Vulnerabilities > Linux > Linux Kernel > 4.9.203

DATE CVE VULNERABILITY TITLE RISK
2021-05-14 CVE-2021-33033 Use After Free vulnerability in Linux Kernel
The Linux kernel before 5.11.14 has a use-after-free in cipso_v4_genopt in net/ipv4/cipso_ipv4.c because the CIPSO and CALIPSO refcounting for the DOI definitions is mishandled, aka CID-ad5d07f4a9cd.
local
low complexity
linux CWE-416
4.6
2021-05-14 CVE-2021-33034 Use After Free vulnerability in multiple products
In the Linux kernel before 5.12.4, net/bluetooth/hci_event.c has a use-after-free when destroying an hci_chan, aka CID-5c4c8c954409.
local
low complexity
linux fedoraproject debian CWE-416
7.8
2021-05-13 CVE-2020-27830 NULL Pointer Dereference vulnerability in multiple products
A vulnerability was found in Linux Kernel where in the spk_ttyio_receive_buf2() function, it would dereference spk_ttyio_synth without checking whether it is NULL or not, and may lead to a NULL-ptr deref crash.
local
low complexity
linux debian CWE-476
2.1
2021-05-12 CVE-2021-23134 Use After Free vulnerability in multiple products
Use After Free vulnerability in nfc sockets in the Linux Kernel before 5.12.4 allows local attackers to elevate their privileges.
local
low complexity
linux fedoraproject debian CWE-416
7.8
2021-05-11 CVE-2020-24586 The 802.11 standard that underpins Wi-Fi Protected Access (WPA, WPA2, and WPA3) and Wired Equivalent Privacy (WEP) doesn't require that received fragments be cleared from memory after (re)connecting to a network. 2.9
2021-05-11 CVE-2020-24587 Use of a Broken or Risky Cryptographic Algorithm vulnerability in multiple products
The 802.11 standard that underpins Wi-Fi Protected Access (WPA, WPA2, and WPA3) and Wired Equivalent Privacy (WEP) doesn't require that all fragments of a frame are encrypted under the same key.
1.8
2021-05-11 CVE-2020-24588 Use of a Broken or Risky Cryptographic Algorithm vulnerability in multiple products
The 802.11 standard that underpins Wi-Fi Protected Access (WPA, WPA2, and WPA3) and Wired Equivalent Privacy (WEP) doesn't require that the A-MSDU flag in the plaintext QoS header field is authenticated.
3.5
2021-05-11 CVE-2020-26147 An issue was discovered in the Linux kernel 5.8.9.
high complexity
linux debian arista siemens
3.2
2021-05-10 CVE-2021-32399 Race Condition vulnerability in multiple products
net/bluetooth/hci_request.c in the Linux kernel through 5.12.2 has a race condition for removal of the HCI controller.
4.4
2021-05-06 CVE-2021-31916 Out-of-bounds Write vulnerability in multiple products
An out-of-bounds (OOB) memory write flaw was found in list_devices in drivers/md/dm-ioctl.c in the Multi-device driver module in the Linux kernel before 5.12.
local
low complexity
linux redhat debian CWE-787
6.1