CVSS: 3.3EPSS: 0%CPEs: 1EXPL: 0CVE-2021-38209
https://notcve.org/view.php?id=CVE-2021-38209
08 Aug 2021 — net/netfilter/nf_conntrack_standalone.c in the Linux kernel before 5.12.2 allows observation of changes in any net namespace because these changes are leaked into all other net namespaces. This is related to the NF_SYSCTL_CT_MAX, NF_SYSCTL_CT_EXPECT_MAX, and NF_SYSCTL_CT_BUCKETS sysctls. El archivo net/netfilter/nf_conntrack_standalone.c en el kernel de Linux versiones anteriores a 5.12.2, permite la observación de cambios en cualquier espacio de nombres de red porque estos cambios son filtrados a todos los... • https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.12.2 • CWE-203: Observable Discrepancy •
CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 0CVE-2021-38166
https://notcve.org/view.php?id=CVE-2021-38166
07 Aug 2021 — In kernel/bpf/hashtab.c in the Linux kernel through 5.13.8, there is an integer overflow and out-of-bounds write when many elements are placed in a single bucket. NOTE: exploitation might be impractical without the CAP_SYS_ADMIN capability. En el archivo kernel/bpf/hashtab.c en el kernel de Linux versiones hasta 5.13.8, se presenta un desbordamiento de enteros y una escritura fuera de límites cuando son colocados muchos elementos en un solo cubo. NOTA: una explotación puede ser poco práctica sin la capacida... • https://git.kernel.org/pub/scm/linux/kernel/git/bpf/bpf.git/commit/?id=c4eb1f403243fc7bbb7de644db8587c03de36da6 • CWE-190: Integer Overflow or Wraparound CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 10EXPL: 0CVE-2021-38160
https://notcve.org/view.php?id=CVE-2021-38160
07 Aug 2021 — In drivers/char/virtio_console.c in the Linux kernel before 5.13.4, data corruption or loss can be triggered by an untrusted device that supplies a buf->len value exceeding the buffer size. NOTE: the vendor indicates that the cited data corruption is not a vulnerability in any existing use case; the length validation was added solely for robustness in the face of anomalous host OS behavior ** EN DISPUTA ** En el archivo drivers/char/virtio_console.c en el kernel de Linux versiones anteriores a 5.13.4, la co... • https://access.redhat.com/security/cve/cve-2021-38160 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 3.3EPSS: 0%CPEs: 4EXPL: 0CVE-2021-3655
https://notcve.org/view.php?id=CVE-2021-3655
05 Aug 2021 — A vulnerability was found in the Linux kernel in versions prior to v5.14-rc1. Missing size validations on inbound SCTP packets may allow the kernel to read uninitialized memory. Se ha detectado una vulnerabilidad en el kernel de Linux en versiones anteriores a v5.14-rc1.Una falta de comprobaciones de tamaño en los paquetes SCTP entrantes puede permitir al kernel leer la memoria no inicializada. • https://bugzilla.redhat.com/show_bug.cgi?id=1984024 • CWE-20: Improper Input Validation CWE-909: Missing Initialization of Resource •
CVSS: 5.5EPSS: 0%CPEs: 7EXPL: 1CVE-2021-3679 – kernel: DoS in rb_per_cpu_empty()
https://notcve.org/view.php?id=CVE-2021-3679
05 Aug 2021 — A lack of CPU resource in the Linux kernel tracing module functionality in versions prior to 5.14-rc3 was found in the way user uses trace ring buffer in a specific way. Only privileged local users (with CAP_SYS_ADMIN capability) could use this flaw to starve the resources causing denial of service. Se encontró una falta de recursos de CPU en la funcionalidad tracing module del kernel de Linux en versiones anteriores a 5.14-rc3 en la manera en que el usuario usa el búfer de anillo de rastreo de una manera e... • https://github.com/aegistudio/RingBufferDetonator • CWE-400: Uncontrolled Resource Consumption CWE-835: Loop with Unreachable Exit Condition ('Infinite Loop') •
CVSS: 5.5EPSS: 0%CPEs: 4EXPL: 0CVE-2021-34556
https://notcve.org/view.php?id=CVE-2021-34556
