Vulnerabilities > Linux > Linux Kernel > 4.19.182

DATE CVE VULNERABILITY TITLE RISK
2021-08-02 CVE-2021-35477 Information Exposure Through Discrepancy vulnerability in multiple products
In the Linux kernel through 5.13.7, an unprivileged BPF program can obtain sensitive information from kernel memory via a Speculative Store Bypass side-channel attack because a certain preempting store operation does not necessarily occur before a store operation that has an attacker-controlled value.
local
low complexity
linux debian fedoraproject CWE-203
5.5
2021-07-26 CVE-2021-37576 Out-of-bounds Write vulnerability in multiple products
arch/powerpc/kvm/book3s_rtas.c in the Linux kernel through 5.13.5 on the powerpc platform allows KVM guest OS users to cause host OS memory corruption via rtas_args.nargs, aka CID-f62f3c20647e.
local
low complexity
linux fedoraproject CWE-787
7.8
2021-07-21 CVE-2021-37159 Use After Free vulnerability in multiple products
hso_free_net_device in drivers/net/usb/hso.c in the Linux kernel through 5.13.4 calls unregister_netdev without checking for the NETREG_REGISTERED state, leading to a use-after-free and a double free.
high complexity
linux debian oracle CWE-416
6.4
2021-07-20 CVE-2021-33909 Integer Overflow or Wraparound vulnerability in multiple products
fs/seq_file.c in the Linux kernel 3.16 through 5.13.x before 5.13.4 does not properly restrict seq buffer allocations, leading to an integer overflow, an Out-of-bounds Write, and escalation to root by an unprivileged user, aka CID-8cae8cd89f05.
7.8
2021-07-09 CVE-2021-3612 Out-of-bounds Write vulnerability in multiple products
An out-of-bounds memory write flaw was found in the Linux kernel's joystick devices subsystem in versions before 5.9-rc1, in the way the user calls ioctl JSIOCSBTNMAP.
7.8
2021-07-07 CVE-2021-35039 Improper Verification of Cryptographic Signature vulnerability in multiple products
kernel/module.c in the Linux kernel before 5.12.14 mishandles Signature Verification, aka CID-0c18f29aae7c.
local
low complexity
linux debian CWE-347
7.8
2021-06-23 CVE-2021-33624 Type Confusion vulnerability in multiple products
In kernel/bpf/verifier.c in the Linux kernel before 5.12.13, a branch can be mispredicted (e.g., because of type confusion) and consequently an unprivileged BPF program can read arbitrary memory locations via a side-channel attack, aka CID-9183671af6db.
local
high complexity
linux debian CWE-843
4.7
2021-06-14 CVE-2021-34693 Missing Initialization of Resource vulnerability in multiple products
net/can/bcm.c in the Linux kernel through 5.12.10 allows local users to obtain sensitive information from kernel stack memory because parts of a data structure are uninitialized.
local
low complexity
linux debian CWE-909
5.5
2021-06-08 CVE-2021-3564 Double Free vulnerability in multiple products
A flaw double-free memory corruption in the Linux kernel HCI device initialization subsystem was found in the way user attach malicious HCI TTY Bluetooth device.
local
low complexity
linux fedoraproject debian CWE-415
5.5
2021-06-07 CVE-2020-36385 Use After Free vulnerability in multiple products
An issue was discovered in the Linux kernel before 5.10.
local
low complexity
linux netapp starwindsoftware CWE-416
7.8