Vulnerabilities > Linux > Linux Kernel > 2.6.27.20

DATE CVE VULNERABILITY TITLE RISK
2022-02-18 CVE-2021-20321 Race Condition vulnerability in multiple products
A race condition accessing file object in the Linux kernel OverlayFS subsystem was found in the way users do rename in specific way with OverlayFS.
local
high complexity
linux redhat debian CWE-362
4.7
2022-02-18 CVE-2021-20322 Use of Insufficiently Random Values vulnerability in multiple products
A flaw in the processing of received ICMP errors (ICMP fragment needed and ICMP redirect) in the Linux kernel functionality was found to allow the ability to quickly scan open UDP ports.
network
high complexity
linux fedoraproject debian netapp oracle CWE-330
7.4
2022-02-18 CVE-2021-4090 Out-of-bounds Write vulnerability in multiple products
An out-of-bounds (OOB) memory write flaw was found in the NFSD in the Linux kernel.
local
low complexity
linux netapp CWE-787
7.1
2022-02-16 CVE-2022-25258 NULL Pointer Dereference vulnerability in multiple products
An issue was discovered in drivers/usb/gadget/composite.c in the Linux kernel before 5.16.10.
4.6
2022-02-16 CVE-2021-3752 Race Condition vulnerability in multiple products
A use-after-free flaw was found in the Linux kernel’s Bluetooth subsystem in the way user calls connect to the socket and disconnect simultaneously due to a race condition.
7.1
2022-02-16 CVE-2021-3753 Out-of-bounds Read vulnerability in multiple products
A race problem was seen in the vt_k_ioctl in drivers/tty/vt/vt_ioctl.c in the Linux kernel, which may cause an out of bounds read in vt as the write access to vc_mode is not protected by lock-in vt_ioctl (KDSETMDE).
local
high complexity
linux redhat netapp CWE-125
4.7
2022-02-16 CVE-2021-3773 A flaw in netfilter could allow a network-connected attacker to infer openvpn connection endpoint information for further use in traditional network attacks.
network
low complexity
linux fedoraproject redhat oracle
critical
9.8
2022-02-14 CVE-2021-44879 NULL Pointer Dereference vulnerability in Linux Kernel
In gc_data_segment in fs/f2fs/gc.c in the Linux kernel before 5.16.3, special files are not considered, leading to a move_data_page NULL pointer dereference.
local
low complexity
linux CWE-476
5.5
2022-02-11 CVE-2022-0382 Missing Initialization of Resource vulnerability in Linux Kernel
An information leak flaw was found due to uninitialized memory in the Linux kernel's TIPC protocol subsystem, in the way a user sends a TIPC datagram to one or more destinations.
local
low complexity
linux CWE-909
5.5
2022-02-11 CVE-2021-45402 Exposure of Resource to Wrong Sphere vulnerability in Linux Kernel
The check_alu_op() function in kernel/bpf/verifier.c in the Linux kernel through v5.16-rc5 did not properly update bounds while handling the mov32 instruction, which allows local users to obtain potentially sensitive address information, aka a "pointer leak."
local
low complexity
linux CWE-668
2.1