[Git][security-tracker-team/security-tracker][master] Merge Linux CVEs from kernel-sec

Salvatore Bonaccorso (@carnil) carnil at debian.org
Fri May 24 16:35:01 BST 2024



Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
c8b2075c by Salvatore Bonaccorso at 2024-05-24T17:33:15+02:00
Merge Linux CVEs from kernel-sec

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,3 +1,358 @@
+CVE-2021-47572 [net: nexthop: fix null pointer dereference when IPv6 is not enabled]
+	- linux 5.15.15-1
+	[bullseye] - linux 5.10.84-1
+	[buster] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/1c743127cc54b112b155f434756bd4b5fa565a99 (5.16-rc3)
+CVE-2021-47571 [staging: rtl8192e: Fix use after free in _rtl92e_pci_disconnect()]
+	- linux 5.15.15-1
+	[bullseye] - linux 5.10.84-1
+	[buster] - linux 4.19.232-1
+	NOTE: https://git.kernel.org/linus/b535917c51acc97fb0761b1edec85f1f3d02bda4 (5.16-rc3)
+CVE-2021-47570 [staging: r8188eu: fix a memory leak in rtw_wx_read32()]
+	- linux 5.15.15-1
+	[bullseye] - linux <not-affected> (Vulnerable code not present)
+	[buster] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/be4ea8f383551b9dae11b8dfff1f38b3b5436e9a (5.16-rc3)
+CVE-2021-47569 [io_uring: fail cancellation for EXITING tasks]
+	- linux 5.15.15-1
+	[bullseye] - linux <not-affected> (Vulnerable code not present)
+	[buster] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/617a89484debcd4e7999796d693cf0b77d2519de (5.16-rc3)
+CVE-2021-47568 [ksmbd: fix memleak in get_file_stream_info()]
+	- linux 5.15.15-1
+	[bullseye] - linux <not-affected> (Vulnerable code not present)
+	[buster] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/178ca6f85aa3231094467691f5ea1ff2f398aa8d (5.16-rc3)
+CVE-2021-47567 [powerpc/32: Fix hardlockup on vmap stack overflow]
+	- linux 5.15.15-1
+	[bullseye] - linux 5.10.84-1
+	[buster] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/5bb60ea611db1e04814426ed4bd1c95d1487678e (5.16-rc3)
+CVE-2021-47566 [proc/vmcore: fix clearing user buffer by properly using clear_user()]
+	- linux 5.15.15-1
+	[bullseye] - linux 5.10.84-1
+	[buster] - linux 4.19.232-1
+	NOTE: https://git.kernel.org/linus/c1e63117711977cc4295b2ce73de29dd17066c82 (5.16-rc2)
+CVE-2021-47565 [scsi: mpt3sas: Fix kernel panic during drive powercycle test]
+	- linux 5.15.15-1
+	[bullseye] - linux 5.10.84-1
+	[buster] - linux 4.19.232-1
+	NOTE: https://git.kernel.org/linus/0ee4ba13e09c9d9c1cb6abb59da8295d9952328b (5.16-rc3)
+CVE-2021-47564 [net: marvell: prestera: fix double free issue on err path]
+	- linux 5.15.15-1
+	[bullseye] - linux 5.10.84-1
+	[buster] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/e8d032507cb7912baf1d3e0af54516f823befefd (5.16-rc3)
+CVE-2021-47563 [ice: avoid bpf_prog refcount underflow]
+	- linux 5.15.15-1
+	[bullseye] - linux 5.10.84-1
+	[buster] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/f65ee535df775a13a1046c0a0b2d72db342f8a5b (5.16-rc3)
+CVE-2021-47562 [ice: fix vsi->txq_map sizing]
+	- linux 5.15.15-1
+	[bullseye] - linux 5.10.84-1
+	[buster] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/792b2086584f25d84081a526beee80d103c2a913 (5.16-rc3)
+CVE-2021-47561 [i2c: virtio: disable timeout handling]
