[Git][security-tracker-team/security-tracker][master] Merge Linux CVEs from kernel-sec
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Wed May 22 10:00:02 BST 2024
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
ecfc3181 by Salvatore Bonaccorso at 2024-05-22T10:59:02+02:00
Merge Linux CVEs from kernel-sec
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,3 +1,119 @@
+CVE-2021-47498 [dm rq: don't queue request to blk-mq during DM suspend]
+ - linux 5.14.16-1
+ NOTE: https://git.kernel.org/linus/b4459b11e84092658fa195a2587aff3b9637f0e7 (5.15-rc6)
+CVE-2021-47497 [nvmem: Fix shift-out-of-bound (UBSAN) with byte size cells]
+ - linux 5.14.16-1
+ [bullseye] - linux 5.10.84-1
+ [buster] - linux 4.19.232-1
+ NOTE: https://git.kernel.org/linus/5d388fa01fa6eb310ac023a363a6cb216d9d8fe9 (5.15-rc6)
+CVE-2021-47496 [net/tls: Fix flipped sign in tls_err_abort() calls]
+ - linux 5.15.3-1
+ [bullseye] - linux 5.10.84-1
+ NOTE: https://git.kernel.org/linus/da353fac65fede6b8b4cfe207f0d9408e3121105 (5.15)
+CVE-2021-47495 [usbnet: sanity check for maxpacket]
+ - linux 5.14.16-1
+ [bullseye] - linux 5.10.84-1
+ [buster] - linux 4.19.232-1
+ NOTE: https://git.kernel.org/linus/397430b50a363d8b7bdda00522123f82df6adc5e (5.15-rc7)
+CVE-2021-47494 [cfg80211: fix management registrations locking]
+ - linux 5.15.3-1
+ [bullseye] - linux 5.10.84-1
+ [buster] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/09b1d5dc6ce1c9151777f6c4e128a59457704c97 (5.15)
+CVE-2021-47493 [ocfs2: fix race between searching chunks and release journal_head from buffer_head]
+ - linux 5.15.3-1
+ [bullseye] - linux 5.10.84-1
+ NOTE: https://git.kernel.org/linus/6f1b228529ae49b0f85ab89bcdb6c365df401558 (5.15)
+CVE-2021-47492 [mm, thp: bail out early in collapse_file for writeback page]
+ - linux 5.15.3-1
+ [bullseye] - linux 5.10.84-1
+ [buster] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/74c42e1baacf206338b1dd6b6199ac964512b5bb (5.15)
+CVE-2021-47491 [mm: khugepaged: skip huge page collapse for special files]
+ - linux 5.15.3-1
+ [bullseye] - linux 5.10.84-1
+ [buster] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/a4aeaa06d45e90f9b279f0b09de84bd00006e733 (5.15)
+CVE-2021-47490 [drm/ttm: fix memleak in ttm_transfered_destroy]
+ - linux 5.15.3-1
+ [bullseye] - linux 5.10.84-1
+ NOTE: https://git.kernel.org/linus/0db55f9a1bafbe3dac750ea669de9134922389b5 (5.15)
+CVE-2021-47489 [drm/amdgpu: Fix even more out of bound writes from debugfs]
+ - linux 5.15.3-1
+ [buster] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/3f4e54bd312d3dafb59daf2b97ffa08abebe60f5 (5.15)
+CVE-2021-47488 [cgroup: Fix memory leak caused by missing cgroup_bpf_offline]
+ - linux 5.15.3-1
+ [bullseye] - linux 5.10.84-1
+ [buster] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/04f8ef5643bcd8bcde25dfdebef998aea480b2ba (5.15)
+CVE-2021-47487 [drm/amdgpu: fix out of bounds write]
+ - linux 5.15.3-1
+ [bullseye] - linux 5.10.84-1
+ NOTE: https://git.kernel.org/linus/5afa7898ab7a0ec9c28556a91df714bf3c2f725e (5.15)
+CVE-2021-47486 [riscv, bpf: Fix potential NULL dereference]
+ - linux 5.15.3-1
+ [bullseye] - linux 5.10.84-1
+ [buster] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/27de809a3d83a6199664479ebb19712533d6fd9b (5.15)
+CVE-2021-47485 [IB/qib: Protect from buffer overflow in struct qib_user_sdma_pkt fields]
+ - linux 5.15.3-1
+ [bullseye] - linux 5.10.84-1
+ [buster] - linux 4.19.232-1
+ NOTE: https://git.kernel.org/linus/d39bf40e55e666b5905fdbd46a0dced030ce87be (5.15)
+CVE-2021-47484 [octeontx2-af: Fix possible null pointer dereference.]
