CVSS: 7.8EPSS: 0%CPEs: 24EXPL: 1CVE-2021-38300
https://notcve.org/view.php?id=CVE-2021-38300
20 Sep 2021 — arch/mips/net/bpf_jit.c in the Linux kernel before 5.4.10 can generate undesirable machine code when transforming unprivileged cBPF programs, allowing execution of arbitrary code within the kernel context. This occurs because conditional branches can exceed the 128 KB limit of the MIPS architecture. arch/mips/net/bpf_jit.c en el kernel de Linux anterior a la versión 5.4.10 puede generar código máquina no deseado al transformar programas cBPF sin privilegios, permitiendo la ejecución de código arbitrario den... • http://www.openwall.com/lists/oss-security/2021/09/15/5 •
CVSS: 7.8EPSS: 0%CPEs: 25EXPL: 1CVE-2021-41073
https://notcve.org/view.php?id=CVE-2021-41073
19 Sep 2021 — loop_rw_iter in fs/io_uring.c in the Linux kernel 5.10 through 5.14.6 allows local users to gain privileges by using IORING_OP_PROVIDE_BUFFERS to trigger a free of a kernel buffer, as demonstrated by using /proc/
CVSS: 8.8EPSS: 0%CPEs: 76EXPL: 1CVE-2021-3656 – kernel: SVM nested virtualization issue in KVM (VMLOAD/VMSAVE)
https://notcve.org/view.php?id=CVE-2021-3656
09 Sep 2021 — A flaw was found in the KVM's AMD code for supporting SVM nested virtualization. The flaw occurs when processing the VMCB (virtual machine control block) provided by the L1 guest to spawn/handle a nested guest (L2). Due to improper validation of the "virt_ext" field, this issue could allow a malicious L1 to disable both VMLOAD/VMSAVE intercepts and VLS (Virtual VMLOAD/VMSAVE) for the L2 guest. As a result, the L2 guest would be allowed to read/write physical pages of the host, resulting in a crash of the en... • https://github.com/rami08448/CVE-2021-3656-Demo • CWE-862: Missing Authorization •
CVSS: 8.8EPSS: 0%CPEs: 15EXPL: 1CVE-2021-3653 – kernel: SVM nested virtualization issue in KVM (AVIC support)
https://notcve.org/view.php?id=CVE-2021-3653
08 Sep 2021 — A flaw was found in the KVM's AMD code for supporting SVM nested virtualization. The flaw occurs when processing the VMCB (virtual machine control block) provided by the L1 guest to spawn/handle a nested guest (L2). Due to improper validation of the "int_ctl" field, this issue could allow a malicious L1 to enable AVIC support (Advanced Virtual Interrupt Controller) for the L2 guest. As a result, the L2 guest would be allowed to read/write physical pages of the host, resulting in a crash of the entire system... • http://packetstormsecurity.com/files/165477/Kernel-Live-Patch-Security-Notice-LSN-0083-1.html • CWE-862: Missing Authorization •
CVSS: 7.8EPSS: 0%CPEs: 6EXPL: 0CVE-2021-3715 – kernel: use-after-free in route4_change() in net/sched/cls_route.c
https://notcve.org/view.php?id=CVE-2021-3715
08 Sep 2021 — A flaw was found in the "Routing decision" classifier in the Linux kernel's Traffic Control networking subsystem in the way it handled changing of classification filters, leading to a use-after-free condition. This flaw allows unprivileged local users to escalate their privileges on the system. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability. Se ha encontrado un fallo en el clasificador "Routing decision" del subsistema de red Traffic Control del k... • https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=ef299cc3fa1a9e1288665a9fdc8bff55629fd359 • CWE-416: Use After Free •
CVSS: 7.0EPSS: 0%CPEs: 31EXPL: 0CVE-2021-40490
https://notcve.org/view.php?id=CVE-2021-40490
03 Sep 2021 — A race condition was discovered in ext4_write_inline_data_end in fs/ext4/inline.c in the ext4 subsystem in the Linux kernel through 5.13.13. Se ha detectado una condición de carrera en la función ext4_write_inline_data_end en el archivo fs/ext4/inline.c en el subsistema ext4 en el kernel de Linux versiones hasta 5.13.13 • https://git.kernel.org/pub/scm/linux/kernel/git/tytso/ext4.git/commit/?id=9e445093e523f3277081314c864f708fd4bd34aa • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •
CVSS: 4.0EPSS: 0%CPEs: 5EXPL: 1CVE-2021-21781 – kernel: arm: SIGPAGE information disclosure vulnerability
https://notcve.org/view.php?id=CVE-2021-21781
18 Aug 2021 — An information disclosure vulnerability exists in the ARM SIGPAGE functionality of Linux Kernel v5.4.66 and v5.4.54. The latest version (5.11-rc4) seems to still be vulnerable. A userland application can read the contents of the sigpage, which can leak kernel memory contents. An attacker can read a process’s memory at a specific offset to trigger this vulnerability. This was fixed in kernel releases: 4.14.222 4.19.177 5.4.99 5.10.17 5.11 Se presenta una vulnerabilidad de divulgación de información en la fun... • https://talosintelligence.com/vulnerability_reports/TALOS-2021-1243 • CWE-908: Use of Uninitialized Resource •
CVSS: 4.9EPSS: 0%CPEs: 11EXPL: 0CVE-2021-3635 – kernel: flowtable list del corruption with kernel BUG at lib/list_debug.c:50
https://notcve.org/view.php?id=CVE-2021-3635
13 Aug 2021 — A flaw was found in the Linux kernel netfilter implementation in versions prior to 5.5-rc7. A user with root (CAP_SYS_ADMIN) access is able to panic the system when issuing netfilter netflow commands. Se ha detectado un fallo en la implementación del netfilter del kernel de Linux en versiones anteriores a 5.5-rc7. Un usuario con acceso de root (CAP_SYS_ADMIN) es capaz de hacer entrar en pánico al sistema cuando emite comandos netfilter netflow. A flaw was found in the Linux kernel netfilter implementation. • https://bugzilla.redhat.com/show_bug.cgi?id=1976946 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 1CVE-2021-38198
https://notcve.org/view.php?id=CVE-2021-38198
08 Aug 2021 — arch/x86/kvm/mmu/paging_tmpl.h in the Linux kernel before 5.12.11 incorrectly computes the access permissions of a shadow page, leading to a missing guest protection page fault. El archivo arch/x86/kvm/mmu/paging_tmpl.h en el kernel de Linux versiones anteriores a 5.12.11, computa incorrectamente los permisos de acceso de una página sombra, conllevando a un fallo de página de protección de invitados • https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.12.11 •
CVSS: 6.5EPSS: 0%CPEs: 9EXPL: 0CVE-2021-38199
https://notcve.org/view.php?id=CVE-2021-38199
08 Aug 2021 — fs/nfs/nfs4client.c in the Linux kernel before 5.13.4 has incorrect connection-setup ordering, which allows operators of remote NFSv4 servers to cause a denial of service (hanging of mounts) by arranging for those servers to be unreachable during trunking detection. El archivo fs/nfs/nfs4client.c en el kernel de Linux versiones anteriores a 5.13.4, presenta un ordenamiento incorrecto de la configuración de la conexión, que permite a operadores de servidores NFSv4 remotos causar una denegación de servicio (c... • https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.13.4 •