CVE-2020-28097
- EPSS 0.52%
- Veröffentlicht 24.06.2021 12:15:07
- Zuletzt bearbeitet 21.11.2024 05:22:21
The vgacon subsystem in the Linux kernel before 5.8.10 mishandles software scrollback. There is a vgacon_scrolldelta out-of-bounds read, aka CID-973c096f6a85.
CVE-2021-33624
- EPSS 0.92%
- Veröffentlicht 23.06.2021 16:15:07
- Zuletzt bearbeitet 11.11.2025 16:15:33
In kernel/bpf/verifier.c in the Linux kernel before 5.12.13, a branch can be mispredicted (e.g., because of type confusion) and consequently an unprivileged BPF program can read arbitrary memory locations via a side-channel attack, aka CID-9183671af6...
CVE-2021-0605
- EPSS 0.2%
- Veröffentlicht 22.06.2021 12:15:09
- Zuletzt bearbeitet 21.11.2024 05:43:00
In pfkey_dump of af_key.c, there is a possible out-of-bounds read due to a missing bounds check. This could lead to local information disclosure in the kernel with System execution privileges needed. User interaction is not needed for exploitation.Pr...
CVE-2021-0512
- EPSS 0.28%
- Veröffentlicht 21.06.2021 17:15:08
- Zuletzt bearbeitet 21.11.2024 05:42:50
In __hidinput_change_resolution_multipliers of hid-input.c, there is a possible out of bounds write due to a heap buffer overflow. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is no...
CVE-2021-34693
- EPSS 0.47%
- Veröffentlicht 14.06.2021 22:15:20
- Zuletzt bearbeitet 21.11.2024 06:10:57
net/can/bcm.c in the Linux kernel through 5.12.10 allows local users to obtain sensitive information from kernel stack memory because parts of a data structure are uninitialized.
CVE-2021-0129
- EPSS 0.83%
- Veröffentlicht 09.06.2021 20:15:08
- Zuletzt bearbeitet 21.11.2024 05:42:01
Improper access control in BlueZ may allow an authenticated user to potentially enable information disclosure via adjacent access.
CVE-2021-3564
- EPSS 0.49%
- Veröffentlicht 08.06.2021 12:15:11
- Zuletzt bearbeitet 21.11.2024 06:21:51
A flaw double-free memory corruption in the Linux kernel HCI device initialization subsystem was found in the way user attach malicious HCI TTY Bluetooth device. A local user could use this flaw to crash the system. This flaw affects all the Linux ke...
CVE-2020-36386
- EPSS 0.54%
- Veröffentlicht 07.06.2021 20:15:08
- Zuletzt bearbeitet 21.11.2024 05:29:23
An issue was discovered in the Linux kernel before 5.8.1. net/bluetooth/hci_event.c has a slab out-of-bounds read in hci_extended_inquiry_result_evt, aka CID-51c19bf3d5cf.
CVE-2020-36385
- EPSS 1.48%
- Veröffentlicht 07.06.2021 12:15:08
- Zuletzt bearbeitet 21.11.2024 05:29:22
An issue was discovered in the Linux kernel before 5.10. drivers/infiniband/core/ucma.c has a use-after-free because the ctx is reached via the ctx_list in some ucma_migrate_id situations where ucma_close is called, aka CID-f5449e74802c.
CVE-2021-20239
- EPSS 0.26%
- Veröffentlicht 28.05.2021 11:15:08
- Zuletzt bearbeitet 21.11.2024 05:46:11
A flaw was found in the Linux kernel in versions before 5.4.92 in the BPF protocol. This flaw allows an attacker with a local account to leak information about kernel internal addresses. The highest threat from this vulnerability is to confidentialit...