Search Results (Refine Search)
- Results Type: Overview
- Keyword (text search): cpe:2.3:o:linux:linux_kernel:5.10.114:*:*:*:*:*:*:*
- CPE Name Search: true
Vuln ID | Summary | CVSS Severity |
---|---|---|
CVE-2021-30178 |
An issue was discovered in the Linux kernel through 5.11.11. synic_get in arch/x86/kvm/hyperv.c has a NULL pointer dereference for certain accesses to the SynIC Hyper-V context, aka CID-919f4ebc5987. Published: April 06, 2021; 8:15:13 PM -0400 |
V4.0:(not available) V3.1: 5.5 MEDIUM V2.0: 2.1 LOW |
CVE-2021-30002 |
An issue was discovered in the Linux kernel before 5.11.3 when a webcam device exists. video_usercopy in drivers/media/v4l2-core/v4l2-ioctl.c has a memory leak for large arguments, aka CID-fb18802a338b. Published: April 02, 2021; 1:15:12 AM -0400 |
V4.0:(not available) V3.1: 6.2 MEDIUM V2.0: 2.1 LOW |
CVE-2021-29650 |
An issue was discovered in the Linux kernel before 5.11.11. The netfilter subsystem allows attackers to cause a denial of service (panic) because net/netfilter/x_tables.c and include/linux/netfilter/x_tables.h lack a full memory barrier upon the assignment of a new table value, aka CID-175e476b8cdf. Published: March 30, 2021; 5:15:14 PM -0400 |
V4.0:(not available) V3.1: 5.5 MEDIUM V2.0: 4.9 MEDIUM |
CVE-2021-29649 |
An issue was discovered in the Linux kernel before 5.11.11. The user mode driver (UMD) has a copy_process() memory leak, related to a lack of cleanup steps in kernel/usermode_driver.c and kernel/bpf/preload/bpf_preload_kern.c, aka CID-f60a85cad677. Published: March 30, 2021; 5:15:14 PM -0400 |
V4.0:(not available) V3.1: 5.5 MEDIUM V2.0: 4.9 MEDIUM |
CVE-2021-29648 |
An issue was discovered in the Linux kernel before 5.11.11. The BPF subsystem does not properly consider that resolved_ids and resolved_sizes are intentionally uninitialized in the vmlinux BPF Type Format (BTF), which can cause a system crash upon an unexpected access attempt (in map_create in kernel/bpf/syscall.c or check_btf_info in kernel/bpf/verifier.c), aka CID-350a5c4dd245. Published: March 30, 2021; 5:15:14 PM -0400 |
V4.0:(not available) V3.1: 5.5 MEDIUM V2.0: 4.9 MEDIUM |
CVE-2021-29647 |
An issue was discovered in the Linux kernel before 5.11.11. qrtr_recvmsg in net/qrtr/qrtr.c allows attackers to obtain sensitive information from kernel memory because of a partially uninitialized data structure, aka CID-50535249f624. Published: March 30, 2021; 5:15:14 PM -0400 |
V4.0:(not available) V3.1: 5.5 MEDIUM V2.0: 2.1 LOW |
CVE-2021-29646 |
An issue was discovered in the Linux kernel before 5.11.11. tipc_nl_retrieve_key in net/tipc/node.c does not properly validate certain data sizes, aka CID-0217ed2848e8. Published: March 30, 2021; 5:15:14 PM -0400 |
V4.0:(not available) V3.1: 5.5 MEDIUM V2.0: 2.1 LOW |
CVE-2021-29265 |
An issue was discovered in the Linux kernel before 5.11.7. usbip_sockfd_store in drivers/usb/usbip/stub_dev.c allows attackers to cause a denial of service (GPF) because the stub-up sequence has race conditions during an update of the local and shared status, aka CID-9380afd6df70. Published: March 26, 2021; 6:15:13 PM -0400 |
V4.0:(not available) V3.1: 4.7 MEDIUM V2.0: 4.7 MEDIUM |
CVE-2021-29264 |
An issue was discovered in the Linux kernel through 5.11.10. drivers/net/ethernet/freescale/gianfar.c in the Freescale Gianfar Ethernet driver allows attackers to cause a system crash because a negative fragment size is calculated in situations involving an rx queue overrun when jumbo packets are used and NAPI is enabled, aka CID-d8861bab48b6. Published: March 26, 2021; 6:15:13 PM -0400 |
V4.0:(not available) V3.1: 5.5 MEDIUM V2.0: 4.7 MEDIUM |
CVE-2020-35508 |
A flaw possibility of race condition and incorrect initialization of the process id was found in the Linux kernel child/parent process identification handling while filtering signal handlers. A local attacker is able to abuse this flaw to bypass checks to send any signal to a privileged process. Published: March 26, 2021; 1:15:12 PM -0400 |
V4.0:(not available) V3.1: 4.5 MEDIUM V2.0: 4.4 MEDIUM |
CVE-2021-28971 |
