]
+	- linux 5.10.38-1
+	[buster] - linux 4.19.194-1
+	NOTE: https://git.kernel.org/linus/8609f5cfdc872fc3a462efa6a3eca5cb1e2f6446 (5.13-rc1)
+CVE-2021-47055 [mtd: require write permissions for locking and badblock ioctls]
+	- linux 5.10.38-1
+	[buster] - linux 4.19.194-1
+	NOTE: https://git.kernel.org/linus/1e97743fd180981bef5f01402342bb54bf1c6366 (5.13-rc1)
+CVE-2021-47054 [bus: qcom: Put child node before return]
+	- linux 5.10.38-1
+	[buster] - linux 4.19.194-1
+	NOTE: https://git.kernel.org/linus/ac6ad7c2a862d682bb584a4bc904d89fa7721af8 (5.13-rc1)
 CVE-2021-47020 [soundwire: stream: fix memory leak in stream config error path]
 	- linux 5.10.38-1
 	[buster] - linux 4.19.194-1



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/cc6af1107bed628b4ba7ca6c9d9078ac0dfe86f6

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/cc6af1107bed628b4ba7ca6c9d9078ac0dfe86f6
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20240229/851fdff7/attachment.htm>

More information about the debian-security-tracker-commits mailing list