+	- linux 5.15.15-1
+	[bullseye] - linux <not-affected> (Vulnerable code not present)
+	[buster] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/84e1d0bf1d7121759622dabf8fbef4c99ad597c5 (5.16-rc3)
+CVE-2021-47560 [mlxsw: spectrum: Protect driver from buggy firmware]
+	- linux 5.15.15-1
+	[bullseye] - linux 5.10.84-1
+	[buster] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/63b08b1f6834bbb0b4f7783bf63b80c8c8e9a047 (5.16-rc3)
+CVE-2021-47559 [net/smc: Fix NULL pointer dereferencing in smc_vlan_by_tcpsk()]
+	- linux 5.15.15-1
+	[bullseye] - linux 5.10.84-1
+	NOTE: https://git.kernel.org/linus/587acad41f1bc48e16f42bb2aca63bf323380be8 (5.16-rc3)
+CVE-2021-47558 [net: stmmac: Disable Tx queues when reconfiguring the interface]
+	- linux 5.15.15-1
+	[buster] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/b270bfe697367776eca2e6759a71d700fb8d82a2 (5.16-rc3)
+CVE-2021-47557 [net/sched: sch_ets: don't peek at classes beyond 'nbands']
+	- linux 5.15.15-1
+	[bullseye] - linux 5.10.84-1
+	[buster] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/de6d25924c2a8c2988c6a385990cafbe742061bf (5.16-rc3)
+CVE-2021-47556 [ethtool: ioctl: fix potential NULL deref in ethtool_set_coalesce()]
+	- linux 5.15.15-1
+	[bullseye] - linux <not-affected> (Vulnerable code not present)
+	[buster] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/0276af2176c78771da7f311621a25d7608045827 (5.16-rc3)
+CVE-2021-47555 [net: vlan: fix underflow for the real_dev refcnt]
+	- linux 5.15.15-1
+	[bullseye] - linux 5.10.84-1
+	[buster] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/01d9cc2dea3fde3bad6d27f464eff463496e2b00 (5.16-rc3)
+CVE-2021-47554 [vdpa_sim: avoid putting an uninitialized iova_domain]
+	- linux 5.15.15-1
+	[bullseye] - linux <not-affected> (Vulnerable code not present)
+	[buster] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/bb93ce4b150dde79f58e34103cbd1fe829796649 (5.16-rc3)
+CVE-2021-47553 [sched/scs: Reset task stack state in bringup_cpu()]
+	- linux 5.15.15-1
+	[bullseye] - linux 5.10.84-1
+	[buster] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/dce1ca0525bfdc8a69a9343bc714fbc19a2f04b3 (5.16-rc3)
+CVE-2021-47552 [blk-mq: cancel blk-mq dispatch work in both blk_cleanup_queue and disk_release()]
+	- linux 5.15.15-1
+	NOTE: https://git.kernel.org/linus/2a19b28f7929866e1cec92a3619f4de9f2d20005 (5.16-rc2)
+CVE-2021-47551 [drm/amd/amdkfd: Fix kernel panic when reset failed and been triggered again]
+	- linux 5.15.15-1
+	[bullseye] - linux 5.10.84-1
+	NOTE: https://git.kernel.org/linus/2cf49e00d40d5132e3d067b5aa6d84791929ab15 (5.16-rc2)
+CVE-2021-47550 [drm/amd/amdgpu: fix potential memleak]
+	- linux 5.15.15-1
+	[bullseye] - linux 5.10.84-1
+	NOTE: https://git.kernel.org/linus/27dfaedc0d321b4ea4e10c53e4679d6911ab17aa (5.16-rc2)
+CVE-2021-47549 [sata_fsl: fix UAF in sata_fsl_port_stop when rmmod sata_fsl]
+	- linux 5.15.15-1
+	[bullseye] - linux 5.10.84-1
+	[buster] - linux 4.19.232-1
+	NOTE: https://git.kernel.org/linus/6c8ad7e8cf29eb55836e7a0215f967746ab2b504 (5.16-rc4)
+CVE-2021-47548 [ethernet: hisilicon: hns: hns_dsaf_misc: fix a possible array overflow in hns_dsaf_ge_srst_by_port()]
