Vulnerabilities > Linux > Linux Kernel > 5.10.53
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2022-03-23 | CVE-2021-4197 | Improper Authentication vulnerability in multiple products An unprivileged write to the file handler flaw in the Linux kernel's control groups and namespaces subsystem was found in the way users have access to some less privileged process that are controlled by cgroups and have higher privileged parent process. | 7.8 |
2022-03-23 | CVE-2022-27666 | Out-of-bounds Write vulnerability in multiple products A heap buffer overflow flaw was found in IPsec ESP transformation code in net/ipv4/esp4.c and net/ipv6/esp6.c. | 7.8 |
2022-03-18 | CVE-2021-45868 | Use After Free vulnerability in multiple products In the Linux kernel before 5.15.3, fs/quota/quota_tree.c does not validate the block number in the quota tree (on disk). | 5.5 |
2022-03-16 | CVE-2022-27223 | Improper Validation of Array Index vulnerability in multiple products In drivers/usb/gadget/udc/udc-xilinx.c in the Linux kernel before 5.16.12, the endpoint index is not validated and might be manipulated by the host for out-of-array access. | 8.8 |
2022-03-12 | CVE-2022-26966 | An issue was discovered in the Linux kernel before 5.16.12. | 5.5 |
2022-03-10 | CVE-2021-4095 | NULL Pointer Dereference vulnerability in multiple products A NULL pointer dereference was found in the Linux kernel's KVM when dirty ring logging is enabled without an active vCPU context. | 5.5 |
2022-03-10 | CVE-2022-0433 | NULL Pointer Dereference vulnerability in multiple products A NULL pointer dereference flaw was found in the Linux kernel's BPF subsystem in the way a user triggers the map_get_next_key function of the BPF bloom filter. | 5.5 |
2022-03-10 | CVE-2022-0847 | Improper Initialization vulnerability in multiple products A flaw was found in the way the "flags" member of the new pipe buffer structure was lacking proper initialization in copy_page_to_iter_pipe and push_pipe functions in the Linux kernel and could thus contain stale values. | 7.8 |
2022-03-10 | CVE-2021-3739 | NULL Pointer Dereference vulnerability in multiple products A NULL pointer dereference flaw was found in the btrfs_rm_device function in fs/btrfs/volumes.c in the Linux Kernel, where triggering the bug requires ‘CAP_SYS_ADMIN’. | 7.1 |
2022-03-10 | CVE-2021-3732 | Unspecified vulnerability in Linux Kernel A flaw was found in the Linux kernel's OverlayFS subsystem in the way the user mounts the TmpFS filesystem with OverlayFS. | 5.5 |