CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 0CVE-2020-27830
https://notcve.org/view.php?id=CVE-2020-27830
A vulnerability was found in Linux Kernel where in the spk_ttyio_receive_buf2() function, it would dereference spk_ttyio_synth without checking whether it is NULL or not, and may lead to a NULL-ptr deref crash. Se encontró una vulnerabilidad en el kernel de Linux donde, en la función spk_ttyio_receive_buf2(), podría desreferenciar spk_ttyio_synth sin comprobar si es NULL o no, y puede conllevar a un bloqueo deref de NULL-ptr • http://www.openwall.com/lists/oss-security/2020/12/08/1 http://www.openwall.com/lists/oss-security/2020/12/08/4 https://bugzilla.redhat.com/show_bug.cgi?id=1919900 https://lists.debian.org/debian-lts-announce/2021/02/msg00018.html https://security.netapp.com/advisory/ntap-20210625-0004 https://www.debian.org/security/2021/dsa-4843 • CWE-476: NULL Pointer Dereference •
CVSS: 4.4EPSS: 0%CPEs: 1EXPL: 0CVE-2021-20177
https://notcve.org/view.php?id=CVE-2021-20177
A flaw was found in the Linux kernel's implementation of string matching within a packet. A privileged user (with root or CAP_NET_ADMIN) when inserting iptables rules could insert a rule which can panic the system. Kernel before kernel 5.5-rc1 is affected. Se encontró un fallo en la implementación del kernel de Linux de la coincidencia de cadenas dentro de un paquete. Un usuario privilegiado (con root o función CAP_NET_ADMIN) cuando se insertan las reglas de iptables podría insertar una regla que puede causar pánico en el sistema. • https://bugzilla.redhat.com/show_bug.cgi?id=1914719 • CWE-125: Out-of-bounds Read •
CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 0CVE-2020-12364 – kernel: Null pointer dereference in some Intel(R) Graphics Drivers
https://notcve.org/view.php?id=CVE-2020-12364
Null pointer reference in some Intel(R) Graphics Drivers for Windows* before version 26.20.100.7212 and before version Linux kernel version 5.5 may allow a privileged user to potentially enable a denial of service via local access. Una referencia de puntero null en algunos Intel® Graphics Drivers para Windows* versiones anteriores a 26.20.100.7212 y la versión 5.5 del kernel de Linux, puede permitir a un usuario privilegiado habilitar potencialmente una denegación de servicio por medio de un acceso local Null pointer reference in some Intel(R) Graphics Drivers for Microsoft Windows and the Linux kernel may allow a privileged user to potentially enable a denial of service via local access. • https://lists.debian.org/debian-lts-announce/2023/04/msg00002.html https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00438.html https://access.redhat.com/security/cve/CVE-2020-12364 https://bugzilla.redhat.com/show_bug.cgi?id=1930251 • CWE-476: NULL Pointer Dereference •
CVSS: 5.5EPSS: 0%CPEs: 10EXPL: 0CVE-2021-26932
https://notcve.org/view.php?id=CVE-2021-26932
An issue was discovered in the Linux kernel 3.2 through 5.10.16, as used by Xen. Grant mapping operations often occur in batch hypercalls, where a number of operations are done in a single hypercall, the success or failure of each one is reported to the backend driver, and the backend driver then loops over the results, performing follow-up actions based on the success or failure of each operation. Unfortunately, when running in PV mode, the Linux backend drivers mishandle this: Some errors are ignored, effectively implying their success from the success of related batch elements. In other cases, errors resulting from one batch element lead to further batch elements not being inspected, and hence successful ones to not be possible to properly unmap upon error recovery. Only systems with Linux backends running in PV mode are vulnerable. • http://xenbits.xen.org/xsa/advisory-361.html https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=ebee0eab08594b2bd5db716288a4f1ae5936e9bc https://lists.debian.org/debian-lts-announce/2021/03/msg00010.html https://lists.debian.org/debian-lts-announce/2021/03/msg00035.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2XQR52ICKRK3GC4HDWLMWF2U55YGAR63 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GWQWPWYZRX •
CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 0CVE-2021-26930
https://notcve.org/view.php?id=CVE-2021-26930
An issue was discovered in the Linux kernel 3.11 through 5.10.16, as used by Xen. To service requests to the PV backend, the driver maps grant references provided by the frontend. In this process, errors may be encountered. In one case, an error encountered earlier might be discarded by later processing, resulting in the caller assuming successful mapping, and hence subsequent operations trying to access space that wasn't mapped. In another case, internal state would be insufficiently updated, preventing safe recovery from the error. • http://xenbits.xen.org/xsa/advisory-365.html https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=871997bc9e423f05c7da7c9178e62dde5df2a7f8 https://lists.debian.org/debian-lts-announce/2021/03/msg00010.html https://lists.debian.org/debian-lts-announce/2021/03/msg00035.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2XQR52ICKRK3GC4HDWLMWF2U55YGAR63 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GWQWPWYZRX •