+	- linux 5.15.15-1
+	[bullseye] - linux 5.10.84-1
+	[buster] - linux 4.19.232-1
+	NOTE: https://git.kernel.org/linus/a66998e0fbf213d47d02813b9679426129d0d114 (5.16-rc2)
+CVE-2021-47547 [net: tulip: de4x5: fix the problem that the array 'lp->phy[8]' may be out of bound]
+	- linux 5.15.15-1
+	[bullseye] - linux 5.10.84-1
+	[buster] - linux 4.19.232-1
+	NOTE: https://git.kernel.org/linus/61217be886b5f7402843677e4be7e7e83de9cb41 (5.16-rc2)
+CVE-2021-47546 [ipv6: fix memory leak in fib6_rule_suppress]
+	- linux 5.15.15-1
+	[bullseye] - linux 5.10.84-1
+	[buster] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/cdef485217d30382f3bf6448c54b4401648fe3f1 (5.16-rc4)
+CVE-2021-47545 [perf hist: Fix memory leak of a perf_hpp_fmt]
+	- linux 5.15.15-1
+	[bullseye] - linux 5.10.84-1
+	[buster] - linux 4.19.232-1
+	NOTE: https://git.kernel.org/linus/0ca1f534a776cc7d42f2c33da4732b74ec2790cd (5.16-rc2)
+CVE-2021-47544 [tcp: fix page frag corruption on page fault]
+	- linux 5.15.15-1
+	[bullseye] - linux 5.10.84-1
+	NOTE: https://git.kernel.org/linus/dacb5d8875cc6cd3a553363b4d6f06760fcbe70c (5.16-rc4)
+CVE-2021-47543 [perf report: Fix memory leaks around perf_tip()]
+	- linux 5.15.15-1
+	[bullseye] - linux 5.10.84-1
+	NOTE: https://git.kernel.org/linus/d9fc706108c15f8bc2d4ccccf8e50f74830fabd9 (5.16-rc2)
+CVE-2021-47542 [net: qlogic: qlcnic: Fix a NULL pointer dereference in qlcnic_83xx_add_rings()]
+	- linux 5.15.15-1
+	[bullseye] - linux 5.10.84-1
+	[buster] - linux 4.19.232-1
+	NOTE: https://git.kernel.org/linus/e2dabc4f7e7b60299c20a36d6a7b24ed9bf8e572 (5.16-rc4)
+CVE-2021-47541 [net/mlx4_en: Fix an use-after-free bug in mlx4_en_try_alloc_resources()]
+	- linux 5.15.15-1
+	[bullseye] - linux 5.10.84-1
+	[buster] - linux 4.19.232-1
+	NOTE: https://git.kernel.org/linus/addad7643142f500080417dd7272f49b7a185570 (5.16-rc4)
+CVE-2021-47540 [mt76: mt7915: fix NULL pointer dereference in mt7915_get_phy_mode]
+	- linux 5.15.15-1
+	[bullseye] - linux 5.10.84-1
+	[buster] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/6e53d6d26920d5221d3f4d4f5ffdd629ea69aa5c (5.16-rc4)
+CVE-2021-47539 [rxrpc: Fix rxrpc_peer leak in rxrpc_look_up_bundle()]
+	- linux 5.15.15-1
+	[bullseye] - linux 5.10.84-1
+	[buster] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/ca77fba821351190777b236ce749d7c4d353102e (5.16-rc4)
+CVE-2021-47538 [rxrpc: Fix rxrpc_local leak in rxrpc_lookup_peer()]
+	- linux 5.15.15-1
+	[bullseye] - linux 5.10.84-1
+	[buster] - linux 4.19.232-1
+	NOTE: https://git.kernel.org/linus/beacff50edbd6c9659a6f15fc7f6126909fade29 (5.16-rc4)
+CVE-2021-47537 [octeontx2-af: Fix a memleak bug in rvu_mbox_init()]
+	- linux 5.15.15-1
+	[bullseye] - linux <not-affected> (Vulnerable code not present)
+	[buster] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/e07a097b4986afb8f925d0bb32612e1d3e88ce15 (5.16-rc4)
+CVE-2021-47536 [net/smc: fix wrong list_del in smc_lgr_cleanup_early]
+	- linux 5.15.15-1
+	[bullseye] - linux 5.10.84-1
+	[buster] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/789b6cc2a5f9123b9c549b886fdc47c865cfe0ba (5.16-rc4)
+CVE-2021-47535 [drm/msm/a6xx: Allocate enough space for GMU registers]
+	- linux 5.15.15-1
