Vulnerabilities > Linux > Linux Kernel > 5.11.20
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-02-04 | CVE-2022-24448 | Use of Uninitialized Resource vulnerability in multiple products An issue was discovered in fs/nfs/dir.c in the Linux kernel before 5.16.5. | 3.3 |
| 2022-01-26 | CVE-2021-22600 | Double Free vulnerability in multiple products A double free bug in packet_set_ring() in net/packet/af_packet.c can be exploited by a local user through crafted syscalls to escalate privileges or deny service. | 7.0 |
| 2022-01-25 | CVE-2021-34866 | Type Confusion vulnerability in multiple products This vulnerability allows local attackers to escalate privileges on affected installations of Linux Kernel 5.14-rc3. | 7.8 |
| 2022-01-21 | CVE-2021-4001 | Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in Linux Kernel A race condition was found in the Linux kernel's ebpf verifier between bpf_map_update_elem and bpf_map_freeze due to a missing lock in kernel/bpf/syscall.c. | 4.1 |
| 2022-01-21 | CVE-2021-4032 | Incomplete Cleanup vulnerability in Linux Kernel A vulnerability was found in the Linux kernel's KVM subsystem in arch/x86/kvm/lapic.c kvm_free_lapic when a failure allocation was detected. | 4.9 |
| 2022-01-18 | CVE-2021-4083 | Race Condition vulnerability in multiple products A read-after-free memory flaw was found in the Linux kernel's garbage collection for Unix domain socket file handlers in the way users call close() and fget() simultaneously and can potentially trigger a race condition. | 7.0 |
| 2022-01-14 | CVE-2022-23222 | NULL Pointer Dereference vulnerability in multiple products kernel/bpf/verifier.c in the Linux kernel through 5.15.14 allows local users to gain privileges because of the availability of pointer arithmetic via certain *_OR_NULL pointer types. | 7.8 |
| 2022-01-11 | CVE-2021-46283 | Improper Initialization vulnerability in Linux Kernel nf_tables_newset in net/netfilter/nf_tables_api.c in the Linux kernel before 5.12.13 allows local users to cause a denial of service (NULL pointer dereference and general protection fault) because of the missing initialization for nft_set_elem_expr_alloc. | 4.9 |
| 2022-01-06 | CVE-2021-28714 | Allocation of Resources Without Limits or Throttling vulnerability in multiple products Guest can force Linux netback driver to hog large amounts of kernel memory T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Incoming data packets for a guest in the Linux kernel's netback driver are buffered until the guest is ready to process them. | 6.5 |
| 2022-01-06 | CVE-2021-28715 | Allocation of Resources Without Limits or Throttling vulnerability in multiple products Guest can force Linux netback driver to hog large amounts of kernel memory T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Incoming data packets for a guest in the Linux kernel's netback driver are buffered until the guest is ready to process them. | 6.5 |