4.19.130

DATE	CVE	VULNERABILITY TITLE	RISK
2021-07-21	CVE-2021-37159	Use After Free vulnerability in multiple products hso_free_net_device in drivers/net/usb/hso.c in the Linux kernel through 5.13.4 calls unregister_netdev without checking for the NETREG_REGISTERED state, leading to a use-after-free and a double free. high complexity linux debian oracle CWE-416	6.4
2021-07-20	CVE-2021-33909	Integer Overflow or Wraparound vulnerability in multiple products fs/seq_file.c in the Linux kernel 3.16 through 5.13.x before 5.13.4 does not properly restrict seq buffer allocations, leading to an integer overflow, an Out-of-bounds Write, and escalation to root by an unprivileged user, aka CID-8cae8cd89f05. local low complexity linux fedoraproject debian netapp oracle sonicwall CWE-190	7.8
2021-07-09	CVE-2021-3612	Out-of-bounds Write vulnerability in multiple products An out-of-bounds memory write flaw was found in the Linux kernel's joystick devices subsystem in versions before 5.9-rc1, in the way the user calls ioctl JSIOCSBTNMAP. local low complexity linux redhat fedoraproject debian oracle netapp CWE-787	7.8
2021-07-07	CVE-2021-35039	Improper Verification of Cryptographic Signature vulnerability in multiple products kernel/module.c in the Linux kernel before 5.12.14 mishandles Signature Verification, aka CID-0c18f29aae7c. local low complexity linux debian CWE-347	7.8
2021-06-23	CVE-2021-33624	Type Confusion vulnerability in multiple products In kernel/bpf/verifier.c in the Linux kernel before 5.12.13, a branch can be mispredicted (e.g., because of type confusion) and consequently an unprivileged BPF program can read arbitrary memory locations via a side-channel attack, aka CID-9183671af6db. local high complexity linux debian CWE-843	4.7
2021-06-14	CVE-2021-34693	Missing Initialization of Resource vulnerability in multiple products net/can/bcm.c in the Linux kernel through 5.12.10 allows local users to obtain sensitive information from kernel stack memory because parts of a data structure are uninitialized. local low complexity linux debian CWE-909	5.5
2021-06-08	CVE-2021-3564	Double Free vulnerability in multiple products A flaw double-free memory corruption in the Linux kernel HCI device initialization subsystem was found in the way user attach malicious HCI TTY Bluetooth device. local low complexity linux fedoraproject debian CWE-415	5.5
2021-06-07	CVE-2020-36385	Use After Free vulnerability in multiple products An issue was discovered in the Linux kernel before 5.10. local low complexity linux netapp starwindsoftware CWE-416	7.8
2021-05-28	CVE-2021-20239	Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products A flaw was found in the Linux kernel in versions before 5.4.92 in the BPF protocol. local low complexity linux redhat fedoraproject CWE-119	3.3
2021-05-28	CVE-2021-20292	Use After Free vulnerability in multiple products There is a flaw reported in the Linux kernel in versions before 5.9 in drivers/gpu/drm/nouveau/nouveau_sgdma.c in nouveau_sgdma_create_ttm in Nouveau DRM subsystem. local low complexity linux fedoraproject redhat debian CWE-416	6.7