Vulnerabilities > Linux > Linux Kernel > 4.14.258

DATE CVE VULNERABILITY TITLE RISK
2021-03-22 CVE-2021-28972 Classic Buffer Overflow vulnerability in multiple products
In drivers/pci/hotplug/rpadlpar_sysfs.c in the Linux kernel through 5.11.8, the RPA PCI Hotplug driver has a user-tolerable buffer overflow when writing a new device name to the driver from userspace, allowing userspace to write data to the kernel stack frame directly.
local
low complexity
linux fedoraproject netapp CWE-120
6.7
2021-03-09 CVE-2021-20268 Integer Overflow or Wraparound vulnerability in Linux Kernel
An out-of-bounds access flaw was found in the Linux kernel's implementation of the eBPF code verifier in the way a user running the eBPF script calls dev_map_init_map or sock_map_alloc.
local
low complexity
linux CWE-190
7.8
2021-03-04 CVE-2020-25639 NULL Pointer Dereference vulnerability in multiple products
A NULL pointer dereference flaw was found in the Linux kernel's GPU Nouveau driver functionality in versions prior to 5.12-rc1 in the way the user calls ioctl DRM_IOCTL_NOUVEAU_CHANNEL_ALLOC.
local
low complexity
linux fedoraproject redhat CWE-476
4.4
2021-02-17 CVE-2021-26932 An issue was discovered in the Linux kernel 3.2 through 5.10.16, as used by Xen.
local
low complexity
linux fedoraproject debian netapp
5.5
2021-02-17 CVE-2021-26931 Allocation of Resources Without Limits or Throttling vulnerability in multiple products
An issue was discovered in the Linux kernel 2.6.39 through 5.10.16, as used in Xen.
local
low complexity
linux fedoraproject debian CWE-770
5.5
2021-02-17 CVE-2021-26930 An issue was discovered in the Linux kernel 3.11 through 5.10.16, as used by Xen.
local
low complexity
linux fedoraproject debian
7.8
2021-01-29 CVE-2021-3347 Use After Free vulnerability in multiple products
An issue was discovered in the Linux kernel through 5.10.11.
local
low complexity
linux debian fedoraproject CWE-416
7.8
2021-01-19 CVE-2021-3178 Path Traversal vulnerability in multiple products
fs/nfsd/nfs3xdr.c in the Linux kernel through 5.10.8, when there is an NFS export of a subdirectory of a filesystem, allows remote attackers to traverse to other parts of the filesystem via READDIRPLUS.
network
low complexity
linux fedoraproject debian CWE-22
6.5
2021-01-13 CVE-2020-28374 Path Traversal vulnerability in multiple products
In drivers/target/target_core_xcopy.c in the Linux kernel before 5.10.7, insufficient identifier checking in the LIO SCSI target code can be used by remote attackers to read or write files via directory traversal in an XCOPY request, aka CID-2896c93811e3.
network
low complexity
linux fedoraproject debian CWE-22
8.1
2020-12-15 CVE-2020-27777 Missing Authorization vulnerability in multiple products
A flaw was found in the way RTAS handled memory accesses in userspace to kernel communication.
local
low complexity
linux redhat CWE-862
6.7