Vulnerabilities > Linux > Linux Kernel > 4.4.95
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2021-05-26 | CVE-2020-25673 | Resource Exhaustion vulnerability in multiple products A vulnerability was found in Linux kernel where non-blocking socket in llcp_sock_connect() leads to leak and eventually hanging-up the system. | 5.5 |
2021-05-24 | CVE-2020-26558 | Improper Authentication vulnerability in multiple products Bluetooth LE and BR/EDR secure pairing in Bluetooth Core Specification 2.1 through 5.2 may permit a nearby man-in-the-middle attacker to identify the Passkey used during pairing (in the Passkey authentication procedure) by reflection of the public key and the authentication evidence of the initiating device, potentially permitting this attacker to complete authenticated pairing with the responding device using the correct Passkey for the pairing session. | 4.2 |
2021-05-17 | CVE-2021-3483 | Use After Free vulnerability in multiple products A flaw was found in the Nosy driver in the Linux kernel. | 4.6 |
2021-05-14 | CVE-2021-33033 | Use After Free vulnerability in Linux Kernel The Linux kernel before 5.11.14 has a use-after-free in cipso_v4_genopt in net/ipv4/cipso_ipv4.c because the CIPSO and CALIPSO refcounting for the DOI definitions is mishandled, aka CID-ad5d07f4a9cd. | 4.6 |
2021-05-14 | CVE-2021-33034 | Use After Free vulnerability in multiple products In the Linux kernel before 5.12.4, net/bluetooth/hci_event.c has a use-after-free when destroying an hci_chan, aka CID-5c4c8c954409. | 7.8 |
2021-05-13 | CVE-2020-27830 | NULL Pointer Dereference vulnerability in multiple products A vulnerability was found in Linux Kernel where in the spk_ttyio_receive_buf2() function, it would dereference spk_ttyio_synth without checking whether it is NULL or not, and may lead to a NULL-ptr deref crash. | 2.1 |
2021-05-12 | CVE-2021-23134 | Use After Free vulnerability in multiple products Use After Free vulnerability in nfc sockets in the Linux Kernel before 5.12.4 allows local attackers to elevate their privileges. | 7.8 |
2021-05-11 | CVE-2020-24586 | The 802.11 standard that underpins Wi-Fi Protected Access (WPA, WPA2, and WPA3) and Wired Equivalent Privacy (WEP) doesn't require that received fragments be cleared from memory after (re)connecting to a network. | 2.9 |
2021-05-11 | CVE-2020-24587 | Use of a Broken or Risky Cryptographic Algorithm vulnerability in multiple products The 802.11 standard that underpins Wi-Fi Protected Access (WPA, WPA2, and WPA3) and Wired Equivalent Privacy (WEP) doesn't require that all fragments of a frame are encrypted under the same key. | 1.8 |
2021-05-11 | CVE-2020-24588 | Use of a Broken or Risky Cryptographic Algorithm vulnerability in multiple products The 802.11 standard that underpins Wi-Fi Protected Access (WPA, WPA2, and WPA3) and Wired Equivalent Privacy (WEP) doesn't require that the A-MSDU flag in the plaintext QoS header field is authenticated. | 3.5 |