Linux

Linux Kernel

12290 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
7.8

CVE-2021-38160

  • EPSS 0.07%
  • Veröffentlicht 07.08.2021 04:15:06
  • Zuletzt bearbeitet 05.05.2025 14:12:40

In drivers/char/virtio_console.c in the Linux kernel before 5.13.4, data corruption or loss can be triggered by an untrusted device that supplies a buf->len value exceeding the buffer size. NOTE: the vendor indicates that the cited data corruption is...

3.3

CVE-2021-3655

  • EPSS 0.02%
  • Veröffentlicht 05.08.2021 21:15:13
  • Zuletzt bearbeitet 21.11.2024 06:22:05

A vulnerability was found in the Linux kernel in versions prior to v5.14-rc1. Missing size validations on inbound SCTP packets may allow the kernel to read uninitialized memory.

5.5

CVE-2021-3679

  • EPSS 1.41%
  • Veröffentlicht 05.08.2021 20:15:09
  • Zuletzt bearbeitet 21.11.2024 06:22:08

A lack of CPU resource in the Linux kernel tracing module functionality in versions prior to 5.14-rc3 was found in the way user uses trace ring buffer in a specific way. Only privileged local users (with CAP_SYS_ADMIN capability) could use this flaw ...

5.5

CVE-2021-34556

  • EPSS 0.04%
  • Veröffentlicht 02.08.2021 05:15:07
  • Zuletzt bearbeitet 21.11.2024 06:10:40

In the Linux kernel through 5.13.7, an unprivileged BPF program can obtain sensitive information from kernel memory via a Speculative Store Bypass side-channel attack because the protection mechanism neglects the possibility of uninitialized memory l...

5.5

CVE-2021-35477

  • EPSS 0.04%
  • Veröffentlicht 02.08.2021 04:15:07
  • Zuletzt bearbeitet 21.11.2024 06:12:21

In the Linux kernel through 5.13.7, an unprivileged BPF program can obtain sensitive information from kernel memory via a Speculative Store Bypass side-channel attack because a certain preempting store operation does not necessarily occur before a st...

7.8

CVE-2021-37576

Exploit
  • EPSS 0.02%
  • Veröffentlicht 26.07.2021 22:15:08
  • Zuletzt bearbeitet 21.11.2024 06:15:27

arch/powerpc/kvm/book3s_rtas.c in the Linux kernel through 5.13.5 on the powerpc platform allows KVM guest OS users to cause host OS memory corruption via rtas_args.nargs, aka CID-f62f3c20647e.

7.4

CVE-2021-29657

Exploit
  • EPSS 0.04%
  • Veröffentlicht 22.07.2021 17:15:09
  • Zuletzt bearbeitet 21.11.2024 06:01:35

arch/x86/kvm/svm/nested.c in the Linux kernel before 5.11.12 has a use-after-free in which an AMD KVM guest can bypass access control on host OS MSRs when there are nested guests, aka CID-a58d9166a756. This occurs because of a TOCTOU race condition a...

6.4

CVE-2021-37159

  • EPSS 0.04%
  • Veröffentlicht 21.07.2021 15:16:20
  • Zuletzt bearbeitet 21.11.2024 06:14:45

hso_free_net_device in drivers/net/usb/hso.c in the Linux kernel through 5.13.4 calls unregister_netdev without checking for the NETREG_REGISTERED state, leading to a use-after-free and a double free.

7.8

CVE-2021-33909

Exploit
  • EPSS 1.75%
  • Veröffentlicht 20.07.2021 19:15:09
  • Zuletzt bearbeitet 21.11.2024 06:09:45

fs/seq_file.c in the Linux kernel 3.16 through 5.13.x before 5.13.4 does not properly restrict seq buffer allocations, leading to an integer overflow, an Out-of-bounds Write, and escalation to root by an unprivileged user, aka CID-8cae8cd89f05.

7.8

CVE-2021-3612

  • EPSS 0.26%
  • Veröffentlicht 09.07.2021 11:15:09
  • Zuletzt bearbeitet 21.11.2024 06:21:58

An out-of-bounds memory write flaw was found in the Linux kernel's joystick devices subsystem in versions before 5.9-rc1, in the way the user calls ioctl JSIOCSBTNMAP. This flaw allows a local user to crash the system or possibly escalate their privi...