CVSS: 5.5EPSS: 0%CPEs: 32EXPL: 2CVE-2021-3744 – kernel: crypto: ccp - fix resource leaks in ccp_run_aes_gcm_cmd()
https://notcve.org/view.php?id=CVE-2021-3744
11 Nov 2021 — A memory leak flaw was found in the Linux kernel in the ccp_run_aes_gcm_cmd() function in drivers/crypto/ccp/ccp-ops.c, which allows attackers to cause a denial of service (memory consumption). This vulnerability is similar with the older CVE-2019-18808. Se ha encontrado un fallo de pérdida de memoria en el kernel de Linux en la función ccp_run_aes_gcm_cmd() en el archivo drivers/crypto/ccp/ccp-ops.c, que permite a atacantes causar una denegación de servicio (consumo de memoria). Esta vulnerabilidad es simi... • http://www.openwall.com/lists/oss-security/2021/09/14/1 • CWE-401: Missing Release of Memory after Effective Lifetime •
CVSS: 5.5EPSS: 0%CPEs: 21EXPL: 0CVE-2021-3659 – kernel: NULL pointer dereference in llsec_key_alloc() in net/mac802154/llsec.c
https://notcve.org/view.php?id=CVE-2021-3659
10 Nov 2021 — A NULL pointer dereference flaw was found in the Linux kernel’s IEEE 802.15.4 wireless networking subsystem in the way the user closes the LR-WPAN connection. This flaw allows a local user to crash the system. The highest threat from this vulnerability is to system availability. Se ha encontrado un fallo de desreferencia de puntero NULL en el subsistema de red inalámbrica IEEE versión 802.15.4 del kernel de Linux en la forma en que el usuario cierra la conexión LR-WPAN. Este fallo permite a un usuario local... • https://access.redhat.com/security/cve/CVE-2021-3659 • CWE-252: Unchecked Return Value CWE-476: NULL Pointer Dereference •
CVSS: 5.5EPSS: 0%CPEs: 7EXPL: 1CVE-2021-43389 – kernel: an array-index-out-bounds in detach_capi_ctr in drivers/isdn/capi/kcapi.c
https://notcve.org/view.php?id=CVE-2021-43389
04 Nov 2021 — An issue was discovered in the Linux kernel before 5.14.15. There is an array-index-out-of-bounds flaw in the detach_capi_ctr function in drivers/isdn/capi/kcapi.c. Se ha detectado un problema en el kernel de Linux versiones anteriores a 5.14.15. Se presenta un fallo de índice de matriz fuera de límites en la función detach_capi_ctr en el archivo drivers/isdn/capi/kcapi.c An improper validation of an array index and out of bounds memory read in the Linux kernel's Integrated Services Digital Network (ISDN) f... • http://www.openwall.com/lists/oss-security/2021/11/05/1 • CWE-125: Out-of-bounds Read •
CVSS: 4.7EPSS: 0%CPEs: 19EXPL: 1CVE-2021-3753 – kernel: a race out-of-bound read in vt
https://notcve.org/view.php?id=CVE-2021-3753
28 Sep 2021 — A race problem was seen in the vt_k_ioctl in drivers/tty/vt/vt_ioctl.c in the Linux kernel, which may cause an out of bounds read in vt as the write access to vc_mode is not protected by lock-in vt_ioctl (KDSETMDE). The highest threat from this vulnerability is to data confidentiality. Se observó un problema de carrera en el la función vt_k_ioctl en el archivo drivers/tty/vt/vt_ioctl.c en el kernel de Linux, que puede causar una lectura fuera de límites en vt ya que el acceso de escritura a vc_mode no está ... • https://bugzilla.redhat.com/show_bug.cgi?id=1999589 • CWE-125: Out-of-bounds Read CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •
CVSS: 8.8EPSS: 0%CPEs: 76EXPL: 1CVE-2021-3656 – kernel: SVM nested virtualization issue in KVM (VMLOAD/VMSAVE)
https://notcve.org/view.php?id=CVE-2021-3656
09 Sep 2021 — A flaw was found in the KVM's AMD code for supporting SVM nested virtualization. The flaw occurs when processing the VMCB (virtual machine control block) provided by the L1 guest to spawn/handle a nested guest (L2). Due to improper validation of the "virt_ext" field, this issue could allow a malicious L1 to disable both VMLOAD/VMSAVE intercepts and VLS (Virtual VMLOAD/VMSAVE) for the L2 guest. As a result, the L2 guest would be allowed to read/write physical pages of the host, resulting in a crash of the en... • https://github.com/rami08448/CVE-2021-3656-Demo • CWE-862: Missing Authorization •
