Vulnerabilities > Linux > Linux Kernel > 3.18.62

DATE CVE VULNERABILITY TITLE RISK
2021-05-28 CVE-2021-20292 Use After Free vulnerability in multiple products
There is a flaw reported in the Linux kernel in versions before 5.9 in drivers/gpu/drm/nouveau/nouveau_sgdma.c in nouveau_sgdma_create_ttm in Nouveau DRM subsystem.
local
low complexity
linux fedoraproject redhat debian CWE-416
6.7
2021-05-27 CVE-2020-10774 Buffer Access with Incorrect Length Value vulnerability in Linux Kernel
A memory disclosure flaw was found in the Linux kernel's versions before 4.18.0-193.el8 in the sysctl subsystem when reading the /proc/sys/kernel/rh_features file.
local
low complexity
linux CWE-805
2.1
2021-05-26 CVE-2021-20177 Out-of-bounds Read vulnerability in Linux Kernel
A flaw was found in the Linux kernel's implementation of string matching within a packet.
local
low complexity
linux CWE-125
2.1
2021-05-26 CVE-2020-25669 Use After Free vulnerability in multiple products
A vulnerability was found in the Linux Kernel where the function sunkbd_reinit having been scheduled by sunkbd_interrupt before sunkbd being freed.
local
low complexity
linux debian netapp CWE-416
7.8
2021-05-26 CVE-2020-25670 Use After Free vulnerability in multiple products
A vulnerability was found in Linux Kernel where refcount leak in llcp_sock_bind() causing use-after-free which might lead to privilege escalations.
local
low complexity
linux fedoraproject netapp debian CWE-416
7.8
2021-05-26 CVE-2020-25671 Use After Free vulnerability in multiple products
A vulnerability was found in Linux Kernel, where a refcount leak in llcp_sock_connect() causing use-after-free which might lead to privilege escalations.
local
low complexity
linux fedoraproject netapp debian CWE-416
7.8
2021-05-26 CVE-2020-25673 Resource Exhaustion vulnerability in multiple products
A vulnerability was found in Linux kernel where non-blocking socket in llcp_sock_connect() leads to leak and eventually hanging-up the system.
local
low complexity
linux fedoraproject netapp CWE-400
5.5
2021-05-24 CVE-2020-26558 Improper Authentication vulnerability in multiple products
Bluetooth LE and BR/EDR secure pairing in Bluetooth Core Specification 2.1 through 5.2 may permit a nearby man-in-the-middle attacker to identify the Passkey used during pairing (in the Passkey authentication procedure) by reflection of the public key and the authentication evidence of the initiating device, potentially permitting this attacker to complete authenticated pairing with the responding device using the correct Passkey for the pairing session.
4.2
2021-05-17 CVE-2021-3483 Use After Free vulnerability in multiple products
A flaw was found in the Nosy driver in the Linux kernel.
local
low complexity
linux debian netapp CWE-416
4.6
2021-05-14 CVE-2021-33033 Use After Free vulnerability in Linux Kernel
The Linux kernel before 5.11.14 has a use-after-free in cipso_v4_genopt in net/ipv4/cipso_ipv4.c because the CIPSO and CALIPSO refcounting for the DOI definitions is mishandled, aka CID-ad5d07f4a9cd.
local
low complexity
linux CWE-416
4.6