Fedora

DATE	CVE	VULNERABILITY TITLE	RISK
2021-05-26	CVE-2020-25670	A vulnerability was found in Linux Kernel where refcount leak in llcp_sock_bind() causing use-after-free which might lead to privilege escalations. local low complexity linux fedoraproject netapp debian	7.8
2021-05-26	CVE-2020-25671	A vulnerability was found in Linux Kernel, where a refcount leak in llcp_sock_connect() causing use-after-free which might lead to privilege escalations. local low complexity linux fedoraproject netapp debian	7.8
2021-05-26	CVE-2020-25673	A vulnerability was found in Linux kernel where non-blocking socket in llcp_sock_connect() leads to leak and eventually hanging-up the system. local low complexity linux fedoraproject netapp	5.5
2021-05-26	CVE-2021-22543	Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products An issue was discovered in Linux: KVM through Improper handling of VM_IO\|VM_PFNMAP vmas in KVM can bypass RO checks and can lead to pages being freed while still accessible by the VMM and guest. local low complexity linux fedoraproject debian netapp CWE-119	7.8
2021-05-26	CVE-2021-31924	Improper Authentication vulnerability in multiple products Yubico pam-u2f before 1.1.1 has a logic issue that, depending on the pam-u2f configuration and the application used, could lead to a local PIN bypass. low complexity yubico fedoraproject CWE-287	6.8
2021-05-25	CVE-2021-33574	Use After Free vulnerability in multiple products The mq_notify function in the GNU C Library (aka glibc) versions 2.32 and 2.33 has a use-after-free. network low complexity gnu fedoraproject netapp debian CWE-416 critical	9.8
2021-05-25	CVE-2020-25672	A memory leak vulnerability was found in Linux kernel in llcp_sock_connect network low complexity linux fedoraproject debian netapp	7.5
2021-05-24	CVE-2020-26555	Incorrect Authorization vulnerability in multiple products Bluetooth legacy BR/EDR PIN code pairing in Bluetooth Core Specification 1.0B through 5.2 may permit an unauthenticated nearby device to spoof the BD_ADDR of the peer device to complete pairing without knowledge of the PIN. low complexity bluetooth fedoraproject intel CWE-863	5.4
2021-05-24	CVE-2020-26558	Improper Authentication vulnerability in multiple products Bluetooth LE and BR/EDR secure pairing in Bluetooth Core Specification 2.1 through 5.2 may permit a nearby man-in-the-middle attacker to identify the Passkey used during pairing (in the Passkey authentication procedure) by reflection of the public key and the authentication evidence of the initiating device, potentially permitting this attacker to complete authenticated pairing with the responding device using the correct Passkey for the pairing session. high complexity bluetooth fedoraproject debian linux intel CWE-287	4.2
2021-05-20	CVE-2021-33477	Improper Handling of Exceptional Conditions vulnerability in multiple products rxvt-unicode 9.22, rxvt 2.7.10, mrxvt 0.5.4, and Eterm 0.9.7 allow (potentially remote) code execution because of improper handling of certain escape sequences (ESC G Q). network low complexity eterm-project mrxvt-project rxvt-project rxvt-unicode-project fedoraproject debian CWE-755	8.8