4.14.188

DATE	CVE	VULNERABILITY TITLE	RISK
2021-07-21	CVE-2021-37159	Use After Free vulnerability in multiple products hso_free_net_device in drivers/net/usb/hso.c in the Linux kernel through 5.13.4 calls unregister_netdev without checking for the NETREG_REGISTERED state, leading to a use-after-free and a double free. high complexity linux debian oracle CWE-416	6.4
2021-07-20	CVE-2021-33909	Integer Overflow or Wraparound vulnerability in multiple products fs/seq_file.c in the Linux kernel 3.16 through 5.13.x before 5.13.4 does not properly restrict seq buffer allocations, leading to an integer overflow, an Out-of-bounds Write, and escalation to root by an unprivileged user, aka CID-8cae8cd89f05. local low complexity linux fedoraproject debian netapp oracle sonicwall CWE-190	7.8
2021-07-09	CVE-2021-3612	Out-of-bounds Write vulnerability in multiple products An out-of-bounds memory write flaw was found in the Linux kernel's joystick devices subsystem in versions before 5.9-rc1, in the way the user calls ioctl JSIOCSBTNMAP. local low complexity linux redhat fedoraproject debian oracle netapp CWE-787	7.8
2021-07-07	CVE-2021-22555	Out-of-bounds Write vulnerability in multiple products A heap out-of-bounds write affecting Linux since v2.6.19-rc1 was discovered in net/netfilter/x_tables.c. local low complexity linux brocade netapp CWE-787	7.8
2021-06-24	CVE-2020-28097	Out-of-bounds Read vulnerability in multiple products The vgacon subsystem in the Linux kernel before 5.8.10 mishandles software scrollback. low complexity linux netapp CWE-125	5.9
2021-06-23	CVE-2021-33624	Type Confusion vulnerability in multiple products In kernel/bpf/verifier.c in the Linux kernel before 5.12.13, a branch can be mispredicted (e.g., because of type confusion) and consequently an unprivileged BPF program can read arbitrary memory locations via a side-channel attack, aka CID-9183671af6db. local high complexity linux debian CWE-843	4.7
2021-06-17	CVE-2021-32078	Out-of-bounds Read vulnerability in Linux Kernel An Out-of-Bounds Read was discovered in arch/arm/mach-footbridge/personal-pci.c in the Linux kernel through 5.12.11 because of the lack of a check for a value that shouldn't be negative, e.g., access to element -2 of an array, aka CID-298a58e165e4. local low complexity linux CWE-125	7.1
2021-06-14	CVE-2021-34693	Missing Initialization of Resource vulnerability in multiple products net/can/bcm.c in the Linux kernel through 5.12.10 allows local users to obtain sensitive information from kernel stack memory because parts of a data structure are uninitialized. local low complexity linux debian CWE-909	5.5
2021-06-08	CVE-2021-3564	A flaw double-free memory corruption in the Linux kernel HCI device initialization subsystem was found in the way user attach malicious HCI TTY Bluetooth device. local low complexity linux fedoraproject debian	5.5
2021-06-07	CVE-2019-25045	Use After Free vulnerability in multiple products An issue was discovered in the Linux kernel before 5.0.19. local low complexity linux netapp CWE-416	7.8