Vulnerability Summary for the Week of March 11, 2024

Published 2024-03-15 CVSS Score not yet calculated Source & Patch Info CVE-2021-47111416baaa9-dc9f-4396-8d5f-8c081fb06d67416baaa9-dc9f-4396-8d5f-8c081fb06d67416baaa9-dc9f-4396-8d5f-8c081fb06d67 PrimaryVendor - Product linux - linux Description In the Linux kernel, the following vulnerability has been resolved: x86/kvm: Teardown PV features on boot CPU as well Various PV features work through memory shared with hypervisor and when we restore from hibernation we must properly teardown all these features to make sure hypervisor doesn't write to stale locations after we jump to the previously hibernated kernel.
For secondary CPUs the job is already done by kvm cpu down prepare(), register syscore ops to do the same for boot CPU. Published 2024-03-15 CVSS Score not yet calculated Source & Patch Info CVE-2021-47112416baaa9-dc9f-4396-8d5f-8c081fb06d67416baaa9-dc9f-4396-8d5f-8c081fb06d67416baaa9-dc9f-4396-8d5f-8c081fb06d67416baaa9-dc9f-4396-8d5f-8c081fb06d67 PrimaryVendor - Product linux - linux Description In the Linux kernel, the following vulnerability has been resolved: btrfs: abort in rename exchange if we fail to insert the second ref Error injection stress uncovered a problem where we'd leave a dangling inode ref if we failed during a rename exchange.
Published 2024-03-15 CVSS Score not yet calculated Source & Patch Info CVE-2021-47113416baaa9-dc9f-4396-8d5f-8c081fb06d67416baaa9-dc9f-4396-8d5f-8c081fb06d67416baaa9-dc9f-4396-8d5f-8c081fb06d67 PrimaryVendor - Product linux - linux Description In the Linux kernel, the following vulnerability has been resolved: ocfs2: fix data corruption by fallocate When fallocate punches holes out of inode size, if original isize is in the middle of last cluster, then the part from isize to the end of the cluster will be zeroed with buffer write, at that time isize is not yet updated to match the new size, if writeback is kicked in, it will invoke ocfs2 writepage()->block write full page() where the pages out of inode size will be dropped.
Cz/T/ Published 2024-03-15 CVSS Score not yet calculated Source & Patch Info CVE-2021-47114416baaa9-dc9f-4396-8d5f-8c081fb06d67416baaa9-dc9f-4396-8d5f-8c081fb06d67416baaa9-dc9f-4396-8d5f-8c081fb06d67416baaa9-dc9f-4396-8d5f-8c081fb06d67416baaa9-dc9f-4396-8d5f-8c081fb06d67416baaa9-dc9f-4396-8d5f-8c081fb06d67416baaa9-dc9f-4396-8d5f-8c081fb06d67416baaa9-dc9f-4396-8d5f-8c081fb06d67 PrimaryVendor - Product linux - linux Description In the Linux kernel, the following vulnerability has been resolved: ext4: fix memory leak in ext4 mb init backend on error path.
Published 2024-03-15 CVSS Score not yet calculated Source & Patch Info CVE-2021-47116416baaa9-dc9f-4396-8d5f-8c081fb06d67416baaa9-dc9f-4396-8d5f-8c081fb06d67416baaa9-dc9f-4396-8d5f-8c081fb06d67 PrimaryVendor - Product linux - linux Description In the Linux kernel, the following vulnerability has been resolved: ext4: fix bug on in ext4 es cache extent as ext4 split extent at failed We got follow bug on when run fsstress with injecting IO fault: kernel BUG at fs/ext4/extents status.
Published 2024-03-15 CVSS Score not yet calculated Source & Patch Info CVE-2021-47124416baaa9-dc9f-4396-8d5f-8c081fb06d67416baaa9-dc9f-4396-8d5f-8c081fb06d67416baaa9-dc9f-4396-8d5f-8c081fb06d67416baaa9-dc9f-4396-8d5f-8c081fb06d67416baaa9-dc9f-4396-8d5f-8c081fb06d67 PrimaryVendor - Product linux - linux Description In the Linux kernel, the following vulnerability has been resolved: sch htb: fix refcount leak in htb parent to leaf offload The commit ae81feb7338c fixes a NULL pointer dereference bug, but it is not correct.
The correct fix is to add a NULL pointer check to protect qdisc refcount inc inside htb parent to leaf offload. Published 2024-03-15 CVSS Score not yet calculated Source & Patch Info CVE-2021-47125416baaa9-dc9f-4396-8d5f-8c081fb06d67416baaa9-dc9f-4396-8d5f-8c081fb06d67 PrimaryVendor - Product linux - linux Description In the Linux kernel, the following vulnerability has been resolved: ipv6: Fix KASAN: slab-out-of-bounds Read in fib6 nh flush exceptions Reported by syzbot: HEAD commit: 90c911ad Merge tag 'fixes' of git://git.
C:46 entry SYSCALL 64 after hwframe+0x44/0xae RIP: 0033:0x4665f9 Code: ff ff c3 66 2e 0f 1f 84 --truncated-- Published 2024-03-15 CVSS Score not yet calculated Source & Patch Info CVE-2021-47126416baaa9-dc9f-4396-8d5f-8c081fb06d67416baaa9-dc9f-4396-8d5f-8c081fb06d67416baaa9-dc9f-4396-8d5f-8c081fb06d67416baaa9-dc9f-4396-8d5f-8c081fb06d67 PrimaryVendor - Product linux - linux Description In the Linux kernel, the following vulnerability has been resolved: ice: track AF XDP ZC enabled queues in bitmap Commit c7a219048e45 silently introduced a regression and broke the Tx side of AF XDP in copy mode.
Published 2024-03-15 CVSS Score not yet calculated Source & Patch Info CVE-2021-47127416baaa9-dc9f-4396-8d5f-8c081fb06d67416baaa9-dc9f-4396-8d5f-8c081fb06d67 PrimaryVendor - Product linux - linux Description In the Linux kernel, the following vulnerability has been resolved: bpf, lockdown, audit: Fix buggy SELinux lockdown permission checks Commit 59438b46471a added an implementation of the locked down LSM hook to SELinux, with the aim to restrict which domains are allowed to perform operations that would breach lockdown.
The check is then also in line with other security locked down() hooks in the system where the enforcement is performed at open/load time, for example, open kcore() for /proc/kcore access or module sig check() for module signatures just to pick f --truncated-- Published 2024-03-15 CVSS Score not yet calculated Source & Patch Info CVE-2021-47128416baaa9-dc9f-4396-8d5f-8c081fb06d67416baaa9-dc9f-4396-8d5f-8c081fb06d67416baaa9-dc9f-4396-8d5f-8c081fb06d67 PrimaryVendor - Product linux - linux Description In the Linux kernel, the following vulnerability has been resolved: netfilter: nft ct: skip expectations for confirmed conntrack nft ct expect obj eval() calls nf ct ext add() for a confirmed conntrack entry.
Published 2024-03-15 CVSS Score not yet calculated Source & Patch Info CVE-2021-47129416baaa9-dc9f-4396-8d5f-8c081fb06d67416baaa9-dc9f-4396-8d5f-8c081fb06d67416baaa9-dc9f-4396-8d5f-8c081fb06d67416baaa9-dc9f-4396-8d5f-8c081fb06d67 PrimaryVendor - Product linux - linux Description In the Linux kernel, the following vulnerability has been resolved: nvmet: fix freeing unallocated p2pmem In case p2p device was found but the p2p pool is empty, the nvme target is still trying to free the sgl from the p2p pool instead of the regular sgl pool and causing a crash is called).
Published 2024-03-15 CVSS Score not yet calculated Source & Patch Info CVE-2021-47131416baaa9-dc9f-4396-8d5f-8c081fb06d67416baaa9-dc9f-4396-8d5f-8c081fb06d67416baaa9-dc9f-4396-8d5f-8c081fb06d67 PrimaryVendor - Product linux - linux Description In the Linux kernel, the following vulnerability has been resolved: mptcp: fix sk forward memory corruption on retransmission MPTCP sk forward memory handling is a bit special, as such field is protected by the msk socket spin lock, instead of the plain socket lock.
Published 2024-03-15 CVSS Score not yet calculated Source & Patch Info CVE-2021-47132416baaa9-dc9f-4396-8d5f-8c081fb06d67416baaa9-dc9f-4396-8d5f-8c081fb06d67 PrimaryVendor - Product linux - linux Description In the Linux kernel, the following vulnerability has been resolved: efi/fdt: fix panic when no valid fdt found setup arch() would invoke efi init()->efi get fdt params().