02 Aug 2021 — In the Linux kernel through 5.13.7, an unprivileged BPF program can obtain sensitive information from kernel memory via a Speculative Store Bypass side-channel attack because the protection mechanism neglects the possibility of uninitialized memory locations on the BPF stack. En el kernel de Linux versiones hasta 5.13.7, un programa BPF sin privilegios puede obtener información confidencial de la memoria del kernel por medio de un ataque de canal lateral Omisión de Almacenamiento Especulativo porque el meca... • http://www.openwall.com/lists/oss-security/2021/08/01/3 • CWE-203: Observable Discrepancy •
CVSS: 5.5EPSS: 0%CPEs: 4EXPL: 0CVE-2021-35477
https://notcve.org/view.php?id=CVE-2021-35477
02 Aug 2021 — In the Linux kernel through 5.13.7, an unprivileged BPF program can obtain sensitive information from kernel memory via a Speculative Store Bypass side-channel attack because a certain preempting store operation does not necessarily occur before a store operation that has an attacker-controlled value. En el kernel de Linux versiones 5.13.7, un programa BPF sin privilegios puede obtener información confidencial de la memoria del kernel por medio de un ataque de canal lateral de Omisión de Almacenamiento Espe... • https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/patch/?id=2039f26f3aca5b0e419b98f65dd36481337b86ee • CWE-203: Observable Discrepancy •
CVSS: 7.8EPSS: 0%CPEs: 9EXPL: 1CVE-2021-37576 – kernel: powerpc: KVM guest OS users can cause host OS memory corruption
https://notcve.org/view.php?id=CVE-2021-37576
26 Jul 2021 — arch/powerpc/kvm/book3s_rtas.c in the Linux kernel through 5.13.5 on the powerpc platform allows KVM guest OS users to cause host OS memory corruption via rtas_args.nargs, aka CID-f62f3c20647e. El archivo arch/powerpc/kvm/book3s_rtas.c en el kernel de Linux versiones hasta 5.13.5, en la plataforma powerpc permite a usuarios del Sistema Operativo invitado de KVM causar una corrupción en la memoria del Sistema Operativo host por medio de rtas_args.nargs, también se conoce como CID-f62f3c20647e A flaw was foun... • http://www.openwall.com/lists/oss-security/2021/07/27/2 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-787: Out-of-bounds Write •
CVSS: 6.9EPSS: 0%CPEs: 9EXPL: 1CVE-2021-3573 – kernel: use-after-free in function hci_sock_bound_ioctl()
https://notcve.org/view.php?id=CVE-2021-3573
21 Jul 2021 — A use-after-free in function hci_sock_bound_ioctl() of the Linux kernel HCI subsystem was found in the way user calls ioct HCIUNBLOCKADDR or other way triggers race condition of the call hci_unregister_dev() together with one of the calls hci_sock_blacklist_add(), hci_sock_blacklist_del(), hci_get_conn_info(), hci_get_auth_info(). A privileged local user could use this flaw to crash the system or escalate their privileges on the system. This flaw affects the Linux kernel versions prior to 5.13-rc5. Se detec... • http://www.openwall.com/lists/oss-security/2023/07/02/1 • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') CWE-416: Use After Free •
CVSS: 6.4EPSS: 0%CPEs: 5EXPL: 0CVE-2021-37159 – kernel: use-after-free in hso_free_net_device() in drivers/net/usb/hso.c
https://notcve.org/view.php?id=CVE-2021-37159
21 Jul 2021 — hso_free_net_device in drivers/net/usb/hso.c in the Linux kernel through 5.13.4 calls unregister_netdev without checking for the NETREG_REGISTERED state, leading to a use-after-free and a double free. la función hso_free_net_device en el archivo drivers/net/usb/hso.c en el kernel de Linux versiones hasta 5.13.4 llama a unregister_netdev sin comprobar el estado NETREG_REGISTERED, conllevando a un uso de memoria previamente liberada y un double free A flaw use-after-free in the Linux kernel USB High Speed Mob... • https://bugzilla.suse.com/show_bug.cgi?id=1188601 • CWE-415: Double Free CWE-416: Use After Free •