Vulnerabilities > Linux > Linux Kernel > 4.9.167

DATE CVE VULNERABILITY TITLE RISK
2022-03-03 CVE-2021-3640 A flaw use-after-free in function sco_sock_sendmsg() of the Linux kernel HCI subsystem was found in the way user calls ioct UFFDIO_REGISTER or other way triggers race condition of the call sco_conn_del() together with the call sco_sock_sendmsg() with the expected controllable faulting memory page.
local
high complexity
linux debian fedoraproject canonical netapp
7.0
2022-03-03 CVE-2021-4002 Memory Leak vulnerability in multiple products
A memory leak flaw in the Linux kernel's hugetlbfs memory usage was found in the way the user maps some regions of memory twice using shmget() which are aligned to PUD alignment with the fault of some of the memory pages.
local
low complexity
linux debian fedoraproject oracle CWE-401
4.4
2022-03-03 CVE-2021-3609 .A flaw was found in the CAN BCM networking protocol in the Linux kernel, where a local attacker can abuse a flaw in the CAN subsystem to corrupt memory, crash the system or escalate privileges.
local
high complexity
linux redhat netapp
7.0
2022-03-03 CVE-2022-0492 Missing Authorization vulnerability in multiple products
A vulnerability was found in the Linux kernel’s cgroup_release_agent_write in the kernel/cgroup/cgroup-v1.c function.
7.8
2022-03-02 CVE-2021-3715 Use After Free vulnerability in Linux Kernel
A flaw was found in the "Routing decision" classifier in the Linux kernel's Traffic Control networking subsystem in the way it handled changing of classification filters, leading to a use-after-free condition.
local
low complexity
linux CWE-416
7.8
2022-03-02 CVE-2021-3772 A flaw was found in the Linux SCTP stack.
network
high complexity
linux redhat debian oracle netapp
6.5
2022-02-26 CVE-2020-36516 Use of a Broken or Risky Cryptographic Algorithm vulnerability in multiple products
An issue was discovered in the Linux kernel through 5.16.11.
network
high complexity
linux netapp CWE-327
5.9
2022-02-20 CVE-2022-25375 Improper Validation of Specified Quantity in Input vulnerability in multiple products
An issue was discovered in drivers/usb/gadget/function/rndis.c in the Linux kernel before 5.16.10.
local
low complexity
linux debian CWE-1284
5.5
2022-02-18 CVE-2021-20320 A flaw was found in s390 eBPF JIT in bpf_jit_insn in arch/s390/net/bpf_jit_comp.c in the Linux kernel.
local
low complexity
linux fedoraproject redhat
5.5
2022-02-18 CVE-2021-20321 Race Condition vulnerability in multiple products
A race condition accessing file object in the Linux kernel OverlayFS subsystem was found in the way users do rename in specific way with OverlayFS.
local
high complexity
linux redhat debian CWE-362
4.7