CVSS: 5.1EPSS: 0%CPEs: 10EXPL: 1CVE-2021-4002 – kernel: possible leak or coruption of data residing on hugetlbfs
https://notcve.org/view.php?id=CVE-2021-4002
06 Jan 2022 — A memory leak flaw in the Linux kernel's hugetlbfs memory usage was found in the way the user maps some regions of memory twice using shmget() which are aligned to PUD alignment with the fault of some of the memory pages. A local user could use this flaw to get unauthorized access to some data. Se encontró un fallo de pérdida de memoria en el uso de memoria hugetlbfs del kernel de Linux en la forma en que el usuario mapea algunas regiones de memoria dos veces usando shmget() que están alineadas a la alineac... • https://bugzilla.redhat.com/show_bug.cgi?id=2025726 • CWE-401: Missing Release of Memory after Effective Lifetime CWE-459: Incomplete Cleanup •
CVSS: 6.5EPSS: 0%CPEs: 4EXPL: 0CVE-2021-28715
https://notcve.org/view.php?id=CVE-2021-28715
06 Jan 2022 — Guest can force Linux netback driver to hog large amounts of kernel memory T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Incoming data packets for a guest in the Linux kernel's netback driver are buffered until the guest is ready to process them. There are some measures taken for avoiding to pile up too much data, but those can be bypassed by the guest: There is a timeout how long the client side of an interface can stop cons... • https://lists.debian.org/debian-lts-announce/2022/03/msg00011.html • CWE-770: Allocation of Resources Without Limits or Throttling •
CVSS: 6.5EPSS: 0%CPEs: 3EXPL: 0CVE-2021-28714
https://notcve.org/view.php?id=CVE-2021-28714
06 Jan 2022 — Guest can force Linux netback driver to hog large amounts of kernel memory T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Incoming data packets for a guest in the Linux kernel's netback driver are buffered until the guest is ready to process them. There are some measures taken for avoiding to pile up too much data, but those can be bypassed by the guest: There is a timeout how long the client side of an interface can stop cons... • https://lists.debian.org/debian-lts-announce/2022/03/msg00011.html • CWE-770: Allocation of Resources Without Limits or Throttling •
CVSS: 7.5EPSS: 0%CPEs: 44EXPL: 1CVE-2021-45485 – kernel: information leak in the IPv6 implementation
https://notcve.org/view.php?id=CVE-2021-45485
25 Dec 2021 — In the IPv6 implementation in the Linux kernel before 5.13.3, net/ipv6/output_core.c has an information leak because of certain use of a hash table which, although big, doesn't properly consider that IPv6-based attackers can typically choose among many IPv6 source addresses. En la implementación de IPv6 en el kernel de Linux versiones anteriores a 5.13.3, el archivo net/ipv6/output_core.c presenta un filtrado de información debido a determinado uso de una tabla hash que, aunque es grande, no considera aprop... • https://github.com/Satheesh575555/linux-4.19.72_CVE-2021-45485 • CWE-327: Use of a Broken or Risky Cryptographic Algorithm •
CVSS: 3.5EPSS: 0%CPEs: 4EXPL: 0CVE-2021-45486 – kernel: information leak in the IPv4 implementation
https://notcve.org/view.php?id=CVE-2021-45486
25 Dec 2021 — In the IPv4 implementation in the Linux kernel before 5.12.4, net/ipv4/route.c has an information leak because the hash table is very small. En la implementación de IPv4 en el kernel de Linux versiones anteriores a 5.12.4, el archivo net/ipv4/route.c presenta un filtrado de información porque la tabla hash es muy pequeña An information leak flaw was found in the Linux kernel’s IPv4 implementation in the ip_rt_init in net/ipv4/route.c function. The use of a small hash table in IP ID generation allows a remot... • https://arxiv.org/pdf/2112.09604.pdf • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-327: Use of a Broken or Risky Cryptographic Algorithm •