CVSS: 8.8EPSS: 0%CPEs: 15EXPL: 1CVE-2021-3653 – kernel: SVM nested virtualization issue in KVM (AVIC support)
https://notcve.org/view.php?id=CVE-2021-3653
08 Sep 2021 — A flaw was found in the KVM's AMD code for supporting SVM nested virtualization. The flaw occurs when processing the VMCB (virtual machine control block) provided by the L1 guest to spawn/handle a nested guest (L2). Due to improper validation of the "int_ctl" field, this issue could allow a malicious L1 to enable AVIC support (Advanced Virtual Interrupt Controller) for the L2 guest. As a result, the L2 guest would be allowed to read/write physical pages of the host, resulting in a crash of the entire system... • http://packetstormsecurity.com/files/165477/Kernel-Live-Patch-Security-Notice-LSN-0083-1.html • CWE-862: Missing Authorization •
CVSS: 4.9EPSS: 0%CPEs: 11EXPL: 0CVE-2021-3635 – kernel: flowtable list del corruption with kernel BUG at lib/list_debug.c:50
https://notcve.org/view.php?id=CVE-2021-3635
13 Aug 2021 — A flaw was found in the Linux kernel netfilter implementation in versions prior to 5.5-rc7. A user with root (CAP_SYS_ADMIN) access is able to panic the system when issuing netfilter netflow commands. Se ha detectado un fallo en la implementación del netfilter del kernel de Linux en versiones anteriores a 5.5-rc7. Un usuario con acceso de root (CAP_SYS_ADMIN) es capaz de hacer entrar en pánico al sistema cuando emite comandos netfilter netflow. A flaw was found in the Linux kernel netfilter implementation. • https://bugzilla.redhat.com/show_bug.cgi?id=1976946 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.8EPSS: 0%CPEs: 10EXPL: 0CVE-2021-38160 – Ubuntu Security Notice USN-5091-2
https://notcve.org/view.php?id=CVE-2021-38160
07 Aug 2021 — In drivers/char/virtio_console.c in the Linux kernel before 5.13.4, data corruption or loss can be triggered by an untrusted device that supplies a buf->len value exceeding the buffer size. NOTE: the vendor indicates that the cited data corruption is not a vulnerability in any existing use case; the length validation was added solely for robustness in the face of anomalous host OS behavior ** EN DISPUTA ** En el archivo drivers/char/virtio_console.c en el kernel de Linux versiones anteriores a 5.13.4, la co... • https://access.redhat.com/security/cve/cve-2021-38160 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 3.3EPSS: 0%CPEs: 4EXPL: 0CVE-2021-3655 – Ubuntu Security Notice USN-5163-1
https://notcve.org/view.php?id=CVE-2021-3655
05 Aug 2021 — A vulnerability was found in the Linux kernel in versions prior to v5.14-rc1. Missing size validations on inbound SCTP packets may allow the kernel to read uninitialized memory. Se ha detectado una vulnerabilidad en el kernel de Linux en versiones anteriores a v5.14-rc1.Una falta de comprobaciones de tamaño en los paquetes SCTP entrantes puede permitir al kernel leer la memoria no inicializada. It was discovered that the f2fs file system in the Linux kernel did not properly validate metadata in some situati... • https://bugzilla.redhat.com/show_bug.cgi?id=1984024 • CWE-20: Improper Input Validation CWE-909: Missing Initialization of Resource •
CVSS: 5.5EPSS: 0%CPEs: 7EXPL: 1CVE-2021-3679 – kernel: DoS in rb_per_cpu_empty()
https://notcve.org/view.php?id=CVE-2021-3679
05 Aug 2021 — A lack of CPU resource in the Linux kernel tracing module functionality in versions prior to 5.14-rc3 was found in the way user uses trace ring buffer in a specific way. Only privileged local users (with CAP_SYS_ADMIN capability) could use this flaw to starve the resources causing denial of service. Se encontró una falta de recursos de CPU en la funcionalidad tracing module del kernel de Linux en versiones anteriores a 5.14-rc3 en la manera en que el usuario usa el búfer de anillo de rastreo de una manera e... • https://github.com/aegistudio/RingBufferDetonator • CWE-400: Uncontrolled Resource Consumption CWE-835: Loop with Unreachable Exit Condition ('Infinite Loop') •