CVSS: 4.7EPSS: 0%CPEs: 13EXPL: 0CVE-2020-27820 – kernel: use-after-free in nouveau kernel module
https://notcve.org/view.php?id=CVE-2020-27820
02 Nov 2021 — A vulnerability was found in Linux kernel, where a use-after-frees in nouveau's postclose() handler could happen if removing device (that is not common to remove video card physically without power-off, but same happens if "unbind" the driver). Se ha encontrado una vulnerabilidad en el kernel de Linux, en la que un uso de memoria previamente liberada en el manejador postclose() de nouveau podría ocurrir si se quita el dispositivo (que no es común quitar la tarjeta de vídeo físicamente sin apagar, pero lo mi... • https://bugzilla.redhat.com/show_bug.cgi?id=1901726 • CWE-416: Use After Free •
CVSS: 9.8EPSS: 3%CPEs: 18EXPL: 3CVE-2021-43267 – kernel: Insufficient validation of user-supplied sizes for the MSG_CRYPTO message type
https://notcve.org/view.php?id=CVE-2021-43267
02 Nov 2021 — An issue was discovered in net/tipc/crypto.c in the Linux kernel before 5.14.16. The Transparent Inter-Process Communication (TIPC) functionality allows remote attackers to exploit insufficient validation of user-supplied sizes for the MSG_CRYPTO message type. Se ha detectado un problema en el archivo net/tipc/crypto.c en el kernel de Linux versiones anteriores a 5.14.16. La funcionalidad Transparent Inter-Process Communication (TIPC) permite a atacantes remotos explotar una comprobación insuficiente de los... • https://github.com/zzhacked/CVE-2021-43267 • CWE-20: Improper Input Validation CWE-1284: Improper Validation of Specified Quantity in Input •
CVSS: 6.7EPSS: 0%CPEs: 18EXPL: 1CVE-2021-42327
https://notcve.org/view.php?id=CVE-2021-42327
21 Oct 2021 — dp_link_settings_write in drivers/gpu/drm/amd/display/amdgpu_dm/amdgpu_dm_debugfs.c in the Linux kernel through 5.14.14 allows a heap-based buffer overflow by an attacker who can write a string to the AMD GPU display drivers debug filesystem. There are no checks on size within parse_write_buffer_into_params when it uses the size of copy_from_user to copy a userspace buffer into a 40-byte heap buffer. la función dp_link_settings_write en el archivo drivers/gpu/drm/amd/display/amdgpu_dm/amdgpu_dm_debugfs.c en... • https://github.com/docfate111/CVE-2021-42327 • CWE-787: Out-of-bounds Write •
CVSS: 6.7EPSS: 0%CPEs: 10EXPL: 0CVE-2021-42739 – kernel: Heap buffer overflow in firedtv driver
https://notcve.org/view.php?id=CVE-2021-42739
20 Oct 2021 — The firewire subsystem in the Linux kernel through 5.14.13 has a buffer overflow related to drivers/media/firewire/firedtv-avc.c and drivers/media/firewire/firedtv-ci.c, because avc_ca_pmt mishandles bounds checking. Se ha encontrado un fallo de desbordamiento de búfer basado en la pila en el controlador de la tarjeta multimedia FireDTV del kernel de Linux, donde el usuario llama al ioctl CA_SEND_MSG. Este fallo permite a un usuario local de la máquina anfitriona bloquear el sistema o escalar privilegios en... • https://bugzilla.redhat.com/show_bug.cgi?id=1951739 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-787: Out-of-bounds Write •
CVSS: 8.8EPSS: 0%CPEs: 18EXPL: 0CVE-2021-34866 – Linux Kernel eBPF Type Confusion Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2021-34866
13 Oct 2021 — This vulnerability allows local attackers to escalate privileges on affected installations of Linux Kernel 5.14-rc3. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the handling of eBPF programs. The issue results from the lack of proper validation of user-supplied eBPF programs, which can result in a type confusion condition. An attacker can leverage this vulnerability to escalate privilege... • https://security.netapp.com/advisory/ntap-20220217-0008 • CWE-697: Incorrect Comparison CWE-843: Access of Resource Using Incompatible Type ('Type Confusion') •
