Vulnerabilities > Linux > Linux Kernel > 2.6.27.20

DATE CVE VULNERABILITY TITLE RISK
2021-08-07 CVE-2021-38166 Integer Overflow or Wraparound vulnerability in multiple products
In kernel/bpf/hashtab.c in the Linux kernel through 5.13.8, there is an integer overflow and out-of-bounds write when many elements are placed in a single bucket.
local
low complexity
linux fedoraproject debian CWE-190
7.8
2021-08-07 CVE-2021-38160 Classic Buffer Overflow vulnerability in multiple products
In drivers/char/virtio_console.c in the Linux kernel before 5.13.4, data corruption or loss can be triggered by an untrusted device that supplies a buf->len value exceeding the buffer size.
local
low complexity
linux netapp debian redhat CWE-120
7.8
2021-08-05 CVE-2021-3655 Improper Input Validation vulnerability in multiple products
A vulnerability was found in the Linux kernel in versions prior to v5.14-rc1.
local
low complexity
linux redhat debian CWE-20
3.3
2021-08-05 CVE-2021-3679 Infinite Loop vulnerability in multiple products
A lack of CPU resource in the Linux kernel tracing module functionality in versions prior to 5.14-rc3 was found in the way user uses trace ring buffer in a specific way.
local
low complexity
linux redhat debian CWE-835
5.5
2021-08-02 CVE-2021-34556 Information Exposure Through Discrepancy vulnerability in multiple products
In the Linux kernel through 5.13.7, an unprivileged BPF program can obtain sensitive information from kernel memory via a Speculative Store Bypass side-channel attack because the protection mechanism neglects the possibility of uninitialized memory locations on the BPF stack.
local
low complexity
linux fedoraproject debian CWE-203
5.5
2021-08-02 CVE-2021-35477 Information Exposure Through Discrepancy vulnerability in multiple products
In the Linux kernel through 5.13.7, an unprivileged BPF program can obtain sensitive information from kernel memory via a Speculative Store Bypass side-channel attack because a certain preempting store operation does not necessarily occur before a store operation that has an attacker-controlled value.
local
low complexity
linux debian fedoraproject CWE-203
5.5
2021-07-09 CVE-2021-3612 Out-of-bounds Write vulnerability in multiple products
An out-of-bounds memory write flaw was found in the Linux kernel's joystick devices subsystem in versions before 5.9-rc1, in the way the user calls ioctl JSIOCSBTNMAP.
7.8
2021-07-07 CVE-2021-22555 Out-of-bounds Write vulnerability in multiple products
A heap out-of-bounds write affecting Linux since v2.6.19-rc1 was discovered in net/netfilter/x_tables.c.
local
low complexity
linux brocade netapp CWE-787
4.6
2021-06-24 CVE-2020-28097 Out-of-bounds Read vulnerability in multiple products
The vgacon subsystem in the Linux kernel before 5.8.10 mishandles software scrollback.
local
low complexity
linux netapp CWE-125
3.6
2021-06-23 CVE-2021-33624 Type Confusion vulnerability in multiple products
In kernel/bpf/verifier.c in the Linux kernel before 5.12.13, a branch can be mispredicted (e.g., because of type confusion) and consequently an unprivileged BPF program can read arbitrary memory locations via a side-channel attack, aka CID-9183671af6db.
local
high complexity
linux debian CWE-843
4.7