Remove unnecessary varibable in mt7921 mcu tx rate report Published 2024-03-15 CVSS Score not yet calculated Source & Patch Info CVE-2021-47135416baaa9-dc9f-4396-8d5f-8c081fb06d67416baaa9-dc9f-4396-8d5f-8c081fb06d67 PrimaryVendor - Product linux - linux Description In the Linux kernel, the following vulnerability has been resolved: drm: Don't unref the same fb many times by mistake due to deadlock handling If we get a deadlock after the fb lookup in drm mode page flip ioctl() we proceed to unref the fb and then retry the whole thing from the top.
Published 2024-03-11 CVSS Score not yet calculated Source & Patch Info CVE-2024-26615416baaa9-dc9f-4396-8d5f-8c081fb06d67416baaa9-dc9f-4396-8d5f-8c081fb06d67416baaa9-dc9f-4396-8d5f-8c081fb06d67416baaa9-dc9f-4396-8d5f-8c081fb06d67416baaa9-dc9f-4396-8d5f-8c081fb06d67416baaa9-dc9f-4396-8d5f-8c081fb06d67416baaa9-dc9f-4396-8d5f-8c081fb06d67416baaa9-dc9f-4396-8d5f-8c081fb06d67 PrimaryVendor - Product linux - linux Description In the Linux kernel, the following vulnerability has been resolved: fs/proc/task mmu: move mmu notification mechanism inside mm lock Move mmu notification mechanism inside mm lock to prevent race condition in other components which depend on it.
Published 2024-03-11 CVSS Score not yet calculated Source & Patch Info CVE-2024-26617416baaa9-dc9f-4396-8d5f-8c081fb06d67416baaa9-dc9f-4396-8d5f-8c081fb06d67 PrimaryVendor - Product linux - linux Description In the Linux kernel, the following vulnerability has been resolved: arm64/sme: Always exit sme alloc() early with existing storage When sme alloc() is called with existing storage and we are not flushing we will always allocate new storage, both leaking the existing storage and corrupting the state.
Published 2024-03-11 CVSS Score not yet calculated Source & Patch Info CVE-2024-26618416baaa9-dc9f-4396-8d5f-8c081fb06d67416baaa9-dc9f-4396-8d5f-8c081fb06d67416baaa9-dc9f-4396-8d5f-8c081fb06d67 PrimaryVendor - Product linux - linux Description In the Linux kernel, the following vulnerability has been resolved: riscv: Fix module loading free order Reverse order of kfree calls to resolve use-after-free error.
Published 2024-03-11 CVSS Score not yet calculated Source & Patch Info CVE-2024-26619416baaa9-dc9f-4396-8d5f-8c081fb06d67416baaa9-dc9f-4396-8d5f-8c081fb06d67 PrimaryVendor - Product linux - linux Description In the Linux kernel, the following vulnerability has been resolved: s390/vfio-ap: always filter entire AP matrix The vfio ap mdev filter matrix function is called whenever a new adapter or domain is assigned to the mdev.
Published 2024-03-11 CVSS Score not yet calculated Source & Patch Info CVE-2024-26620416baaa9-dc9f-4396-8d5f-8c081fb06d67416baaa9-dc9f-4396-8d5f-8c081fb06d67416baaa9-dc9f-4396-8d5f-8c081fb06d67416baaa9-dc9f-4396-8d5f-8c081fb06d67 PrimaryVendor - Product linux - linux Description In the Linux kernel, the following vulnerability has been resolved: nfsd: fix RELEASE LOCKOWNER The test on so count in nfsd4 release lockowner() is nonsense and harmful.
Published 2024-03-13 CVSS Score not yet calculated Source & Patch Info CVE-2024-26629416baaa9-dc9f-4396-8d5f-8c081fb06d67416baaa9-dc9f-4396-8d5f-8c081fb06d67416baaa9-dc9f-4396-8d5f-8c081fb06d67416baaa9-dc9f-4396-8d5f-8c081fb06d67 PrimaryVendor - Product linux - linux Description In the Linux kernel, the following vulnerability has been resolved: mm: cachestat: fix folio read-after-free in cache walk In cachestat, we access the folio from the page cache's xarray to compute its page offset, and check for its dirty and writeback flags.

This Cyber News was published on www.cisa.gov. Publication date: Mon, 18 Mar 2024 20:13:04 +0000