+ - linux 5.15.3-1
+ [buster] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/c2d4c543f74c90f883e8ec62a31973ae8807d354 (5.15)
+CVE-2021-47483 [regmap: Fix possible double-free in regcache_rbtree_exit()]
+ - linux 5.15.3-1
+ [bullseye] - linux 5.10.84-1
+ [buster] - linux 4.19.232-1
+ NOTE: https://git.kernel.org/linus/55e6d8037805b3400096d621091dfbf713f97e83 (5.15)
+CVE-2021-47482 [net: batman-adv: fix error handling]
+ - linux 5.15.3-1
+ [bullseye] - linux 5.10.84-1
+ [buster] - linux 4.19.232-1
+ NOTE: https://git.kernel.org/linus/6f68cd634856f8ca93bafd623ba5357e0f648c68 (5.15)
+CVE-2021-47481 [RDMA/mlx5: Initialize the ODP xarray when creating an ODP MR]
+ - linux 5.15.3-1
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ [buster] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/5508546631a0f555d7088203dec2614e41b5106e (5.15)
+CVE-2021-47480 [scsi: core: Put LLD module refcnt after SCSI device is released]
+ - linux 5.15.3-1
+ [bullseye] - linux 5.10.84-1
+ [buster] - linux 4.19.232-1
+ NOTE: https://git.kernel.org/linus/f2b85040acec9a928b4eb1b57a989324e8e38d3f (5.15-rc7)
+CVE-2021-47479 [staging: rtl8712: fix use-after-free in rtl8712_dl_fw]
+ - linux 5.15.3-1
+ [bullseye] - linux 5.10.84-1
+ NOTE: https://git.kernel.org/linus/c052cc1a069c3e575619cf64ec427eb41176ca70 (5.16-rc1)
+CVE-2021-47478 [isofs: Fix out of bound access for corrupted isofs image]
+ - linux 5.15.3-1
+ [bullseye] - linux 5.10.84-1
+ [buster] - linux 4.19.232-1
+ NOTE: https://git.kernel.org/linus/e96a1866b40570b5950cda8602c2819189c62a48 (5.16-rc1)
+CVE-2021-47477 [comedi: dt9812: fix DMA buffers on stack]
+ - linux 5.15.3-1
+ [bullseye] - linux 5.10.84-1
+ [buster] - linux 4.19.232-1
+ NOTE: https://git.kernel.org/linus/536de747bc48262225889a533db6650731ab25d3 (5.16-rc1)
+CVE-2021-47476 [comedi: ni_usb6501: fix NULL-deref in command paths]
+ - linux 5.15.3-1
+ [bullseye] - linux 5.10.84-1
+ [buster] - linux 4.19.232-1
+ NOTE: https://git.kernel.org/linus/907767da8f3a925b060c740e0b5c92ea7dbec440 (5.16-rc1)
+CVE-2021-47475 [comedi: vmk80xx: fix transfer-buffer overflows]
+ - linux 5.15.3-1
+ [bullseye] - linux 5.10.84-1
+ [buster] - linux 4.19.232-1
+ NOTE: https://git.kernel.org/linus/a23461c47482fc232ffc9b819539d1f837adf2b1 (5.16-rc1)
+CVE-2021-47474 [comedi: vmk80xx: fix bulk-buffer overflow]
+ - linux 5.15.3-1
+ [bullseye] - linux 5.10.84-1
+ [buster] - linux 4.19.232-1
+ NOTE: https://git.kernel.org/linus/78cdfd62bd54af615fba9e3ca1ba35de39d3871d (5.16-rc1)
CVE-2024-5190
REJECTED
CVE-2024-5147 (The WPZOOM Addons for Elementor (Templates, Widgets) plugin for WordPr ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/ecfc3181e7118075e59dddca19ecbf258545b612
--
This project does not include diff previews in email notifications.
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/ecfc3181e7118075e59dddca19ecbf258545b612
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20240522/fb05ad13/attachment.htm>
More information about the debian-security-tracker-commits
mailing list