Instituto Nacional de ciberseguridad. Sección Incibe
Instituto Nacional de Ciberseguridad. Sección INCIBE-CERT

Go to Calendar     Go to Press Room     Go to Newsletters subscription

Search

Vulnerabilities

With the aim of informing, warning and helping professionals with the latest security vulnerabilities in technology systems, we have made a database available for users interested in this information, which is in Spanish and includes all of the latest documented and recognised vulnerabilities.

This repository, with over 75,000 registers, is based on the information from the NVD (National Vulnerability Database) – by virtue of a partnership agreement – through which INCIBE translates the included information into Spanish.

On occasions this list will show vulnerabilities that have still not been translated, as they are added while the INCIBE team is still carrying out the translation process. The CVE  (Common Vulnerabilities and Exposures) Standard for Information Security Vulnerability Names is used with the aim to support the exchange of information between different tools and databases.

All vulnerabilities collected are linked to different information sources, as well as available patches or solutions provided by manufacturers and developers. It is possible to carry out advanced searches, as there is the option to select different criteria to narrow down the results, some examples being vulnerability types, manufacturers and impact levels, among others.

Through RSS feeds or Newsletters we can be informed daily about the latest vulnerabilities added to the repository. Below there is a list, updated daily, where you can discover the latest vulnerabilities.

CVE-2021-47533
Publication date:
24/05/2024
In the Linux kernel, the following vulnerability has been resolved:<br /> <br /> drm/vc4: kms: Clear the HVS FIFO commit pointer once done<br /> <br /> Commit 9ec03d7f1ed3 ("drm/vc4: kms: Wait on previous FIFO users before a<br /> commit") introduced a wait on the previous commit done on a given HVS<br /> FIFO.<br /> <br /> However, we never cleared that pointer once done. Since<br /> drm_crtc_commit_put can free the drm_crtc_commit structure directly if<br /> we were the last user, this means that it can lead to a use-after free<br /> if we were to duplicate the state, and that stale pointer would even be<br /> copied to the new state.<br /> <br /> Set the pointer to NULL once we&amp;#39;re done with the wait so that we don&amp;#39;t<br /> carry over a pointer to a free&amp;#39;d structure.
Severity CVSS v4.0: Pending analysis
Last modification:
18/09/2025

CVE-2021-47534
Publication date:
24/05/2024
In the Linux kernel, the following vulnerability has been resolved:<br /> <br /> drm/vc4: kms: Add missing drm_crtc_commit_put<br /> <br /> Commit 9ec03d7f1ed3 ("drm/vc4: kms: Wait on previous FIFO users before a<br /> commit") introduced a global state for the HVS, with each FIFO storing<br /> the current CRTC commit so that we can properly synchronize commits.<br /> <br /> However, the refcounting was off and we thus ended up leaking the<br /> drm_crtc_commit structure every commit. Add a drm_crtc_commit_put to<br /> prevent the leakage.
Severity CVSS v4.0: Pending analysis
Last modification:
01/04/2025

CVE-2021-47525
Publication date:
24/05/2024
In the Linux kernel, the following vulnerability has been resolved:<br /> <br /> serial: liteuart: fix use-after-free and memleak on unbind<br /> <br /> Deregister the port when unbinding the driver to prevent it from being<br /> used after releasing the driver data and leaking memory allocated by<br /> serial core.
Severity CVSS v4.0: Pending analysis
Last modification:
10/06/2024

CVE-2021-47526
Publication date:
24/05/2024
In the Linux kernel, the following vulnerability has been resolved:<br /> <br /> serial: liteuart: Fix NULL pointer dereference in -&gt;remove()<br /> <br /> drvdata has to be set in _probe() - otherwise platform_get_drvdata()<br /> causes null pointer dereference BUG in _remove().
Severity CVSS v4.0: Pending analysis
Last modification:
10/06/2024

CVE-2021-47527
Publication date:
24/05/2024
In the Linux kernel, the following vulnerability has been resolved:<br /> <br /> serial: core: fix transmit-buffer reset and memleak<br /> <br /> Commit 761ed4a94582 ("tty: serial_core: convert uart_close to use<br /> tty_port_close") converted serial core to use tty_port_close() but<br /> failed to notice that the transmit buffer still needs to be freed on<br /> final close.<br /> <br /> Not freeing the transmit buffer means that the buffer is no longer<br /> cleared on next open so that any ioctl() waiting for the buffer to drain<br /> might wait indefinitely (e.g. on termios changes) or that stale data can<br /> end up being transmitted in case tx is restarted.<br /> <br /> Furthermore, the buffer of any port that has been opened would leak on<br /> driver unbind.<br /> <br /> Note that the port lock is held when clearing the buffer pointer due to<br /> the ldisc race worked around by commit a5ba1d95e46e ("uart: fix race<br /> between uart_put_char() and uart_shutdown()").<br /> <br /> Also note that the tty-port shutdown() callback is not called for<br /> console ports so it is not strictly necessary to free the buffer page<br /> after releasing the lock (cf. d72402145ace ("tty/serial: do not free<br /> trasnmit buffer page under port lock")).
Severity CVSS v4.0: Pending analysis
Last modification:
24/09/2025