+	[bullseye] - linux 5.10.84-1
+	[buster] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/b4d25abf9720b69a03465b09d0d62d1998ed6708 (5.16-rc4)
+CVE-2021-47534 [drm/vc4: kms: Add missing drm_crtc_commit_put]
+	- linux 5.15.15-1
+	[bullseye] - linux <not-affected> (Vulnerable code not present)
+	[buster] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/049cfff8d53a30cae3349ff71a4c01b7d9981bc2 (5.16-rc4)
+CVE-2021-47533 [drm/vc4: kms: Clear the HVS FIFO commit pointer once done]
+	- linux 5.15.15-1
+	[bullseye] - linux <not-affected> (Vulnerable code not present)
+	[buster] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/d134c5ff71c7f2320fc7997f2fbbdedf0c76889a (5.16-rc4)
+CVE-2021-47532 [drm/msm/devfreq: Fix OPP refcnt leak]
+	- linux 5.15.15-1
+	[bullseye] - linux <not-affected> (Vulnerable code not present)
+	[buster] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/59ba1b2b4825342676300f66d785764be3fcb093 (5.16-rc4)
+CVE-2021-47531 [drm/msm: Fix mmap to include VM_IO and VM_DONTDUMP]
+	- linux 5.15.15-1
+	[bullseye] - linux <not-affected> (Vulnerable code not present)
+	[buster] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/3466d9e217b337bf473ee629c608e53f9f3ab786 (5.16-rc4)
+CVE-2021-47530 [drm/msm: Fix wait_fence submitqueue leak]
+	- linux 5.15.15-1
+	[bullseye] - linux <not-affected> (Vulnerable code not present)
+	[buster] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/ea0006d390a28012f8187717aea61498b2b341e5 (5.16-rc4)
+CVE-2021-47529 [iwlwifi: Fix memory leaks in error handling path]
+	- linux 5.15.15-1
+	[bullseye] - linux <not-affected> (Vulnerable code not present)
+	[buster] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/a571bc28326d9f3e13f5f2d9cda2883e0631b0ce (5.16-rc4)
+CVE-2021-47528 [usb: cdnsp: Fix a NULL pointer dereference in cdnsp_endpoint_init()]
+	- linux 5.15.15-1
+	[bullseye] - linux <not-affected> (Vulnerable code not present)
+	[buster] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/37307f7020ab38dde0892a578249bf63d00bca64 (5.16-rc4)
+CVE-2021-47527 [serial: core: fix transmit-buffer reset and memleak]
+	- linux 5.15.15-1
+	[bullseye] - linux 5.10.84-1
+	[buster] - linux 4.19.232-1
+	NOTE: https://git.kernel.org/linus/00de977f9e0aa9760d9a79d1e41ff780f74e3424 (5.16-rc4)
+CVE-2021-47526 [serial: liteuart: Fix NULL pointer dereference in ->remove()]
+	- linux 5.15.15-1
+	[bullseye] - linux <not-affected> (Vulnerable code not present)
+	[buster] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/0f55f89d98c8b3e12b4f55f71c127a173e29557c (5.16-rc4)
+CVE-2021-47525 [serial: liteuart: fix use-after-free and memleak on unbind]
+	- linux 5.15.15-1
+	[bullseye] - linux <not-affected> (Vulnerable code not present)
+	[buster] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/05f929b395dec8957b636ff14e66b277ed022ed9 (5.16-rc4)
+CVE-2021-47524 [serial: liteuart: fix minor-number leak on probe errors]
+	- linux 5.15.15-1
+	[bullseye] - linux <not-affected> (Vulnerable code not present)
+	[buster] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/dd5e90b16cca8a697cbe17b72e2a5f49291cabb2 (5.16-rc4)
+CVE-2021-47523 [IB/hfi1: Fix leak of rcvhdrtail_dummy_kvaddr]
