CVSS: 3.3EPSS: 0%CPEs: 4EXPL: 0CVE-2021-3655
https://notcve.org/view.php?id=CVE-2021-3655
05 Aug 2021 — A vulnerability was found in the Linux kernel in versions prior to v5.14-rc1. Missing size validations on inbound SCTP packets may allow the kernel to read uninitialized memory. Se ha detectado una vulnerabilidad en el kernel de Linux en versiones anteriores a v5.14-rc1.Una falta de comprobaciones de tamaño en los paquetes SCTP entrantes puede permitir al kernel leer la memoria no inicializada. • https://bugzilla.redhat.com/show_bug.cgi?id=1984024 • CWE-20: Improper Input Validation CWE-909: Missing Initialization of Resource •
CVSS: 5.5EPSS: 0%CPEs: 7EXPL: 1CVE-2021-3679 – kernel: DoS in rb_per_cpu_empty()
https://notcve.org/view.php?id=CVE-2021-3679
05 Aug 2021 — A lack of CPU resource in the Linux kernel tracing module functionality in versions prior to 5.14-rc3 was found in the way user uses trace ring buffer in a specific way. Only privileged local users (with CAP_SYS_ADMIN capability) could use this flaw to starve the resources causing denial of service. Se encontró una falta de recursos de CPU en la funcionalidad tracing module del kernel de Linux en versiones anteriores a 5.14-rc3 en la manera en que el usuario usa el búfer de anillo de rastreo de una manera e... • https://github.com/aegistudio/RingBufferDetonator • CWE-400: Uncontrolled Resource Consumption CWE-835: Loop with Unreachable Exit Condition ('Infinite Loop') •
CVSS: 5.5EPSS: 0%CPEs: 4EXPL: 0CVE-2021-34556
https://notcve.org/view.php?id=CVE-2021-34556
02 Aug 2021 — In the Linux kernel through 5.13.7, an unprivileged BPF program can obtain sensitive information from kernel memory via a Speculative Store Bypass side-channel attack because the protection mechanism neglects the possibility of uninitialized memory locations on the BPF stack. En el kernel de Linux versiones hasta 5.13.7, un programa BPF sin privilegios puede obtener información confidencial de la memoria del kernel por medio de un ataque de canal lateral Omisión de Almacenamiento Especulativo porque el meca... • http://www.openwall.com/lists/oss-security/2021/08/01/3 • CWE-203: Observable Discrepancy •
CVSS: 5.5EPSS: 0%CPEs: 4EXPL: 0CVE-2021-35477
https://notcve.org/view.php?id=CVE-2021-35477
02 Aug 2021 — In the Linux kernel through 5.13.7, an unprivileged BPF program can obtain sensitive information from kernel memory via a Speculative Store Bypass side-channel attack because a certain preempting store operation does not necessarily occur before a store operation that has an attacker-controlled value. En el kernel de Linux versiones 5.13.7, un programa BPF sin privilegios puede obtener información confidencial de la memoria del kernel por medio de un ataque de canal lateral de Omisión de Almacenamiento Espe... • https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/patch/?id=2039f26f3aca5b0e419b98f65dd36481337b86ee • CWE-203: Observable Discrepancy •
CVSS: 6.9EPSS: 0%CPEs: 9EXPL: 1CVE-2021-3573 – kernel: use-after-free in function hci_sock_bound_ioctl()
https://notcve.org/view.php?id=CVE-2021-3573
21 Jul 2021 — A use-after-free in function hci_sock_bound_ioctl() of the Linux kernel HCI subsystem was found in the way user calls ioct HCIUNBLOCKADDR or other way triggers race condition of the call hci_unregister_dev() together with one of the calls hci_sock_blacklist_add(), hci_sock_blacklist_del(), hci_get_conn_info(), hci_get_auth_info(). A privileged local user could use this flaw to crash the system or escalate their privileges on the system. This flaw affects the Linux kernel versions prior to 5.13-rc5. Se detec... • http://www.openwall.com/lists/oss-security/2023/07/02/1 • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') CWE-416: Use After Free •
