4.4.3

DATE	CVE	VULNERABILITY TITLE	RISK
2021-06-07	CVE-2020-36385	Use After Free vulnerability in multiple products An issue was discovered in the Linux kernel before 5.10. local low complexity linux netapp starwindsoftware CWE-416	7.8
2021-05-28	CVE-2021-20239	Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products A flaw was found in the Linux kernel in versions before 5.4.92 in the BPF protocol. local low complexity linux redhat fedoraproject CWE-119	3.3
2021-05-28	CVE-2021-20292	Use After Free vulnerability in multiple products There is a flaw reported in the Linux kernel in versions before 5.9 in drivers/gpu/drm/nouveau/nouveau_sgdma.c in nouveau_sgdma_create_ttm in Nouveau DRM subsystem. local low complexity linux fedoraproject redhat debian CWE-416	6.7
2021-05-27	CVE-2020-10774	Buffer Access with Incorrect Length Value vulnerability in Linux Kernel A memory disclosure flaw was found in the Linux kernel's versions before 4.18.0-193.el8 in the sysctl subsystem when reading the /proc/sys/kernel/rh_features file. local low complexity linux CWE-805	2.1
2021-05-26	CVE-2021-20177	Out-of-bounds Read vulnerability in Linux Kernel A flaw was found in the Linux kernel's implementation of string matching within a packet. local low complexity linux CWE-125	2.1
2021-05-26	CVE-2020-25669	Use After Free vulnerability in multiple products A vulnerability was found in the Linux Kernel where the function sunkbd_reinit having been scheduled by sunkbd_interrupt before sunkbd being freed. local low complexity linux debian netapp CWE-416	7.8
2021-05-26	CVE-2020-25670	Use After Free vulnerability in multiple products A vulnerability was found in Linux Kernel where refcount leak in llcp_sock_bind() causing use-after-free which might lead to privilege escalations. local low complexity linux fedoraproject netapp debian CWE-416	7.8
2021-05-26	CVE-2020-25671	Use After Free vulnerability in multiple products A vulnerability was found in Linux Kernel, where a refcount leak in llcp_sock_connect() causing use-after-free which might lead to privilege escalations. local low complexity linux fedoraproject netapp debian CWE-416	7.8
2021-05-26	CVE-2020-25673	Resource Exhaustion vulnerability in multiple products A vulnerability was found in Linux kernel where non-blocking socket in llcp_sock_connect() leads to leak and eventually hanging-up the system. local low complexity linux fedoraproject netapp CWE-400	5.5
2021-05-24	CVE-2020-26558	Improper Authentication vulnerability in multiple products Bluetooth LE and BR/EDR secure pairing in Bluetooth Core Specification 2.1 through 5.2 may permit a nearby man-in-the-middle attacker to identify the Passkey used during pairing (in the Passkey authentication procedure) by reflection of the public key and the authentication evidence of the initiating device, potentially permitting this attacker to complete authenticated pairing with the responding device using the correct Passkey for the pairing session. high complexity bluetooth fedoraproject debian linux intel CWE-287	4.2