CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 1CVE-2021-34693
https://notcve.org/view.php?id=CVE-2021-34693
net/can/bcm.c in the Linux kernel through 5.12.10 allows local users to obtain sensitive information from kernel stack memory because parts of a data structure are uninitialized. El archivo net/can/bcm.c en el kernel de Linux versiones hasta 5.12.10, permite a usuarios locales obtener información confidencial de la memoria de la pila del kernel porque partes de una estructura de datos no están inicializadas • http://www.openwall.com/lists/oss-security/2021/06/15/1 https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=5e87ddbe3942e27e939bdc02deb8579b0cbd8ecc https://lists.debian.org/debian-lts-announce/2021/07/msg00014.html https://lists.debian.org/debian-lts-announce/2021/07/msg00015.html https://lists.debian.org/debian-lts-announce/2021/07/msg00016.html https://lore.kernel.org/netdev/trinity-87eaea25-2a7d-4aa9-92a5-269b822e5d95-1623609211076%403c-app-gmx-bs04/T https://ww • CWE-909: Missing Initialization of Resource •
CVSS: 6.4EPSS: 0%CPEs: 12EXPL: 0CVE-2021-0129 – kernel: Improper access control in BlueZ may allow information disclosure vulnerability.
https://notcve.org/view.php?id=CVE-2021-0129
Improper access control in BlueZ may allow an authenticated user to potentially enable information disclosure via adjacent access. Un control de acceso inapropiado en BlueZ puede permitir a un usuario autenticado permitir potencialmente una divulgación de información por medio de un acceso adyacente A flaw was found in the Linux kernel. Improper access control in BlueZ may allow an authenticated user to potentially enable information disclosure via adjacent access. The highest threat from this vulnerability is to data confidentiality and integrity. • https://lists.debian.org/debian-lts-announce/2021/06/msg00019.html https://lists.debian.org/debian-lts-announce/2021/06/msg00020.html https://lists.debian.org/debian-lts-announce/2021/06/msg00022.html https://security.gentoo.org/glsa/202209-16 https://security.netapp.com/advisory/ntap-20210716-0002 https://www.debian.org/security/2021/dsa-4951 https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00517.html https://access.redhat.com/security/cve/CVE-2021& • CWE-287: Improper Authentication •
CVSS: 6.3EPSS: 0%CPEs: 3EXPL: 3CVE-2021-3564 – kernel: double free in bluetooth subsystem when the HCI device initialization fails
https://notcve.org/view.php?id=CVE-2021-3564
A flaw double-free memory corruption in the Linux kernel HCI device initialization subsystem was found in the way user attach malicious HCI TTY Bluetooth device. A local user could use this flaw to crash the system. This flaw affects all the Linux kernel versions starting from 3.13. Se encontró un fallo de corrupción de memoria de doble liberación en el subsistema de inicialización de dispositivos HCI del kernel de Linux en la manera en que el usuario adjunta un dispositivo Bluetooth HCI TTY malicioso. Un usuario local podría usar este fallo para bloquear el sistema. • http://www.openwall.com/lists/oss-security/2021/05/25/1 http://www.openwall.com/lists/oss-security/2021/06/01/2 https://bugzilla.redhat.com/show_bug.cgi?id=1964139 https://lists.debian.org/debian-lts-announce/2021/06/msg00019.html https://lists.debian.org/debian-lts-announce/2021/06/msg00020.html https://www.openwall.com/lists/oss-security/2021/05/25/1 https://access.redhat.com/security/cve/CVE-2021-3564 • CWE-415: Double Free •
CVSS: 7.8EPSS: 0%CPEs: 17EXPL: 2CVE-2018-25015
https://notcve.org/view.php?id=CVE-2018-25015
An issue was discovered in the Linux kernel before 4.14.16. There is a use-after-free in net/sctp/socket.c for a held lock after a peel off, aka CID-a0ff660058b8. Se ha detectado un problema en el kernel de Linux versiones anteriores a 4.14.16. Se presenta un uso de la memoria previamente liberada en el archivo net/sctp/socket.c para un bloqueo retenido después de un despegue, también se conoce como CID-a0ff660058b8 • https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.14.16 https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=a0ff660058b88d12625a783ce9e5c1371c87951f https://security.netapp.com/advisory/ntap-20210720-0002 https://sites.google.com/view/syzscope/warning-held-lock-freed https://syzkaller.appspot.com/bug?id=a8d38d1b68ffc744c53bd9b9fc1dbd6c86b1afe2 • CWE-416: Use After Free •
CVSS: 7.1EPSS: 0%CPEs: 1EXPL: 1CVE-2020-36386 – kernel: slab out-of-bounds read in hci_extended_inquiry_result_evt() in net/bluetooth/hci_event.c
https://notcve.org/view.php?id=CVE-2020-36386
An issue was discovered in the Linux kernel before 5.8.1. net/bluetooth/hci_event.c has a slab out-of-bounds read in hci_extended_inquiry_result_evt, aka CID-51c19bf3d5cf. Se ha detectado un problema en el kernel de Linux versiones anteriores a 5.8.1. El archivo net/bluetooth/hci_event.c presenta una lectura fuera de límites en la función hci_extended_inquiry_result_evt, también se conoce como CID-51c19bf3d5cf A flaw out of bounds memory access in the Linux kernel bluetooth subsystem was found in the way when some data being read about the bluetooth device with the hci_extended_inquiry_result_evt call. A local user could use this flaw to crash the system or read some data out of memory bounds that can lead to data confidentiality threat. • https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.8.1 https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=51c19bf3d5cfaa66571e4b88ba2a6f6295311101 https://sites.google.com/view/syzscope/kasan-slab-out-of-bounds-read-in-hci_extended_inquiry_result_evt https://syzkaller.appspot.com/bug?id=4bf11aa05c4ca51ce0df86e500fce486552dc8d2 https://syzkaller.appspot.com/text?tag=ReproC&x=15ca2f46900000 https://access.redhat.com/security/cve/CVE-2020-36386 https://bugzilla.redhat.com&# • CWE-125: Out-of-bounds Read •