CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2021-3428 – kernel: integer overflow in ext4_es_cache_extent
https://notcve.org/view.php?id=CVE-2021-3428
03 Jun 2021 — A flaw was found in the Linux kernel. A denial of service problem is identified if an extent tree is corrupted in a crafted ext4 filesystem in fs/ext4/extents.c in ext4_es_cache_extent. Fabricating an integer overflow, A local attacker with a special user privilege may cause a system crash problem which can lead to an availability threat. Se ha encontrado un fallo en el kernel de Linux. Es identificado un problema de denegación de servicio si es corrompido un árbol de extensiones en un sistema de archivos e... • https://bugzilla.redhat.com/show_bug.cgi?id=1972621 • CWE-190: Integer Overflow or Wraparound •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2020-10774 – kernel: possibility of memory disclosure when reading the file /proc/sys/kernel/rh_features
https://notcve.org/view.php?id=CVE-2020-10774
27 May 2021 — A memory disclosure flaw was found in the Linux kernel's versions before 4.18.0-193.el8 in the sysctl subsystem when reading the /proc/sys/kernel/rh_features file. This flaw allows a local user to read uninitialized values from the kernel memory. The highest threat from this vulnerability is to confidentiality. Se encontró un fallo de divulgación de memoria en el kernel de Linux versiones anteriores a 4.18.0-193.el8 en el subsistema sysctl al leer el archivo /proc/sys/kernel/rh_features. Este fallo per... • https://bugzilla.redhat.com/show_bug.cgi?id=1846964 • CWE-805: Buffer Access with Incorrect Length Value CWE-909: Missing Initialization of Resource •
CVSS: 5.5EPSS: 0%CPEs: 24EXPL: 2CVE-2020-25673
https://notcve.org/view.php?id=CVE-2020-25673
26 May 2021 — A vulnerability was found in Linux kernel where non-blocking socket in llcp_sock_connect() leads to leak and eventually hanging-up the system. Se encontró una vulnerabilidad en el kernel de Linux en la que el socket non-blocking en la función llcp_sock_connect() conduce a un filtrado de información y eventualmente bloquea el sistema • http://www.openwall.com/lists/oss-security/2020/11/01/1 • CWE-400: Uncontrolled Resource Consumption •
CVSS: 4.3EPSS: 0%CPEs: 34EXPL: 0CVE-2020-26558 – bluez: Passkey Entry protocol of the Bluetooth Core is vulnerable to an impersonation attack
https://notcve.org/view.php?id=CVE-2020-26558
24 May 2021 — Bluetooth LE and BR/EDR secure pairing in Bluetooth Core Specification 2.1 through 5.2 may permit a nearby man-in-the-middle attacker to identify the Passkey used during pairing (in the Passkey authentication procedure) by reflection of the public key and the authentication evidence of the initiating device, potentially permitting this attacker to complete authenticated pairing with the responding device using the correct Passkey for the pairing session. The attack methodology determines the Passkey value o... • https://kb.cert.org/vuls/id/799380 • CWE-287: Improper Authentication •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 2CVE-2021-33033 – kernel: use-after-free in cipso_v4_genopt in net/ipv4/cipso_ipv4.c
https://notcve.org/view.php?id=CVE-2021-33033
14 May 2021 — The Linux kernel before 5.11.14 has a use-after-free in cipso_v4_genopt in net/ipv4/cipso_ipv4.c because the CIPSO and CALIPSO refcounting for the DOI definitions is mishandled, aka CID-ad5d07f4a9cd. This leads to writing an arbitrary value. El kernel de Linux versiones anteriores a 5.11.14, presenta un uso de la memoria previamente liberada en una función cipso_v4_genopt en el archivo net/ipv4/cipso_ipv4.c, porque el recuento de CIPSO y CALIPSO para las definiciones DOI es manejado inapropiadamente, tambié... • https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.11.14 • CWE-416: Use After Free •
CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 3CVE-2021-33034 – kernel: use-after-free in net/bluetooth/hci_event.c when destroying an hci_chan
https://notcve.org/view.php?id=CVE-2021-33034
14 May 2021 — In the Linux kernel before 5.12.4, net/bluetooth/hci_event.c has a use-after-free when destroying an hci_chan, aka CID-5c4c8c954409. This leads to writing an arbitrary value. En el kernel de Linux versiones anteriores a 5.12.4, el archivo net/bluetooth/hci_event.c, presenta un uso de la memoria previamente liberada cuando se destruye un hci_chan, también se conoce como CID-5c4c8c954409. Esto conlleva a escribir un valor arbitrario A use-after-free flaw was found in hci_send_acl in the bluetooth host co... • https://github.com/Trinadh465/device_renesas_kernel_AOSP10_r33_CVE-2021-33034 • CWE-416: Use After Free •
CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 0CVE-2021-23134 – Linux kernel llcp_sock_bind/connect use-after-free
https://notcve.org/view.php?id=CVE-2021-23134
12 May 2021 — Use After Free vulnerability in nfc sockets in the Linux Kernel before 5.12.4 allows local attackers to elevate their privileges. In typical configurations, the issue can only be triggered by a privileged local user with the CAP_NET_RAW capability. Una vulnerabilidad de uso de la memoria previamente liberada en nfc sockets en el Kernel de Linux versiones anteriores a 5.12.4 permite a atacantes locales escalar sus privilegios. En configuraciones típicas, el problema solo puede ser desencadenado por un usuari... • https://git.kernel.org/pub/scm/linux/kernel/git/netdev/net.git/commit/?id=c61760e6940d • CWE-416: Use After Free •
CVSS: 7.8EPSS: 0%CPEs: 24EXPL: 0CVE-2021-3483
https://notcve.org/view.php?id=CVE-2021-3483
12 May 2021 — A flaw was found in the Nosy driver in the Linux kernel. This issue allows a device to be inserted twice into a doubly-linked list, leading to a use-after-free when one of these devices is removed. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability. Versions before kernel 5.12-rc6 are affected Se encontró una fallo en el controlador Nosy en el kernel de Linux. Este problema permite a un dispositivo ser insertado dos veces en una lista doblemente ... • http://www.openwall.com/lists/oss-security/2021/04/07/1 • CWE-416: Use After Free •
CVSS: 7.0EPSS: 0%CPEs: 19EXPL: 2CVE-2021-32399 – kernel: race condition for removal of the HCI controller
https://notcve.org/view.php?id=CVE-2021-32399
10 May 2021 — net/bluetooth/hci_request.c in the Linux kernel through 5.12.2 has a race condition for removal of the HCI controller. El archivo net/bluetooth/hci_request.c en el kernel de Linux versiones hasta 5.12.2, presenta una condición de carrera para la eliminación del controlador HCI A flaw was found in the Linux kernel’s handling of the removal of Bluetooth HCI controllers. This flaw allows an attacker with a local account to exploit a race condition, leading to corrupted memory and possible privilege escalation.... • https://github.com/nanopathi/linux-4.19.72_CVE-2021-32399 • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •
CVSS: 6.7EPSS: 0%CPEs: 4EXPL: 0CVE-2021-31916 – kernel: out of bounds array access in drivers/md/dm-ioctl.c
https://notcve.org/view.php?id=CVE-2021-31916
06 May 2021 — An out-of-bounds (OOB) memory write flaw was found in list_devices in drivers/md/dm-ioctl.c in the Multi-device driver module in the Linux kernel before 5.12. A bound check failure allows an attacker with special user (CAP_SYS_ADMIN) privilege to gain access to out-of-bounds memory leading to a system crash or a leak of internal kernel information. The highest threat from this vulnerability is to system availability. Se encontró un fallo de escritura de la memoria fuera de límites (OOB) en la función list_d... • https://bugzilla.redhat.com/show_bug.cgi?id=1946965 • CWE-787: Out-of-bounds Write •