Vulnerabilities > Linux > Linux Kernel > 4.9.167

DATE CVE VULNERABILITY TITLE RISK
2021-04-06 CVE-2021-28688 Improper Initialization vulnerability in multiple products
The fix for XSA-365 includes initialization of pointers such that subsequent cleanup code wouldn't use uninitialized or stale values.
local
low complexity
linux debian CWE-665
2.1
2021-04-02 CVE-2021-30002 An issue was discovered in the Linux kernel before 5.11.3 when a webcam device exists.
local
low complexity
linux debian
2.1
2021-03-26 CVE-2021-29265 Race Condition vulnerability in multiple products
An issue was discovered in the Linux kernel before 5.11.7.
4.7
2021-03-26 CVE-2021-29264 An issue was discovered in the Linux kernel through 5.11.10.
local
linux debian
4.7
2021-03-26 CVE-2020-35508 Improper Initialization vulnerability in multiple products
A flaw possibility of race condition and incorrect initialization of the process id was found in the Linux kernel child/parent process identification handling while filtering signal handlers.
local
high complexity
linux redhat netapp CWE-665
4.5
2021-03-23 CVE-2021-3444 Incorrect Conversion between Numeric Types vulnerability in multiple products
The bpf verifier in the Linux kernel did not properly handle mod32 destination register truncation when the source register was known to be 0.
local
low complexity
linux debian canonical CWE-681
4.6
2021-03-22 CVE-2021-28972 Classic Buffer Overflow vulnerability in multiple products
In drivers/pci/hotplug/rpadlpar_sysfs.c in the Linux kernel through 5.11.8, the RPA PCI Hotplug driver has a user-tolerable buffer overflow when writing a new device name to the driver from userspace, allowing userspace to write data to the kernel stack frame directly.
local
low complexity
linux fedoraproject netapp CWE-120
6.7
2021-03-22 CVE-2021-28971 Improper Handling of Exceptional Conditions vulnerability in multiple products
In intel_pmu_drain_pebs_nhm in arch/x86/events/intel/ds.c in the Linux kernel through 5.11.8 on some Haswell CPUs, userspace applications (such as perf-fuzzer) can cause a system crash because the PEBS status in a PEBS record is mishandled, aka CID-d88d05a9e0b6.
local
low complexity
linux fedoraproject debian netapp CWE-755
5.5
2021-03-22 CVE-2021-28964 Race Condition vulnerability in multiple products
A race condition was discovered in get_old_root in fs/btrfs/ctree.c in the Linux kernel through 5.11.8.
local
high complexity
linux fedoraproject debian netapp CWE-362
4.7
2021-03-20 CVE-2020-27171 Off-by-one Error vulnerability in multiple products
An issue was discovered in the Linux kernel before 5.11.8.
local
low complexity
linux fedoraproject debian canonical CWE-193
6.0