Vulnerabilities > Linux > Linux Kernel > 4.19.98
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2021-10-21 | CVE-2021-42327 | Out-of-bounds Write vulnerability in multiple products dp_link_settings_write in drivers/gpu/drm/amd/display/amdgpu_dm/amdgpu_dm_debugfs.c in the Linux kernel through 5.14.14 allows a heap-based buffer overflow by an attacker who can write a string to the AMD GPU display drivers debug filesystem. | 6.7 |
2021-10-20 | CVE-2021-42739 | Out-of-bounds Write vulnerability in multiple products The firewire subsystem in the Linux kernel through 5.14.13 has a buffer overflow related to drivers/media/firewire/firedtv-avc.c and drivers/media/firewire/firedtv-ci.c, because avc_ca_pmt mishandles bounds checking. | 6.7 |
2021-10-11 | CVE-2021-42252 | An issue was discovered in aspeed_lpc_ctrl_mmap in drivers/soc/aspeed/aspeed-lpc-ctrl.c in the Linux kernel before 5.14.6. | 4.6 |
2021-10-05 | CVE-2021-42008 | Out-of-bounds Write vulnerability in multiple products The decode_data function in drivers/net/hamradio/6pack.c in the Linux kernel before 5.13.13 has a slab out-of-bounds write. | 7.8 |
2021-10-02 | CVE-2021-41864 | Integer Overflow or Wraparound vulnerability in multiple products prealloc_elems_and_freelist in kernel/bpf/stackmap.c in the Linux kernel before 5.14.12 allows unprivileged users to trigger an eBPF multiplication integer overflow with a resultant out-of-bounds write. | 7.8 |
2021-09-29 | CVE-2021-3653 | Missing Authorization vulnerability in multiple products A flaw was found in the KVM's AMD code for supporting SVM nested virtualization. | 8.8 |
2021-09-27 | CVE-2021-20317 | Improper Initialization vulnerability in multiple products A flaw was found in the Linux kernel. | 4.9 |
2021-09-20 | CVE-2021-38300 | arch/mips/net/bpf_jit.c in the Linux kernel before 5.4.10 can generate undesirable machine code when transforming unprivileged cBPF programs, allowing execution of arbitrary code within the kernel context. | 7.8 |
2021-09-03 | CVE-2021-40490 | Race Condition vulnerability in multiple products A race condition was discovered in ext4_write_inline_data_end in fs/ext4/inline.c in the ext4 subsystem in the Linux kernel through 5.13.13. | 7.0 |
2021-08-13 | CVE-2021-3573 | Race Condition vulnerability in multiple products A use-after-free in function hci_sock_bound_ioctl() of the Linux kernel HCI subsystem was found in the way user calls ioct HCIUNBLOCKADDR or other way triggers race condition of the call hci_unregister_dev() together with one of the calls hci_sock_blacklist_add(), hci_sock_blacklist_del(), hci_get_conn_info(), hci_get_auth_info(). | 6.4 |