CVSS: 6.4EPSS: 0%CPEs: 5EXPL: 0CVE-2021-37159 – kernel: use-after-free in hso_free_net_device() in drivers/net/usb/hso.c
https://notcve.org/view.php?id=CVE-2021-37159
21 Jul 2021 — hso_free_net_device in drivers/net/usb/hso.c in the Linux kernel through 5.13.4 calls unregister_netdev without checking for the NETREG_REGISTERED state, leading to a use-after-free and a double free. la función hso_free_net_device en el archivo drivers/net/usb/hso.c en el kernel de Linux versiones hasta 5.13.4 llama a unregister_netdev sin comprobar el estado NETREG_REGISTERED, conllevando a un uso de memoria previamente liberada y un double free A flaw use-after-free in the Linux kernel USB High Speed Mob... • https://bugzilla.suse.com/show_bug.cgi?id=1188601 • CWE-415: Double Free CWE-416: Use After Free •
CVSS: 7.8EPSS: 0%CPEs: 27EXPL: 0CVE-2021-3612 – kernel: joydev: zero size passed to joydev_handle_JSIOCSBTNMAP()
https://notcve.org/view.php?id=CVE-2021-3612
09 Jul 2021 — An out-of-bounds memory write flaw was found in the Linux kernel's joystick devices subsystem in versions before 5.9-rc1, in the way the user calls ioctl JSIOCSBTNMAP. This flaw allows a local user to crash the system or possibly escalate their privileges on the system. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability. Se ha encontrado un fallo de escritura en memoria fuera de límites en el kernel de Linux joystick devices subsystem en versiones ant... • https://bugzilla.redhat.com/show_bug.cgi?id=1974079 • CWE-20: Improper Input Validation CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-787: Out-of-bounds Write •
CVSS: 8.3EPSS: 0%CPEs: 26EXPL: 16CVE-2021-22555 – Heap Out-Of-Bounds Write in Netfilter IP6T_SO_SET_REPLACE
https://notcve.org/view.php?id=CVE-2021-22555
07 Jul 2021 — A heap out-of-bounds write affecting Linux since v2.6.19-rc1 was discovered in net/netfilter/x_tables.c. This allows an attacker to gain privileges or cause a DoS (via heap memory corruption) through user name space En el archivo net/netfilter/x_tables.c se ha detectado una escritura fuera de límites en la pila que afecta a Linux desde la versión 2.6.19-rc1. Esto permite a un atacante alcanzar privilegios o causar una denegación de servicio (por medio de corrupción de la memoria de la pila) mediante el espa... • https://www.exploit-db.com/exploits/50135 • CWE-787: Out-of-bounds Write •
CVSS: 5.9EPSS: 0%CPEs: 18EXPL: 1CVE-2020-28097
https://notcve.org/view.php?id=CVE-2020-28097
24 Jun 2021 — The vgacon subsystem in the Linux kernel before 5.8.10 mishandles software scrollback. There is a vgacon_scrolldelta out-of-bounds read, aka CID-973c096f6a85. El subsistema vgacon en el kernel de Linux versiones anteriores a 5.8.10, maneja inapropiadamente el desplazamiento de software. Se presenta una lectura fuera de límites en la función vgacon_scrolldelta, también se conoce como CID-973c096f6a85 • https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.8.10 • CWE-125: Out-of-bounds Read •
CVSS: 4.7EPSS: 0%CPEs: 2EXPL: 2CVE-2021-33624
https://notcve.org/view.php?id=CVE-2021-33624
23 Jun 2021 — In kernel/bpf/verifier.c in the Linux kernel before 5.12.13, a branch can be mispredicted (e.g., because of type confusion) and consequently an unprivileged BPF program can read arbitrary memory locations via a side-channel attack, aka CID-9183671af6db. En el archivo kernel/bpf/verifier.c en el kernel de Linux versiones anteriores a 5.12.13, una rama puede ser mal predicha (por ejemplo, debido a la confusión de tipos) y, en consecuencia, un programa BPF no privilegiado puede leer ubicaciones de memoria arbi... • https://github.com/benschlueter/CVE-2021-33624 • CWE-843: Access of Resource Using Incompatible Type ('Type Confusion') •