CVE-2021-43975
- EPSS 0.51%
- Veröffentlicht 17.11.2021 17:15:08
- Zuletzt bearbeitet 21.11.2024 06:30:07
In the Linux kernel through 5.15.2, hw_atl_utils_fw_rpc_wait in drivers/net/ethernet/aquantia/atlantic/hw_atl/hw_atl_utils.c allows an attacker (who can introduce a crafted device) to trigger an out-of-bounds write via a crafted length value.
CVE-2021-43976
- EPSS 0.64%
- Veröffentlicht 17.11.2021 17:15:08
- Zuletzt bearbeitet 21.11.2024 06:30:07
In the Linux kernel through 5.15.2, mwifiex_usb_recv in drivers/net/wireless/marvell/mwifiex/usb.c allows an attacker (who can connect a crafted USB device) to cause a denial of service (skb_over_panic).
CVE-2021-43337
- EPSS 1.2%
- Veröffentlicht 17.11.2021 06:15:06
- Zuletzt bearbeitet 21.11.2024 06:29:06
SchedMD Slurm 21.08.* before 21.08.4 has Incorrect Access Control. On sites using the new AccountingStoreFlags=job_script and/or job_env options, the access control rules in SlurmDBD may permit users to request job scripts and environment files to wh...
CVE-2021-42383
- EPSS 2.12%
- Veröffentlicht 15.11.2021 21:15:08
- Zuletzt bearbeitet 23.04.2025 20:15:34
A use-after-free in Busybox's awk applet leads to denial of service and possibly code execution when processing a crafted awk pattern in the evaluate function
CVE-2021-42384
- EPSS 2.54%
- Veröffentlicht 15.11.2021 21:15:08
- Zuletzt bearbeitet 03.11.2025 21:15:46
A use-after-free in Busybox's awk applet leads to denial of service and possibly code execution when processing a crafted awk pattern in the handle_special function
CVE-2021-42385
- EPSS 2.58%
- Veröffentlicht 15.11.2021 21:15:08
- Zuletzt bearbeitet 03.11.2025 21:15:46
A use-after-free in Busybox's awk applet leads to denial of service and possibly code execution when processing a crafted awk pattern in the evaluate function
CVE-2021-42386
- EPSS 2.54%
- Veröffentlicht 15.11.2021 21:15:08
- Zuletzt bearbeitet 03.11.2025 21:15:47
A use-after-free in Busybox's awk applet leads to denial of service and possibly code execution when processing a crafted awk pattern in the nvalloc function
CVE-2021-42373
- EPSS 0.38%
- Veröffentlicht 15.11.2021 21:15:07
- Zuletzt bearbeitet 21.11.2024 06:27:41
A NULL pointer dereference in Busybox's man applet leads to denial of service when a section name is supplied but no page argument is given
CVE-2021-42374
- EPSS 0.58%
- Veröffentlicht 15.11.2021 21:15:07
- Zuletzt bearbeitet 03.11.2025 21:15:43
An out-of-bounds heap read in Busybox's unlzma applet leads to information leak and denial of service when crafted LZMA-compressed input is decompressed. This can be triggered by any applet/format that
CVE-2021-42375
- EPSS 0.38%
- Veröffentlicht 15.11.2021 21:15:07
- Zuletzt bearbeitet 23.04.2025 20:15:33
An incorrect handling of a special element in Busybox's ash applet leads to denial of service when processing a crafted shell command, due to the shell mistaking specific characters for reserved characters. This may be used for DoS under rare conditi...