+	- linux 5.15.15-1
+	[bullseye] - linux 5.10.92-1
+	NOTE: https://git.kernel.org/linus/60a8b5a1611b4a26de4839ab9c1fc2a9cf3e17c1 (5.16-rc5)
+CVE-2021-47522 [HID: bigbenff: prevent null pointer dereference]
+	- linux 5.15.15-1
+	[bullseye] - linux 5.10.92-1
+	NOTE: https://git.kernel.org/linus/918aa1ef104d286d16b9e7ef139a463ac7a296f0 (5.16-rc5)
+CVE-2021-47521 [can: sja1000: fix use after free in ems_pcmcia_add_card()]
+	- linux 5.15.15-1
+	[bullseye] - linux 5.10.92-1
+	[buster] - linux 4.19.232-1
+	NOTE: https://git.kernel.org/linus/3ec6ca6b1a8e64389f0212b5a1b0f6fed1909e45 (5.16-rc5)
+CVE-2021-47520 [can: pch_can: pch_can_rx_normal: fix use after free]
+	- linux 5.15.15-1
+	[bullseye] - linux 5.10.92-1
+	[buster] - linux 4.19.232-1
+	NOTE: https://git.kernel.org/linus/94cddf1e9227a171b27292509d59691819c458db (5.16-rc5)
+CVE-2021-47519 [can: m_can: m_can_read_fifo: fix memory leak in error branch]
+	- linux 5.15.15-1
+	[bullseye] - linux <not-affected> (Vulnerable code not present)
+	[buster] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/31cb32a590d62b18f69a9a6d433f4e69c74fdd56 (5.16-rc5)
+CVE-2021-47518 [nfc: fix potential NULL pointer deref in nfc_genl_dump_ses_done]
+	- linux 5.15.15-1
+	[bullseye] - linux 5.10.92-1
+	[buster] - linux 4.19.232-1
+	NOTE: https://git.kernel.org/linus/4cd8371a234d051f9c9557fcbb1f8c523b1c0d10 (5.16-rc5)
+CVE-2021-47517 [ethtool: do not perform operations on net devices being unregistered]
+	- linux 5.15.15-1
+	[bullseye] - linux 5.10.92-1
+	[buster] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/dde91ccfa25fd58f64c397d91b81a4b393100ffa (5.16-rc5)
+CVE-2021-47516 [nfp: Fix memory leak in nfp_cpp_area_cache_add()]
+	- linux 5.15.15-1
+	[bullseye] - linux 5.10.92-1
+	[buster] - linux 4.19.232-1
+	NOTE: https://git.kernel.org/linus/c56c96303e9289cc34716b1179597b6f470833de (5.16-rc5)
+CVE-2021-47515 [seg6: fix the iif in the IPv6 socket control block]
+	- linux 5.15.15-1
+	[bullseye] - linux 5.10.92-1
+	[buster] - linux 4.19.232-1
+	NOTE: https://git.kernel.org/linus/ae68d93354e5bf5191ee673982251864ea24dd5c (5.16-rc5)
+CVE-2021-47514 [devlink: fix netns refcount leak in devlink_nl_cmd_reload()]
+	- linux 5.15.15-1
+	[bullseye] - linux 5.10.92-1
+	[buster] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/4dbb0dad8e63fcd0b5a117c2861d2abe7ff5f186 (5.16-rc5)
+CVE-2021-47513 [net: dsa: felix: Fix memory leak in felix_setup_mmio_filtering]
+	- linux 5.15.15-1
+	[bullseye] - linux <not-affected> (Vulnerable code not present)
+	[buster] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/e8b1d7698038e76363859fb47ae0a262080646f5 (5.16-rc5)
+CVE-2021-47512 [net/sched: fq_pie: prevent dismantle issue]
+	- linux 5.15.15-1
+	[bullseye] - linux 5.10.92-1
+	[buster] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/61c2402665f1e10c5742033fce18392e369931d7 (5.16-rc5)
+CVE-2021-47511 [ALSA: pcm: oss: Fix negative period/buffer sizes]
+	- linux 5.15.15-1
+	[bullseye] - linux 5.10.92-1
+	[buster] - linux 4.19.232-1
+	NOTE: https://git.kernel.org/linus/9d2479c960875ca1239bcb899f386970c13d9cfe (5.16-rc5)
+CVE-2021-47510 [btrfs: fix re-dirty process of tree-log nodes]
+	- linux 5.15.15-1