CVE-2021-47528
Publication date:
24/05/2024
In the Linux kernel, the following vulnerability has been resolved:<br /> <br /> usb: cdnsp: Fix a NULL pointer dereference in cdnsp_endpoint_init()<br /> <br /> In cdnsp_endpoint_init(), cdnsp_ring_alloc() is assigned to pep-&gt;ring<br /> and there is a dereference of it in cdnsp_endpoint_init(), which could<br /> lead to a NULL pointer dereference on failure of cdnsp_ring_alloc().<br /> <br /> Fix this bug by adding a check of pep-&gt;ring.<br /> <br /> This bug was found by a static analyzer. The analysis employs<br /> differential checking to identify inconsistent security operations<br /> (e.g., checks or kfrees) between two code paths and confirms that the<br /> inconsistent operations are not recovered in the current function or<br /> the callers, so they constitute bugs.<br /> <br /> Note that, as a bug found by static analysis, it can be a false<br /> positive or hard to trigger. Multiple researchers have cross-reviewed<br /> the bug.<br /> <br /> Builds with CONFIG_USB_CDNSP_GADGET=y show no new warnings,<br /> and our static analyzer no longer warns about this code.
Severity CVSS v4.0: Pending analysis
Last modification:
10/06/2024

CVE-2021-47529
Publication date:
24/05/2024
In the Linux kernel, the following vulnerability has been resolved:<br /> <br /> iwlwifi: Fix memory leaks in error handling path<br /> <br /> Should an error occur (invalid TLV len or memory allocation failure), the<br /> memory already allocated in &amp;#39;reduce_power_data&amp;#39; should be freed before<br /> returning, otherwise it is leaking.
Severity CVSS v4.0: Pending analysis
Last modification:
10/06/2024

CVE-2021-47520
Publication date:
24/05/2024
In the Linux kernel, the following vulnerability has been resolved:<br /> <br /> can: pch_can: pch_can_rx_normal: fix use after free<br /> <br /> After calling netif_receive_skb(skb), dereferencing skb is unsafe.<br /> Especially, the can_frame cf which aliases skb memory is dereferenced<br /> just after the call netif_receive_skb(skb).<br /> <br /> Reordering the lines solves the issue.
Severity CVSS v4.0: Pending analysis
Last modification:
10/06/2024

CVE-2021-47521
Publication date:
24/05/2024
In the Linux kernel, the following vulnerability has been resolved:<br /> <br /> can: sja1000: fix use after free in ems_pcmcia_add_card()<br /> <br /> If the last channel is not available then "dev" is freed. Fortunately,<br /> we can just use "pdev-&gt;irq" instead.<br /> <br /> Also we should check if at least one channel was set up.
Severity CVSS v4.0: Pending analysis
Last modification:
10/06/2024

CVE-2021-47522
Publication date:
24/05/2024
In the Linux kernel, the following vulnerability has been resolved:<br /> <br /> HID: bigbenff: prevent null pointer dereference<br /> <br /> When emulating the device through uhid, there is a chance we don&amp;#39;t have<br /> output reports and so report_field is null.
Severity CVSS v4.0: Pending analysis
Last modification:
10/06/2024

CVE-2021-47523
Publication date:
24/05/2024
In the Linux kernel, the following vulnerability has been resolved:<br /> <br /> IB/hfi1: Fix leak of rcvhdrtail_dummy_kvaddr<br /> <br /> This buffer is currently allocated in hfi1_init():<br /> <br /> if (reinit)<br /> ret = init_after_reset(dd);<br /> else<br /> ret = loadtime_init(dd);<br /> if (ret)<br /> goto done;<br /> <br /> /* allocate dummy tail memory for all receive contexts */<br /> dd-&gt;rcvhdrtail_dummy_kvaddr = dma_alloc_coherent(&amp;dd-&gt;pcidev-&gt;dev,<br /> sizeof(u64),<br /> &amp;dd-&gt;rcvhdrtail_dummy_dma,<br /> GFP_KERNEL);<br /> <br /> if (!dd-&gt;rcvhdrtail_dummy_kvaddr) {<br /> dd_dev_err(dd, "cannot allocate dummy tail memory\n");<br /> ret = -ENOMEM;<br /> goto done;<br /> }<br /> <br /> The reinit triggered path will overwrite the old allocation and leak it.<br /> <br /> Fix by moving the allocation to hfi1_alloc_devdata() and the deallocation<br /> to hfi1_free_devdata().
Severity CVSS v4.0: Pending analysis
Last modification:
24/09/2025

CVE-2021-47524
Publication date:
24/05/2024
In the Linux kernel, the following vulnerability has been resolved:<br /> <br /> serial: liteuart: fix minor-number leak on probe errors<br /> <br /> Make sure to release the allocated minor number before returning on<br /> probe errors.
Severity CVSS v4.0: Pending analysis
Last modification:
24/09/2025
Subscribe to Vulnerabilities