CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 0CVE-2021-23134 – Linux kernel llcp_sock_bind/connect use-after-free
https://notcve.org/view.php?id=CVE-2021-23134
12 May 2021 — Use After Free vulnerability in nfc sockets in the Linux Kernel before 5.12.4 allows local attackers to elevate their privileges. In typical configurations, the issue can only be triggered by a privileged local user with the CAP_NET_RAW capability. Una vulnerabilidad de uso de la memoria previamente liberada en nfc sockets en el Kernel de Linux versiones anteriores a 5.12.4 permite a atacantes locales escalar sus privilegios. En configuraciones típicas, el problema solo puede ser desencadenado por un usuari... • https://git.kernel.org/pub/scm/linux/kernel/git/netdev/net.git/commit/?id=c61760e6940d • CWE-416: Use After Free •
CVSS: 7.8EPSS: 0%CPEs: 24EXPL: 0CVE-2021-3483
https://notcve.org/view.php?id=CVE-2021-3483
12 May 2021 — A flaw was found in the Nosy driver in the Linux kernel. This issue allows a device to be inserted twice into a doubly-linked list, leading to a use-after-free when one of these devices is removed. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability. Versions before kernel 5.12-rc6 are affected Se encontró una fallo en el controlador Nosy en el kernel de Linux. Este problema permite a un dispositivo ser insertado dos veces en una lista doblemente ... • http://www.openwall.com/lists/oss-security/2021/04/07/1 • CWE-416: Use After Free •
CVSS: 7.8EPSS: 0%CPEs: 31EXPL: 3CVE-2020-25670
https://notcve.org/view.php?id=CVE-2020-25670
12 May 2021 — A vulnerability was found in Linux Kernel where refcount leak in llcp_sock_bind() causing use-after-free which might lead to privilege escalations. Se encontró una vulnerabilidad en el kernel de Linux donde un filtrado de refcount en la función llcp_sock_bind() causa un uso de la memoria previamente liberada que podría conllevar a una escaladas de privilegios • http://www.openwall.com/lists/oss-security/2020/11/01/1 • CWE-416: Use After Free •
CVSS: 7.2EPSS: 0%CPEs: 10EXPL: 0CVE-2021-20292
https://notcve.org/view.php?id=CVE-2021-20292
12 May 2021 — There is a flaw reported in the Linux kernel in versions before 5.9 in drivers/gpu/drm/nouveau/nouveau_sgdma.c in nouveau_sgdma_create_ttm in Nouveau DRM subsystem. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker with a local account with a root privilege, can leverage this vulnerability to escalate privileges and execute code in the context of the kernel. Se presenta un fallo reportado en el kernel de Linux en versiones ante... • https://bugzilla.redhat.com/show_bug.cgi?id=1939686 • CWE-416: Use After Free •
CVSS: 7.0EPSS: 0%CPEs: 19EXPL: 2CVE-2021-32399 – kernel: race condition for removal of the HCI controller
https://notcve.org/view.php?id=CVE-2021-32399
10 May 2021 — net/bluetooth/hci_request.c in the Linux kernel through 5.12.2 has a race condition for removal of the HCI controller. El archivo net/bluetooth/hci_request.c en el kernel de Linux versiones hasta 5.12.2, presenta una condición de carrera para la eliminación del controlador HCI A flaw was found in the Linux kernel’s handling of the removal of Bluetooth HCI controllers. This flaw allows an attacker with a local account to exploit a race condition, leading to corrupted memory and possible privilege escalation.... • https://github.com/nanopathi/linux-4.19.72_CVE-2021-32399 • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •
CVSS: 6.7EPSS: 0%CPEs: 4EXPL: 0CVE-2021-31916 – kernel: out of bounds array access in drivers/md/dm-ioctl.c
https://notcve.org/view.php?id=CVE-2021-31916
