CVE-2021-45469
- EPSS 0.55%
- Veröffentlicht 23.12.2021 19:15:12
- Zuletzt bearbeitet 21.11.2024 06:32:16
In __f2fs_setxattr in fs/f2fs/xattr.c in the Linux kernel through 5.15.11, there is an out-of-bounds memory access when an inode has an invalid last xattr entry.
- EPSS 0.69%
- Veröffentlicht 22.12.2021 17:15:09
- Zuletzt bearbeitet 21.11.2024 06:31:28
A use-after-free exists in drivers/tee/tee_shm.c in the TEE subsystem in the Linux kernel through 5.15.11. This occurs because of a race condition in tee_shm_get_from_id during an attempt to free a shared memory object.
CVE-2021-45095
- EPSS 0.34%
- Veröffentlicht 16.12.2021 04:15:06
- Zuletzt bearbeitet 21.11.2024 06:31:56
pep_sock_accept in net/phonet/pep.c in the Linux kernel through 5.15.8 has a refcount leak.
CVE-2021-39648
- EPSS 0.16%
- Veröffentlicht 15.12.2021 19:15:15
- Zuletzt bearbeitet 21.11.2024 06:19:53
In gadget_dev_desc_UDC_show of configfs.c, there is a possible disclosure of kernel heap memory due to a race condition. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for explo...
CVE-2021-39656
- EPSS 0.12%
- Veröffentlicht 15.12.2021 19:15:15
- Zuletzt bearbeitet 21.11.2024 06:19:54
In __configfs_open_file of file.c, there is a possible use-after-free due to improper locking. This could lead to local escalation of privilege in the kernel with System execution privileges needed. User interaction is not needed for exploitation.Pro...
CVE-2021-39657
- EPSS 0.15%
- Veröffentlicht 15.12.2021 19:15:15
- Zuletzt bearbeitet 21.11.2024 06:19:54
In ufshcd_eh_device_reset_handler of ufshcd.c, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitat...
CVE-2021-0920
- EPSS 0.81%
- Veröffentlicht 15.12.2021 19:15:11
- Zuletzt bearbeitet 23.10.2025 14:53:26
In unix_scm_to_skb of af_unix.c, there is a possible use after free bug due to a race condition. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: Androi...
CVE-2021-33098
- EPSS 0.29%
- Veröffentlicht 17.11.2021 20:15:10
- Zuletzt bearbeitet 21.11.2024 06:08:17
Improper input validation in the Intel(R) Ethernet ixgbe driver for Linux before version 3.17.3 may allow an authenticated user to potentially enable denial of service via local access.
CVE-2021-43975
- EPSS 0.51%
- Veröffentlicht 17.11.2021 17:15:08
- Zuletzt bearbeitet 21.11.2024 06:30:07
In the Linux kernel through 5.15.2, hw_atl_utils_fw_rpc_wait in drivers/net/ethernet/aquantia/atlantic/hw_atl/hw_atl_utils.c allows an attacker (who can introduce a crafted device) to trigger an out-of-bounds write via a crafted length value.
CVE-2021-43976
- EPSS 0.64%
- Veröffentlicht 17.11.2021 17:15:08
- Zuletzt bearbeitet 21.11.2024 06:30:07
In the Linux kernel through 5.15.2, mwifiex_usb_recv in drivers/net/wireless/marvell/mwifiex/usb.c allows an attacker (who can connect a crafted USB device) to cause a denial of service (skb_over_panic).