Search Results (Refine Search)

Search Parameters:
  • Results Type: Overview
  • Keyword (text search): cpe:2.3:o:linux:linux_kernel:2.6.12:rc4:*:*:*:*:*:*
There are 1,789 matching records.
Displaying matches 1 through 20.
Vuln ID Summary CVSS Severity
CVE-2021-20292

There is a flaw reported in the Linux kernel in versions before 5.9 in drivers/gpu/drm/nouveau/nouveau_sgdma.c in nouveau_sgdma_create_ttm in Nouveau DRM subsystem. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker with a local account with a root privilege, can leverage this vulnerability to escalate privileges and execute code in the context of the kernel.

Published: May 28, 2021; 7:15:08 AM -0400
V3.1: 6.7 MEDIUM
V2.0: 7.2 HIGH
CVE-2021-20239

A flaw was found in the Linux kernel in versions before 5.4.92 in the BPF protocol. This flaw allows an attacker with a local account to leak information about kernel internal addresses. The highest threat from this vulnerability is to confidentiality.

Published: May 28, 2021; 7:15:08 AM -0400
V3.1: 3.3 LOW
V2.0: 2.1 LOW
CVE-2020-10774

A memory disclosure flaw was found in the Linux kernel's versions before 4.18.0-193.el8 in the sysctl subsystem when reading the /proc/sys/kernel/rh_features file. This flaw allows a local user to read uninitialized values from the kernel memory. The highest threat from this vulnerability is to confidentiality.

Published: May 27, 2021; 3:15:07 PM -0400
V3.1: 5.5 MEDIUM
V2.0: 2.1 LOW
CVE-2021-33200

kernel/bpf/verifier.c in the Linux kernel through 5.12.7 enforces incorrect limits for pointer arithmetic operations, aka CID-bb01a1bba579. This can be abused to perform out-of-bounds reads and writes in kernel memory, leading to local privilege escalation to root. In particular, there is a corner case where the off reg causes a masking direction change, which then results in an incorrect final aux->alu_limit.

Published: May 27, 2021; 9:15:08 AM -0400
V3.1: 7.8 HIGH
V2.0: 7.2 HIGH
CVE-2021-20177

A flaw was found in the Linux kernel's implementation of string matching within a packet. A privileged user (with root or CAP_NET_ADMIN) when inserting iptables rules could insert a rule which can panic the system. Kernel before kernel 5.5-rc1 is affected.

Published: May 26, 2021; 5:15:08 PM -0400
V3.1: 4.4 MEDIUM
V2.0: 2.1 LOW
CVE-2020-25673

A vulnerability was found in Linux kernel where non-blocking socket in llcp_sock_connect() leads to leak and eventually hanging-up the system.

Published: May 26, 2021; 7:15:08 AM -0400
V3.1: 5.5 MEDIUM
V2.0: 4.9 MEDIUM
CVE-2020-25671

A vulnerability was found in Linux Kernel, where a refcount leak in llcp_sock_connect() causing use-after-free which might lead to privilege escalations.

Published: May 26, 2021; 7:15:08 AM -0400
V3.1: 7.8 HIGH
V2.0: 7.2 HIGH
CVE-2020-25670

A vulnerability was found in Linux Kernel where refcount leak in llcp_sock_bind() causing use-after-free which might lead to privilege escalations.

Published: May 26, 2021; 7:15:08 AM -0400
V3.1: 7.8 HIGH
V2.0: 7.2 HIGH
CVE-2021-3483

A flaw was found in the Nosy driver in the Linux kernel. This issue allows a device to be inserted twice into a doubly-linked list, leading to a use-after-free when one of these devices is removed. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability. Versions before kernel 5.12-rc6 are affected

Published: May 17, 2021; 8:15:07 AM -0400
V3.1: 7.8 HIGH
V2.0: 4.6 MEDIUM
CVE-2021-33034

In the Linux kernel before 5.12.4, net/bluetooth/hci_event.c has a use-after-free when destroying an hci_chan, aka CID-5c4c8c954409. This leads to writing an arbitrary value.

Published: May 14, 2021; 7:15:09 PM -0400
V3.1: 7.8 HIGH
V2.0: 4.6 MEDIUM
CVE-2021-33033

The Linux kernel before 5.11.14 has a use-after-free in cipso_v4_genopt in net/ipv4/cipso_ipv4.c because the CIPSO and CALIPSO refcounting for the DOI definitions is mishandled, aka CID-ad5d07f4a9cd. This leads to writing an arbitrary value.

