Vulnerabilities > Linux > Linux Kernel > 5.10.72

DATE CVE VULNERABILITY TITLE RISK
2021-05-12 CVE-2021-23134 Use After Free vulnerability in multiple products
Use After Free vulnerability in nfc sockets in the Linux Kernel before 5.12.4 allows local attackers to elevate their privileges.
local
low complexity
linux fedoraproject debian CWE-416
7.8
2021-05-06 CVE-2021-31829 Incorrect Authorization vulnerability in multiple products
kernel/bpf/verifier.c in the Linux kernel through 5.12.1 performs undesirable speculative loads, leading to disclosure of stack content via side-channel attacks, aka CID-801c6058d14a.
local
low complexity
linux fedoraproject debian CWE-863
5.5
2021-04-20 CVE-2021-29155 Out-of-bounds Read vulnerability in multiple products
An issue was discovered in the Linux kernel through 5.11.x.
local
low complexity
linux fedoraproject debian CWE-125
5.5
2021-04-19 CVE-2021-3506 Out-of-bounds Read vulnerability in multiple products
An out-of-bounds (OOB) memory access flaw was found in fs/f2fs/node.c in the f2fs module in the Linux kernel in versions before 5.12.0-rc4.
local
low complexity
linux debian netapp CWE-125
7.1
2021-03-26 CVE-2020-35508 Improper Initialization vulnerability in multiple products
A flaw possibility of race condition and incorrect initialization of the process id was found in the Linux kernel child/parent process identification handling while filtering signal handlers.
local
high complexity
linux redhat netapp CWE-665
4.5
2021-03-22 CVE-2021-28972 Classic Buffer Overflow vulnerability in multiple products
In drivers/pci/hotplug/rpadlpar_sysfs.c in the Linux kernel through 5.11.8, the RPA PCI Hotplug driver has a user-tolerable buffer overflow when writing a new device name to the driver from userspace, allowing userspace to write data to the kernel stack frame directly.
local
low complexity
linux fedoraproject netapp CWE-120
6.7
2021-03-04 CVE-2020-25639 NULL Pointer Dereference vulnerability in multiple products
A NULL pointer dereference flaw was found in the Linux kernel's GPU Nouveau driver functionality in versions prior to 5.12-rc1 in the way the user calls ioctl DRM_IOCTL_NOUVEAU_CHANNEL_ALLOC.
local
low complexity
linux fedoraproject redhat CWE-476
4.4
2021-02-23 CVE-2021-20194 Improper Input Validation vulnerability in multiple products
There is a vulnerability in the linux kernel versions higher than 5.2 (if kernel compiled with config params CONFIG_BPF_SYSCALL=y , CONFIG_BPF=y , CONFIG_CGROUPS=y , CONFIG_CGROUP_BPF=y , CONFIG_HARDENED_USERCOPY not set, and BPF hook to getsockopt is registered).
local
low complexity
linux redhat CWE-20
7.8
2020-12-15 CVE-2020-27777 Missing Authorization vulnerability in multiple products
A flaw was found in the way RTAS handled memory accesses in userspace to kernel communication.
local
low complexity
linux redhat CWE-862
6.7
2020-01-31 CVE-2019-3016 Race Condition vulnerability in Linux Kernel
In a Linux KVM guest that has PV TLB enabled, a process in the guest kernel may be able to read memory locations from another process in the same guest.
local
high complexity
linux CWE-362
4.7