CVSS: 5.5EPSS: 0%CPEs: 4EXPL: 0CVE-2021-45480
https://notcve.org/view.php?id=CVE-2021-45480
24 Dec 2021 — An issue was discovered in the Linux kernel before 5.15.11. There is a memory leak in the __rds_conn_create() function in net/rds/connection.c in a certain combination of circumstances. Se ha detectado un problema en el kernel de Linux versiones anteriores a 5.15.11. Se presenta una pérdida de memoria en la función __rds_conn_create() en el archivo net/rds/connection.c en una determinada combinación de circunstancias • https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.15.11 • CWE-401: Missing Release of Memory after Effective Lifetime •
CVSS: 7.8EPSS: 0%CPEs: 22EXPL: 2CVE-2021-45469
https://notcve.org/view.php?id=CVE-2021-45469
23 Dec 2021 — In __f2fs_setxattr in fs/f2fs/xattr.c in the Linux kernel through 5.15.11, there is an out-of-bounds memory access when an inode has an invalid last xattr entry. En la función __f2fs_setxattr en el archivo fs/f2fs/xattr.c en el kernel de Linux versiones hasta 5.15.11, se presenta un acceso a memoria fuera de límites cuando un inodo presenta una última entrada xattr no válida • http://www.openwall.com/lists/oss-security/2021/12/25/1 • CWE-125: Out-of-bounds Read •
CVSS: 7.4EPSS: 0%CPEs: 22EXPL: 2CVE-2021-44733 – kernel: use-after-free in the TEE subsystem
https://notcve.org/view.php?id=CVE-2021-44733
22 Dec 2021 — A use-after-free exists in drivers/tee/tee_shm.c in the TEE subsystem in the Linux kernel through 5.15.11. This occurs because of a race condition in tee_shm_get_from_id during an attempt to free a shared memory object. Se presenta un uso de memoria previamente liberada en el archivo drivers/tee/tee_shm.c en el subsistema TEE en el kernel de Linux versiones hasta 5.15.11. Esto ocurre debido a una condición de carrera en tee_shm_get_from_id durante un intento de liberar un objeto de memoria compartida A use-... • https://github.com/pjlantz/optee-qemu • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') CWE-908: Use of Uninitialized Resource •
CVSS: 5.5EPSS: 0%CPEs: 10EXPL: 0CVE-2021-20321 – kernel: In Overlayfs missing a check for a negative dentry before calling vfs_rename()
https://notcve.org/view.php?id=CVE-2021-20321
21 Dec 2021 — A race condition accessing file object in the Linux kernel OverlayFS subsystem was found in the way users do rename in specific way with OverlayFS. A local user could use this flaw to crash the system. Se encontró una condición de carrera al acceder a un objeto de archivo en el subsistema OverlayFS del kernel de Linux en la forma en que usuarios hacen el cambio de nombre de manera específica con OverlayFS. Un usuario local podría usar este fallo para bloquear el sistema • https://bugzilla.redhat.com/show_bug.cgi?id=2013242 • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •
CVSS: 7.5EPSS: 0%CPEs: 18EXPL: 0CVE-2021-45100
https://notcve.org/view.php?id=CVE-2021-45100
16 Dec 2021 — The ksmbd server through 3.4.2, as used in the Linux kernel through 5.15.8, sometimes communicates in cleartext even though encryption has been enabled. This occurs because it sets the SMB2_GLOBAL_CAP_ENCRYPTION flag when using the SMB 3.1.1 protocol, which is a violation of the SMB protocol specification. When Windows 10 detects this protocol violation, it disables encryption. El servidor ksmbd versiones hasta 3.4.2, usado en el kernel de Linux hasta la versión 5.15.8, a veces se comunica en texto sin cifr... • https://github.com/cifsd-team/ksmbd/issues/550 • CWE-319: Cleartext Transmission of Sensitive Information •