CVE-2020-36516
- EPSS 0.68%
- Veröffentlicht 26.02.2022 04:15:06
- Zuletzt bearbeitet 21.11.2024 05:29:43
An issue was discovered in the Linux kernel through 5.16.11. The mixed IPID assignment method with the hash-based IPID assignment policy allows an off-path attacker to inject data into a victim's TCP session or terminate that session.
CVE-2021-20322
- EPSS 6.85%
- Veröffentlicht 18.02.2022 18:15:09
- Zuletzt bearbeitet 21.11.2024 05:46:22
A flaw in the processing of received ICMP errors (ICMP fragment needed and ICMP redirect) in the Linux kernel functionality was found to allow the ability to quickly scan open UDP ports. This flaw allows an off-path remote user to effectively bypass ...
CVE-2021-45485
- EPSS 3.59%
- Veröffentlicht 25.12.2021 02:15:06
- Zuletzt bearbeitet 21.11.2024 06:32:18
In the IPv6 implementation in the Linux kernel before 5.13.3, net/ipv6/output_core.c has an information leak because of certain use of a hash table which, although big, doesn't properly consider that IPv6-based attackers can typically choose among ma...
CVE-2021-22901
- EPSS 60.12%
- Veröffentlicht 11.06.2021 16:15:11
- Zuletzt bearbeitet 21.11.2024 05:50:52
curl 7.75.0 through 7.76.1 suffers from a use-after-free vulnerability resulting in already freed memory being used when a TLS 1.3 session ticket arrives over a connection. A malicious server can use this in rare unfortunate circumstances to potentia...
CVE-2019-25045
- EPSS 0.5%
- Veröffentlicht 07.06.2021 20:15:07
- Zuletzt bearbeitet 21.11.2024 04:39:49
An issue was discovered in the Linux kernel before 5.0.19. The XFRM subsystem has a use-after-free, related to an xfrm_state_fini panic, aka CID-dbb2483b2a46.
CVE-2021-33200
- EPSS 0.38%
- Veröffentlicht 27.05.2021 13:15:08
- Zuletzt bearbeitet 21.11.2024 06:08:30
kernel/bpf/verifier.c in the Linux kernel through 5.12.7 enforces incorrect limits for pointer arithmetic operations, aka CID-bb01a1bba579. This can be abused to perform out-of-bounds reads and writes in kernel memory, leading to local privilege esca...
CVE-2021-25217
- EPSS 6.12%
- Veröffentlicht 26.05.2021 22:15:07
- Zuletzt bearbeitet 21.11.2024 05:54:34
In ISC DHCP 4.1-ESV-R1 -> 4.1-ESV-R16, ISC DHCP 4.4.0 -> 4.4.2 (Other branches of ISC DHCP (i.e., releases in the 4.0.x series or lower and releases in the 4.3.x series) are beyond their End-of-Life (EOL) and no longer supported by ISC. From inspecti...
CVE-2020-25669
- EPSS 0.63%
- Veröffentlicht 26.05.2021 12:15:15
- Zuletzt bearbeitet 21.11.2024 05:18:24
A vulnerability was found in the Linux Kernel where the function sunkbd_reinit having been scheduled by sunkbd_interrupt before sunkbd being freed. Though the dangling pointer is set to NULL in sunkbd_disconnect, there is still an alias in sunkbd_rei...
- EPSS 1.03%
- Veröffentlicht 26.05.2021 12:15:15
- Zuletzt bearbeitet 21.11.2024 05:18:24
A flaw was found in Linux Kernel because access to the global variable fg_console is not properly synchronized leading to a use after free in con_font_op.
CVE-2019-25044
- EPSS 0.65%
- Veröffentlicht 14.05.2021 23:15:07
- Zuletzt bearbeitet 21.11.2024 04:39:48
The block subsystem in the Linux kernel before 5.2 has a use-after-free that can lead to arbitrary code execution in the kernel context and privilege escalation, aka CID-c3e2219216c9. This is related to blk_mq_free_rqs and blk_cleanup_queue.