Vulnerabilities > Linux

DATE CVE VULNERABILITY TITLE RISK
2021-01-13 CVE-2020-28374 Path Traversal vulnerability in multiple products
In drivers/target/target_core_xcopy.c in the Linux kernel before 5.10.7, insufficient identifier checking in the LIO SCSI target code can be used by remote attackers to read or write files via directory traversal in an XCOPY request, aka CID-2896c93811e3.
network
low complexity
linux fedoraproject CWE-22
5.5
2021-01-07 CVE-2020-27835 USE After Free vulnerability in Linux Infiniband Hfi1 Driver 5.10
A use after free in the Linux kernel infiniband hfi1 driver in versions prior to 5.10-rc6 was found in the way user calls Ioctl after open dev file and fork.
local
low complexity
linux CWE-416
4.9
2021-01-05 CVE-2020-36158 Classic Buffer Overflow vulnerability in multiple products
mwifiex_cmd_802_11_ad_hoc_start in drivers/net/wireless/marvell/mwifiex/join.c in the Linux kernel through 5.10.4 might allow remote attackers to execute arbitrary code via a long SSID value, aka CID-5c455c5ab332.
local
low complexity
linux fedoraproject CWE-120
7.2
2020-12-15 CVE-2020-29569 Unchecked Return Value vulnerability in multiple products
An issue was discovered in the Linux kernel through 5.10.1, as used with Xen through 4.14.x.
local
low complexity
xen debian linux CWE-252
7.2
2020-12-15 CVE-2020-27777 Missing Authorization vulnerability in multiple products
A flaw was found in the way RTAS handled memory accesses in userspace to kernel communication.
local
low complexity
linux redhat CWE-862
7.2
2020-12-11 CVE-2020-27825 USE After Free vulnerability in multiple products
A use-after-free flaw was found in kernel/trace/ring_buffer.c in Linux kernel (before 5.10-rc1).
5.4
2020-12-11 CVE-2020-27786 USE After Free vulnerability in multiple products
A flaw was found in the Linux kernels implementation of MIDI, where an attacker with a local account and the permissions to issue an ioctl commands to midi devices, could trigger a use-after-free.
local
low complexity
linux redhat CWE-416
7.2
2020-12-09 CVE-2020-29661 USE After Free vulnerability in multiple products
A locking issue was discovered in the tty subsystem of the Linux kernel through 5.9.13.
local
low complexity
linux fedoraproject CWE-416
7.2
2020-12-09 CVE-2020-29660 USE After Free vulnerability in multiple products
A locking inconsistency issue was discovered in the tty subsystem of the Linux kernel through 5.9.13.
local
low complexity
fedoraproject linux CWE-416
2.1
2020-12-03 CVE-2020-29534 Unspecified vulnerability in Linux Kernel
An issue was discovered in the Linux kernel before 5.9.3.
local
low complexity
linux
7.2