In intel_pmu_drain_pebs_nhm in arch/x86/events/intel/ds.c in the Linux kernel through 5.11.8 on some Haswell CPUs, userspace applications (such as perf-fuzzer) can cause a system crash because the PEBS status in a PEBS record is mishandled, aka CID-d88d05a9e0b6. Published: March 22, 2021; 1:15:15 PM -0400 |
V4.0:(not available) V3.1: 5.5 MEDIUM V2.0: 4.9 MEDIUM |
CVE-2021-28964 |
A race condition was discovered in get_old_root in fs/btrfs/ctree.c in the Linux kernel through 5.11.8. It allows attackers to cause a denial of service (BUG) because of a lack of locking on an extent buffer before a cloning operation, aka CID-dbcc7d57bffc. Published: March 22, 2021; 5:15:13 AM -0400 |
V4.0:(not available) V3.1: 4.7 MEDIUM V2.0: 1.9 LOW |
CVE-2020-27171 |
An issue was discovered in the Linux kernel before 5.11.8. kernel/bpf/verifier.c has an off-by-one error (with a resultant integer underflow) affecting out-of-bounds speculation on pointer arithmetic, leading to side-channel attacks that defeat Spectre mitigations and obtain sensitive information from kernel memory, aka CID-10d2bb2e6b1d. Published: March 20, 2021; 6:15:12 PM -0400 |
V4.0:(not available) V3.1: 6.0 MEDIUM V2.0: 3.6 LOW |
CVE-2020-27170 |
An issue was discovered in the Linux kernel before 5.11.8. kernel/bpf/verifier.c performs undesirable out-of-bounds speculation on pointer arithmetic, leading to side-channel attacks that defeat Spectre mitigations and obtain sensitive information from kernel memory, aka CID-f232326f6966. This affects pointer types that do not define a ptr_limit. Published: March 20, 2021; 6:15:11 PM -0400 |
V4.0:(not available) V3.1: 4.7 MEDIUM V2.0: 1.9 LOW |
CVE-2021-28952 |
An issue was discovered in the Linux kernel through 5.11.8. The sound/soc/qcom/sdm845.c soundwire device driver has a buffer overflow when an unexpected port ID number is encountered, aka CID-1c668e1c0a0f. (This has been fixed in 5.12-rc4.) Published: March 20, 2021; 5:15:11 PM -0400 |
V4.0:(not available) V3.1: 7.8 HIGH V2.0: 4.6 MEDIUM |
CVE-2021-28951 |
An issue was discovered in fs/io_uring.c in the Linux kernel through 5.11.8. It allows attackers to cause a denial of service (deadlock) because exit may be waiting to park a SQPOLL thread, but concurrently that SQPOLL thread is waiting for a signal to start, aka CID-3ebba796fa25. Published: March 20, 2021; 4:15:13 PM -0400 |
V4.0:(not available) V3.1: 5.5 MEDIUM V2.0: 4.9 MEDIUM |
CVE-2021-28950 |
An issue was discovered in fs/fuse/fuse_i.h in the Linux kernel before 5.11.8. A "stall on CPU" can occur because a retry loop continually finds the same bad inode, aka CID-775c5033a0d1. Published: March 20, 2021; 4:15:13 PM -0400 |
V4.0:(not available) V3.1: 5.5 MEDIUM V2.0: 2.1 LOW |
CVE-2021-27365 |
An issue was discovered in the Linux kernel through 5.11.3. Certain iSCSI data structures do not have appropriate length constraints or checks, and can exceed the PAGE_SIZE value. An unprivileged user can send a Netlink message that is associated with iSCSI, and has a length up to the maximum length of a Netlink message. Published: March 07, 2021; 12:15:13 AM -0500 |
V4.0:(not available) V3.1: 7.8 HIGH V2.0: 4.6 MEDIUM |
CVE-2021-27364 |
An issue was discovered in the Linux kernel through 5.11.3. drivers/scsi/scsi_transport_iscsi.c is adversely affected by the ability of an unprivileged user to craft Netlink messages. Published: March 07, 2021; 12:15:13 AM -0500 |
V4.0:(not available) V3.1: 7.1 HIGH V2.0: 3.6 LOW |
CVE-2021-27363 |
An issue was discovered in the Linux kernel through 5.11.3. A kernel pointer leak can be used to determine the address of the iscsi_transport structure. When an iSCSI transport is registered with the iSCSI subsystem, the transport's handle is available to unprivileged users via the sysfs file system, at /sys/class/iscsi_transport/$TRANSPORT_NAME/handle. When read, the show_transport_handle function (in drivers/scsi/scsi_transport_iscsi.c) is called, which leaks the handle. This handle is actually the pointer to an iscsi_transport struct in the kernel module's global variables. Published: March 06, 2021; 11:15:13 PM -0500 |
V4.0:(not available) V3.1: 4.4 MEDIUM V2.0: 3.6 LOW |