+	[bullseye] - linux <not-affected> (Vulnerable code not present)
+	[buster] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/84c25448929942edacba905cecc0474e91114e7a (5.16-rc5)
+CVE-2021-47509 [ALSA: pcm: oss: Limit the period size to 16MB]
+	- linux 5.15.15-1
+	[bullseye] - linux 5.10.92-1
+	[buster] - linux 4.19.232-1
+	NOTE: https://git.kernel.org/linus/8839c8c0f77ab8fc0463f4ab8b37fca3f70677c2 (5.16-rc5)
+CVE-2021-47508 [btrfs: free exchange changeset on failures]
+	- linux 5.15.15-1
+	NOTE: https://git.kernel.org/linus/da5e817d9d75422eaaa05490d0b9a5e328fc1a51 (5.16-rc5)
+CVE-2021-47507 [nfsd: Fix nsfd startup race (again)]
+	- linux 5.15.15-1
+	[bullseye] - linux 5.10.92-1
+	[buster] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/b10252c7ae9c9d7c90552f88b544a44ee773af64 (5.16-rc5)
+CVE-2021-47506 [nfsd: fix use-after-free due to delegation race]
+	- linux 5.15.15-1
+	[bullseye] - linux 5.10.92-1
+	[buster] - linux 4.19.232-1
+	NOTE: https://git.kernel.org/linus/548ec0805c399c65ed66c6641be467f717833ab5 (5.16-rc5)
+CVE-2021-47505 [aio: fix use-after-free due to missing POLLFREE handling]
+	- linux 5.15.15-1
+	[bullseye] - linux 5.10.92-1
+	[buster] - linux 4.19.232-1
+	NOTE: https://git.kernel.org/linus/50252e4b5e989ce64555c7aef7516bdefc2fea72 (5.16-rc5)
+CVE-2021-47504 [io_uring: ensure task_work gets run as part of cancelations]
+	- linux 5.15.15-1
+	NOTE: https://git.kernel.org/linus/78a780602075d8b00c98070fa26e389b3b3efa72 (5.16-rc5)
+CVE-2021-47503 [scsi: pm80xx: Do not call scsi_remove_host() in pm8001_alloc()]
+	- linux 5.15.15-1
+	[bullseye] - linux 5.10.92-1
+	[buster] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/653926205741add87a6cf452e21950eebc6ac10b (5.16-rc5)
+CVE-2021-47502 [ASoC: codecs: wcd934x: handle channel mappping list correctly]
+	- linux 5.15.15-1
+	[bullseye] - linux 5.10.92-1
+	[buster] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/23ba28616d3063bd4c4953598ed5e439ca891101 (5.16-rc5)
+CVE-2021-47501 [i40e: Fix NULL pointer dereference in i40e_dbg_dump_desc]
+	- linux 5.15.15-1
+	[bullseye] - linux 5.10.92-1
+	NOTE: https://git.kernel.org/linus/23ec111bf3549aae37140330c31a16abfc172421 (5.16-rc5)
+CVE-2021-47500 [iio: mma8452: Fix trigger reference couting]
+	- linux 5.15.15-1
+	[bullseye] - linux 5.10.92-1
+	[buster] - linux 4.19.232-1
+	NOTE: https://git.kernel.org/linus/cd0082235783f814241a1c9483fb89e405f4f892 (5.16-rc5)
+CVE-2021-47499 [iio: accel: kxcjk-1013: Fix possible memory leak in probe and remove]
+	- linux 5.15.15-1
+	[bullseye] - linux 5.10.92-1
+	[buster] - linux 4.19.232-1
+	NOTE: https://git.kernel.org/linus/70c9774e180d151abaab358108e3510a8e615215 (5.16-rc5)
 CVE-2024-28793
 	NOT-FOR-US: Jenkins plugin
 CVE-2024-4189



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/c8b2075c11e64ad2ec674fb442d7438a99501f4a

-- 
This project does not include diff previews in email notifications.
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/c8b2075c11e64ad2ec674fb442d7438a99501f4a
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20240524/2d5f63c5/attachment-0001.htm>


More information about the debian-security-tracker-commits mailing list