USN-4982-1

Kiyin (尹亮) discovered that the NFC LLCP protocol implementation in the Linux kernel contained a reference counting error. A local attacker could use this to cause a denial of service (system crash). (CVE-2020-25670)

Kiyin (尹亮) discovered that the NFC LLCP protocol implementation in the Linux kernel did not properly deallocate memory in certain error situations. A local attacker could use this to cause a denial of service (memory exhaustion). (CVE-2020-25671, CVE-2020-25672)

Kiyin (尹亮) discovered that the NFC LLCP protocol implementation in the Linux kernel did not properly handle error conditions in some situations, leading to an infinite loop. A local attacker could use this to cause a denial of service. (CVE-2020-25673)

It was discovered that the Xen paravirtualization backend in the Linux kernel did not properly deallocate memory in some situations. A local attacker could use this to cause a denial of service (memory exhaustion). (CVE-2021-28688)

It was discovered that the fuse user space file system implementation in the Linux kernel did not properly handle bad inodes in some situations. A local attacker could possibly use this to cause a denial of service. (CVE-2021-28950)

Zygo Blaxell discovered that the btrfs file system implementation in the Linux kernel contained a race condition during certain cloning operations. A local attacker could possibly use this to cause a denial of service (system crash). (CVE-2021-28964)

Vince Weaver discovered that the perf subsystem in the Linux kernel did not properly handle certain PEBS records properly for some Intel Haswell processors. A local attacker could use this to cause a denial of service (system crash). (CVE-2021-28971)

It was discovered that the RPA PCI Hotplug driver implementation in the Linux kernel did not properly handle device name writes via sysfs, leading to a buffer overflow. A privileged attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code....