CVSS: 7.8EPSS: 0%CPEs: 19EXPL: 0CVE-2021-42252
https://notcve.org/view.php?id=CVE-2021-42252
11 Oct 2021 — An issue was discovered in aspeed_lpc_ctrl_mmap in drivers/soc/aspeed/aspeed-lpc-ctrl.c in the Linux kernel before 5.14.6. Local attackers able to access the Aspeed LPC control interface could overwrite memory in the kernel and potentially execute privileges, aka CID-b49a0e69a7b1. This occurs because a certain comparison uses values that are not memory sizes. Se ha detectado un problema en la función aspeed_lpc_ctrl_mmap en el archivo drivers/soc/aspeed/aspeed-lpc-ctrl.c en el kernel de Linux versiones ante... • https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.14.6 •
CVSS: 7.8EPSS: 0%CPEs: 26EXPL: 3CVE-2021-42008
https://notcve.org/view.php?id=CVE-2021-42008
04 Oct 2021 — The decode_data function in drivers/net/hamradio/6pack.c in the Linux kernel before 5.13.13 has a slab out-of-bounds write. Input from a process that has the CAP_NET_ADMIN capability can lead to root access. La función decode_data en el archivo drivers/net/hamradio/6pack.c en el kernel de Linux versiones anteriores a 5.13.13, presenta una escritura fuera de límites. La entrada desde un proceso que tiene la capacidad CAP_NET_ADMIN puede conllevar a un acceso de root • https://github.com/0xdevil/CVE-2021-42008 • CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 27EXPL: 0CVE-2021-41864 – kernel: eBPF multiplication integer overflow in prealloc_elems_and_freelist() in kernel/bpf/stackmap.c leads to out-of-bounds write
https://notcve.org/view.php?id=CVE-2021-41864
01 Oct 2021 — prealloc_elems_and_freelist in kernel/bpf/stackmap.c in the Linux kernel before 5.14.12 allows unprivileged users to trigger an eBPF multiplication integer overflow with a resultant out-of-bounds write. prealloc_elems_and_freelist en kernel/bpf/stackmap.c en el kernel de Linux antes de la versión 5.14.12 permite a usuarios sin privilegios desencadenar un desbordamiento de enteros en la multiplicación de eBPF con una escritura fuera de los límites resultante. An out-of-bounds (OOB) memory write flaw was foun... • https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.14.12 • CWE-190: Integer Overflow or Wraparound CWE-787: Out-of-bounds Write •
CVSS: 7.1EPSS: 0%CPEs: 18EXPL: 1CVE-2021-3739
https://notcve.org/view.php?id=CVE-2021-3739
28 Sep 2021 — A NULL pointer dereference flaw was found in the btrfs_rm_device function in fs/btrfs/volumes.c in the Linux Kernel, where triggering the bug requires ‘CAP_SYS_ADMIN’. This flaw allows a local attacker to crash the system or leak kernel internal information. The highest threat from this vulnerability is to system availability. Se ha encontrado un fallo de desreferencia de puntero NULL en la función btrfs_rm_device en el archivo fs/btrfs/volumes.c en el Kernel de Linux, donde el desencadenamiento del bug req... • https://bugzilla.redhat.com/show_bug.cgi?id=1997958 • CWE-476: NULL Pointer Dereference •
CVSS: 4.7EPSS: 0%CPEs: 19EXPL: 1CVE-2021-3753 – kernel: a race out-of-bound read in vt
https://notcve.org/view.php?id=CVE-2021-3753
28 Sep 2021 — A race problem was seen in the vt_k_ioctl in drivers/tty/vt/vt_ioctl.c in the Linux kernel, which may cause an out of bounds read in vt as the write access to vc_mode is not protected by lock-in vt_ioctl (KDSETMDE). The highest threat from this vulnerability is to data confidentiality. Se observó un problema de carrera en el la función vt_k_ioctl en el archivo drivers/tty/vt/vt_ioctl.c en el kernel de Linux, que puede causar una lectura fuera de límites en vt ya que el acceso de escritura a vc_mode no está ... • https://bugzilla.redhat.com/show_bug.cgi?id=1999589 • CWE-125: Out-of-bounds Read CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •