Vulnerabilities > Linux > Linux Kernel > 4.19.138
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2021-06-23 | CVE-2021-33624 | Type Confusion vulnerability in multiple products In kernel/bpf/verifier.c in the Linux kernel before 5.12.13, a branch can be mispredicted (e.g., because of type confusion) and consequently an unprivileged BPF program can read arbitrary memory locations via a side-channel attack, aka CID-9183671af6db. | 4.7 |
2021-06-14 | CVE-2021-34693 | Missing Initialization of Resource vulnerability in multiple products net/can/bcm.c in the Linux kernel through 5.12.10 allows local users to obtain sensitive information from kernel stack memory because parts of a data structure are uninitialized. | 5.5 |
2021-06-08 | CVE-2021-3564 | Double Free vulnerability in multiple products A flaw double-free memory corruption in the Linux kernel HCI device initialization subsystem was found in the way user attach malicious HCI TTY Bluetooth device. | 5.5 |
2021-06-07 | CVE-2020-36385 | Use After Free vulnerability in multiple products An issue was discovered in the Linux kernel before 5.10. | 7.8 |
2021-05-28 | CVE-2021-20239 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products A flaw was found in the Linux kernel in versions before 5.4.92 in the BPF protocol. | 3.3 |
2021-05-28 | CVE-2021-20292 | Use After Free vulnerability in multiple products There is a flaw reported in the Linux kernel in versions before 5.9 in drivers/gpu/drm/nouveau/nouveau_sgdma.c in nouveau_sgdma_create_ttm in Nouveau DRM subsystem. | 6.7 |
2021-05-26 | CVE-2020-27815 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products A flaw was found in the JFS filesystem code in the Linux Kernel which allows a local attacker with the ability to set extended attributes to panic the system, causing memory corruption or escalating privileges. | 7.8 |
2021-05-26 | CVE-2020-25668 | Improper Synchronization vulnerability in multiple products A flaw was found in Linux Kernel because access to the global variable fg_console is not properly synchronized leading to a use after free in con_font_op. | 7.0 |
2021-05-26 | CVE-2020-25669 | Use After Free vulnerability in multiple products A vulnerability was found in the Linux Kernel where the function sunkbd_reinit having been scheduled by sunkbd_interrupt before sunkbd being freed. | 7.8 |
2021-05-26 | CVE-2020-25670 | Use After Free vulnerability in multiple products A vulnerability was found in Linux Kernel where refcount leak in llcp_sock_bind() causing use-after-free which might lead to privilege escalations. | 7.8 |