Published: May 14, 2021; 7:15:09 PM -0400
V3.1: 7.8 HIGH
V2.0: 4.6 MEDIUM
CVE-2019-25044

The block subsystem in the Linux kernel before 5.2 has a use-after-free that can lead to arbitrary code execution in the kernel context and privilege escalation, aka CID-c3e2219216c9. This is related to blk_mq_free_rqs and blk_cleanup_queue.

Published: May 14, 2021; 7:15:07 PM -0400
V3.1: 7.8 HIGH
V2.0: 7.2 HIGH
CVE-2020-27830

A vulnerability was found in Linux Kernel where in the spk_ttyio_receive_buf2() function, it would dereference spk_ttyio_synth without checking whether it is NULL or not, and may lead to a NULL-ptr deref crash.

Published: May 13, 2021; 11:15:07 AM -0400
V3.1: 5.5 MEDIUM
V2.0: 2.1 LOW
CVE-2021-23134

Use After Free vulnerability in nfc sockets in the Linux Kernel before 5.12.4 allows local attackers to elevate their privileges. In typical configurations, the issue can only be triggered by a privileged local user with the CAP_NET_RAW capability.

Published: May 12, 2021; 7:15:07 PM -0400
V3.1: 7.8 HIGH
V2.0: 4.6 MEDIUM
CVE-2021-32399

net/bluetooth/hci_request.c in the Linux kernel through 5.12.2 has a race condition for removal of the HCI controller.

Published: May 10, 2021; 6:15:06 PM -0400
V3.1: 7.0 HIGH
V2.0: 4.4 MEDIUM
CVE-2021-31916

An out-of-bounds (OOB) memory write flaw was found in list_devices in drivers/md/dm-ioctl.c in the Multi-device driver module in the Linux kernel before 5.12. A bound check failure allows an attacker with special user (CAP_SYS_ADMIN) privilege to gain access to out-of-bounds memory leading to a system crash or a leak of internal kernel information. The highest threat from this vulnerability is to system availability.

Published: May 06, 2021; 1:15:08 PM -0400
V3.1: 6.7 MEDIUM
V2.0: 6.1 MEDIUM
CVE-2021-31829

kernel/bpf/verifier.c in the Linux kernel through 5.12.1 performs undesirable speculative loads, leading to disclosure of stack content via side-channel attacks, aka CID-801c6058d14a. The specific concern is not protecting the BPF stack area against speculative loads. Also, the BPF stack can contain uninitialized data that might represent sensitive information previously operated on by the kernel.

Published: May 06, 2021; 12:15:07 PM -0400
V3.1: 5.5 MEDIUM
V2.0: 2.1 LOW
CVE-2021-3501

A flaw was found in the Linux kernel in versions before 5.12. The value of internal.ndata, in the KVM API, is mapped to an array index, which can be updated by a user process at anytime which could lead to an out-of-bounds write. The highest threat from this vulnerability is to data integrity and system availability.

Published: May 06, 2021; 9:15:12 AM -0400
V3.1: 7.1 HIGH
V2.0: 3.6 LOW
CVE-2021-23133

A race condition in Linux kernel SCTP sockets (net/sctp/socket.c) before 5.12-rc8 can lead to kernel privilege escalation from the context of a network service or an unprivileged process. If sctp_destroy_sock is called without sock_net(sk)->sctp.addr_wq_lock then an element is removed from the auto_asconf_splist list without any proper locking. This can be exploited by an attacker with network service privileges to escalate to root or from the context of an unprivileged user directly if a BPF_CGROUP_INET_SOCK_CREATE is attached which denies creation of some SCTP socket.

Published: April 22, 2021; 2:15:08 PM -0400
V3.1: 7.0 HIGH
V2.0: 6.9 MEDIUM
CVE-2021-29155

An issue was discovered in the Linux kernel through 5.11.x. kernel/bpf/verifier.c performs undesirable out-of-bounds speculation on pointer arithmetic, leading to side-channel attacks that defeat Spectre mitigations and obtain sensitive information from kernel memory. Specifically, for sequences of pointer arithmetic operations, the pointer modification performed by the first operation is not correctly accounted for when restricting subsequent operations.

Published: April 20, 2021; 12:15:10 PM -0400
V3.1: 5.5 MEDIUM
V2.0: 2.1 LOW