5.11.18

DATE	CVE	VULNERABILITY TITLE	RISK
2021-05-26	CVE-2020-25668	Improper Synchronization vulnerability in multiple products A flaw was found in Linux Kernel because access to the global variable fg_console is not properly synchronized leading to a use after free in con_font_op. local high complexity linux debian netapp CWE-662	7.0
2021-05-24	CVE-2020-26558	Improper Authentication vulnerability in multiple products Bluetooth LE and BR/EDR secure pairing in Bluetooth Core Specification 2.1 through 5.2 may permit a nearby man-in-the-middle attacker to identify the Passkey used during pairing (in the Passkey authentication procedure) by reflection of the public key and the authentication evidence of the initiating device, potentially permitting this attacker to complete authenticated pairing with the responding device using the correct Passkey for the pairing session. high complexity bluetooth fedoraproject debian linux intel CWE-287	4.2
2021-05-21	CVE-2021-31440	This vulnerability allows local attackers to escalate privileges on affected installations of Linux Kernel 5.11.15. local high complexity linux netapp	7.0
2021-05-17	CVE-2021-3483	A flaw was found in the Nosy driver in the Linux kernel. local low complexity linux debian netapp	7.8
2021-05-14	CVE-2021-33034	Use After Free vulnerability in multiple products In the Linux kernel before 5.12.4, net/bluetooth/hci_event.c has a use-after-free when destroying an hci_chan, aka CID-5c4c8c954409. local low complexity linux fedoraproject debian CWE-416	7.8
2021-05-11	CVE-2021-32606	Use After Free vulnerability in multiple products In the Linux kernel 5.11 through 5.12.2, isotp_setsockopt in net/can/isotp.c allows privilege escalation to root by leveraging a use-after-free. local low complexity linux fedoraproject CWE-416	7.8
2021-05-10	CVE-2021-32399	Race Condition vulnerability in multiple products net/bluetooth/hci_request.c in the Linux kernel through 5.12.2 has a race condition for removal of the HCI controller. local high complexity linux debian netapp CWE-362	7.0
2021-05-06	CVE-2021-31916	An out-of-bounds (OOB) memory write flaw was found in list_devices in drivers/md/dm-ioctl.c in the Multi-device driver module in the Linux kernel before 5.12. local low complexity linux redhat debian	6.7
2021-05-06	CVE-2021-31829	Incorrect Authorization vulnerability in multiple products kernel/bpf/verifier.c in the Linux kernel through 5.12.1 performs undesirable speculative loads, leading to disclosure of stack content via side-channel attacks, aka CID-801c6058d14a. local low complexity linux fedoraproject debian CWE-863	5.5
2021-05-06	CVE-2021-3501	A flaw was found in the Linux kernel in versions before 5.12. local low complexity linux redhat fedoraproject netapp	7.1