Linux

Linux Kernel

12290 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
7.8

CVE-2021-22555

Warnung Exploit
  • EPSS 87.04%
  • Veröffentlicht 07.07.2021 12:15:08
  • Zuletzt bearbeitet 22.10.2025 00:17:24

A heap out-of-bounds write affecting Linux since v2.6.19-rc1 was discovered in net/netfilter/x_tables.c. This allows an attacker to gain privileges or cause a DoS (via heap memory corruption) through user name space

7.8

CVE-2021-35039

  • EPSS 0.06%
  • Veröffentlicht 07.07.2021 01:15:07
  • Zuletzt bearbeitet 21.11.2024 06:11:43

kernel/module.c in the Linux kernel before 5.12.14 mishandles Signature Verification, aka CID-0c18f29aae7c. Without CONFIG_MODULE_SIG, verification that a kernel module is signed, for loading via init_module, does not occur for a module.sig_enforce=1...

7.8

CVE-2021-28691

  • EPSS 0.04%
  • Veröffentlicht 29.06.2021 12:15:08
  • Zuletzt bearbeitet 21.11.2024 06:00:09

Guest triggered use-after-free in Linux xen-netback A malicious or buggy network PV frontend can force Linux netback to disable the interface and terminate the receive kernel thread associated with queue 0 in response to the frontend sending a malfor...

5.9

CVE-2020-28097

Exploit
  • EPSS 0.16%
  • Veröffentlicht 24.06.2021 12:15:07
  • Zuletzt bearbeitet 21.11.2024 05:22:21

The vgacon subsystem in the Linux kernel before 5.8.10 mishandles software scrollback. There is a vgacon_scrolldelta out-of-bounds read, aka CID-973c096f6a85.

4.7

CVE-2021-33624

Exploit
  • EPSS 0.71%
  • Veröffentlicht 23.06.2021 16:15:07
  • Zuletzt bearbeitet 21.11.2024 06:09:13

In kernel/bpf/verifier.c in the Linux kernel before 5.12.13, a branch can be mispredicted (e.g., because of type confusion) and consequently an unprivileged BPF program can read arbitrary memory locations via a side-channel attack, aka CID-9183671af6...

7.8

CVE-2010-2525

  • EPSS 0.14%
  • Veröffentlicht 22.06.2021 12:15:08
  • Zuletzt bearbeitet 21.11.2024 01:16:50

A flaw was discovered in gfs2 file system’s handling of acls (access control lists). An unprivileged local attacker could exploit this flaw to gain access or execute any file stored in the gfs2 file system.

7.1

CVE-2021-32078

Exploit
  • EPSS 0.15%
  • Veröffentlicht 17.06.2021 15:15:07
  • Zuletzt bearbeitet 21.11.2024 06:06:48

An Out-of-Bounds Read was discovered in arch/arm/mach-footbridge/personal-pci.c in the Linux kernel through 5.12.11 because of the lack of a check for a value that shouldn't be negative, e.g., access to element -2 of an array, aka CID-298a58e165e4.

5.5

CVE-2021-34693

Exploit
  • EPSS 0.05%
  • Veröffentlicht 14.06.2021 22:15:20
  • Zuletzt bearbeitet 21.11.2024 06:10:57

net/can/bcm.c in the Linux kernel through 5.12.10 allows local users to obtain sensitive information from kernel stack memory because parts of a data structure are uninitialized.

5.5

CVE-2021-3564

Exploit
  • EPSS 0.02%
  • Veröffentlicht 08.06.2021 12:15:11
  • Zuletzt bearbeitet 21.11.2024 06:21:51

A flaw double-free memory corruption in the Linux kernel HCI device initialization subsystem was found in the way user attach malicious HCI TTY Bluetooth device. A local user could use this flaw to crash the system. This flaw affects all the Linux ke...

7.1

CVE-2020-36386

Exploit
  • EPSS 0.06%
  • Veröffentlicht 07.06.2021 20:15:08
  • Zuletzt bearbeitet 21.11.2024 05:29:23

An issue was discovered in the Linux kernel before 5.8.1. net/bluetooth/hci_event.c has a slab out-of-bounds read in hci_extended_inquiry_result_evt, aka CID-51c19bf3d5cf.