[Git][security-tracker-team/security-tracker][master] Merge Linux CVEs from kernel-sec

Fri Mar 1 21:47:40 GMT 2024


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
6170a53b by Salvatore Bonaccorso at 2024-03-01T22:46:55+01:00
Merge Linux CVEs from kernel-sec

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,3 +1,49 @@
+CVE-2021-47081 [habanalabs/gaudi: Fix a potential use after free in gaudi_memset_device_memory]
+	- linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/115726c5d312b462c9d9931ea42becdfa838a076 (5.13-rc3)
+CVE-2021-47080 [RDMA/core: Prevent divide-by-zero error triggered by the user]
+	- linux 5.10.40-1
+	[buster] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/54d87913f147a983589923c7f651f97de9af5be1 (5.13-rc3)
+CVE-2021-47079 [platform/x86: ideapad-laptop: fix a NULL pointer dereference]
+	- linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/ff67dbd554b2aaa22be933eced32610ff90209dd (5.13-rc3)
+CVE-2021-47078 [RDMA/rxe: Clear all QP fields if creation failed]
+	- linux 5.10.40-1
+	[buster] - linux 4.19.194-1
+	NOTE: https://git.kernel.org/linus/67f29896fdc83298eed5a6576ff8f9873f709228 (5.13-rc3)
+CVE-2021-47077 [scsi: qedf: Add pointer checks in qedf_update_link_speed()]
+	- linux 5.10.40-1
+	NOTE: https://git.kernel.org/linus/73578af92a0fae6609b955fcc9113e50e413c80f (5.13-rc3)
+CVE-2021-47076 [RDMA/rxe: Return CQE error if invalid lkey was supplied]
+	- linux 5.14.6-1
+	NOTE: https://git.kernel.org/linus/dc07628bd2bbc1da768e265192c28ebd301f509d (5.13-rc3)
+CVE-2021-47075 [nvmet: fix memory leak in nvmet_alloc_ctrl()]
+	- linux 5.10.40-1
+	[buster] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/fec356a61aa3d3a66416b4321f1279e09e0f256f (5.13-rc3)
+CVE-2021-47074 [nvme-loop: fix memory leak in nvme_loop_create_ctrl()]
+	- linux 5.10.40-1
+	NOTE: https://git.kernel.org/linus/03504e3b54cc8118cc26c064e60a0b00c2308708 (5.13-rc3)
+CVE-2021-47073 [platform/x86: dell-smbios-wmi: Fix oops on rmmod dell_smbios]
+	- linux 5.10.40-1
+	[buster] - linux 4.19.194-1
+	NOTE: https://git.kernel.org/linus/3a53587423d25c87af4b4126a806a0575104b45e (5.13-rc3)
+CVE-2021-47072 [btrfs: fix removed dentries still existing after log is synced]
+	- linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/54a40fc3a1da21b52dbf19f72fdc27a2ec740760 (5.13-rc3)
+CVE-2021-47071 [uio_hv_generic: Fix a memory leak in error handling paths]
+	- linux 5.10.40-1
+	[buster] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/3ee098f96b8b6c1a98f7f97915f8873164e6af9d (5.13-rc3)
+CVE-2021-47070 [uio_hv_generic: Fix another memory leak in error handling paths]
+	- linux 5.14.6-1
+	[buster] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/0b0226be3a52dadd965644bc52a807961c2c26df (5.13-rc3)
+CVE-2021-47069 [ipc/mqueue, msg, sem: avoid relying on a stack reference past its expiry]
+	- linux 5.10.40-1
+	[buster] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/a11ddb37bf367e6b5239b95ca759e5389bb46048 (5.13-rc3)
 CVE-2024-2078 (A Cross-Site Scripting (XSS) vulnerability has been found in HelpDeskZ ...)
 	NOT-FOR-US: HelpDeskZ
 CVE-2024-2077 (A vulnerability classified as critical has been found in SourceCodeste ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/6170a53b90ba3d1dccf0556a7f394b948e6262bf

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/6170a53b90ba3d1dccf0556a7f394b948e6262bf
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20240301/025b7108/attachment.htm>