06 May 2021 — An out-of-bounds (OOB) memory write flaw was found in list_devices in drivers/md/dm-ioctl.c in the Multi-device driver module in the Linux kernel before 5.12. A bound check failure allows an attacker with special user (CAP_SYS_ADMIN) privilege to gain access to out-of-bounds memory leading to a system crash or a leak of internal kernel information. The highest threat from this vulnerability is to system availability. Se encontró un fallo de escritura de la memoria fuera de límites (OOB) en la función list_d... • https://bugzilla.redhat.com/show_bug.cgi?id=1946965 • CWE-787: Out-of-bounds Write •
CVSS: 6.2EPSS: 0%CPEs: 5EXPL: 0CVE-2021-31829 – kernel: protection of stack pointer against speculative pointer arithmetic can be bypassed to leak content of kernel memory
https://notcve.org/view.php?id=CVE-2021-31829
06 May 2021 — kernel/bpf/verifier.c in the Linux kernel through 5.12.1 performs undesirable speculative loads, leading to disclosure of stack content via side-channel attacks, aka CID-801c6058d14a. The specific concern is not protecting the BPF stack area against speculative loads. Also, the BPF stack can contain uninitialized data that might represent sensitive information previously operated on by the kernel. El archivo kernel/bpf/verifier.c en el kernel de Linux versiones hasta 5.12.1, lleva a cabo cargas especulativa... • http://www.openwall.com/lists/oss-security/2021/05/04/4 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-863: Incorrect Authorization •
CVSS: 7.8EPSS: 0%CPEs: 25EXPL: 0CVE-2020-35519
https://notcve.org/view.php?id=CVE-2020-35519
06 May 2021 — An out-of-bounds (OOB) memory access flaw was found in x25_bind in net/x25/af_x25.c in the Linux kernel version v5.12-rc5. A bounds check failure allows a local attacker with a user account on the system to gain access to out-of-bounds memory, leading to a system crash or a leak of internal kernel information. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability. Se encontró un fallo de acceso a la memoria fuera de los límites (OOB) en la función x25_bi... • https://bugzilla.redhat.com/show_bug.cgi?id=1908251 • CWE-125: Out-of-bounds Read •
CVSS: 7.8EPSS: 0%CPEs: 28EXPL: 0CVE-2021-3501 – kernel: userspace applications can misuse the KVM API to cause a write of 16 bytes at an offset up to 32 GB from vcpu->run
https://notcve.org/view.php?id=CVE-2021-3501
05 May 2021 — A flaw was found in the Linux kernel in versions before 5.12. The value of internal.ndata, in the KVM API, is mapped to an array index, which can be updated by a user process at anytime which could lead to an out-of-bounds write. The highest threat from this vulnerability is to data integrity and system availability. Se encontró un fallo en el kernel de Linux en versiones anteriores a 5.12. El valor de internal.ndata, en la API de KVM, es asignado a un índice de matriz, que puede ser actualizado por un... • https://bugzilla.redhat.com/show_bug.cgi?id=1950136 • CWE-787: Out-of-bounds Write •
CVSS: 5.5EPSS: 0%CPEs: 5EXPL: 1CVE-2021-29155 – kernel: protection for sequences of pointer arithmetic operations against speculatively out-of-bounds loads can be bypassed to leak content of kernel memory
https://notcve.org/view.php?id=CVE-2021-29155
20 Apr 2021 — An issue was discovered in the Linux kernel through 5.11.x. kernel/bpf/verifier.c performs undesirable out-of-bounds speculation on pointer arithmetic, leading to side-channel attacks that defeat Spectre mitigations and obtain sensitive information from kernel memory. Specifically, for sequences of pointer arithmetic operations, the pointer modification performed by the first operation is not correctly accounted for when restricting subsequent operations. Se detectó un problema en el kernel de Linux version... • https://github.com/benschlueter/CVE-2021-29155 • CWE-125: Out-of-bounds Read •