RSS   Podatności dla 'Linux kernel'   RSS

2021-10-05
 
CVE-2021-42008

CWE-787
 

 
The decode_data function in drivers/net/hamradio/6pack.c in the Linux kernel before 5.13.13 has a slab out-of-bounds write. Input from a process that has the CAP_NET_ADMIN capability can lead to root access.

 
2021-10-02
 
CVE-2021-41864

CWE-190
 

 
prealloc_elems_and_freelist in kernel/bpf/stackmap.c in the Linux kernel through 5.14.9 allows unprivileged users to trigger an eBPF multiplication integer overflow with a resultant out-of-bounds write.

 
2021-09-27
 
CVE-2021-20317

CWE-665
 

 
A flaw was found in the Linux kernel. A corrupted timer tree caused the task wakeup to be missing in the timerqueue_add function in lib/timerqueue.c. This flaw allows a local attacker with special user privileges to cause a denial of service, slowing and eventually stopping the system while running OSP.

 
2021-09-03
 
CVE-2021-40490

CWE-362
 

 
A race condition was discovered in ext4_write_inline_data_end in fs/ext4/inline.c in the ext4 subsystem in the Linux kernel through 5.13.13.

 
2021-08-18
 
CVE-2021-21781

CWE-908
 

 

 
2021-08-08
 
CVE-2021-38198

NVD-CWE-noinfo
 

 
arch/x86/kvm/mmu/paging_tmpl.h in the Linux kernel before 5.12.11 incorrectly computes the access permissions of a shadow page, leading to a missing guest protection page fault.

 
 
CVE-2021-38199

NVD-CWE-noinfo
 

 
fs/nfs/nfs4client.c in the Linux kernel before 5.13.4 has incorrect connection-setup ordering, which allows operators of remote NFSv4 servers to cause a denial of service (hanging of mounts) by arranging for those servers to be unreachable during trunking detection.

 
 
CVE-2021-38200

CWE-476
 

 
arch/powerpc/perf/core-book3s.c in the Linux kernel before 5.12.13, on systems with perf_event_paranoid=-1 and no specific PMU driver support registered, allows local users to cause a denial of service (perf_instruction_pointer NULL pointer dereference and OOPS) via a "perf record" command.

 
 
CVE-2021-38201

CWE-119
 

 
net/sunrpc/xdr.c in the Linux kernel before 5.13.4 allows remote attackers to cause a denial of service (xdr_set_page_base slab-out-of-bounds access) by performing many NFS 4.2 READ_PLUS operations.

 
 
CVE-2021-38202

CWE-125
 

 
fs/nfsd/trace.h in the Linux kernel before 5.13.4 might allow remote attackers to cause a denial of service (out-of-bounds read in strlen) by sending NFS traffic when the trace event framework is being used for nfsd.

 


Copyright 2021, cxsecurity.com

 

Back to Top