Vulnerabilities > Linux > Linux Kernel > 2.4.36
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2021-11-17 | CVE-2021-43976 | In the Linux kernel through 5.15.2, mwifiex_usb_recv in drivers/net/wireless/marvell/mwifiex/usb.c allows an attacker (who can connect a crafted USB device) to cause a denial of service (skb_over_panic). | 4.6 |
2021-10-21 | CVE-2021-42327 | Out-of-bounds Write vulnerability in multiple products dp_link_settings_write in drivers/gpu/drm/amd/display/amdgpu_dm/amdgpu_dm_debugfs.c in the Linux kernel through 5.14.14 allows a heap-based buffer overflow by an attacker who can write a string to the AMD GPU display drivers debug filesystem. | 6.7 |
2021-10-20 | CVE-2021-42739 | Out-of-bounds Write vulnerability in multiple products The firewire subsystem in the Linux kernel through 5.14.13 has a buffer overflow related to drivers/media/firewire/firedtv-avc.c and drivers/media/firewire/firedtv-ci.c, because avc_ca_pmt mishandles bounds checking. | 6.7 |
2021-08-07 | CVE-2021-38160 | Classic Buffer Overflow vulnerability in multiple products In drivers/char/virtio_console.c in the Linux kernel before 5.13.4, data corruption or loss can be triggered by an untrusted device that supplies a buf->len value exceeding the buffer size. | 7.8 |
2021-07-21 | CVE-2021-37159 | Use After Free vulnerability in multiple products hso_free_net_device in drivers/net/usb/hso.c in the Linux kernel through 5.13.4 calls unregister_netdev without checking for the NETREG_REGISTERED state, leading to a use-after-free and a double free. | 6.4 |
2021-04-20 | CVE-2021-29155 | Out-of-bounds Read vulnerability in multiple products An issue was discovered in the Linux kernel through 5.11.x. | 5.5 |
2021-01-19 | CVE-2021-3178 | Path Traversal vulnerability in multiple products fs/nfsd/nfs3xdr.c in the Linux kernel through 5.10.8, when there is an NFS export of a subdirectory of a filesystem, allows remote attackers to traverse to other parts of the filesystem via READDIRPLUS. | 6.5 |
2020-05-09 | CVE-2020-12768 | Memory Leak vulnerability in multiple products An issue was discovered in the Linux kernel before 5.6. | 5.5 |
2020-05-05 | CVE-2020-12656 | Memory Leak vulnerability in multiple products gss_mech_free in net/sunrpc/auth_gss/gss_mech_switch.c in the rpcsec_gss_krb5 implementation in the Linux kernel through 5.6.10 lacks certain domain_release calls, leading to a memory leak. | 5.5 |
2020-04-12 | CVE-2020-11725 | Unspecified vulnerability in Linux Kernel snd_ctl_elem_add in sound/core/control.c in the Linux kernel through 5.6.3 has a count=info->owner line, which later affects a private_size*count multiplication for unspecified "interesting side effects." NOTE: kernel engineers dispute this finding, because it could be relevant only if new callers were added that were unfamiliar with the misuse of the info->owner field to represent data unrelated to the "owner" concept. | 7.8 |